Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:18-04-2016
Executado por Oliveira (administrador) em OLIVEIRA-PC (21-04-2016 10:52:45)
Executando a partir de C:\Users\Oliveira\Downloads
Perfis Carregados: Oliveira (Perfis Disponíveis: Oliveira)
Platform: Microsoft Windows 7 Professional (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Users\Oliveira\AppData\Roaming\Byknog\Byknog.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(BitTorrent Inc.) C:\Users\Oliveira\AppData\Roaming\uTorrent\uTorrent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(BitTorrent Inc.) C:\Users\Oliveira\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
(BitTorrent Inc.) C:\Users\Oliveira\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Users\Oliveira\AppData\Roaming\Byknog\Ejihp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1409024 2009-05-18] (VIA)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-10-13] (NVIDIA Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3280728 2015-11-18] (Disc Soft Ltd)
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [Autodesk Sync] => [X]
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [uTorrent] => C:\Users\Oliveira\AppData\Roaming\uTorrent\uTorrent.exe [1959424 2016-04-08] (BitTorrent Inc.)
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [644240 2016-02-26] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [YeaInstaller] => C:\Users\Oliveira\AppData\Local\Temp\RLLMSEMXG\4AR10ESYF.exe [1970176 2016-04-20] (TZ) <===== ATENÇÃO
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6667992 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [msiql] => c:\programdata\msiql.exe [1917440 2016-04-19] ()
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /AUTORUN
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\MountPoints2: {479921a3-8e36-11e5-bf46-002511bb67ad} - E:\autorun.exe
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\MountPoints2: {7f1514c0-92b1-11de-ba41-806e6f6e6963} - D:\Setup.EXE
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
Startup: C:\Users\Oliveira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-03-23]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{e29ac6c2-7037-11de-816d-806e6f6e6963}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{F81343E8-F12B-4BDC-8C9D-019B3A58D9FD}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{F81343E8-F12B-4BDC-8C9D-019B3A58D9FD}: [DhcpNameServer] 192.168.25.1
Internet Explorer:
==================
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com.br/
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
FireFox:
========
FF ProfilePath: C:\Users\Oliveira\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF NewTab: hxxp://www.yessearches.com/?ts=AHEqAH4tC3MmAk..&v=20160419&uid=39B4BF4C1674D785D64090874B9BB10C&ptid=wak&mode=ffseng
FF DefaultSearchEngine: yessearches
FF SelectedSearchEngine: yessearches
FF Homepage: search.mpc.am
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [Nenhum Arquivo]
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [Nenhum Arquivo]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Oliveira\AppData\Roaming\Mozilla\Firefox\Profiles\thfflhnh.default\user.js [2016-04-20]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2008-05-29] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Oliveira\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\DD1B66D4.xml [2016-04-20]
FF Extension: GsearchFinder - C:\Users\Oliveira\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi [2016-04-20]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-branding.js [2008-05-29]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-l10n.js [2008-05-29]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox.js [2008-05-29]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\reporter.js [2008-05-29]
Chrome:
=======
CHR HomePage: Default -> search.mpc.am
CHR Profile: C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2009-09-15]
CHR Extension: (Google Docs) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2009-09-15]
CHR Extension: (Google Drive) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-27]
CHR Extension: (YouTube) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-27]
CHR Extension: (Google Search) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-27]
CHR Extension: (Planilhas do Google) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2009-09-15]
CHR Extension: (Documentos Google off-line) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-16]
CHR Extension: (Video DownloadHelper) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2016-01-25]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (No BBB) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\pffipagakjgfndljjpkbdpoimojmgjca [2016-02-10]
CHR Extension: (Gmail) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-27]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-03-23] (Adobe Systems) [Arquivo não assinado]
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Appinfo; C:\Windows\System32\appinfo.dll [46592 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [149504 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [473088 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [473088 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 BFE; C:\Windows\System32\bfe.dll [493568 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 BITS; C:\Windows\System32\qmgr.dll [589312 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 Browser; C:\Windows\System32\browser.dll [102400 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 bthserv; C:\Windows\system32\bthserv.dll [64512 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [135680 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 CscService; C:\Windows\System32\cscsvc.dll [544256 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [376320 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [253440 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1081688 2015-11-18] (Disc Soft Ltd)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 DPS; C:\Windows\system32\dps.dll [143360 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 EFS; C:\Windows\System32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [557056 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 ehSched; C:\Windows\ehome\ehsched.exe [94720 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1086464 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 EventSystem; C:\Windows\system32\es.dll [271360 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Fax; C:\Windows\system32\fxssvc.exe [522752 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 fdPHost; C:\Windows\system32\fdPHost.dll [12800 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 FDResPub; C:\Windows\system32\fdrespub.dll [28160 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 FontCache; C:\Windows\system32\FntCache.dll [797696 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2015-10-13] (NVIDIA Corporation)
S2 GoogleChromeUpService; C:\ProgramData\service.exe [1747456 2016-04-19] () [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2783744 2016-04-21] (TODO: ) [Arquivo não assinado]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [591360 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 hidserv; C:\Windows\system32\hidserv.dll [49152 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [71168 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [194560 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [165376 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 IKEEXT; C:\Windows\System32\ikeext.dll [667136 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [78848 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [497152 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 KeyIso; C:\Windows\system32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [308736 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [168448 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [84480 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [67584 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 MMCSS; C:\Windows\system32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [565760 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [114688 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 msiserver; C:\Windows\System32\msiexec.exe [73216 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 napagent; C:\Windows\system32\qagentRT.dll [330240 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Netlogon; C:\Windows\system32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [242688 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 nsi; C:\Windows\system32\nsisvc.dll [19456 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-10-13] (NVIDIA Corporation)
R2 Nymlucirio; C:\Users\Oliveira\AppData\Roaming\Byknog\Byknog.exe [174472 2016-04-17] ()
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 p2psvc; C:\Windows\system32\p2psvc.dll [327680 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 PcaSvc; C:\Windows\System32\pcasvc.dll [154624 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1004544 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 pla; C:\Windows\system32\pla.dll [1508864 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [294400 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [20480 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350720 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Power; C:\Windows\system32\umpo.dll [119808 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [162816 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 ProtectedStorage; C:\Windows\system32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 RasMan; C:\Windows\System32\rasmans.dll [285184 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [112640 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 RpcLocator; C:\Windows\system32\locator.exe [9216 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 RpcSs; C:\Windows\system32\rpcss.dll [376320 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 SamSs; C:\Windows\system32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [146576 2016-02-26] (Sandboxie Holdings, LLC)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Schedule; C:\Windows\system32\schedsvc.dll [743424 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [25088 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [99328 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Spooler; C:\Windows\System32\spoolsv.exe [316416 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3179520 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [53760 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [90112 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 StiSvc; C:\Windows\System32\wiaservc.dll [462336 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 StorSvc; C:\Windows\system32\storsvc.dll [16384 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 SysMain; C:\Windows\system32\sysmain.dll [1169408 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [73728 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [241664 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 TermService; C:\Windows\System32\termsrv.dll [543232 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [35840 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 UmRdpService; C:\Windows\System32\umrdp.dll [154624 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 VaultSvc; C:\Windows\system32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 vds; C:\Windows\System32\vds.exe [452608 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 VSS; C:\Windows\system32\vssvc.exe [1025536 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 W32Time; C:\Windows\system32\w32time.dll [288768 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 wbengine; C:\Windows\system32\wbengine.exe [1202688 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276480 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [76288 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [76288 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WebClient; C:\Windows\System32\webclnt.dll [202240 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [147968 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [348672 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [168960 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [1175040 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1121280 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [84480 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [428032 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 wuauserv; C:\Windows\system32\wuaueng.dll [1912832 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [64512 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [185856 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S2 BugreportW; "C:\Program Files\yesbnd\jefish.exe" {154DFF63-3402-4815-941A-AAD63AE8B428} [X]
S2 clcmanagersrv; "C:\Program Files\Clcegh\clcmanagersrv.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 1394ohci; C:\Windows\system32\DRIVERS\1394ohci.sys [163328 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 AcpiPmi; C:\Windows\system32\DRIVERS\acpipmi.sys [9728 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 AFD; C:\Windows\system32\drivers\afd.sys [338944 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [55296 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [52736 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2008-10-16] (Atheros Communications, Inc.) [Arquivo não assinado]
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Broadcom Corporation) [Arquivo não assinado]
S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Broadcom Corporation) [Arquivo não assinado]
R1 Beep; C:\Windows\system32\Drivers\Beep.sys [6144 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Brother Industries, Ltd.) [Arquivo não assinado]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Brother Industries, Ltd.) [Arquivo não assinado]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-13] (Brother Industries Ltd.) [Arquivo não assinado]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Brother Industries Ltd.) [Arquivo não assinado]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Brother Industries Ltd.) [Arquivo não assinado]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Brother Industries Ltd.) [Arquivo não assinado]
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [56320 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [62272 2016-04-17] () [Arquivo não assinado]
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [37888 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [14080 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [31232 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 CSC; C:\Windows\System32\drivers\csc.sys [387584 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5120 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2015-11-19] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [39992 2015-11-19] (Disc Soft Ltd)
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [720896 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Broadcom Corporation) [Arquivo não assinado]
S3 ErrDev; C:\Windows\system32\DRIVERS\errdev.sys [7168 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 exfat; C:\Windows\system32\Drivers\exfat.sys [142336 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 fastfat; C:\Windows\system32\Drivers\fastfat.sys [148480 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 fdc; C:\Windows\System32\DRIVERS\fdc.sys [25088 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [19968 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [49496 2015-09-03] (GAS Tecnologia)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-13] (Hauppauge Computer Works, Inc.) [Arquivo não assinado]
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [304128 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [108544 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [21504 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [91136 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [37888 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513024 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [80896 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [4569088 2009-02-26] (Intel Corporation) [Arquivo não assinado]
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [65536 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [28160 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [86528 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [115712 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123392 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [221184 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [95744 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [12288 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2015-11-22] (GAS Tecnologia)
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [45568 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 NDProxy; C:\Windows\system32\Drivers\NDProxy.sys [48128 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 Npfs; C:\Windows\system32\Drivers\Npfs.sys [35328 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 Null; C:\Windows\system32\Drivers\Null.sys [4608 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2015-10-13] (NVIDIA Corporation)
S3 ohci1394; C:\Windows\system32\DRIVERS\ohci1394.sys [62464 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 Parport; C:\Windows\System32\DRIVERS\parport.sys [79360 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Parvdm; C:\Windows\System32\DRIVERS\parvdm.sys [8704 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [52224 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [241664 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [18944 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [133120 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [177152 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [5632 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [176784 2016-02-26] (Sandboxie Holdings, LLC)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113984 2015-04-07] (Power Software Ltd)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Arquivo não assinado]
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [17920 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [83456 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [19968 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 sffdisk; C:\Windows\system32\DRIVERS\sffdisk.sys [11264 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 sffp_mmc; C:\Windows\system32\DRIVERS\sffp_mmc.sys [12288 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 sffp_sd; C:\Windows\system32\DRIVERS\sffp_sd.sys [12800 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [13824 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2016-02-28] (Duplex Secure Ltd.)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [309760 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [306688 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [113664 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [34816 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [17920 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24064 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74240 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [30208 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [39936 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [8192 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [75264 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 usbcir; C:\Windows\system32\DRIVERS\usbcir.sys [86016 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [41472 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 usbohci; C:\Windows\system32\DRIVERS\usbohci.sys [20480 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [35840 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [74752 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [24064 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 ViaC7; C:\Windows\system32\DRIVERS\viac7.sys [52736 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1047552 2009-05-08] (VIA Technologies, Inc.) [Arquivo não assinado]
S3 VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [17920 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [19968 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [21632 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [34944 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WmiAcpi; C:\Windows\system32\DRIVERS\wmiacpi.sys [11264 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [92672 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [132224 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
U3 a9ycuq7b; C:\Windows\system32\Drivers\a9ycuq7b.sys [0 ] (Advanced Micro Devices) <==== ATENÇÃO (zero byte Arquivo/Pasta)
S0 gbpddreg; system32\drivers\gbpddreg32.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [X]
S3 gkernel; \??\C:\Users\Oliveira\AppData\Local\Temp\gkernel.sys [X]
S0 MPCBase; System32\drivers\MPCBase.sys [X]
S1 MPCKpt; system32\DRIVERS\MPCKpt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-21 10:52 - 2016-04-21 10:53 - 00048099 _____ C:\Users\Oliveira\Downloads\FRST.txt
2016-04-21 10:52 - 2016-04-21 10:52 - 01726464 _____ (Farbar) C:\Users\Oliveira\Downloads\FRST.exe
2016-04-21 10:52 - 2016-04-21 10:52 - 00000000 ____D C:\FRST
2016-04-21 10:51 - 2016-04-21 10:51 - 02375680 _____ (Farbar) C:\Users\Oliveira\Downloads\FRST64.exe
2016-04-21 10:25 - 2016-04-21 10:25 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-04-21 10:25 - 2016-04-21 10:25 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-04-21 10:25 - 2016-04-21 10:25 - 00000000 ____D C:\Program Files\osTip
2016-04-21 10:24 - 2016-04-21 10:24 - 02783744 _____ (TODO: ) C:\Users\Oliveira\AppData\Roaming\svrupg.exe
2016-04-21 10:24 - 2016-04-21 10:24 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-04-21 10:24 - 2016-04-21 10:24 - 00000000 ____D C:\ProgramData\Windows Update
2016-04-20 23:12 - 2016-04-20 23:12 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-20 23:12 - 2016-04-20 23:12 - 00000000 ____D C:\Program Files\CCleaner
2016-04-20 23:02 - 2016-04-20 23:03 - 06868672 _____ (Piriform Ltd) C:\Users\Oliveira\Downloads\ccsetup516.exe
2016-04-20 22:31 - 2016-04-20 22:13 - 00071844 _____ C:\Users\Todos os Usuários\YSIns.exe
2016-04-20 22:31 - 2016-04-20 22:13 - 00071844 _____ C:\ProgramData\YSIns.exe
2016-04-20 22:28 - 2016-04-20 22:28 - 00000000 ____D C:\Windows\system32\abal
2016-04-20 22:06 - 2016-04-20 22:07 - 00000908 _____ C:\Windows\system32\${LOGFILE}
2016-04-20 21:59 - 2016-04-20 21:59 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\MCorp
2016-04-20 21:55 - 2016-04-20 21:55 - 00000000 ____D C:\Users\Oliveira\AppData\Local\tuto_monetize_220160420
2016-04-20 21:50 - 2016-04-20 21:50 - 04193376 ____T C:\Windows\system32\mfs5DE5.tmp
2016-04-20 21:50 - 2016-04-20 21:50 - 03735062 ____T C:\Windows\system32\mfs4AA1.tmp
2016-04-20 21:50 - 2016-04-20 21:50 - 00655174 ____T C:\Windows\system32\mfsC8D0.tmp
2016-04-20 21:50 - 2016-04-20 21:50 - 00000000 ____T C:\Windows\system32\mfsB732.tmp
2016-04-20 21:50 - 2016-04-20 21:50 - 00000000 ____T C:\Windows\system32\mfs80B5.tmp
2016-04-20 21:50 - 2016-04-20 21:50 - 00000000 ____T C:\Windows\system32\mfs5E35.tmp
2016-04-20 21:50 - 2016-04-20 21:50 - 00000000 ____T C:\Windows\system32\mfs5E24.tmp
2016-04-20 21:50 - 2016-04-20 21:50 - 00000000 ____D C:\Users\Oliveira\AppData\Local\tuto_monetize_120160420
2016-04-20 21:50 - 2016-04-19 12:50 - 01917440 _____ C:\Users\Todos os Usuários\msiql.exe
2016-04-20 21:50 - 2016-04-19 12:50 - 01917440 _____ C:\ProgramData\msiql.exe
2016-04-20 21:49 - 2016-04-20 22:24 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\Byknog
2016-04-20 21:49 - 2016-04-20 21:49 - 09305089 ____T C:\Windows\system32\mfs5D1A.tmp
2016-04-20 21:49 - 2016-04-20 21:49 - 06290227 ____T C:\Windows\system32\mfsD15A.tmp
2016-04-20 21:49 - 2016-04-20 21:49 - 05896089 ____T C:\Windows\system32\mfs529E.tmp
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____T C:\Windows\system32\mfsBA9D.tmp
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____T C:\Windows\system32\mfs8288.tmp
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____T C:\Windows\system32\mfs6A75.tmp
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____D C:\Users\Oliveira\AppData\LocalLow\Company
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____D C:\Users\Oliveira\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____D C:\Users\Oliveira\AppData\Local\Tempfolder
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____D C:\Users\Oliveira\AppData\Local\csdi_monetize_220160420
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____D C:\uninst
2016-04-20 21:49 - 2016-04-19 06:10 - 01747456 _____ C:\Users\Todos os Usuários\service.exe
2016-04-20 21:49 - 2016-04-19 06:10 - 01747456 _____ C:\Users\Oliveira\AppData\Roaming\service.exe
2016-04-20 21:49 - 2016-04-19 06:10 - 01747456 _____ C:\ProgramData\service.exe
2016-04-20 21:48 - 2016-04-20 21:49 - 00000000 ____T C:\Windows\system32\mfsB20.tmp
2016-04-20 21:48 - 2016-04-20 21:48 - 00127488 _____ C:\Users\Oliveira\AppData\Roaming\Installer.dat
2016-04-20 21:48 - 2016-04-20 21:48 - 00118597 _____ C:\Users\Oliveira\AppData\Roaming\inst.lat
2016-04-20 21:48 - 2016-04-20 21:48 - 00011568 _____ C:\Users\Oliveira\AppData\Roaming\InstallationConfiguration.xml
2016-04-20 21:48 - 2016-04-20 21:48 - 00000000 ____D C:\Users\Todos os Usuários\8878513e-63f3-1
2016-04-20 21:48 - 2016-04-20 21:48 - 00000000 ____D C:\Users\Todos os Usuários\8878513e-1bd5-0
2016-04-20 21:48 - 2016-04-20 21:48 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-04-20 21:48 - 2016-04-20 21:48 - 00000000 ____D C:\ProgramData\8878513e-63f3-1
2016-04-20 21:48 - 2016-04-20 21:48 - 00000000 ____D C:\ProgramData\8878513e-1bd5-0
2016-04-20 21:47 - 2016-04-20 21:47 - 00000000 ____D C:\Users\Oliveira\AppData\Local\csdi_monetize_320160420
2016-04-20 21:41 - 2016-04-20 22:14 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\WTools
2016-04-20 21:40 - 2016-04-20 22:18 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\Store
2016-04-20 21:39 - 2016-04-20 22:07 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\Nosibay
2016-04-20 21:32 - 2016-04-20 21:35 - 00000000 ____D C:\Users\Oliveira\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-20 21:31 - 2016-04-20 21:42 - 00000000 ____D C:\Windows\system32\SSL
2016-04-20 21:29 - 2016-04-20 21:30 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-20 21:29 - 2016-04-20 21:29 - 02744087 _____ C:\Windows\chromebrowser.exe
2016-04-20 09:34 - 2016-04-21 10:24 - 00000000 ____D C:\Users\Oliveira\AppData\LocalLow\uTorrent
2016-04-17 06:40 - 2016-04-17 06:40 - 00062272 _____ C:\Windows\system32\Drivers\cherimoya.sys
2016-04-14 23:04 - 2016-04-14 23:04 - 00000000 ____D C:\Originals
2016-04-14 21:54 - 2016-04-20 22:49 - 00017845 _____ C:\Users\Oliveira\Downloads\RETIRO.xlsx
2016-04-14 18:32 - 2016-04-20 23:14 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\MPC-HC
2016-04-14 18:26 - 2016-04-14 18:26 - 37895108 _____ ( ) C:\Users\Oliveira\Downloads\K-Lite_Codec_Pack_1180_Full.exe
2016-04-14 15:06 - 2016-04-14 15:14 - 00000000 ____D C:\Users\Oliveira\Desktop\Star Wars - O Despertar da Força 2016 [1080p] WWW.BLUDV.COM
2016-04-06 13:11 - 2016-04-06 13:11 - 00112112 _____ C:\Users\Oliveira\Downloads\escalonamento_matricula_prosel_2016_1.pdf
2016-04-06 13:02 - 2016-04-06 13:02 - 00239446 _____ C:\Users\Oliveira\Downloads\relacao_documentos_prosel_2016_1.pdf
2016-04-01 22:47 - 2016-04-20 22:49 - 00017845 _____ C:\RETIRO.xlsx
2016-03-30 20:57 - 2016-03-30 20:57 - 04571734 _____ C:\Users\Oliveira\Desktop\PROJETO LIVE E MARCELO.psd
2016-03-30 17:12 - 2016-04-14 23:01 - 00015360 ____H C:\Users\Oliveira\Desktop\photothumb.db
2016-03-30 12:32 - 2016-03-30 12:32 - 00262620 _____ C:\Users\Oliveira\Downloads\isencao161_resultado_final.pdf
2016-03-25 15:26 - 2016-03-25 15:26 - 00000000 ___RD C:\Sandbox
2016-03-25 15:25 - 2016-04-16 23:09 - 00001546 _____ C:\Windows\Sandboxie.ini
2016-03-25 15:25 - 2016-03-25 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-03-25 15:25 - 2016-03-25 15:25 - 00000000 ____D C:\Program Files\Sandboxie
2016-03-25 15:24 - 2016-03-25 15:25 - 08584848 _____ (Sandboxie Holdings, LLC) C:\Users\Oliveira\Downloads\SandboxieInstall.exe
2016-03-25 14:21 - 2016-03-25 14:21 - 00161588 _____ C:\Users\Oliveira\Downloads\Grand Chase Cash (1).torrent
2016-03-25 10:56 - 2016-03-25 10:56 - 00094377 _____ C:\Users\Oliveira\Desktop\SQ.pdf
2016-03-25 10:54 - 2016-03-25 10:54 - 00094377 _____ C:\Users\Oliveira\Desktop\Jonnycezar.pdf
2016-03-24 22:52 - 2016-03-24 22:56 - 04183896 _____ (Reistance Team, Inc. ) C:\Users\Oliveira\Downloads\Setup Resistance.exe
2016-03-24 22:50 - 2016-01-19 14:18 - 00705584 ____N (Microsoft Corporation) C:\Users\Oliveira\Downloads\kernel32.dll
2016-03-24 22:49 - 2015-07-16 13:48 - 00001925 ____N C:\Users\Oliveira\Downloads\README.txt
2016-03-24 22:48 - 2016-03-24 22:48 - 00343816 _____ C:\Users\Oliveira\Downloads\kernel32.zip
2016-03-24 17:06 - 2016-03-24 17:07 - 00000000 ____D C:\Users\Oliveira\Downloads\Launcher
2016-03-24 13:14 - 2016-03-24 13:14 - 00161588 _____ C:\Users\Oliveira\Downloads\Grand Chase Cash.torrent
2016-03-24 11:48 - 2016-03-22 18:07 - 00084875 _____ C:\Users\Oliveira\Downloads\Star.Wars.Episode.VII.The.Force.Awakens.2015.720p.BluRay.x264-Replica.srt
2016-03-24 11:48 - 2016-03-22 18:07 - 00084875 _____ C:\Users\Oliveira\Downloads\Star.Wars.Episode.VII.The.Force.Awakens.2015.1080p.BluRay.x264-Replica.srt
2016-03-24 11:48 - 2016-03-22 17:44 - 00084877 _____ C:\Users\Oliveira\Downloads\Star.Wars.Episode.VII.The.Force.Awakens.2015.BluRay-BRRip.srt
2016-03-24 11:48 - 2016-03-22 17:44 - 00084877 _____ C:\Users\Oliveira\Downloads\Star.Wars.Episode.VII.The.Forc. Awakens.2015.720p.BluRay.H264.AAC-RARBG.srt
2016-03-24 11:48 - 2015-12-28 21:36 - 00084818 _____ C:\Users\Oliveira\Downloads\Star Wars The Force Awakens 2015 UNMARKED HDCAM x264 HQMic-CPG.srt
2016-03-24 11:47 - 2016-03-24 11:47 - 00196473 _____ C:\Users\Oliveira\Downloads\Star.Wars_.Episode.VII_1.zip
2016-03-23 23:35 - 2016-03-24 11:50 - 00000000 ____D C:\Users\Oliveira\Desktop\Star.Wars.Episode.VII.The.Force.Awakens.2015.1080p.BluRay.H264.AAC-RARBG
2016-03-23 13:56 - 2016-03-23 13:59 - 00000000 ____D C:\Program Files\Windows Live
2016-03-23 13:42 - 2016-03-23 13:42 - 00000000 ____D C:\Users\Oliveira\AppData\Local\Windows Live
2016-03-23 13:37 - 2016-03-23 13:37 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2016-03-23 11:41 - 2016-03-23 11:41 - 00000000 ____D C:\Users\Oliveira\Documents\Updater
2016-03-23 11:39 - 2016-03-23 11:39 - 00002055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2016-03-23 11:38 - 2016-03-23 11:38 - 00002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2016-03-23 11:38 - 2016-03-23 11:38 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2016-03-23 11:38 - 2016-03-23 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-03-23 11:38 - 2016-03-23 11:38 - 00000000 ____D C:\Program Files\Common Files\Adobe Systems Shared
2016-03-23 11:37 - 2016-03-23 11:37 - 00002015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk
2016-03-23 11:37 - 2016-03-23 11:37 - 00002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk
2016-03-23 11:30 - 2016-03-23 11:30 - 00000000 ____D C:\PhSp_CS2_UE_Ret
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-21 10:54 - 2015-11-17 23:49 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\uTorrent
2016-04-21 10:52 - 2015-11-16 18:04 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-21 10:30 - 2009-07-14 01:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-21 10:30 - 2009-07-14 01:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-21 10:24 - 2016-02-09 12:15 - 00000000 ___SD C:\Users\Oliveira\AppData\LocalLow\Temp
2016-04-21 10:23 - 2015-11-16 18:04 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-21 10:22 - 2015-11-18 00:45 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-04-21 10:22 - 2015-11-18 00:45 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-21 10:22 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-20 23:14 - 2016-01-28 00:40 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\PhotoScape
2016-04-20 23:14 - 2015-11-19 01:49 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\DAEMON Tools Lite
2016-04-20 23:14 - 2015-11-18 08:58 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\BitTorrent
2016-04-20 23:14 - 2015-11-17 23:37 - 00000000 ____D C:\Windows\Minidump
2016-04-20 23:14 - 2009-08-26 23:28 - 00000000 ____D C:\Windows\Panther
2016-04-20 23:14 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-04-20 22:49 - 2016-03-08 12:27 - 00017845 _____ C:\Users\Oliveira\Documents\RETIRO.xlsx
2016-04-20 22:16 - 2015-11-16 18:04 - 00002026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-20 22:16 - 2015-11-16 18:04 - 00002014 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-20 22:16 - 2009-08-27 00:35 - 00001819 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-19 19:33 - 2015-11-17 19:26 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-04-19 19:33 - 2015-11-17 19:26 - 00000000 ____D C:\ProgramData\GbPlugin
2016-04-14 18:29 - 2015-11-19 01:16 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2016-04-14 18:28 - 2015-11-19 01:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-04-09 13:44 - 2016-01-20 22:45 - 00000000 ____D C:\Users\Oliveira\AppData\Local\The Witcher
2016-04-06 09:05 - 2009-07-14 01:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-24 22:47 - 2016-01-02 12:55 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\Adobe
2016-03-24 16:55 - 2016-01-02 15:50 - 00000000 ____D C:\Windows\system32\directx
2016-03-23 21:24 - 2009-07-14 01:33 - 00348640 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-23 13:55 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-23 13:25 - 2009-08-26 23:40 - 00086936 _____ C:\Users\Oliveira\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-23 13:24 - 2015-11-18 14:14 - 00000000 ____D C:\Users\Oliveira\AppData\Local\Adobe
2016-03-23 11:40 - 2015-11-20 02:29 - 00000000 ____D C:\Program Files\Adobe
2016-03-23 11:38 - 2015-11-20 02:29 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-03-23 11:35 - 2015-11-20 02:29 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-03-23 11:35 - 2015-11-20 02:29 - 00000000 ____D C:\ProgramData\Adobe
==================== Arquivos na raiz de alguns diretórios =======
2016-04-20 21:38 - 2016-04-20 21:41 - 0001300 _____ () C:\Users\Oliveira\AppData\Roaming\Bubble Dock.boostrap.log
2016-04-20 21:39 - 2016-04-20 21:39 - 0005732 _____ () C:\Users\Oliveira\AppData\Roaming\Bubble Dock.installation.log
2016-04-20 21:48 - 2016-04-20 21:48 - 0118597 _____ () C:\Users\Oliveira\AppData\Roaming\inst.lat
2016-04-20 21:48 - 2016-04-20 21:48 - 0011568 _____ () C:\Users\Oliveira\AppData\Roaming\InstallationConfiguration.xml
2016-04-20 21:48 - 2016-04-20 21:48 - 0127488 _____ () C:\Users\Oliveira\AppData\Roaming\Installer.dat
2016-01-10 16:38 - 2016-01-10 16:38 - 0045270 _____ () C:\Users\Oliveira\AppData\Roaming\room_v3.dat
2016-04-20 21:41 - 2016-04-20 21:41 - 0000078 _____ () C:\Users\Oliveira\AppData\Roaming\Selection Tools.installation.log
2016-04-20 21:49 - 2016-04-19 06:10 - 1747456 _____ () C:\Users\Oliveira\AppData\Roaming\service.exe
2016-04-21 10:24 - 2016-04-21 10:24 - 2783744 _____ (TODO: ) C:\Users\Oliveira\AppData\Roaming\svrupg.exe
2016-04-20 21:38 - 2016-04-20 21:38 - 0000097 _____ () C:\Users\Oliveira\AppData\Roaming\WindApp.boostrap.log
2016-04-20 21:39 - 2016-04-20 21:39 - 0000078 _____ () C:\Users\Oliveira\AppData\Roaming\WindApp.installation.log
2016-01-13 17:43 - 2016-01-13 17:43 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-04-20 21:50 - 2016-04-19 12:50 - 1917440 _____ () C:\ProgramData\msiql.exe
2016-04-20 21:49 - 2016-04-19 06:10 - 1747456 _____ () C:\ProgramData\service.exe
2016-04-20 22:31 - 2016-04-20 22:13 - 0071844 _____ () C:\ProgramData\YSIns.exe
Arquivos para serem movidos ou deletados:
====================
C:\Users\Oliveira\AppData\Local\Temp\RLLMSEMXG\4AR10ESYF.exe
C:\ProgramData\msiql.exe
C:\ProgramData\service.exe
C:\ProgramData\YSIns.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\service.exe
C:\Users\Todos os Usuários\YSIns.exe
Alguns arquivos em TEMP:
====================
C:\Users\Oliveira\AppData\Local\Temp\23333.exe
C:\Users\Oliveira\AppData\Local\Temp\30E4OOPZFY.exe
C:\Users\Oliveira\AppData\Local\Temp\5G5P1IGFWB.exe
C:\Users\Oliveira\AppData\Local\Temp\ads.exe
C:\Users\Oliveira\AppData\Local\Temp\appstart.exe
C:\Users\Oliveira\AppData\Local\Temp\CodecFixDivx.exe
C:\Users\Oliveira\AppData\Local\Temp\dxdiag.exe
C:\Users\Oliveira\AppData\Local\Temp\HIXHNSUM1N.exe
C:\Users\Oliveira\AppData\Local\Temp\MediaPlayer__11427_il66746.exe
C:\Users\Oliveira\AppData\Local\Temp\msconfig.exe
C:\Users\Oliveira\AppData\Local\Temp\N2KCXRH2YQ.exe
C:\Users\Oliveira\AppData\Local\Temp\ZIXUCVBDWG.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => MD5 é legítimo
C:\Windows\system32\winlogon.exe => MD5 é legítimo
C:\Windows\system32\wininit.exe => MD5 é legítimo
C:\Windows\system32\svchost.exe => MD5 é legítimo
C:\Windows\system32\services.exe => MD5 é legítimo
C:\Windows\system32\User32.dll => MD5 é legítimo
C:\Windows\system32\userinit.exe => MD5 é legítimo
C:\Windows\system32\rpcss.dll => MD5 é legítimo
C:\Windows\system32\dnsapi.dll
[2009-07-13 20:12] - [2009-07-13 20:12] - 0269824 ____A (Microsoft Corporation) 73FE8A04EB3C3D8144DF0057B53C0362
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-04-18 14:37
==================== Fim de FRST.txt ============================
Executado por Oliveira (administrador) em OLIVEIRA-PC (21-04-2016 10:52:45)
Executando a partir de C:\Users\Oliveira\Downloads
Perfis Carregados: Oliveira (Perfis Disponíveis: Oliveira)
Platform: Microsoft Windows 7 Professional (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Users\Oliveira\AppData\Roaming\Byknog\Byknog.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(BitTorrent Inc.) C:\Users\Oliveira\AppData\Roaming\uTorrent\uTorrent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(BitTorrent Inc.) C:\Users\Oliveira\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
(BitTorrent Inc.) C:\Users\Oliveira\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Users\Oliveira\AppData\Roaming\Byknog\Ejihp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1409024 2009-05-18] (VIA)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-10-13] (NVIDIA Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3280728 2015-11-18] (Disc Soft Ltd)
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [Autodesk Sync] => [X]
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [uTorrent] => C:\Users\Oliveira\AppData\Roaming\uTorrent\uTorrent.exe [1959424 2016-04-08] (BitTorrent Inc.)
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [644240 2016-02-26] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [YeaInstaller] => C:\Users\Oliveira\AppData\Local\Temp\RLLMSEMXG\4AR10ESYF.exe [1970176 2016-04-20] (TZ) <===== ATENÇÃO
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6667992 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [msiql] => c:\programdata\msiql.exe [1917440 2016-04-19] ()
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /AUTORUN
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\MountPoints2: {479921a3-8e36-11e5-bf46-002511bb67ad} - E:\autorun.exe
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\...\MountPoints2: {7f1514c0-92b1-11de-ba41-806e6f6e6963} - D:\Setup.EXE
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
Startup: C:\Users\Oliveira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-03-23]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{e29ac6c2-7037-11de-816d-806e6f6e6963}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{F81343E8-F12B-4BDC-8C9D-019B3A58D9FD}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{F81343E8-F12B-4BDC-8C9D-019B3A58D9FD}: [DhcpNameServer] 192.168.25.1
Internet Explorer:
==================
HKU\S-1-5-21-3076563551-2281750584-17098177-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com.br/
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
FireFox:
========
FF ProfilePath: C:\Users\Oliveira\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF NewTab: hxxp://www.yessearches.com/?ts=AHEqAH4tC3MmAk..&v=20160419&uid=39B4BF4C1674D785D64090874B9BB10C&ptid=wak&mode=ffseng
FF DefaultSearchEngine: yessearches
FF SelectedSearchEngine: yessearches
FF Homepage: search.mpc.am
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [Nenhum Arquivo]
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [Nenhum Arquivo]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Oliveira\AppData\Roaming\Mozilla\Firefox\Profiles\thfflhnh.default\user.js [2016-04-20]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2008-05-29] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Oliveira\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\DD1B66D4.xml [2016-04-20]
FF Extension: GsearchFinder - C:\Users\Oliveira\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi [2016-04-20]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-branding.js [2008-05-29]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-l10n.js [2008-05-29]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox.js [2008-05-29]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\reporter.js [2008-05-29]
Chrome:
=======
CHR HomePage: Default -> search.mpc.am
CHR Profile: C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2009-09-15]
CHR Extension: (Google Docs) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2009-09-15]
CHR Extension: (Google Drive) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-27]
CHR Extension: (YouTube) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-27]
CHR Extension: (Google Search) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-27]
CHR Extension: (Planilhas do Google) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2009-09-15]
CHR Extension: (Documentos Google off-line) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-16]
CHR Extension: (Video DownloadHelper) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2016-01-25]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (No BBB) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\pffipagakjgfndljjpkbdpoimojmgjca [2016-02-10]
CHR Extension: (Gmail) - C:\Users\Oliveira\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-27]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-03-23] (Adobe Systems) [Arquivo não assinado]
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Appinfo; C:\Windows\System32\appinfo.dll [46592 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [149504 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [473088 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [473088 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 BFE; C:\Windows\System32\bfe.dll [493568 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 BITS; C:\Windows\System32\qmgr.dll [589312 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 Browser; C:\Windows\System32\browser.dll [102400 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 bthserv; C:\Windows\system32\bthserv.dll [64512 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [135680 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 CscService; C:\Windows\System32\cscsvc.dll [544256 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [376320 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [253440 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1081688 2015-11-18] (Disc Soft Ltd)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 DPS; C:\Windows\system32\dps.dll [143360 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 EFS; C:\Windows\System32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [557056 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 ehSched; C:\Windows\ehome\ehsched.exe [94720 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1086464 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 EventSystem; C:\Windows\system32\es.dll [271360 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Fax; C:\Windows\system32\fxssvc.exe [522752 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 fdPHost; C:\Windows\system32\fdPHost.dll [12800 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 FDResPub; C:\Windows\system32\fdrespub.dll [28160 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 FontCache; C:\Windows\system32\FntCache.dll [797696 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2015-10-13] (NVIDIA Corporation)
S2 GoogleChromeUpService; C:\ProgramData\service.exe [1747456 2016-04-19] () [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2783744 2016-04-21] (TODO: ) [Arquivo não assinado]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [591360 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 hidserv; C:\Windows\system32\hidserv.dll [49152 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [71168 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [194560 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [165376 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 IKEEXT; C:\Windows\System32\ikeext.dll [667136 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [78848 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [497152 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 KeyIso; C:\Windows\system32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [308736 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [168448 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [84480 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [67584 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 MMCSS; C:\Windows\system32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [565760 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [114688 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 msiserver; C:\Windows\System32\msiexec.exe [73216 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 napagent; C:\Windows\system32\qagentRT.dll [330240 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Netlogon; C:\Windows\system32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [242688 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 nsi; C:\Windows\system32\nsisvc.dll [19456 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-10-13] (NVIDIA Corporation)
R2 Nymlucirio; C:\Users\Oliveira\AppData\Roaming\Byknog\Byknog.exe [174472 2016-04-17] ()
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 p2psvc; C:\Windows\system32\p2psvc.dll [327680 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 PcaSvc; C:\Windows\System32\pcasvc.dll [154624 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1004544 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 pla; C:\Windows\system32\pla.dll [1508864 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [294400 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [20480 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350720 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Power; C:\Windows\system32\umpo.dll [119808 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [162816 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 ProtectedStorage; C:\Windows\system32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 RasMan; C:\Windows\System32\rasmans.dll [285184 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [112640 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 RpcLocator; C:\Windows\system32\locator.exe [9216 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 RpcSs; C:\Windows\system32\rpcss.dll [376320 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 SamSs; C:\Windows\system32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [146576 2016-02-26] (Sandboxie Holdings, LLC)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Schedule; C:\Windows\system32\schedsvc.dll [743424 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [25088 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [99328 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Spooler; C:\Windows\System32\spoolsv.exe [316416 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3179520 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [53760 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [90112 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 StiSvc; C:\Windows\System32\wiaservc.dll [462336 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 StorSvc; C:\Windows\system32\storsvc.dll [16384 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 SysMain; C:\Windows\system32\sysmain.dll [1169408 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [73728 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [241664 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 TermService; C:\Windows\System32\termsrv.dll [543232 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [35840 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 UmRdpService; C:\Windows\System32\umrdp.dll [154624 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 VaultSvc; C:\Windows\system32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 vds; C:\Windows\System32\vds.exe [452608 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 VSS; C:\Windows\system32\vssvc.exe [1025536 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 W32Time; C:\Windows\system32\w32time.dll [288768 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 wbengine; C:\Windows\system32\wbengine.exe [1202688 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276480 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [76288 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [76288 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WebClient; C:\Windows\System32\webclnt.dll [202240 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [147968 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [348672 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [168960 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [1175040 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1121280 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [84480 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [428032 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 wuauserv; C:\Windows\system32\wuaueng.dll [1912832 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [64512 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [185856 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S2 BugreportW; "C:\Program Files\yesbnd\jefish.exe" {154DFF63-3402-4815-941A-AAD63AE8B428} [X]
S2 clcmanagersrv; "C:\Program Files\Clcegh\clcmanagersrv.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 1394ohci; C:\Windows\system32\DRIVERS\1394ohci.sys [163328 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 AcpiPmi; C:\Windows\system32\DRIVERS\acpipmi.sys [9728 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 AFD; C:\Windows\system32\drivers\afd.sys [338944 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [55296 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [52736 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2008-10-16] (Atheros Communications, Inc.) [Arquivo não assinado]
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Broadcom Corporation) [Arquivo não assinado]
S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Broadcom Corporation) [Arquivo não assinado]
R1 Beep; C:\Windows\system32\Drivers\Beep.sys [6144 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Brother Industries, Ltd.) [Arquivo não assinado]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Brother Industries, Ltd.) [Arquivo não assinado]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-13] (Brother Industries Ltd.) [Arquivo não assinado]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Brother Industries Ltd.) [Arquivo não assinado]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Brother Industries Ltd.) [Arquivo não assinado]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Brother Industries Ltd.) [Arquivo não assinado]
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [56320 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [62272 2016-04-17] () [Arquivo não assinado]
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [37888 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [14080 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [31232 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 CSC; C:\Windows\System32\drivers\csc.sys [387584 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5120 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2015-11-19] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [39992 2015-11-19] (Disc Soft Ltd)
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [720896 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Broadcom Corporation) [Arquivo não assinado]
S3 ErrDev; C:\Windows\system32\DRIVERS\errdev.sys [7168 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 exfat; C:\Windows\system32\Drivers\exfat.sys [142336 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 fastfat; C:\Windows\system32\Drivers\fastfat.sys [148480 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 fdc; C:\Windows\System32\DRIVERS\fdc.sys [25088 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [19968 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [49496 2015-09-03] (GAS Tecnologia)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-13] (Hauppauge Computer Works, Inc.) [Arquivo não assinado]
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [304128 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [108544 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [21504 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [91136 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [37888 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513024 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [80896 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [4569088 2009-02-26] (Intel Corporation) [Arquivo não assinado]
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [65536 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [28160 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [86528 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [115712 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123392 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [221184 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [95744 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [12288 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2015-11-22] (GAS Tecnologia)
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [45568 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 NDProxy; C:\Windows\system32\Drivers\NDProxy.sys [48128 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 Npfs; C:\Windows\system32\Drivers\Npfs.sys [35328 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 Null; C:\Windows\system32\Drivers\Null.sys [4608 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2015-10-13] (NVIDIA Corporation)
S3 ohci1394; C:\Windows\system32\DRIVERS\ohci1394.sys [62464 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 Parport; C:\Windows\System32\DRIVERS\parport.sys [79360 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 Parvdm; C:\Windows\System32\DRIVERS\parvdm.sys [8704 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [52224 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [241664 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [18944 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [133120 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [177152 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [5632 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [176784 2016-02-26] (Sandboxie Holdings, LLC)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113984 2015-04-07] (Power Software Ltd)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Arquivo não assinado]
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [17920 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [83456 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [19968 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 sffdisk; C:\Windows\system32\DRIVERS\sffdisk.sys [11264 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 sffp_mmc; C:\Windows\system32\DRIVERS\sffp_mmc.sys [12288 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 sffp_sd; C:\Windows\system32\DRIVERS\sffp_sd.sys [12800 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [13824 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2016-02-28] (Duplex Secure Ltd.)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [309760 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [306688 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [113664 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [34816 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [17920 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24064 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74240 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [30208 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [39936 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [8192 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [75264 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 usbcir; C:\Windows\system32\DRIVERS\usbcir.sys [86016 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [41472 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 usbohci; C:\Windows\system32\DRIVERS\usbohci.sys [20480 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [35840 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [74752 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [24064 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 ViaC7; C:\Windows\system32\DRIVERS\viac7.sys [52736 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1047552 2009-05-08] (VIA Technologies, Inc.) [Arquivo não assinado]
S3 VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [17920 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [19968 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [21632 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [34944 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WmiAcpi; C:\Windows\system32\DRIVERS\wmiacpi.sys [11264 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [92672 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [132224 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
U3 a9ycuq7b; C:\Windows\system32\Drivers\a9ycuq7b.sys [0 ] (Advanced Micro Devices) <==== ATENÇÃO (zero byte Arquivo/Pasta)
S0 gbpddreg; system32\drivers\gbpddreg32.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [X]
S3 gkernel; \??\C:\Users\Oliveira\AppData\Local\Temp\gkernel.sys [X]
S0 MPCBase; System32\drivers\MPCBase.sys [X]
S1 MPCKpt; system32\DRIVERS\MPCKpt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-21 10:52 - 2016-04-21 10:53 - 00048099 _____ C:\Users\Oliveira\Downloads\FRST.txt
2016-04-21 10:52 - 2016-04-21 10:52 - 01726464 _____ (Farbar) C:\Users\Oliveira\Downloads\FRST.exe
2016-04-21 10:52 - 2016-04-21 10:52 - 00000000 ____D C:\FRST
2016-04-21 10:51 - 2016-04-21 10:51 - 02375680 _____ (Farbar) C:\Users\Oliveira\Downloads\FRST64.exe
2016-04-21 10:25 - 2016-04-21 10:25 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-04-21 10:25 - 2016-04-21 10:25 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-04-21 10:25 - 2016-04-21 10:25 - 00000000 ____D C:\Program Files\osTip
2016-04-21 10:24 - 2016-04-21 10:24 - 02783744 _____ (TODO: ) C:\Users\Oliveira\AppData\Roaming\svrupg.exe
2016-04-21 10:24 - 2016-04-21 10:24 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-04-21 10:24 - 2016-04-21 10:24 - 00000000 ____D C:\ProgramData\Windows Update
2016-04-20 23:12 - 2016-04-20 23:12 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-20 23:12 - 2016-04-20 23:12 - 00000000 ____D C:\Program Files\CCleaner
2016-04-20 23:02 - 2016-04-20 23:03 - 06868672 _____ (Piriform Ltd) C:\Users\Oliveira\Downloads\ccsetup516.exe
2016-04-20 22:31 - 2016-04-20 22:13 - 00071844 _____ C:\Users\Todos os Usuários\YSIns.exe
2016-04-20 22:31 - 2016-04-20 22:13 - 00071844 _____ C:\ProgramData\YSIns.exe
2016-04-20 22:28 - 2016-04-20 22:28 - 00000000 ____D C:\Windows\system32\abal
2016-04-20 22:06 - 2016-04-20 22:07 - 00000908 _____ C:\Windows\system32\${LOGFILE}
2016-04-20 21:59 - 2016-04-20 21:59 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\MCorp
2016-04-20 21:55 - 2016-04-20 21:55 - 00000000 ____D C:\Users\Oliveira\AppData\Local\tuto_monetize_220160420
2016-04-20 21:50 - 2016-04-20 21:50 - 04193376 ____T C:\Windows\system32\mfs5DE5.tmp
2016-04-20 21:50 - 2016-04-20 21:50 - 03735062 ____T C:\Windows\system32\mfs4AA1.tmp
2016-04-20 21:50 - 2016-04-20 21:50 - 00655174 ____T C:\Windows\system32\mfsC8D0.tmp
2016-04-20 21:50 - 2016-04-20 21:50 - 00000000 ____T C:\Windows\system32\mfsB732.tmp
2016-04-20 21:50 - 2016-04-20 21:50 - 00000000 ____T C:\Windows\system32\mfs80B5.tmp
2016-04-20 21:50 - 2016-04-20 21:50 - 00000000 ____T C:\Windows\system32\mfs5E35.tmp
2016-04-20 21:50 - 2016-04-20 21:50 - 00000000 ____T C:\Windows\system32\mfs5E24.tmp
2016-04-20 21:50 - 2016-04-20 21:50 - 00000000 ____D C:\Users\Oliveira\AppData\Local\tuto_monetize_120160420
2016-04-20 21:50 - 2016-04-19 12:50 - 01917440 _____ C:\Users\Todos os Usuários\msiql.exe
2016-04-20 21:50 - 2016-04-19 12:50 - 01917440 _____ C:\ProgramData\msiql.exe
2016-04-20 21:49 - 2016-04-20 22:24 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\Byknog
2016-04-20 21:49 - 2016-04-20 21:49 - 09305089 ____T C:\Windows\system32\mfs5D1A.tmp
2016-04-20 21:49 - 2016-04-20 21:49 - 06290227 ____T C:\Windows\system32\mfsD15A.tmp
2016-04-20 21:49 - 2016-04-20 21:49 - 05896089 ____T C:\Windows\system32\mfs529E.tmp
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____T C:\Windows\system32\mfsBA9D.tmp
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____T C:\Windows\system32\mfs8288.tmp
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____T C:\Windows\system32\mfs6A75.tmp
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____D C:\Users\Oliveira\AppData\LocalLow\Company
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____D C:\Users\Oliveira\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____D C:\Users\Oliveira\AppData\Local\Tempfolder
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____D C:\Users\Oliveira\AppData\Local\csdi_monetize_220160420
2016-04-20 21:49 - 2016-04-20 21:49 - 00000000 ____D C:\uninst
2016-04-20 21:49 - 2016-04-19 06:10 - 01747456 _____ C:\Users\Todos os Usuários\service.exe
2016-04-20 21:49 - 2016-04-19 06:10 - 01747456 _____ C:\Users\Oliveira\AppData\Roaming\service.exe
2016-04-20 21:49 - 2016-04-19 06:10 - 01747456 _____ C:\ProgramData\service.exe
2016-04-20 21:48 - 2016-04-20 21:49 - 00000000 ____T C:\Windows\system32\mfsB20.tmp
2016-04-20 21:48 - 2016-04-20 21:48 - 00127488 _____ C:\Users\Oliveira\AppData\Roaming\Installer.dat
2016-04-20 21:48 - 2016-04-20 21:48 - 00118597 _____ C:\Users\Oliveira\AppData\Roaming\inst.lat
2016-04-20 21:48 - 2016-04-20 21:48 - 00011568 _____ C:\Users\Oliveira\AppData\Roaming\InstallationConfiguration.xml
2016-04-20 21:48 - 2016-04-20 21:48 - 00000000 ____D C:\Users\Todos os Usuários\8878513e-63f3-1
2016-04-20 21:48 - 2016-04-20 21:48 - 00000000 ____D C:\Users\Todos os Usuários\8878513e-1bd5-0
2016-04-20 21:48 - 2016-04-20 21:48 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-04-20 21:48 - 2016-04-20 21:48 - 00000000 ____D C:\ProgramData\8878513e-63f3-1
2016-04-20 21:48 - 2016-04-20 21:48 - 00000000 ____D C:\ProgramData\8878513e-1bd5-0
2016-04-20 21:47 - 2016-04-20 21:47 - 00000000 ____D C:\Users\Oliveira\AppData\Local\csdi_monetize_320160420
2016-04-20 21:41 - 2016-04-20 22:14 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\WTools
2016-04-20 21:40 - 2016-04-20 22:18 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\Store
2016-04-20 21:39 - 2016-04-20 22:07 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\Nosibay
2016-04-20 21:32 - 2016-04-20 21:35 - 00000000 ____D C:\Users\Oliveira\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-20 21:31 - 2016-04-20 21:42 - 00000000 ____D C:\Windows\system32\SSL
2016-04-20 21:29 - 2016-04-20 21:30 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-20 21:29 - 2016-04-20 21:29 - 02744087 _____ C:\Windows\chromebrowser.exe
2016-04-20 09:34 - 2016-04-21 10:24 - 00000000 ____D C:\Users\Oliveira\AppData\LocalLow\uTorrent
2016-04-17 06:40 - 2016-04-17 06:40 - 00062272 _____ C:\Windows\system32\Drivers\cherimoya.sys
2016-04-14 23:04 - 2016-04-14 23:04 - 00000000 ____D C:\Originals
2016-04-14 21:54 - 2016-04-20 22:49 - 00017845 _____ C:\Users\Oliveira\Downloads\RETIRO.xlsx
2016-04-14 18:32 - 2016-04-20 23:14 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\MPC-HC
2016-04-14 18:26 - 2016-04-14 18:26 - 37895108 _____ ( ) C:\Users\Oliveira\Downloads\K-Lite_Codec_Pack_1180_Full.exe
2016-04-14 15:06 - 2016-04-14 15:14 - 00000000 ____D C:\Users\Oliveira\Desktop\Star Wars - O Despertar da Força 2016 [1080p] WWW.BLUDV.COM
2016-04-06 13:11 - 2016-04-06 13:11 - 00112112 _____ C:\Users\Oliveira\Downloads\escalonamento_matricula_prosel_2016_1.pdf
2016-04-06 13:02 - 2016-04-06 13:02 - 00239446 _____ C:\Users\Oliveira\Downloads\relacao_documentos_prosel_2016_1.pdf
2016-04-01 22:47 - 2016-04-20 22:49 - 00017845 _____ C:\RETIRO.xlsx
2016-03-30 20:57 - 2016-03-30 20:57 - 04571734 _____ C:\Users\Oliveira\Desktop\PROJETO LIVE E MARCELO.psd
2016-03-30 17:12 - 2016-04-14 23:01 - 00015360 ____H C:\Users\Oliveira\Desktop\photothumb.db
2016-03-30 12:32 - 2016-03-30 12:32 - 00262620 _____ C:\Users\Oliveira\Downloads\isencao161_resultado_final.pdf
2016-03-25 15:26 - 2016-03-25 15:26 - 00000000 ___RD C:\Sandbox
2016-03-25 15:25 - 2016-04-16 23:09 - 00001546 _____ C:\Windows\Sandboxie.ini
2016-03-25 15:25 - 2016-03-25 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-03-25 15:25 - 2016-03-25 15:25 - 00000000 ____D C:\Program Files\Sandboxie
2016-03-25 15:24 - 2016-03-25 15:25 - 08584848 _____ (Sandboxie Holdings, LLC) C:\Users\Oliveira\Downloads\SandboxieInstall.exe
2016-03-25 14:21 - 2016-03-25 14:21 - 00161588 _____ C:\Users\Oliveira\Downloads\Grand Chase Cash (1).torrent
2016-03-25 10:56 - 2016-03-25 10:56 - 00094377 _____ C:\Users\Oliveira\Desktop\SQ.pdf
2016-03-25 10:54 - 2016-03-25 10:54 - 00094377 _____ C:\Users\Oliveira\Desktop\Jonnycezar.pdf
2016-03-24 22:52 - 2016-03-24 22:56 - 04183896 _____ (Reistance Team, Inc. ) C:\Users\Oliveira\Downloads\Setup Resistance.exe
2016-03-24 22:50 - 2016-01-19 14:18 - 00705584 ____N (Microsoft Corporation) C:\Users\Oliveira\Downloads\kernel32.dll
2016-03-24 22:49 - 2015-07-16 13:48 - 00001925 ____N C:\Users\Oliveira\Downloads\README.txt
2016-03-24 22:48 - 2016-03-24 22:48 - 00343816 _____ C:\Users\Oliveira\Downloads\kernel32.zip
2016-03-24 17:06 - 2016-03-24 17:07 - 00000000 ____D C:\Users\Oliveira\Downloads\Launcher
2016-03-24 13:14 - 2016-03-24 13:14 - 00161588 _____ C:\Users\Oliveira\Downloads\Grand Chase Cash.torrent
2016-03-24 11:48 - 2016-03-22 18:07 - 00084875 _____ C:\Users\Oliveira\Downloads\Star.Wars.Episode.VII.The.Force.Awakens.2015.720p.BluRay.x264-Replica.srt
2016-03-24 11:48 - 2016-03-22 18:07 - 00084875 _____ C:\Users\Oliveira\Downloads\Star.Wars.Episode.VII.The.Force.Awakens.2015.1080p.BluRay.x264-Replica.srt
2016-03-24 11:48 - 2016-03-22 17:44 - 00084877 _____ C:\Users\Oliveira\Downloads\Star.Wars.Episode.VII.The.Force.Awakens.2015.BluRay-BRRip.srt
2016-03-24 11:48 - 2016-03-22 17:44 - 00084877 _____ C:\Users\Oliveira\Downloads\Star.Wars.Episode.VII.The.Forc. Awakens.2015.720p.BluRay.H264.AAC-RARBG.srt
2016-03-24 11:48 - 2015-12-28 21:36 - 00084818 _____ C:\Users\Oliveira\Downloads\Star Wars The Force Awakens 2015 UNMARKED HDCAM x264 HQMic-CPG.srt
2016-03-24 11:47 - 2016-03-24 11:47 - 00196473 _____ C:\Users\Oliveira\Downloads\Star.Wars_.Episode.VII_1.zip
2016-03-23 23:35 - 2016-03-24 11:50 - 00000000 ____D C:\Users\Oliveira\Desktop\Star.Wars.Episode.VII.The.Force.Awakens.2015.1080p.BluRay.H264.AAC-RARBG
2016-03-23 13:56 - 2016-03-23 13:59 - 00000000 ____D C:\Program Files\Windows Live
2016-03-23 13:42 - 2016-03-23 13:42 - 00000000 ____D C:\Users\Oliveira\AppData\Local\Windows Live
2016-03-23 13:37 - 2016-03-23 13:37 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2016-03-23 11:41 - 2016-03-23 11:41 - 00000000 ____D C:\Users\Oliveira\Documents\Updater
2016-03-23 11:39 - 2016-03-23 11:39 - 00002055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2016-03-23 11:38 - 2016-03-23 11:38 - 00002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2016-03-23 11:38 - 2016-03-23 11:38 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2016-03-23 11:38 - 2016-03-23 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-03-23 11:38 - 2016-03-23 11:38 - 00000000 ____D C:\Program Files\Common Files\Adobe Systems Shared
2016-03-23 11:37 - 2016-03-23 11:37 - 00002015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk
2016-03-23 11:37 - 2016-03-23 11:37 - 00002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk
2016-03-23 11:30 - 2016-03-23 11:30 - 00000000 ____D C:\PhSp_CS2_UE_Ret
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-21 10:54 - 2015-11-17 23:49 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\uTorrent
2016-04-21 10:52 - 2015-11-16 18:04 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-21 10:30 - 2009-07-14 01:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-21 10:30 - 2009-07-14 01:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-21 10:24 - 2016-02-09 12:15 - 00000000 ___SD C:\Users\Oliveira\AppData\LocalLow\Temp
2016-04-21 10:23 - 2015-11-16 18:04 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-21 10:22 - 2015-11-18 00:45 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-04-21 10:22 - 2015-11-18 00:45 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-21 10:22 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-20 23:14 - 2016-01-28 00:40 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\PhotoScape
2016-04-20 23:14 - 2015-11-19 01:49 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\DAEMON Tools Lite
2016-04-20 23:14 - 2015-11-18 08:58 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\BitTorrent
2016-04-20 23:14 - 2015-11-17 23:37 - 00000000 ____D C:\Windows\Minidump
2016-04-20 23:14 - 2009-08-26 23:28 - 00000000 ____D C:\Windows\Panther
2016-04-20 23:14 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-04-20 22:49 - 2016-03-08 12:27 - 00017845 _____ C:\Users\Oliveira\Documents\RETIRO.xlsx
2016-04-20 22:16 - 2015-11-16 18:04 - 00002026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-20 22:16 - 2015-11-16 18:04 - 00002014 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-20 22:16 - 2009-08-27 00:35 - 00001819 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-19 19:33 - 2015-11-17 19:26 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-04-19 19:33 - 2015-11-17 19:26 - 00000000 ____D C:\ProgramData\GbPlugin
2016-04-14 18:29 - 2015-11-19 01:16 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2016-04-14 18:28 - 2015-11-19 01:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-04-09 13:44 - 2016-01-20 22:45 - 00000000 ____D C:\Users\Oliveira\AppData\Local\The Witcher
2016-04-06 09:05 - 2009-07-14 01:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-24 22:47 - 2016-01-02 12:55 - 00000000 ____D C:\Users\Oliveira\AppData\Roaming\Adobe
2016-03-24 16:55 - 2016-01-02 15:50 - 00000000 ____D C:\Windows\system32\directx
2016-03-23 21:24 - 2009-07-14 01:33 - 00348640 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-23 13:55 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-23 13:25 - 2009-08-26 23:40 - 00086936 _____ C:\Users\Oliveira\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-23 13:24 - 2015-11-18 14:14 - 00000000 ____D C:\Users\Oliveira\AppData\Local\Adobe
2016-03-23 11:40 - 2015-11-20 02:29 - 00000000 ____D C:\Program Files\Adobe
2016-03-23 11:38 - 2015-11-20 02:29 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-03-23 11:35 - 2015-11-20 02:29 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-03-23 11:35 - 2015-11-20 02:29 - 00000000 ____D C:\ProgramData\Adobe
==================== Arquivos na raiz de alguns diretórios =======
2016-04-20 21:38 - 2016-04-20 21:41 - 0001300 _____ () C:\Users\Oliveira\AppData\Roaming\Bubble Dock.boostrap.log
2016-04-20 21:39 - 2016-04-20 21:39 - 0005732 _____ () C:\Users\Oliveira\AppData\Roaming\Bubble Dock.installation.log
2016-04-20 21:48 - 2016-04-20 21:48 - 0118597 _____ () C:\Users\Oliveira\AppData\Roaming\inst.lat
2016-04-20 21:48 - 2016-04-20 21:48 - 0011568 _____ () C:\Users\Oliveira\AppData\Roaming\InstallationConfiguration.xml
2016-04-20 21:48 - 2016-04-20 21:48 - 0127488 _____ () C:\Users\Oliveira\AppData\Roaming\Installer.dat
2016-01-10 16:38 - 2016-01-10 16:38 - 0045270 _____ () C:\Users\Oliveira\AppData\Roaming\room_v3.dat
2016-04-20 21:41 - 2016-04-20 21:41 - 0000078 _____ () C:\Users\Oliveira\AppData\Roaming\Selection Tools.installation.log
2016-04-20 21:49 - 2016-04-19 06:10 - 1747456 _____ () C:\Users\Oliveira\AppData\Roaming\service.exe
2016-04-21 10:24 - 2016-04-21 10:24 - 2783744 _____ (TODO: ) C:\Users\Oliveira\AppData\Roaming\svrupg.exe
2016-04-20 21:38 - 2016-04-20 21:38 - 0000097 _____ () C:\Users\Oliveira\AppData\Roaming\WindApp.boostrap.log
2016-04-20 21:39 - 2016-04-20 21:39 - 0000078 _____ () C:\Users\Oliveira\AppData\Roaming\WindApp.installation.log
2016-01-13 17:43 - 2016-01-13 17:43 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-04-20 21:50 - 2016-04-19 12:50 - 1917440 _____ () C:\ProgramData\msiql.exe
2016-04-20 21:49 - 2016-04-19 06:10 - 1747456 _____ () C:\ProgramData\service.exe
2016-04-20 22:31 - 2016-04-20 22:13 - 0071844 _____ () C:\ProgramData\YSIns.exe
Arquivos para serem movidos ou deletados:
====================
C:\Users\Oliveira\AppData\Local\Temp\RLLMSEMXG\4AR10ESYF.exe
C:\ProgramData\msiql.exe
C:\ProgramData\service.exe
C:\ProgramData\YSIns.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\service.exe
C:\Users\Todos os Usuários\YSIns.exe
Alguns arquivos em TEMP:
====================
C:\Users\Oliveira\AppData\Local\Temp\23333.exe
C:\Users\Oliveira\AppData\Local\Temp\30E4OOPZFY.exe
C:\Users\Oliveira\AppData\Local\Temp\5G5P1IGFWB.exe
C:\Users\Oliveira\AppData\Local\Temp\ads.exe
C:\Users\Oliveira\AppData\Local\Temp\appstart.exe
C:\Users\Oliveira\AppData\Local\Temp\CodecFixDivx.exe
C:\Users\Oliveira\AppData\Local\Temp\dxdiag.exe
C:\Users\Oliveira\AppData\Local\Temp\HIXHNSUM1N.exe
C:\Users\Oliveira\AppData\Local\Temp\MediaPlayer__11427_il66746.exe
C:\Users\Oliveira\AppData\Local\Temp\msconfig.exe
C:\Users\Oliveira\AppData\Local\Temp\N2KCXRH2YQ.exe
C:\Users\Oliveira\AppData\Local\Temp\ZIXUCVBDWG.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => MD5 é legítimo
C:\Windows\system32\winlogon.exe => MD5 é legítimo
C:\Windows\system32\wininit.exe => MD5 é legítimo
C:\Windows\system32\svchost.exe => MD5 é legítimo
C:\Windows\system32\services.exe => MD5 é legítimo
C:\Windows\system32\User32.dll => MD5 é legítimo
C:\Windows\system32\userinit.exe => MD5 é legítimo
C:\Windows\system32\rpcss.dll => MD5 é legítimo
C:\Windows\system32\dnsapi.dll
[2009-07-13 20:12] - [2009-07-13 20:12] - 0269824 ____A (Microsoft Corporation) 73FE8A04EB3C3D8144DF0057B53C0362
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-04-18 14:37
==================== Fim de FRST.txt ============================