Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:05-03-2016 01
Executado por lucca (administrador) em LUCCA-PC (08-04-2016 21:32:06)
Executando a partir de C:\Users\lucca\Downloads
Perfis Carregados: lucca (Perfis Disponíveis: lucca)
Platform: Microsoft Windows 10 Home Versão 1511 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
() C:\Users\lucca\AppData\Roaming\Iogiihlak\Iogiihlak.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Users\lucca\AppData\Roaming\XBox\XBLive.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(skype.cog.cc) C:\Program Files\SkypeUpdateEx\SkypeUpdateEx.exe
() C:\Users\lucca\AppData\Roaming\LatfBacb\Ymogaca.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
Falha ao acessar processo -> SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(BitTorrent Inc.) C:\Users\lucca\AppData\Roaming\uTorrent\uTorrent.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(BitTorrent Inc.) C:\Users\lucca\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(BitTorrent Inc.) C:\Users\lucca\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
(VLOME) C:\Users\lucca\AppData\Local\Temp\is-LECTV.tmp\print.exe
() C:\Users\lucca\AppData\Local\Temp\04893\Setup.exe
Falha ao acessar processo -> svchost.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
() C:\Users\lucca\AppData\Local\Setup Wizard\080bc242-bd42-45fa-bdcf-9db875837692\primarycolorsetup.exe
() C:\Users\lucca\AppData\Local\Temp\nsfB9CC.tmp\nsE3AC.tmp
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40791.0_x86__8wekyb3d8bbwe\HxTsr.exe
(Visicom Media Inc.) C:\Users\lucca\AppData\Local\Setup Wizard\11c1c909-3b21-4fc3-8f01-c63e487b2018\mystarttb_5.5.0.2_samba.exe
() C:\Windows\mob.exe
() C:\Windows\mmob.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Falha ao acessar processo -> WerFault.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Uniblue Systems Limited) C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [896608 2015-12-01] (BlueStack Systems, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-861686141-1663764954-486450482-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-861686141-1663764954-486450482-1000\...\Run: [uTorrent] => C:\Users\lucca\AppData\Roaming\uTorrent\uTorrent.exe [1959424 2016-04-07] (BitTorrent Inc.)
HKU\S-1-5-21-861686141-1663764954-486450482-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-861686141-1663764954-486450482-1000\...\Run: [Pritc] => C:\Users\lucca\AppData\Local\Temp\is-LECTV.tmp\print.exe [2955264 2016-03-03] (VLOME) <===== ATENÇÃO
HKU\S-1-5-21-861686141-1663764954-486450482-1000\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2055168 2016-04-07] ()
HKU\S-1-5-21-861686141-1663764954-486450482-1000\...\MountPoints2: {a0921cd8-b730-11e5-aa81-806e6f6e6963} - "D:\SETUP.EXE"
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Winsock: Catalog5 07 C:\ProgramData\System32\SafeGuard32.dll [2771896 2016-04-08] ()
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{80b652fc-cf44-4566-93bf-babe2853c6f1}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{a0921cc2-b730-11e5-aa81-806e6f6e6963}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{c152992d-9a79-4718-bfd3-b3c526e92f61}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{ed0ca17f-a5fe-4918-8bc5-a80b9154f179}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{ed0ca17f-a5fe-4918-8bc5-a80b9154f179}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-861686141-1663764954-486450482-1000 -> {12CCFCDB-8248-4179-A63E-B2D4734A3CE6} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-01] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-01] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-01] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-861686141-1663764954-486450482-1000: @nsroblox.roblox.com/launcher -> C:\Users\lucca\AppData\Local\Roblox\Versions\version-b7bf51c941dd400f\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-861686141-1663764954-486450482-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\lucca\AppData\Local\Roblox\Versions\version-b7bf51c941dd400f\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://br.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-09]
CHR Extension: (Google Docs) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-09]
CHR Extension: (Google Drive) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-09]
CHR Extension: (YouTube) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-09]
CHR Extension: (Google Search) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-09]
CHR Extension: (Planilhas do Google) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-09]
CHR Extension: (Documentos Google off-line) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (CoolROM for Chrome) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihdefolnlhckckfalccmkakmkgpficdd [2016-02-03]
CHR Extension: (Little Alchemy) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-03-14]
CHR Extension: (Skype) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-03-31]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-09]
CHR HKLM\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 ACTION_SVC; C:\Program Files\Mirillis\Action!\action_svc.exe [16064 2014-10-25] ()
S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [433760 2015-12-01] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413280 2015-12-01] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [855648 2015-12-01] (BlueStack Systems, Inc.)
S2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 Diwhuuy; C:\Users\lucca\AppData\Roaming\Iogiihlak\Iogiihlak.exe [174448 2016-04-08] ()
R2 mmob; c:\windows\mmob.exe [408576 2016-04-08] () [Arquivo não assinado]
R2 mob; c:\windows\mob.exe [417792 2016-04-08] () [Arquivo não assinado]
R2 SkypeUpdateEx; C:\Program Files\SkypeUpdateEx\SkypeUpdateEx.exe [167352 2016-03-21] (skype.cog.cc)
R2 Tuasv; C:\Users\lucca\AppData\Roaming\LatfBacb\Ymogaca.exe [125808 2016-04-08] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
R2 XBox; C:\Users\lucca\AppData\Roaming\XBox\XBLive.exe [5906904 2016-02-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 BCM43XX; C:\WINDOWS\System32\drivers\bcmwl63l.sys [4715008 2015-10-30] (Broadcom Corporation)
R1 bsdriver; C:\WINDOWS\system32\drivers\bsdriver.sys [30624 2016-04-08] ()
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [132192 2015-12-01] (BlueStack Systems)
R1 cherimoya; C:\WINDOWS\System32\drivers\cherimoya.sys [56128 2016-04-08] (Windows (R) Win 7 DDK provider)
R1 MpKsl1c51bdff; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F20A0E72-654B-4F0D-BF65-4D77F741B4BD}\MpKsl1c51bdff.sys [39168 2016-03-29] (Microsoft Corporation)
R1 MpKsl4ebcf1d1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{851B37F5-458C-4D14-8B8F-85E5C5FC179B}\MpKsl4ebcf1d1.sys [39168 2016-04-03] (Microsoft Corporation)
R1 MpKsl5fc59ff5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{01958797-1B25-4240-9CE9-503A94BF053C}\MpKsl5fc59ff5.sys [39168 2016-03-31] (Microsoft Corporation)
R1 MpKsl91f507fe; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8108BCCB-9963-43FE-ABBB-1733C8737ED1}\MpKsl91f507fe.sys [39168 2016-04-08] (Microsoft Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [65768 2016-03-18] (Wellbia.com)
U3 idsvc; não ImagePath
U3 wpcsvc; não ImagePath
S3 XDva534; \??\C:\WINDOWS\system32\XDva534.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-08 21:32 - 2016-04-08 21:33 - 00014375 _____ C:\Users\lucca\Downloads\FRST.txt
2016-04-08 21:32 - 2016-04-08 21:33 - 00000000 ____D C:\Users\lucca\AppData\LocalLow\mystarttb
2016-04-08 21:31 - 2016-04-08 21:32 - 00000000 ____D C:\FRST
2016-04-08 21:31 - 2016-04-08 21:31 - 00000284 _____ C:\WINDOWS\Tasks\SpeedUpMyPC Maintenance.job
2016-04-08 21:30 - 2016-04-08 21:31 - 01725440 _____ (Farbar) C:\Users\lucca\Downloads\FRST.exe
2016-04-08 21:30 - 2016-04-08 21:31 - 00000298 _____ C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job
2016-04-08 21:30 - 2016-04-08 21:30 - 00001196 _____ C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2016-04-08 21:30 - 2016-04-08 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2016-04-08 21:28 - 2016-04-08 21:33 - 00000000 ____D C:\Program Files\mystarttb
2016-04-08 21:28 - 2016-04-08 21:28 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Uniblue
2016-04-08 21:28 - 2016-04-08 21:28 - 00000000 ____D C:\Program Files\Uniblue
2016-04-08 21:26 - 2016-04-08 21:26 - 00631808 _____ C:\WINDOWS\mob.dat
2016-04-08 21:26 - 2016-04-08 21:26 - 00417792 _____ C:\WINDOWS\mob.exe
2016-04-08 21:26 - 2016-04-08 21:26 - 00408576 _____ C:\WINDOWS\mmob.exe
2016-04-08 21:21 - 2016-04-08 21:27 - 00000000 ____D C:\Program Files\MixVideoPlayer
2016-04-08 21:21 - 2016-04-08 21:21 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceFountain
2016-04-08 21:21 - 2016-04-08 21:21 - 00000000 ____D C:\Users\lucca\AppData\Local\PriceFountain
2016-04-08 21:20 - 2016-04-08 21:21 - 00000000 ____D C:\Program Files\AnyFlix
2016-04-08 21:20 - 2016-04-08 21:20 - 00000000 ____D C:\Users\Todos os Usuários\891ee9fe-45f1-1
2016-04-08 21:20 - 2016-04-08 21:20 - 00000000 ____D C:\Users\Todos os Usuários\891ee9fe-37c1-0
2016-04-08 21:20 - 2016-04-08 21:20 - 00000000 ____D C:\ProgramData\891ee9fe-45f1-1
2016-04-08 21:20 - 2016-04-08 21:20 - 00000000 ____D C:\ProgramData\891ee9fe-37c1-0
2016-04-08 21:19 - 2016-04-08 21:25 - 00000000 ____D C:\Users\lucca\AppData\Local\Setup Wizard
2016-04-08 21:18 - 2016-04-08 21:18 - 00030624 _____ () C:\WINDOWS\system32\Drivers\bsdriver.sys
2016-04-08 21:18 - 2016-04-08 21:18 - 00000000 ____D C:\Users\lucca\AppData\Roaming\LatfBacb
2016-04-08 21:18 - 2016-04-08 21:18 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Iogiihlak
2016-04-08 21:18 - 2016-04-08 21:18 - 00000000 ____D C:\Users\lucca\AppData\LocalLow\Company
2016-04-08 21:18 - 2016-04-08 21:18 - 00000000 ____D C:\Users\lucca\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-04-08 21:18 - 2016-04-08 21:18 - 00000000 ____D C:\Users\lucca\AppData\Local\Tempfolder
2016-04-08 21:18 - 2016-04-08 21:18 - 00000000 ____D C:\uninst
2016-04-08 21:15 - 2016-04-08 21:15 - 00000000 ____D C:\Users\Todos os Usuários\b4f7898c-2735-0
2016-04-08 21:15 - 2016-04-08 21:15 - 00000000 ____D C:\Users\Todos os Usuários\b4f7898c-19a1-1
2016-04-08 21:15 - 2016-04-08 21:15 - 00000000 ____D C:\ProgramData\b4f7898c-2735-0
2016-04-08 21:15 - 2016-04-08 21:15 - 00000000 ____D C:\ProgramData\b4f7898c-19a1-1
2016-04-08 21:15 - 2016-04-08 21:15 - 00000000 ____D C:\Program Files\SkypeUpdateEx
2016-04-08 21:14 - 2016-04-08 21:14 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-04-08 21:14 - 2016-04-08 21:14 - 00000000 ____D C:\Users\Todos os Usuários\System32
2016-04-08 21:14 - 2016-04-08 21:14 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-04-08 21:14 - 2016-04-08 21:14 - 00000000 ____D C:\ProgramData\System32
2016-04-08 21:08 - 2016-04-08 21:08 - 00000000 ____D C:\WINDOWS\system32\SSL
2016-04-08 21:07 - 2016-04-08 21:07 - 00000000 ____D C:\Users\lucca\AppData\Roaming\FrivLauncher
2016-04-08 21:06 - 2016-04-08 21:06 - 00000000 ____D C:\Users\lucca\AppData\Roaming\XBox
2016-04-08 21:05 - 2016-04-08 21:05 - 00534528 _____ C:\Users\lucca\Downloads\Setup.iso
2016-04-08 20:29 - 2016-04-08 20:33 - 49281988 _____ C:\Users\lucca\Downloads\CUT-THE-ROPE-MAGIC-MOD-APK.apk
2016-04-08 20:15 - 2016-04-08 20:14 - 26713957 _____ C:\Users\lucca\Desktop\9_cut_the_rope_experiments.zip
2016-04-08 20:08 - 2016-04-08 20:28 - 50448063 _____ C:\Users\lucca\Downloads\10_cut_the_rope_experiments.zip
2016-04-08 20:08 - 2016-04-08 20:14 - 26713957 _____ C:\Users\lucca\Downloads\9_cut_the_rope_experiments.zip
2016-04-08 19:39 - 2016-04-08 21:18 - 00056128 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\cherimoya.sys
2016-04-08 18:12 - 2016-04-08 18:17 - 74982761 _____ C:\Users\lucca\Downloads\FNaF-maker.exe
2016-04-08 16:33 - 2016-04-08 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker VX Ace
2016-04-08 16:32 - 2016-04-08 16:32 - 00000000 ____D C:\Program Files\Enterbrain
2016-04-08 16:31 - 2016-04-08 16:34 - 279363703 _____ C:\Users\lucca\Desktop\Bonnie-Simulator.exe
2016-04-08 16:31 - 2016-04-08 16:05 - 109060957 _____ C:\Users\lucca\Desktop\Bonnie-Simulator-2-REMASTERED.exe
2016-04-08 16:05 - 2016-04-08 16:32 - 233344840 _____ (Enterbrain ) C:\Users\lucca\Downloads\RPGVXAce_Multi.exe
2016-04-08 16:02 - 2016-04-08 16:02 - 00000000 ____D C:\Users\lucca\Desktop\Bonnie Simulator
2016-04-08 15:55 - 2016-04-08 16:24 - 279363703 _____ C:\Users\lucca\Downloads\Bonnie-Simulator.exe
2016-04-08 15:55 - 2016-04-08 16:05 - 109060957 _____ C:\Users\lucca\Downloads\Bonnie-Simulator-2-REMASTERED.exe
2016-04-08 15:55 - 2016-04-08 16:00 - 19761936 _____ C:\Users\lucca\Downloads\Fan_Simulator.exe
2016-04-08 15:55 - 2016-04-08 15:56 - 08736414 _____ C:\Users\lucca\Downloads\Lenny-Simulator.exe
2016-04-08 15:54 - 2016-04-08 16:02 - 31486595 _____ C:\Users\lucca\Downloads\Bonnie-Simulator-(2).zip
2016-04-08 15:35 - 2016-04-08 15:42 - 15465345 _____ C:\Users\lucca\Downloads\One-night-at-Springtrap-2 (1).exe
2016-04-08 15:35 - 2016-04-08 15:41 - 08295181 _____ C:\Users\lucca\Downloads\two-nights-in-front-of-the-door-4.0.exe
2016-04-08 15:35 - 2016-04-08 15:40 - 11127583 _____ C:\Users\lucca\Downloads\PYPY'S-adventure-DEMO (1).exe
2016-04-08 15:35 - 2016-04-08 15:38 - 09098105 _____ C:\Users\lucca\Downloads\One-NIGHT-at-springtrap (1).exe
2016-04-08 15:35 - 2016-04-08 15:37 - 05204885 _____ C:\Users\lucca\Downloads\One-night-at-Springtrap-3 (1).exe
2016-04-08 15:28 - 2016-04-08 15:29 - 15465345 _____ C:\Users\lucca\Downloads\One-night-at-Springtrap-2.exe
2016-04-08 15:28 - 2016-04-08 15:29 - 09098105 _____ C:\Users\lucca\Downloads\One-NIGHT-at-springtrap.exe
2016-04-08 15:28 - 2016-04-08 15:28 - 06527425 _____ C:\Users\lucca\Downloads\two-nights-in-front-of-the-door-2.0.exe
2016-04-08 15:28 - 2016-04-08 15:28 - 05204885 _____ C:\Users\lucca\Downloads\One-night-at-Springtrap-3.exe
2016-04-08 15:27 - 2016-04-08 15:29 - 11127583 _____ C:\Users\lucca\Downloads\PYPY'S-adventure-DEMO.exe
2016-04-08 15:14 - 2016-04-08 15:14 - 00000000 ___HD C:\OneDriveTemp
2016-04-07 18:33 - 2016-04-08 21:24 - 00000000 ____D C:\Users\lucca\AppData\LocalLow\uTorrent
2016-04-07 18:13 - 2016-04-07 18:13 - 00279827 _____ C:\Users\lucca\Documents\Deporte y futuro.pptx
2016-04-03 17:18 - 2016-04-03 17:21 - 00000000 ____D C:\Users\lucca\Desktop\PlagueInc
2016-04-03 16:36 - 2016-04-03 16:36 - 198370266 _____ C:\Users\lucca\Downloads\Plague inc. Evolved By GRATESOFT.rar
2016-04-03 15:27 - 2016-04-03 15:30 - 00000000 ____D C:\Users\lucca\Desktop\rocketbuilder02
2016-04-03 15:27 - 2016-04-03 15:27 - 01011271 _____ C:\Users\lucca\Downloads\rocketbuilder02.zip
2016-04-01 17:52 - 2016-04-01 18:16 - 2973273108 _____ C:\Users\lucca\Desktop\RobloxPlayerBeta 2016-04-01 17-52-58-15.avi
2016-04-01 17:41 - 2016-04-01 17:41 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-04-01 16:30 - 2016-04-01 16:30 - 00000599 _____ C:\Users\Public\Desktop\Fraps.lnk
2016-04-01 16:30 - 2016-04-01 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-04-01 16:30 - 2016-04-01 16:30 - 00000000 ____D C:\Fraps
2016-04-01 16:28 - 2016-04-01 16:29 - 02629195 _____ C:\Users\lucca\Downloads\Fraps 3.5.9 ByLTT.rar
2016-04-01 16:18 - 2016-04-01 16:18 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-04-01 16:10 - 2016-04-01 16:10 - 00012686 _____ C:\Users\lucca\Downloads\Minecraft 1.8 .torrent
2016-04-01 16:03 - 2016-04-01 16:05 - 06284678 _____ C:\Users\lucca\Downloads\Minecraft (1).exe
2016-04-01 15:57 - 2016-04-01 15:57 - 00000000 ____D C:\Program Files\Common Files\Java
2016-04-01 15:51 - 2016-04-01 15:52 - 00376064 _____ C:\Users\lucca\Downloads\Minecraft Windows 10 free skins.rar
2016-03-31 20:23 - 2006-06-28 15:35 - 33554432 _____ C:\Users\lucca\Desktop\0479 - New Super Mario Bros. (E)(Supremacy).nds
2016-03-31 20:20 - 2016-03-31 20:21 - 12939669 _____ C:\Users\lucca\Downloads\0479 - New Super Mario Bros. (E)(Supremacy).7z
2016-03-31 16:13 - 2016-03-31 16:13 - 00000000 ____D C:\Users\lucca\Documents\My Games
2016-03-31 16:13 - 2016-03-31 16:13 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Steam
2016-03-31 16:11 - 2016-03-31 16:11 - 00001438 _____ C:\Users\lucca\Desktop\Goat Simulator GoatZ.lnk
2016-03-31 16:11 - 2016-03-31 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goat Simulator GoatZ
2016-03-31 16:07 - 2016-03-31 16:11 - 00000000 ____D C:\Program Files\Goat Simulator GoatZ
2016-03-31 16:04 - 2016-03-31 16:07 - 03494204 _____ ( ) C:\Users\lucca\Desktop\setup.exe
2016-03-31 16:00 - 1999-12-12 00:00 - 3186227540 ____N C:\Users\lucca\Desktop\setup-1.bin
2016-03-31 16:00 - 1999-12-12 00:00 - 00000000 ____D C:\Users\lucca\Desktop\PLAZA
2016-03-31 15:29 - 2016-03-31 15:55 - 21297230 _____ C:\Users\lucca\Downloads\Action Full CRACK.rar
2016-03-31 15:01 - 2016-03-31 15:45 - 00000000 ____D C:\Users\lucca\Desktop\Goat.Simulator.GoatZ-PLAZA
2016-03-31 14:59 - 2016-03-31 14:59 - 01049472 _____ (Hacuhohak ) C:\Users\lucca\Downloads\FlashPlayerPro.exe
2016-03-31 14:59 - 2016-03-31 14:59 - 00061421 _____ C:\Users\lucca\Downloads\Goat.Simulator.GoatZ-PLAZA-[rarbg.com].torrent
2016-03-30 20:48 - 2016-03-30 20:49 - 00000000 ____D C:\Users\lucca\AppData\Local\Mirillis
2016-03-30 20:48 - 2016-03-30 20:48 - 00000000 ____D C:\Users\Todos os Usuários\Mirillis
2016-03-30 20:48 - 2016-03-30 20:48 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Mirillis
2016-03-30 20:48 - 2016-03-30 20:48 - 00000000 ____D C:\ProgramData\Mirillis
2016-03-30 20:48 - 2016-03-30 20:48 - 00000000 ____D C:\Action!
2016-03-30 20:47 - 2016-03-31 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2016-03-30 20:46 - 2016-03-31 15:32 - 00000000 ____D C:\Program Files\Mirillis
2016-03-30 20:43 - 2016-03-31 15:51 - 21683184 _____ (Mirillis Ltd.) C:\Users\lucca\Downloads\action_1_30_0_setup.exe
2016-03-30 19:48 - 2016-03-30 19:48 - 00000000 ____D C:\Users\lucca\Tracing
2016-03-30 19:45 - 2016-04-08 21:28 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Skype
2016-03-30 19:45 - 2016-04-07 13:37 - 00000000 ___RD C:\Program Files\Skype
2016-03-30 19:45 - 2016-03-30 19:45 - 00002630 _____ C:\Users\Public\Desktop\Skype.lnk
2016-03-30 19:45 - 2016-03-30 19:45 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-03-30 19:45 - 2016-03-30 19:45 - 00000000 ____D C:\ProgramData\Skype
2016-03-30 19:45 - 2016-03-30 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-30 19:45 - 2016-03-30 19:45 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-03-30 19:43 - 2016-03-30 19:43 - 01503872 _____ (Skype Technologies S.A.) C:\Users\lucca\Downloads\SkypeSetup.exe
2016-03-30 15:04 - 2016-03-30 15:04 - 00000000 ____D C:\Users\Todos os Usuários\Origin
2016-03-30 15:04 - 2016-03-30 15:04 - 00000000 ____D C:\ProgramData\Origin
2016-03-30 14:52 - 2016-03-30 15:48 - 00001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2016-03-30 14:52 - 2016-03-30 14:52 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-03-30 14:52 - 2014-10-19 15:54 - 00447752 _____ (On2.com) C:\WINDOWS\system32\vp6vfw.dll
2016-03-30 14:45 - 2016-03-30 15:48 - 00000000 ____D C:\Program Files\The Sims 4
2016-03-29 14:40 - 2016-03-29 14:40 - 00023112 _____ C:\Users\lucca\Downloads\The Sims 4 Kira Tutors.torrent
2016-03-29 14:36 - 2016-03-29 14:36 - 02094080 _____ (BitTorrent Inc.) C:\Users\lucca\Downloads\uTorrent.exe
2016-03-29 13:47 - 2016-03-29 13:47 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\Microsoft Help
2016-03-29 13:47 - 2016-03-29 13:47 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-03-29 13:47 - 2016-03-29 13:47 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-03-28 19:49 - 2016-03-28 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-03-28 19:48 - 2016-03-31 13:55 - 00000000 ____D C:\Program Files\Microsoft Works
2016-03-28 19:48 - 2009-02-27 03:42 - 00031640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msonpmon.dll
2016-03-28 19:47 - 2016-03-28 19:47 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-03-28 19:44 - 2016-04-05 14:04 - 00000000 ____D C:\Program Files\Microsoft Office
2016-03-28 19:44 - 2016-04-01 17:48 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-03-28 19:44 - 2016-03-28 19:44 - 00000000 ____D C:\Users\lucca\AppData\Local\Microsoft Help
2016-03-28 19:43 - 2016-03-28 19:43 - 00000000 __RHD C:\MSOCache
2016-03-24 15:25 - 2016-03-24 15:42 - 00000000 ____D C:\Users\lucca\AppData\Local\Matemática - Compreensão e Prática 8
2016-03-24 15:21 - 2016-03-24 15:21 - 00001208 _____ C:\Users\Public\Desktop\Matemática - Compreensão e Prática 8.lnk
2016-03-24 15:21 - 2016-03-24 15:21 - 00000000 ____D C:\Users\lucca\AppData\Roaming\edm
2016-03-24 15:20 - 2016-03-24 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Editora Moderna
2016-03-24 15:18 - 2016-03-24 15:18 - 00000000 ____D C:\Program Files\Editora Moderna
2016-03-23 20:55 - 1996-12-24 18:32 - 67108864 _____ C:\Users\lucca\Desktop\0216 - Mario & Luigi - Partners in Time (U)(SCZ).nds
2016-03-23 17:14 - 2016-03-23 17:18 - 35708292 _____ C:\Users\lucca\Downloads\0216 - Mario & Luigi - Partners in Time (U)(SCZ).7z
2016-03-22 15:39 - 2016-03-22 15:39 - 00000000 ____D C:\Users\lucca\AppData\LocalLow\Temp
2016-03-21 17:30 - 2016-03-21 17:35 - 00000000 ____D C:\Users\lucca\Documents\ROBLOX
2016-03-20 15:29 - 2016-03-31 21:49 - 00001334 _____ C:\Users\lucca\Desktop\desmume.ini
2016-03-20 15:29 - 2016-03-31 21:08 - 00000000 ____D C:\Users\lucca\Desktop\Cheats
2016-03-20 15:29 - 2016-03-31 20:32 - 00000000 ____D C:\Users\lucca\Desktop\Battery
2016-03-20 15:29 - 2016-03-20 15:29 - 00000000 ____D C:\Users\lucca\Desktop\States
2016-03-19 21:45 - 2016-03-19 22:07 - 00000000 ____D C:\Users\lucca\Desktop\Kerbal Space Program
2016-03-19 20:50 - 2016-03-19 21:28 - 195765728 _____ C:\Users\lucca\Downloads\Kerbal Space Program 0.23 Milo74237.rar
2016-03-18 21:43 - 2016-03-18 21:45 - 03353864 _____ C:\Users\lucca\Downloads\4969 - Club Penguin - EPF - Herbert's Revenge (U).zip
2016-03-18 21:42 - 2016-03-18 21:45 - 01316710 _____ C:\Users\lucca\Downloads\0560 - Cooking Mama (U)(Psyfer).7z
2016-03-18 21:40 - 2016-03-18 21:45 - 05649476 _____ C:\Users\lucca\Downloads\6085 - Club Penguin - Elite Penguin Force (v1.2) (U)(iND).7z
2016-03-18 19:31 - 2016-03-18 19:56 - 00000000 ____D C:\Users\lucca\AppData\Local\CSO
2016-03-18 19:31 - 2016-03-18 19:35 - 00065768 _____ (Wellbia.com) C:\WINDOWS\xhunter1.sys
2016-03-18 19:31 - 2016-03-18 19:31 - 00000000 ____D C:\Users\Todos os Usuários\Nexon
2016-03-18 19:31 - 2016-03-18 19:31 - 00000000 ____D C:\ProgramData\Nexon
2016-03-18 14:51 - 2016-03-18 15:16 - 08393504 _____ C:\Users\lucca\Downloads\18223.ppsx
2016-03-18 14:37 - 2016-03-18 14:37 - 00000216 _____ C:\Users\lucca\Desktop\Counter-Strike Nexon Zombies.url
2016-03-17 17:09 - 2016-03-17 17:10 - 00000000 ____D C:\Users\lucca\Documents\My Spore Creations
2016-03-17 17:09 - 2016-03-17 17:10 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Spore
2016-03-17 17:09 - 2016-03-17 17:09 - 00000000 ____D C:\Users\lucca\AppData\Local\SKIDROW
2016-03-17 17:08 - 2016-03-17 17:08 - 00001572 _____ C:\Users\Public\Desktop\Spore.lnk
2016-03-17 17:08 - 2016-03-17 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spore
2016-03-17 16:56 - 2016-03-17 16:56 - 00000000 ____D C:\Games
2016-03-17 15:52 - 2016-03-17 16:55 - 00000000 ____D C:\Users\lucca\Desktop\Spore.Complete.Edition.Multi-RU.Repack.by.z10yded
2016-03-17 15:52 - 2016-03-17 15:52 - 00022743 _____ C:\Users\lucca\Downloads\SPORE COMPLETO BY FELIPETUTORIAIS.torrent
2016-03-17 15:47 - 2016-03-17 15:47 - 00370263 _____ () C:\Users\lucca\Downloads\Spore.exe
2016-03-17 15:39 - 2016-03-17 15:39 - 00000000 ____D C:\Users\lucca\AppData\Roaming\EbkReader
2016-03-17 15:38 - 2016-03-17 15:39 - 00370263 _____ () C:\Users\lucca\Desktop\Spore.exe
2016-03-16 15:24 - 2016-03-16 15:24 - 00000000 ____D C:\Users\lucca\AppData\LocalLow\Hyper Hippo Productions Ltd_
2016-03-16 15:15 - 2016-03-16 15:15 - 00000216 _____ C:\Users\lucca\Desktop\AdVenture Capitalist.url
2016-03-13 17:02 - 2016-03-13 17:31 - 08126464 _____ C:\Users\lucca\Downloads\YandereSimMarch5th (1).rar
2016-03-13 16:30 - 2016-03-13 17:00 - 165622100 _____ C:\Users\lucca\Downloads\YandereSimMarch5th.rar.3htkc8g.partial
2016-03-13 13:41 - 2016-03-13 13:41 - 00000876 _____ C:\Users\lucca\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-03-13 13:37 - 2016-04-08 21:34 - 00000000 ____D C:\Users\lucca\AppData\Roaming\uTorrent
2016-03-13 13:33 - 2016-03-13 13:40 - 02094080 _____ (BitTorrent Inc.) C:\Users\lucca\Desktop\uTorrent.exe
2016-03-11 16:33 - 2016-03-11 16:33 - 00000000 ____D C:\Users\lucca\AppData\Local\GameMaker_Player
2016-03-11 16:30 - 2016-03-11 16:30 - 00000216 _____ C:\Users\lucca\Desktop\GameMaker Studio.url
2016-03-09 16:27 - 2016-03-09 16:58 - 00000000 ____D C:\Users\lucca\Documents\Universe Sandbox ²
2016-03-09 16:22 - 2016-03-09 16:22 - 00000000 ____D C:\Users\lucca\AppData\LocalLow\Giant Army
2016-03-09 14:51 - 2016-03-09 16:20 - 665506608 _____ C:\Users\lucca\Downloads\Universe Sandbox 2 Captain Pirate (1).zip
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-08 21:24 - 2016-02-17 17:32 - 00000000 ____D C:\Program Files\Steam
2016-04-08 21:24 - 2016-01-09 20:49 - 00000000 ___RD C:\Users\lucca\OneDrive
2016-04-08 21:23 - 2016-01-09 22:45 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-08 21:23 - 2016-01-09 20:31 - 00000000 ____D C:\Users\lucca
2016-04-08 21:22 - 2016-01-09 20:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-08 20:51 - 2016-01-09 22:45 - 00001082 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-08 20:19 - 2016-01-09 22:43 - 00001244 _____ C:\Users\lucca\Desktop\ROBLOX Studio.lnk
2016-04-08 20:19 - 2016-01-09 22:43 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2016-04-08 20:13 - 2016-02-16 15:04 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup
2016-04-08 20:13 - 2016-02-16 15:04 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-04-08 16:17 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-08 16:06 - 2016-02-18 14:58 - 00000000 ____D C:\Users\lucca\AppData\Roaming\MMFApplications
2016-04-08 15:22 - 2015-10-30 02:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-04 17:41 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-03 14:38 - 2016-02-17 17:32 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-04-01 16:18 - 2016-01-11 20:39 - 00000000 ____D C:\Users\lucca\AppData\Roaming\.minecraft
2016-04-01 16:05 - 2016-01-11 20:55 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-04-01 16:05 - 2016-01-11 20:55 - 00000000 ____D C:\ProgramData\Oracle
2016-04-01 15:58 - 2016-01-11 20:55 - 00000000 ____D C:\Program Files\Java
2016-04-01 15:57 - 2016-01-11 20:55 - 00000000 ____D C:\Users\lucca\.oracle_jre_usage
2016-04-01 15:57 - 2016-01-11 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-01 15:56 - 2016-01-11 20:55 - 00095808 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-03-31 20:29 - 2016-01-09 20:25 - 00235920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-31 18:35 - 2016-01-09 22:46 - 00001429 _____ C:\Users\lucca\Desktop\ROBLOX Player.lnk
2016-03-31 13:55 - 2015-10-30 02:48 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-30 19:23 - 2016-01-10 19:51 - 00002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-30 19:23 - 2016-01-09 22:48 - 00002216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-30 16:07 - 2016-03-06 18:06 - 00000000 ____D C:\Users\lucca\Desktop\arquivos de emulador
2016-03-28 20:49 - 2016-01-09 20:43 - 00000000 ____D C:\Users\lucca\AppData\Local\Packages
2016-03-28 20:45 - 2015-10-30 02:47 - 00000000 ____D C:\WINDOWS\INF
2016-03-28 20:06 - 2016-01-09 19:03 - 00049840 _____ C:\Users\lucca\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-28 19:44 - 2015-10-30 12:22 - 00000000 ____D C:\WINDOWS\ShellNew
2016-03-24 13:59 - 2015-10-30 02:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-21 17:42 - 2016-01-09 22:43 - 00000000 ____D C:\Users\lucca\AppData\Local\Roblox
2016-03-18 14:37 - 2016-02-17 17:50 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-17 15:43 - 2015-10-30 02:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-14 21:22 - 2016-01-09 20:40 - 01819274 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-14 21:22 - 2015-10-30 12:14 - 00785262 _____ C:\WINDOWS\system32\prfh0416.dat
2016-03-14 21:22 - 2015-10-30 12:14 - 00154048 _____ C:\WINDOWS\system32\prfc0416.dat
2016-03-11 13:56 - 2016-01-09 20:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-11 13:51 - 2016-01-09 20:57 - 141270216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 19:22 - 2015-10-30 02:48 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-09 19:22 - 2015-10-30 02:48 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-09 16:21 - 2015-08-25 19:55 - 00000000 ____D C:\Users\lucca\Desktop\Universe.Sandbox.2
2016-03-09 14:08 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\rescache
==================== Arquivos na raiz de alguns diretórios =======
2016-04-08 21:17 - 2016-04-08 21:17 - 0000944 _____ () C:\Users\lucca\AppData\Roaming\Bubble Dock.boostrap.log
Arquivos para serem movidos ou deletados:
====================
C:\Users\lucca\AppData\Local\Temp\is-LECTV.tmp\print.exe
Alguns arquivos em TEMP:
====================
C:\Users\lucca\AppData\Local\Temp\3d51890c7b88e4feeeed777176b46429.dll
C:\Users\lucca\AppData\Local\Temp\c4cf565d231687e99f70ce6a3eb253cc.dll
C:\Users\lucca\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\lucca\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\lucca\AppData\Local\Temp\setup.tmp.exe
C:\Users\lucca\AppData\Local\Temp\uttB51B.tmp.exe
C:\Users\lucca\AppData\Local\Temp\ytb.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-04-05 20:06
==================== Fim de FRST.txt ============================
Executado por lucca (administrador) em LUCCA-PC (08-04-2016 21:32:06)
Executando a partir de C:\Users\lucca\Downloads
Perfis Carregados: lucca (Perfis Disponíveis: lucca)
Platform: Microsoft Windows 10 Home Versão 1511 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
() C:\Users\lucca\AppData\Roaming\Iogiihlak\Iogiihlak.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Users\lucca\AppData\Roaming\XBox\XBLive.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(skype.cog.cc) C:\Program Files\SkypeUpdateEx\SkypeUpdateEx.exe
() C:\Users\lucca\AppData\Roaming\LatfBacb\Ymogaca.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
Falha ao acessar processo -> SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(BitTorrent Inc.) C:\Users\lucca\AppData\Roaming\uTorrent\uTorrent.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(BitTorrent Inc.) C:\Users\lucca\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(BitTorrent Inc.) C:\Users\lucca\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
(VLOME) C:\Users\lucca\AppData\Local\Temp\is-LECTV.tmp\print.exe
() C:\Users\lucca\AppData\Local\Temp\04893\Setup.exe
Falha ao acessar processo -> svchost.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
() C:\Users\lucca\AppData\Local\Setup Wizard\080bc242-bd42-45fa-bdcf-9db875837692\primarycolorsetup.exe
() C:\Users\lucca\AppData\Local\Temp\nsfB9CC.tmp\nsE3AC.tmp
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40791.0_x86__8wekyb3d8bbwe\HxTsr.exe
(Visicom Media Inc.) C:\Users\lucca\AppData\Local\Setup Wizard\11c1c909-3b21-4fc3-8f01-c63e487b2018\mystarttb_5.5.0.2_samba.exe
() C:\Windows\mob.exe
() C:\Windows\mmob.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Falha ao acessar processo -> WerFault.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Uniblue Systems Limited) C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [896608 2015-12-01] (BlueStack Systems, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-861686141-1663764954-486450482-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-861686141-1663764954-486450482-1000\...\Run: [uTorrent] => C:\Users\lucca\AppData\Roaming\uTorrent\uTorrent.exe [1959424 2016-04-07] (BitTorrent Inc.)
HKU\S-1-5-21-861686141-1663764954-486450482-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-861686141-1663764954-486450482-1000\...\Run: [Pritc] => C:\Users\lucca\AppData\Local\Temp\is-LECTV.tmp\print.exe [2955264 2016-03-03] (VLOME) <===== ATENÇÃO
HKU\S-1-5-21-861686141-1663764954-486450482-1000\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2055168 2016-04-07] ()
HKU\S-1-5-21-861686141-1663764954-486450482-1000\...\MountPoints2: {a0921cd8-b730-11e5-aa81-806e6f6e6963} - "D:\SETUP.EXE"
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Winsock: Catalog5 07 C:\ProgramData\System32\SafeGuard32.dll [2771896 2016-04-08] ()
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{80b652fc-cf44-4566-93bf-babe2853c6f1}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{a0921cc2-b730-11e5-aa81-806e6f6e6963}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{c152992d-9a79-4718-bfd3-b3c526e92f61}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{ed0ca17f-a5fe-4918-8bc5-a80b9154f179}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{ed0ca17f-a5fe-4918-8bc5-a80b9154f179}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-861686141-1663764954-486450482-1000 -> {12CCFCDB-8248-4179-A63E-B2D4734A3CE6} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-01] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-01] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-01] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-861686141-1663764954-486450482-1000: @nsroblox.roblox.com/launcher -> C:\Users\lucca\AppData\Local\Roblox\Versions\version-b7bf51c941dd400f\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-861686141-1663764954-486450482-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\lucca\AppData\Local\Roblox\Versions\version-b7bf51c941dd400f\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://br.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-09]
CHR Extension: (Google Docs) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-09]
CHR Extension: (Google Drive) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-09]
CHR Extension: (YouTube) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-09]
CHR Extension: (Google Search) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-09]
CHR Extension: (Planilhas do Google) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-09]
CHR Extension: (Documentos Google off-line) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (CoolROM for Chrome) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihdefolnlhckckfalccmkakmkgpficdd [2016-02-03]
CHR Extension: (Little Alchemy) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-03-14]
CHR Extension: (Skype) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-03-31]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\lucca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-09]
CHR HKLM\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 ACTION_SVC; C:\Program Files\Mirillis\Action!\action_svc.exe [16064 2014-10-25] ()
S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [433760 2015-12-01] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413280 2015-12-01] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [855648 2015-12-01] (BlueStack Systems, Inc.)
S2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 Diwhuuy; C:\Users\lucca\AppData\Roaming\Iogiihlak\Iogiihlak.exe [174448 2016-04-08] ()
R2 mmob; c:\windows\mmob.exe [408576 2016-04-08] () [Arquivo não assinado]
R2 mob; c:\windows\mob.exe [417792 2016-04-08] () [Arquivo não assinado]
R2 SkypeUpdateEx; C:\Program Files\SkypeUpdateEx\SkypeUpdateEx.exe [167352 2016-03-21] (skype.cog.cc)
R2 Tuasv; C:\Users\lucca\AppData\Roaming\LatfBacb\Ymogaca.exe [125808 2016-04-08] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
R2 XBox; C:\Users\lucca\AppData\Roaming\XBox\XBLive.exe [5906904 2016-02-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 BCM43XX; C:\WINDOWS\System32\drivers\bcmwl63l.sys [4715008 2015-10-30] (Broadcom Corporation)
R1 bsdriver; C:\WINDOWS\system32\drivers\bsdriver.sys [30624 2016-04-08] ()
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [132192 2015-12-01] (BlueStack Systems)
R1 cherimoya; C:\WINDOWS\System32\drivers\cherimoya.sys [56128 2016-04-08] (Windows (R) Win 7 DDK provider)
R1 MpKsl1c51bdff; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F20A0E72-654B-4F0D-BF65-4D77F741B4BD}\MpKsl1c51bdff.sys [39168 2016-03-29] (Microsoft Corporation)
R1 MpKsl4ebcf1d1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{851B37F5-458C-4D14-8B8F-85E5C5FC179B}\MpKsl4ebcf1d1.sys [39168 2016-04-03] (Microsoft Corporation)
R1 MpKsl5fc59ff5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{01958797-1B25-4240-9CE9-503A94BF053C}\MpKsl5fc59ff5.sys [39168 2016-03-31] (Microsoft Corporation)
R1 MpKsl91f507fe; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8108BCCB-9963-43FE-ABBB-1733C8737ED1}\MpKsl91f507fe.sys [39168 2016-04-08] (Microsoft Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [65768 2016-03-18] (Wellbia.com)
U3 idsvc; não ImagePath
U3 wpcsvc; não ImagePath
S3 XDva534; \??\C:\WINDOWS\system32\XDva534.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-08 21:32 - 2016-04-08 21:33 - 00014375 _____ C:\Users\lucca\Downloads\FRST.txt
2016-04-08 21:32 - 2016-04-08 21:33 - 00000000 ____D C:\Users\lucca\AppData\LocalLow\mystarttb
2016-04-08 21:31 - 2016-04-08 21:32 - 00000000 ____D C:\FRST
2016-04-08 21:31 - 2016-04-08 21:31 - 00000284 _____ C:\WINDOWS\Tasks\SpeedUpMyPC Maintenance.job
2016-04-08 21:30 - 2016-04-08 21:31 - 01725440 _____ (Farbar) C:\Users\lucca\Downloads\FRST.exe
2016-04-08 21:30 - 2016-04-08 21:31 - 00000298 _____ C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job
2016-04-08 21:30 - 2016-04-08 21:30 - 00001196 _____ C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2016-04-08 21:30 - 2016-04-08 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2016-04-08 21:28 - 2016-04-08 21:33 - 00000000 ____D C:\Program Files\mystarttb
2016-04-08 21:28 - 2016-04-08 21:28 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Uniblue
2016-04-08 21:28 - 2016-04-08 21:28 - 00000000 ____D C:\Program Files\Uniblue
2016-04-08 21:26 - 2016-04-08 21:26 - 00631808 _____ C:\WINDOWS\mob.dat
2016-04-08 21:26 - 2016-04-08 21:26 - 00417792 _____ C:\WINDOWS\mob.exe
2016-04-08 21:26 - 2016-04-08 21:26 - 00408576 _____ C:\WINDOWS\mmob.exe
2016-04-08 21:21 - 2016-04-08 21:27 - 00000000 ____D C:\Program Files\MixVideoPlayer
2016-04-08 21:21 - 2016-04-08 21:21 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceFountain
2016-04-08 21:21 - 2016-04-08 21:21 - 00000000 ____D C:\Users\lucca\AppData\Local\PriceFountain
2016-04-08 21:20 - 2016-04-08 21:21 - 00000000 ____D C:\Program Files\AnyFlix
2016-04-08 21:20 - 2016-04-08 21:20 - 00000000 ____D C:\Users\Todos os Usuários\891ee9fe-45f1-1
2016-04-08 21:20 - 2016-04-08 21:20 - 00000000 ____D C:\Users\Todos os Usuários\891ee9fe-37c1-0
2016-04-08 21:20 - 2016-04-08 21:20 - 00000000 ____D C:\ProgramData\891ee9fe-45f1-1
2016-04-08 21:20 - 2016-04-08 21:20 - 00000000 ____D C:\ProgramData\891ee9fe-37c1-0
2016-04-08 21:19 - 2016-04-08 21:25 - 00000000 ____D C:\Users\lucca\AppData\Local\Setup Wizard
2016-04-08 21:18 - 2016-04-08 21:18 - 00030624 _____ () C:\WINDOWS\system32\Drivers\bsdriver.sys
2016-04-08 21:18 - 2016-04-08 21:18 - 00000000 ____D C:\Users\lucca\AppData\Roaming\LatfBacb
2016-04-08 21:18 - 2016-04-08 21:18 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Iogiihlak
2016-04-08 21:18 - 2016-04-08 21:18 - 00000000 ____D C:\Users\lucca\AppData\LocalLow\Company
2016-04-08 21:18 - 2016-04-08 21:18 - 00000000 ____D C:\Users\lucca\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-04-08 21:18 - 2016-04-08 21:18 - 00000000 ____D C:\Users\lucca\AppData\Local\Tempfolder
2016-04-08 21:18 - 2016-04-08 21:18 - 00000000 ____D C:\uninst
2016-04-08 21:15 - 2016-04-08 21:15 - 00000000 ____D C:\Users\Todos os Usuários\b4f7898c-2735-0
2016-04-08 21:15 - 2016-04-08 21:15 - 00000000 ____D C:\Users\Todos os Usuários\b4f7898c-19a1-1
2016-04-08 21:15 - 2016-04-08 21:15 - 00000000 ____D C:\ProgramData\b4f7898c-2735-0
2016-04-08 21:15 - 2016-04-08 21:15 - 00000000 ____D C:\ProgramData\b4f7898c-19a1-1
2016-04-08 21:15 - 2016-04-08 21:15 - 00000000 ____D C:\Program Files\SkypeUpdateEx
2016-04-08 21:14 - 2016-04-08 21:14 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-04-08 21:14 - 2016-04-08 21:14 - 00000000 ____D C:\Users\Todos os Usuários\System32
2016-04-08 21:14 - 2016-04-08 21:14 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-04-08 21:14 - 2016-04-08 21:14 - 00000000 ____D C:\ProgramData\System32
2016-04-08 21:08 - 2016-04-08 21:08 - 00000000 ____D C:\WINDOWS\system32\SSL
2016-04-08 21:07 - 2016-04-08 21:07 - 00000000 ____D C:\Users\lucca\AppData\Roaming\FrivLauncher
2016-04-08 21:06 - 2016-04-08 21:06 - 00000000 ____D C:\Users\lucca\AppData\Roaming\XBox
2016-04-08 21:05 - 2016-04-08 21:05 - 00534528 _____ C:\Users\lucca\Downloads\Setup.iso
2016-04-08 20:29 - 2016-04-08 20:33 - 49281988 _____ C:\Users\lucca\Downloads\CUT-THE-ROPE-MAGIC-MOD-APK.apk
2016-04-08 20:15 - 2016-04-08 20:14 - 26713957 _____ C:\Users\lucca\Desktop\9_cut_the_rope_experiments.zip
2016-04-08 20:08 - 2016-04-08 20:28 - 50448063 _____ C:\Users\lucca\Downloads\10_cut_the_rope_experiments.zip
2016-04-08 20:08 - 2016-04-08 20:14 - 26713957 _____ C:\Users\lucca\Downloads\9_cut_the_rope_experiments.zip
2016-04-08 19:39 - 2016-04-08 21:18 - 00056128 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\cherimoya.sys
2016-04-08 18:12 - 2016-04-08 18:17 - 74982761 _____ C:\Users\lucca\Downloads\FNaF-maker.exe
2016-04-08 16:33 - 2016-04-08 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker VX Ace
2016-04-08 16:32 - 2016-04-08 16:32 - 00000000 ____D C:\Program Files\Enterbrain
2016-04-08 16:31 - 2016-04-08 16:34 - 279363703 _____ C:\Users\lucca\Desktop\Bonnie-Simulator.exe
2016-04-08 16:31 - 2016-04-08 16:05 - 109060957 _____ C:\Users\lucca\Desktop\Bonnie-Simulator-2-REMASTERED.exe
2016-04-08 16:05 - 2016-04-08 16:32 - 233344840 _____ (Enterbrain ) C:\Users\lucca\Downloads\RPGVXAce_Multi.exe
2016-04-08 16:02 - 2016-04-08 16:02 - 00000000 ____D C:\Users\lucca\Desktop\Bonnie Simulator
2016-04-08 15:55 - 2016-04-08 16:24 - 279363703 _____ C:\Users\lucca\Downloads\Bonnie-Simulator.exe
2016-04-08 15:55 - 2016-04-08 16:05 - 109060957 _____ C:\Users\lucca\Downloads\Bonnie-Simulator-2-REMASTERED.exe
2016-04-08 15:55 - 2016-04-08 16:00 - 19761936 _____ C:\Users\lucca\Downloads\Fan_Simulator.exe
2016-04-08 15:55 - 2016-04-08 15:56 - 08736414 _____ C:\Users\lucca\Downloads\Lenny-Simulator.exe
2016-04-08 15:54 - 2016-04-08 16:02 - 31486595 _____ C:\Users\lucca\Downloads\Bonnie-Simulator-(2).zip
2016-04-08 15:35 - 2016-04-08 15:42 - 15465345 _____ C:\Users\lucca\Downloads\One-night-at-Springtrap-2 (1).exe
2016-04-08 15:35 - 2016-04-08 15:41 - 08295181 _____ C:\Users\lucca\Downloads\two-nights-in-front-of-the-door-4.0.exe
2016-04-08 15:35 - 2016-04-08 15:40 - 11127583 _____ C:\Users\lucca\Downloads\PYPY'S-adventure-DEMO (1).exe
2016-04-08 15:35 - 2016-04-08 15:38 - 09098105 _____ C:\Users\lucca\Downloads\One-NIGHT-at-springtrap (1).exe
2016-04-08 15:35 - 2016-04-08 15:37 - 05204885 _____ C:\Users\lucca\Downloads\One-night-at-Springtrap-3 (1).exe
2016-04-08 15:28 - 2016-04-08 15:29 - 15465345 _____ C:\Users\lucca\Downloads\One-night-at-Springtrap-2.exe
2016-04-08 15:28 - 2016-04-08 15:29 - 09098105 _____ C:\Users\lucca\Downloads\One-NIGHT-at-springtrap.exe
2016-04-08 15:28 - 2016-04-08 15:28 - 06527425 _____ C:\Users\lucca\Downloads\two-nights-in-front-of-the-door-2.0.exe
2016-04-08 15:28 - 2016-04-08 15:28 - 05204885 _____ C:\Users\lucca\Downloads\One-night-at-Springtrap-3.exe
2016-04-08 15:27 - 2016-04-08 15:29 - 11127583 _____ C:\Users\lucca\Downloads\PYPY'S-adventure-DEMO.exe
2016-04-08 15:14 - 2016-04-08 15:14 - 00000000 ___HD C:\OneDriveTemp
2016-04-07 18:33 - 2016-04-08 21:24 - 00000000 ____D C:\Users\lucca\AppData\LocalLow\uTorrent
2016-04-07 18:13 - 2016-04-07 18:13 - 00279827 _____ C:\Users\lucca\Documents\Deporte y futuro.pptx
2016-04-03 17:18 - 2016-04-03 17:21 - 00000000 ____D C:\Users\lucca\Desktop\PlagueInc
2016-04-03 16:36 - 2016-04-03 16:36 - 198370266 _____ C:\Users\lucca\Downloads\Plague inc. Evolved By GRATESOFT.rar
2016-04-03 15:27 - 2016-04-03 15:30 - 00000000 ____D C:\Users\lucca\Desktop\rocketbuilder02
2016-04-03 15:27 - 2016-04-03 15:27 - 01011271 _____ C:\Users\lucca\Downloads\rocketbuilder02.zip
2016-04-01 17:52 - 2016-04-01 18:16 - 2973273108 _____ C:\Users\lucca\Desktop\RobloxPlayerBeta 2016-04-01 17-52-58-15.avi
2016-04-01 17:41 - 2016-04-01 17:41 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-04-01 16:30 - 2016-04-01 16:30 - 00000599 _____ C:\Users\Public\Desktop\Fraps.lnk
2016-04-01 16:30 - 2016-04-01 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-04-01 16:30 - 2016-04-01 16:30 - 00000000 ____D C:\Fraps
2016-04-01 16:28 - 2016-04-01 16:29 - 02629195 _____ C:\Users\lucca\Downloads\Fraps 3.5.9 ByLTT.rar
2016-04-01 16:18 - 2016-04-01 16:18 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-04-01 16:10 - 2016-04-01 16:10 - 00012686 _____ C:\Users\lucca\Downloads\Minecraft 1.8 .torrent
2016-04-01 16:03 - 2016-04-01 16:05 - 06284678 _____ C:\Users\lucca\Downloads\Minecraft (1).exe
2016-04-01 15:57 - 2016-04-01 15:57 - 00000000 ____D C:\Program Files\Common Files\Java
2016-04-01 15:51 - 2016-04-01 15:52 - 00376064 _____ C:\Users\lucca\Downloads\Minecraft Windows 10 free skins.rar
2016-03-31 20:23 - 2006-06-28 15:35 - 33554432 _____ C:\Users\lucca\Desktop\0479 - New Super Mario Bros. (E)(Supremacy).nds
2016-03-31 20:20 - 2016-03-31 20:21 - 12939669 _____ C:\Users\lucca\Downloads\0479 - New Super Mario Bros. (E)(Supremacy).7z
2016-03-31 16:13 - 2016-03-31 16:13 - 00000000 ____D C:\Users\lucca\Documents\My Games
2016-03-31 16:13 - 2016-03-31 16:13 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Steam
2016-03-31 16:11 - 2016-03-31 16:11 - 00001438 _____ C:\Users\lucca\Desktop\Goat Simulator GoatZ.lnk
2016-03-31 16:11 - 2016-03-31 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goat Simulator GoatZ
2016-03-31 16:07 - 2016-03-31 16:11 - 00000000 ____D C:\Program Files\Goat Simulator GoatZ
2016-03-31 16:04 - 2016-03-31 16:07 - 03494204 _____ ( ) C:\Users\lucca\Desktop\setup.exe
2016-03-31 16:00 - 1999-12-12 00:00 - 3186227540 ____N C:\Users\lucca\Desktop\setup-1.bin
2016-03-31 16:00 - 1999-12-12 00:00 - 00000000 ____D C:\Users\lucca\Desktop\PLAZA
2016-03-31 15:29 - 2016-03-31 15:55 - 21297230 _____ C:\Users\lucca\Downloads\Action Full CRACK.rar
2016-03-31 15:01 - 2016-03-31 15:45 - 00000000 ____D C:\Users\lucca\Desktop\Goat.Simulator.GoatZ-PLAZA
2016-03-31 14:59 - 2016-03-31 14:59 - 01049472 _____ (Hacuhohak ) C:\Users\lucca\Downloads\FlashPlayerPro.exe
2016-03-31 14:59 - 2016-03-31 14:59 - 00061421 _____ C:\Users\lucca\Downloads\Goat.Simulator.GoatZ-PLAZA-[rarbg.com].torrent
2016-03-30 20:48 - 2016-03-30 20:49 - 00000000 ____D C:\Users\lucca\AppData\Local\Mirillis
2016-03-30 20:48 - 2016-03-30 20:48 - 00000000 ____D C:\Users\Todos os Usuários\Mirillis
2016-03-30 20:48 - 2016-03-30 20:48 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Mirillis
2016-03-30 20:48 - 2016-03-30 20:48 - 00000000 ____D C:\ProgramData\Mirillis
2016-03-30 20:48 - 2016-03-30 20:48 - 00000000 ____D C:\Action!
2016-03-30 20:47 - 2016-03-31 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2016-03-30 20:46 - 2016-03-31 15:32 - 00000000 ____D C:\Program Files\Mirillis
2016-03-30 20:43 - 2016-03-31 15:51 - 21683184 _____ (Mirillis Ltd.) C:\Users\lucca\Downloads\action_1_30_0_setup.exe
2016-03-30 19:48 - 2016-03-30 19:48 - 00000000 ____D C:\Users\lucca\Tracing
2016-03-30 19:45 - 2016-04-08 21:28 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Skype
2016-03-30 19:45 - 2016-04-07 13:37 - 00000000 ___RD C:\Program Files\Skype
2016-03-30 19:45 - 2016-03-30 19:45 - 00002630 _____ C:\Users\Public\Desktop\Skype.lnk
2016-03-30 19:45 - 2016-03-30 19:45 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-03-30 19:45 - 2016-03-30 19:45 - 00000000 ____D C:\ProgramData\Skype
2016-03-30 19:45 - 2016-03-30 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-30 19:45 - 2016-03-30 19:45 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-03-30 19:43 - 2016-03-30 19:43 - 01503872 _____ (Skype Technologies S.A.) C:\Users\lucca\Downloads\SkypeSetup.exe
2016-03-30 15:04 - 2016-03-30 15:04 - 00000000 ____D C:\Users\Todos os Usuários\Origin
2016-03-30 15:04 - 2016-03-30 15:04 - 00000000 ____D C:\ProgramData\Origin
2016-03-30 14:52 - 2016-03-30 15:48 - 00001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2016-03-30 14:52 - 2016-03-30 14:52 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-03-30 14:52 - 2014-10-19 15:54 - 00447752 _____ (On2.com) C:\WINDOWS\system32\vp6vfw.dll
2016-03-30 14:45 - 2016-03-30 15:48 - 00000000 ____D C:\Program Files\The Sims 4
2016-03-29 14:40 - 2016-03-29 14:40 - 00023112 _____ C:\Users\lucca\Downloads\The Sims 4 Kira Tutors.torrent
2016-03-29 14:36 - 2016-03-29 14:36 - 02094080 _____ (BitTorrent Inc.) C:\Users\lucca\Downloads\uTorrent.exe
2016-03-29 13:47 - 2016-03-29 13:47 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\Microsoft Help
2016-03-29 13:47 - 2016-03-29 13:47 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-03-29 13:47 - 2016-03-29 13:47 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-03-28 19:49 - 2016-03-28 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-03-28 19:48 - 2016-03-31 13:55 - 00000000 ____D C:\Program Files\Microsoft Works
2016-03-28 19:48 - 2009-02-27 03:42 - 00031640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msonpmon.dll
2016-03-28 19:47 - 2016-03-28 19:47 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-03-28 19:44 - 2016-04-05 14:04 - 00000000 ____D C:\Program Files\Microsoft Office
2016-03-28 19:44 - 2016-04-01 17:48 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-03-28 19:44 - 2016-03-28 19:44 - 00000000 ____D C:\Users\lucca\AppData\Local\Microsoft Help
2016-03-28 19:43 - 2016-03-28 19:43 - 00000000 __RHD C:\MSOCache
2016-03-24 15:25 - 2016-03-24 15:42 - 00000000 ____D C:\Users\lucca\AppData\Local\Matemática - Compreensão e Prática 8
2016-03-24 15:21 - 2016-03-24 15:21 - 00001208 _____ C:\Users\Public\Desktop\Matemática - Compreensão e Prática 8.lnk
2016-03-24 15:21 - 2016-03-24 15:21 - 00000000 ____D C:\Users\lucca\AppData\Roaming\edm
2016-03-24 15:20 - 2016-03-24 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Editora Moderna
2016-03-24 15:18 - 2016-03-24 15:18 - 00000000 ____D C:\Program Files\Editora Moderna
2016-03-23 20:55 - 1996-12-24 18:32 - 67108864 _____ C:\Users\lucca\Desktop\0216 - Mario & Luigi - Partners in Time (U)(SCZ).nds
2016-03-23 17:14 - 2016-03-23 17:18 - 35708292 _____ C:\Users\lucca\Downloads\0216 - Mario & Luigi - Partners in Time (U)(SCZ).7z
2016-03-22 15:39 - 2016-03-22 15:39 - 00000000 ____D C:\Users\lucca\AppData\LocalLow\Temp
2016-03-21 17:30 - 2016-03-21 17:35 - 00000000 ____D C:\Users\lucca\Documents\ROBLOX
2016-03-20 15:29 - 2016-03-31 21:49 - 00001334 _____ C:\Users\lucca\Desktop\desmume.ini
2016-03-20 15:29 - 2016-03-31 21:08 - 00000000 ____D C:\Users\lucca\Desktop\Cheats
2016-03-20 15:29 - 2016-03-31 20:32 - 00000000 ____D C:\Users\lucca\Desktop\Battery
2016-03-20 15:29 - 2016-03-20 15:29 - 00000000 ____D C:\Users\lucca\Desktop\States
2016-03-19 21:45 - 2016-03-19 22:07 - 00000000 ____D C:\Users\lucca\Desktop\Kerbal Space Program
2016-03-19 20:50 - 2016-03-19 21:28 - 195765728 _____ C:\Users\lucca\Downloads\Kerbal Space Program 0.23 Milo74237.rar
2016-03-18 21:43 - 2016-03-18 21:45 - 03353864 _____ C:\Users\lucca\Downloads\4969 - Club Penguin - EPF - Herbert's Revenge (U).zip
2016-03-18 21:42 - 2016-03-18 21:45 - 01316710 _____ C:\Users\lucca\Downloads\0560 - Cooking Mama (U)(Psyfer).7z
2016-03-18 21:40 - 2016-03-18 21:45 - 05649476 _____ C:\Users\lucca\Downloads\6085 - Club Penguin - Elite Penguin Force (v1.2) (U)(iND).7z
2016-03-18 19:31 - 2016-03-18 19:56 - 00000000 ____D C:\Users\lucca\AppData\Local\CSO
2016-03-18 19:31 - 2016-03-18 19:35 - 00065768 _____ (Wellbia.com) C:\WINDOWS\xhunter1.sys
2016-03-18 19:31 - 2016-03-18 19:31 - 00000000 ____D C:\Users\Todos os Usuários\Nexon
2016-03-18 19:31 - 2016-03-18 19:31 - 00000000 ____D C:\ProgramData\Nexon
2016-03-18 14:51 - 2016-03-18 15:16 - 08393504 _____ C:\Users\lucca\Downloads\18223.ppsx
2016-03-18 14:37 - 2016-03-18 14:37 - 00000216 _____ C:\Users\lucca\Desktop\Counter-Strike Nexon Zombies.url
2016-03-17 17:09 - 2016-03-17 17:10 - 00000000 ____D C:\Users\lucca\Documents\My Spore Creations
2016-03-17 17:09 - 2016-03-17 17:10 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Spore
2016-03-17 17:09 - 2016-03-17 17:09 - 00000000 ____D C:\Users\lucca\AppData\Local\SKIDROW
2016-03-17 17:08 - 2016-03-17 17:08 - 00001572 _____ C:\Users\Public\Desktop\Spore.lnk
2016-03-17 17:08 - 2016-03-17 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spore
2016-03-17 16:56 - 2016-03-17 16:56 - 00000000 ____D C:\Games
2016-03-17 15:52 - 2016-03-17 16:55 - 00000000 ____D C:\Users\lucca\Desktop\Spore.Complete.Edition.Multi-RU.Repack.by.z10yded
2016-03-17 15:52 - 2016-03-17 15:52 - 00022743 _____ C:\Users\lucca\Downloads\SPORE COMPLETO BY FELIPETUTORIAIS.torrent
2016-03-17 15:47 - 2016-03-17 15:47 - 00370263 _____ () C:\Users\lucca\Downloads\Spore.exe
2016-03-17 15:39 - 2016-03-17 15:39 - 00000000 ____D C:\Users\lucca\AppData\Roaming\EbkReader
2016-03-17 15:38 - 2016-03-17 15:39 - 00370263 _____ () C:\Users\lucca\Desktop\Spore.exe
2016-03-16 15:24 - 2016-03-16 15:24 - 00000000 ____D C:\Users\lucca\AppData\LocalLow\Hyper Hippo Productions Ltd_
2016-03-16 15:15 - 2016-03-16 15:15 - 00000216 _____ C:\Users\lucca\Desktop\AdVenture Capitalist.url
2016-03-13 17:02 - 2016-03-13 17:31 - 08126464 _____ C:\Users\lucca\Downloads\YandereSimMarch5th (1).rar
2016-03-13 16:30 - 2016-03-13 17:00 - 165622100 _____ C:\Users\lucca\Downloads\YandereSimMarch5th.rar.3htkc8g.partial
2016-03-13 13:41 - 2016-03-13 13:41 - 00000876 _____ C:\Users\lucca\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-03-13 13:37 - 2016-04-08 21:34 - 00000000 ____D C:\Users\lucca\AppData\Roaming\uTorrent
2016-03-13 13:33 - 2016-03-13 13:40 - 02094080 _____ (BitTorrent Inc.) C:\Users\lucca\Desktop\uTorrent.exe
2016-03-11 16:33 - 2016-03-11 16:33 - 00000000 ____D C:\Users\lucca\AppData\Local\GameMaker_Player
2016-03-11 16:30 - 2016-03-11 16:30 - 00000216 _____ C:\Users\lucca\Desktop\GameMaker Studio.url
2016-03-09 16:27 - 2016-03-09 16:58 - 00000000 ____D C:\Users\lucca\Documents\Universe Sandbox ²
2016-03-09 16:22 - 2016-03-09 16:22 - 00000000 ____D C:\Users\lucca\AppData\LocalLow\Giant Army
2016-03-09 14:51 - 2016-03-09 16:20 - 665506608 _____ C:\Users\lucca\Downloads\Universe Sandbox 2 Captain Pirate (1).zip
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-08 21:24 - 2016-02-17 17:32 - 00000000 ____D C:\Program Files\Steam
2016-04-08 21:24 - 2016-01-09 20:49 - 00000000 ___RD C:\Users\lucca\OneDrive
2016-04-08 21:23 - 2016-01-09 22:45 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-08 21:23 - 2016-01-09 20:31 - 00000000 ____D C:\Users\lucca
2016-04-08 21:22 - 2016-01-09 20:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-08 20:51 - 2016-01-09 22:45 - 00001082 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-08 20:19 - 2016-01-09 22:43 - 00001244 _____ C:\Users\lucca\Desktop\ROBLOX Studio.lnk
2016-04-08 20:19 - 2016-01-09 22:43 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2016-04-08 20:13 - 2016-02-16 15:04 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup
2016-04-08 20:13 - 2016-02-16 15:04 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-04-08 16:17 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-08 16:06 - 2016-02-18 14:58 - 00000000 ____D C:\Users\lucca\AppData\Roaming\MMFApplications
2016-04-08 15:22 - 2015-10-30 02:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-04 17:41 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-03 14:38 - 2016-02-17 17:32 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-04-01 16:18 - 2016-01-11 20:39 - 00000000 ____D C:\Users\lucca\AppData\Roaming\.minecraft
2016-04-01 16:05 - 2016-01-11 20:55 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-04-01 16:05 - 2016-01-11 20:55 - 00000000 ____D C:\ProgramData\Oracle
2016-04-01 15:58 - 2016-01-11 20:55 - 00000000 ____D C:\Program Files\Java
2016-04-01 15:57 - 2016-01-11 20:55 - 00000000 ____D C:\Users\lucca\.oracle_jre_usage
2016-04-01 15:57 - 2016-01-11 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-01 15:56 - 2016-01-11 20:55 - 00095808 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-03-31 20:29 - 2016-01-09 20:25 - 00235920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-31 18:35 - 2016-01-09 22:46 - 00001429 _____ C:\Users\lucca\Desktop\ROBLOX Player.lnk
2016-03-31 13:55 - 2015-10-30 02:48 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-30 19:23 - 2016-01-10 19:51 - 00002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-30 19:23 - 2016-01-09 22:48 - 00002216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-30 16:07 - 2016-03-06 18:06 - 00000000 ____D C:\Users\lucca\Desktop\arquivos de emulador
2016-03-28 20:49 - 2016-01-09 20:43 - 00000000 ____D C:\Users\lucca\AppData\Local\Packages
2016-03-28 20:45 - 2015-10-30 02:47 - 00000000 ____D C:\WINDOWS\INF
2016-03-28 20:06 - 2016-01-09 19:03 - 00049840 _____ C:\Users\lucca\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-28 19:44 - 2015-10-30 12:22 - 00000000 ____D C:\WINDOWS\ShellNew
2016-03-24 13:59 - 2015-10-30 02:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-21 17:42 - 2016-01-09 22:43 - 00000000 ____D C:\Users\lucca\AppData\Local\Roblox
2016-03-18 14:37 - 2016-02-17 17:50 - 00000000 ____D C:\Users\lucca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-17 15:43 - 2015-10-30 02:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-14 21:22 - 2016-01-09 20:40 - 01819274 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-14 21:22 - 2015-10-30 12:14 - 00785262 _____ C:\WINDOWS\system32\prfh0416.dat
2016-03-14 21:22 - 2015-10-30 12:14 - 00154048 _____ C:\WINDOWS\system32\prfc0416.dat
2016-03-11 13:56 - 2016-01-09 20:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-11 13:51 - 2016-01-09 20:57 - 141270216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 19:22 - 2015-10-30 02:48 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-09 19:22 - 2015-10-30 02:48 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-09 16:21 - 2015-08-25 19:55 - 00000000 ____D C:\Users\lucca\Desktop\Universe.Sandbox.2
2016-03-09 14:08 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\rescache
==================== Arquivos na raiz de alguns diretórios =======
2016-04-08 21:17 - 2016-04-08 21:17 - 0000944 _____ () C:\Users\lucca\AppData\Roaming\Bubble Dock.boostrap.log
Arquivos para serem movidos ou deletados:
====================
C:\Users\lucca\AppData\Local\Temp\is-LECTV.tmp\print.exe
Alguns arquivos em TEMP:
====================
C:\Users\lucca\AppData\Local\Temp\3d51890c7b88e4feeeed777176b46429.dll
C:\Users\lucca\AppData\Local\Temp\c4cf565d231687e99f70ce6a3eb253cc.dll
C:\Users\lucca\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\lucca\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\lucca\AppData\Local\Temp\setup.tmp.exe
C:\Users\lucca\AppData\Local\Temp\uttB51B.tmp.exe
C:\Users\lucca\AppData\Local\Temp\ytb.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-04-05 20:06
==================== Fim de FRST.txt ============================