cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:13-06-2016
Executado por Paulo (administrador) em PAULO-PC (14-06-2016 19:28:54)
Executando a partir de C:\Users\Paulo\Desktop
Perfis Carregados: Paulo (Perfis Disponíveis: Paulo & Mcx1-PAULO-PC & DefaultAppPool)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: "C:\Program Files\Maxthon\Bin\Maxthon.exe" "%1")
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Microsoft Corporation) C:\ProgramData\Windows Security\winsecurity.exe
(Microsoft Corporation) C:\Users\Paulo\AppData\Roaming\XBox\XBLive.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\ProgramData\Microsoft\Network\Dsq\browser\syshostctl.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\MAXthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\MAXthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\MAXthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\MAXthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\MAXthon.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Skillbrains) C:\Program Files\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\MAXthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\MAXthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\MAXthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\MAXthon.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKU\S-1-5-21-2240306623-60622281-3918578315-1000\...\Run: [MzGameAccelerator] => C:\Program Files\Mz Ultimate Tools\Mz Game Accelerator\MzGameAccelerator.exe [316416 2010-12-18] (Mz Ultimate Tools)
HKU\S-1-5-21-2240306623-60622281-3918578315-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2240306623-60622281-3918578315-1000\...\MountPoints2: {fa177140-2b37-11e5-ae07-7071bc06e0f7} - E:\LGAutoRun.exe
AppInit_DLLs: d3dgearload.dll => C:\windows\system32\d3dgearload.dll [208896 2014-09-18] (D3DGear Technologies.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Paulo\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Paulo\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Paulo\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => Nenhum Arquivo
Startup: C:\Users\Paulo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stay Live 2000.lnk [2015-08-07]
ShortcutTarget: Stay Live 2000.lnk -> C:\Program Files\Software by Design\StayLive.exe (Gregory Braun -- Software Design)
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyEnable: [.DEFAULT] => Proxy está habilitado.
ProxyServer: [.DEFAULT] => http=127.0.0.1:3189;https=127.0.0.1:3189;
AutoConfigURL: [.DEFAULT] => http=127.0.0.1:3189;https=127.0.0.1:3189;
ProxyServer: [S-1-5-21-2240306623-60622281-3918578315-1000] => http=127.0.0.1:8080;https=127.0.0.1:8080
AutoConfigURL: [S-1-5-21-2240306623-60622281-3918578315-1000] => http=127.0.0.1:8080;https=127.0.0.1:8080
Winsock: Catalog5 07 C:\windows\system32\PrxerNsp.dll [84040 2015-03-28] ()
Winsock: Catalog5 08 C:\ProgramData\System32\SafeGuard32.dll [2771896 2016-04-05] ()
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{025FF533-BD95-4D83-86AA-83A6A99EBB9C}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{70FAB3A6-2764-4512-B30E-8C4F7452B1DF}: [DhcpNameServer] 192.168.1.254 0.0.0.0
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2240306623-60622281-3918578315-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/pt-br/?ocid=U218DHP&pc=U218
HKU\S-1-5-21-2240306623-60622281-3918578315-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11PTBR/WOL_WCP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2240306623-60622281-3918578315-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2240306623-60622281-3918578315-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2240306623-60622281-3918578315-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-24] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-24] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-14] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @raidcall.en/RCplugin -> C:\Users\Paulo\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-09-02] (Raidcall)
FF Plugin: @raidcall.tw/RCplugin -> C:\Users\Paulo\AppData\Roaming\RCTW\plugins\nprcplugin.dll [2013-06-25] (Raidcall)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2240306623-60622281-3918578315-1000: @mail.ru/GameCenter -> C:\Users\Paulo\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-2240306623-60622281-3918578315-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Paulo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2240306623-60622281-3918578315-1000: SkypePlugin -> C:\Users\Paulo\AppData\Local\SkypePlugin\7.5.0.123\npGatewayNpapi.dll [2015-07-17] (Skype Technologies S.A.)
FF user.js: detected! => C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\xgrqy1d4.default\user.js [2015-07-27]
FF user.js: detected! => C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js [2015-07-27]
FF Extension: Fasterfox - C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2016-03-06]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\adblockpopups@jessehakanen.net.xpi [2016-03-11]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\xgrqy1d4.default\Extensions\adblockpopups@jessehakanen.net.xpi [2016-03-11]
FF Extension: Come back "Block image from ad.sites" - C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\xgrqy1d4.default\Extensions\come.back.block.image.from@cat-in-136.blogspot.com.xpi [2016-03-11]
FF Extension: Cookies Export/import - C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\xgrqy1d4.default\Extensions\CookiesIE@yahoo.com.xpi [2015-06-16]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\xgrqy1d4.default\Extensions\elemhidehelper@adblockplus.org.xpi [2016-03-07]
FF Extension: Element Inspector - C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\xgrqy1d4.default\Extensions\InspectElement@zbinlin.xpi [2016-03-13]
FF Extension: Fasterfox - C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\xgrqy1d4.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2016-03-06]
FF Extension: Adblock Plus - C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\xgrqy1d4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-07]
FF Extension: GsearchFinder - C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi [2016-03-29]
FF Extension: Come back "Block image from ad.sites" - C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\come.back.block.image.from@cat-in-136.blogspot.com.xpi [2016-03-11]
FF Extension: Cookies Export/import - C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\CookiesIE@yahoo.com.xpi [2015-06-16]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\elemhidehelper@adblockplus.org.xpi [2016-03-07]
FF Extension: Element Inspector - C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\InspectElement@zbinlin.xpi [2016-03-13]
FF Extension: Adblock Plus - C:\Users\Paulo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-07]
FF HKU\S-1-5-21-2240306623-60622281-3918578315-1000\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files\DAP\DAPFireFox => não encontrado (a)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com.br/?gws_rd=ssl
CHR StartupUrls: Default -> "chrome://newtab/","hxxp://br.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_bxi01_15_31¶m1=1¶m2=f%3D7%26b%3DChrome%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyBtC0B0CtDyC0EtD0FyB0DtAzy0AtN0D0Tzu0StCtAtDtBtN1L2XzutAtFtCtBtFyDtFyCtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyCzz0EyEtD0C0BtBtGyCyD0DtBtG0DtB0AyDtGtC0C0E0CtG0D0DtDtBtB0E0Azyzy0BtD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyzztByBzytAtAtCtGzytCtCyCtGyE0ByEyEtGzzyCyE0AtGyByDyB0EtD0FyC0A0F0B0AyB2QtN0A0LzutBtN1B2Z1V1T1S1NzuzzzzyC%26cr%3D640163696%26a%3Dwncy_bxi01_15_31%26os%3DWindows%2B7%2BProfessional","hxxp://br.hao123.com/?tn=sdkp_inner_protection_04_hao123_br&guid=bfd549523ccc2cfe4d58ded33813e8e3","hxxp://www.hohosearch.com/?mode=nnnb&ptid=amz&uid=6C24722A23F1E0A9AA52041F9013419D&v=20160329&ts=AHEpCHUsAX8kBU.."
CHR Profile: C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (AdBlock) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-02]
CHR Extension: (Channel Sub Box for YouTube™) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhbmojliagbancdcmookpmaaoipjifmc [2015-07-27]
CHR Extension: (A User Finder for Facebook tool) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Default\Extensions\loindpnjhobmpflpacokkffaecemclgk [2015-09-16]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Late Night) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm [2015-07-27]
CHR Extension: (Gmail) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-27]
CHR Profile: C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Apresentações) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-28]
CHR Extension: (Google Docs) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-28]
CHR Extension: (Google Drive) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Planilhas do Google) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-28]
CHR Extension: (Documentos Google off-line) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-29]
CHR Extension: (A User Finder for Facebook tool) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\loindpnjhobmpflpacokkffaecemclgk [2015-09-17]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-08]
CHR Extension: (Gmail) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-28]
CHR Profile: C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Apresentações) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-27]
CHR Extension: (Google Docs) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-27]
CHR Extension: (Google Drive) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-27]
CHR Extension: (YouTube) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-27]
CHR Extension: (Google Search) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-27]
CHR Extension: (Planilhas do Google) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-27]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR Extension: (Gmail) - C:\Users\Paulo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-27]

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Paulo\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-03-25]
OPR Extension: (CyberGhost VPN - Free Proxy) - C:\Users\Paulo\AppData\Roaming\Opera Software\Opera Stable\Extensions\mapjiibffmopkdcncmaifgdjjiooifnn [2016-03-19]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S4 BASSVC; C:\Program Files\Baidu Security\MoboMarket\1.3.7.5967\bassvc.exe [208928 2015-04-22] (Baidu, Inc.)
S4 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [409304 2014-10-07] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-07] (BlueStack Systems, Inc.)
S4 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [782040 2014-10-07] (BlueStack Systems, Inc.)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [618920 2015-09-09] (cFos Software GmbH)
S4 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [Arquivo não assinado]
S4 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [Arquivo não assinado]
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1898504 2016-06-08] (LogMeIn Inc.)
R2 IISADMIN; C:\windows\system32\inetsrv\inetinfo.exe [13824 2009-07-13] (Microsoft Corporation)
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-11-17] (IObit)
S4 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [405424 2016-06-07] (LogMeIn, Inc.)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MSMQTriggers; C:\windows\system32\mqtgsvc.exe [126464 2010-11-20] (Microsoft Corporation)
S4 MustangService_2016.01.10.18.43.25; C:\Program Files\Mustang Browser\Mustang\bin\MusServer.exe [362584 2015-08-22] (Rafotech)
S4 RzKLService; C:\Program Files\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S4 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
S3 VSStandardCollectorService140; C:\Program Files\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [48872 2015-11-19] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WindowsSecurity; C:\ProgramData\Windows Security\winsecurity.exe [2121728 2016-05-27] (Microsoft Corporation) [Arquivo não assinado]
R2 XBox; C:\Users\Paulo\AppData\Roaming\XBox\XBLive.exe [5906904 2016-02-27] (Microsoft Corporation)
S4 BsrSvc; "C:\Program Files\PC Faster\5.1.0.0\System Repair\BsrSvc.exe" -service [X]
S4 SpyHunter 4 Service; não ImagePath

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R0 Bhbase; C:\windows\System32\drivers\Bhbase.sys [46440 2015-04-15] (Baidu, Inc.)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [112344 2014-10-07] (BlueStack Systems)
R1 cFosSpeed; C:\windows\System32\DRIVERS\cfosspeed6.sys [1426856 2015-09-09] (cFos Software GmbH)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
S3 EsgScanner; C:\windows\System32\DRIVERS\EsgScanner.sys [19984 2014-11-22] ()
R3 GUCI_AVS; C:\windows\System32\DRIVERS\GUCI_AVS.sys [598016 2009-06-23] (PixArt Imaging Incorporation)
R3 hamachi; C:\windows\System32\DRIVERS\hamachi.sys [27040 2016-03-22] (LogMeIn, Inc.)
R3 ManyCam; C:\windows\System32\DRIVERS\mcvidrv.sys [40736 2013-11-26] (Visicom Media Inc.)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [114904 2016-06-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\windows\System32\drivers\mcaudrv.sys [29728 2013-12-06] (Visicom Media Inc.)
R1 ndisrd; C:\windows\System32\DRIVERS\ndisrd.sys [37408 2014-08-14] (NT Kernel Resources)
S3 netr28u; C:\windows\System32\DRIVERS\netr28u.sys [1553608 2014-01-03] (Ralink Technology Corp.)
S3 RTL8187B; C:\windows\System32\DRIVERS\RTL8187B.sys [347136 2009-07-13] (Realtek Semiconductor Corporation )
R3 Serenum; C:\windows\System32\DRIVERS\nuvserenum.sys [17920 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\windows\System32\DRIVERS\nuvserial.sys [76288 2014-01-12] (Nuvoton Technology Corp.)
S3 tap0901; C:\windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
S3 VCSVADHWSer; C:\windows\System32\DRIVERS\vcsvad.sys [17792 2008-12-26] (Avnex) [Arquivo não assinado]
S3 Baidu PC Faster FileShredder; \??\C:\Program Files\PC Faster\5.1.0.0\FileKill_x86.sys [X]
S3 BprotectEx; \??\C:\windows\System32\drivers\BprotectEx.sys [X]
S1 dhsgomnd; \??\C:\windows\system32\drivers\dhsgomnd.sys [X]
S3 EagleXNt; \??\C:\windows\system32\drivers\EagleXNt.sys [X]
S3 esgiguard; não ImagePath
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\PC Faster\5.1.0.0\PCFApiUtil.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]
S3 xspirit; \??\C:\windows\xspirit.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-14 19:28 - 2016-06-14 19:30 - 00024699 _____ C:\Users\Paulo\Desktop\FRST.txt
2016-06-14 16:56 - 2016-06-14 16:56 - 00044996 _____ C:\ZA-Scan.txt
2016-06-14 16:48 - 2016-06-14 16:48 - 00000000 ____D C:\zoek_backup
2016-06-14 16:44 - 2016-06-14 16:44 - 01370112 _____ C:\Users\Paulo\Desktop\ZA-Scan.exe
2016-06-13 16:27 - 2016-06-13 16:30 - 00062595 _____ C:\Users\Paulo\Desktop\Addition.txt
2016-06-13 16:04 - 2016-06-13 16:04 - 00797760 _____ C:\Users\Paulo\Downloads\delfix_1.013.exe
2016-06-13 16:03 - 2016-06-13 16:08 - 00063587 _____ C:\Users\Paulo\Downloads\Addition.txt
2016-06-13 15:59 - 2016-06-14 19:28 - 00000000 ____D C:\FRST
2016-06-13 15:59 - 2016-06-13 16:08 - 00039650 _____ C:\Users\Paulo\Downloads\FRST.txt
2016-06-13 15:57 - 2016-06-13 15:57 - 01736192 _____ (Farbar) C:\Users\Paulo\Desktop\FRST.exe
2016-06-13 15:53 - 2016-06-13 15:53 - 02215424 _____ C:\Users\Paulo\ZHPDiag3.exe
2016-06-13 15:52 - 2016-06-13 15:57 - 00000000 ____D C:\Users\Paulo\AppData\Roaming\ZHP
2016-06-13 15:52 - 2016-06-13 15:52 - 02213888 _____ C:\Users\Paulo\Downloads\ZHPDiag3.exe
2016-06-13 15:49 - 2016-06-13 15:49 - 00834970 _____ C:\Users\Paulo\Desktop\1Box_cFSTR.exe
2016-06-13 15:39 - 2016-06-14 15:15 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-13 15:39 - 2016-06-13 15:39 - 00001085 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-13 15:39 - 2016-06-13 15:39 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-06-13 15:39 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2016-06-13 15:39 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-06-13 15:39 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2016-06-13 14:04 - 2016-06-13 14:04 - 00000000 ____D C:\windows\7
2016-06-12 15:51 - 2016-06-13 20:17 - 00001471 _____ C:\Users\Paulo\Downloads\moderarpp.txt
2016-06-08 23:35 - 2016-06-08 23:35 - 00451454 _____ C:\Users\Paulo\Downloads\Pets.rar
2016-06-08 17:19 - 2016-06-08 17:19 - 00000000 ____D C:\Users\Public\Documents\PC Faster
2016-06-08 16:42 - 2016-06-08 16:42 - 00091594 _____ C:\Users\Paulo\Documents\cc_20160608_164218.reg
2016-06-08 16:28 - 2016-06-08 16:28 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2016-06-08 16:18 - 2016-06-08 16:18 - 03677248 _____ C:\Users\Paulo\Downloads\adwcleaner_5.119(1).exe
2016-06-08 16:15 - 2016-06-08 16:17 - 01367648 _____ C:\Users\Paulo\Downloads\adwcleaner_5.119.exe
2016-06-08 01:24 - 2016-06-08 01:24 - 00320764 _____ C:\Users\Paulo\Downloads\elephants.swf
2016-06-07 01:59 - 2016-06-07 01:59 - 00001954 _____ C:\Users\Paulo\Downloads\1 Novo Efeito Trampolim - Criando Habbos.rar
2016-06-07 01:59 - 2016-06-07 01:59 - 00001870 _____ C:\Users\Paulo\Downloads\1 Novo Efeito Treadmill - Criando Habbos.rar
2016-06-06 14:38 - 2016-06-06 14:38 - 00102041 _____ C:\Users\Paulo\Downloads\pikachupet1.swf
2016-06-06 14:29 - 2016-06-06 14:29 - 00370148 _____ C:\Users\Paulo\Downloads\bebesp.swf
2016-06-06 14:29 - 2016-06-06 14:29 - 00263860 _____ C:\Users\Paulo\Downloads\mario_viter_hh.swf
2016-06-06 14:26 - 2016-06-06 14:26 - 00272609 _____ C:\Users\Paulo\Downloads\babyBH.swf
2016-05-31 11:26 - 2016-05-31 11:26 - 00738368 _____ (Oracle Corporation) C:\Users\Paulo\Downloads\chromeinstall-8u91(1).exe
2016-05-31 11:15 - 2016-05-31 11:15 - 00067188 _____ C:\Users\Paulo\Downloads\SJs2aIQ.htm
2016-05-31 11:14 - 2016-05-31 11:14 - 00737856 _____ (Oracle Corporation) C:\Users\Paulo\Downloads\chromeinstall-8u91.exe
2016-05-24 20:49 - 2016-05-24 20:49 - 00000000 ____D C:\Users\Paulo\Documents\FD Trillix
2016-05-24 20:47 - 2016-05-24 20:47 - 00263860 _____ C:\Users\Paulo\Downloads\mario.swf
2016-05-22 19:40 - 2016-05-22 19:40 - 09678647 _____ C:\Users\Paulo\Downloads\Plus Emu Fixes - DevHabbos.zip
2016-05-20 17:23 - 2016-05-20 17:23 - 00000125 _____ C:\windows\FlashDecompiler.INI
2016-05-17 23:10 - 2016-05-17 23:10 - 00003307 _____ C:\Users\Paulo\Downloads\upload.zip
2016-05-16 05:02 - 2016-05-16 05:02 - 00000000 ____D C:\Users\Paulo\Downloads\PlusEMU
2016-05-16 05:02 - 2016-01-11 20:55 - 00000000 ____D C:\Users\Paulo\Downloads\Database
2016-05-16 05:00 - 2016-01-11 18:16 - 00000000 ____D C:\Users\Paulo\Desktop\PlusEMU
2016-05-16 04:59 - 2016-05-16 04:59 - 07863593 _____ C:\Users\Paulo\Downloads\PlusEMU 16-2-2016.rar
2016-05-14 01:34 - 2016-05-14 01:34 - 09663088 _____ (TeamViewer GmbH) C:\Users\Paulo\Downloads\TeamViewer_Setup_pt.exe
2016-05-12 22:43 - 2016-05-12 22:46 - 00000600 _____ C:\Users\Paulo\AppData\Local\PUTTY.RND
2016-05-11 21:21 - 2016-05-11 21:21 - 01170320 _____ C:\Users\Paulo\Downloads\Wesley12312-arcturus-81908a183a21.zip
2016-05-07 20:23 - 2016-05-25 17:49 - 00000000 ____D C:\Users\Paulo\Downloads\db line
2016-05-07 20:22 - 2016-05-07 20:22 - 01142321 _____ C:\Users\Paulo\Downloads\furnitureline.sql
2016-05-07 20:22 - 2016-05-07 20:22 - 00048407 _____ C:\Users\Paulo\Downloads\catalog_pagesline.sql
2016-05-05 21:04 - 2016-05-05 21:08 - 00000000 ____D C:\Users\Paulo\Desktop\Boon-master
2016-05-05 20:55 - 2016-05-05 20:59 - 09511246 _____ C:\Users\Paulo\Downloads\Boon-master.zip
2016-05-03 00:41 - 2016-05-03 00:41 - 00000017 _____ C:\Users\Paulo\Desktop\netflix.txt
2016-05-02 18:11 - 2016-03-15 07:56 - 00000000 ____D C:\Users\Paulo\Desktop\Yupi-1.1.0-jesus
2016-05-02 18:09 - 2016-05-02 18:10 - 01225967 _____ C:\Users\Paulo\Downloads\Yupi-1.1.0-jesus.zip
2016-05-01 00:38 - 2016-05-01 00:38 - 00001576 _____ C:\Users\Paulo\Downloads\rankcampanha.sql
2016-04-30 21:05 - 2016-05-06 20:21 - 00026420 _____ C:\Users\Paulo\Desktop\hall.php
2016-04-29 17:36 - 2016-04-29 17:36 - 00000881 _____ C:\Users\Paulo\Downloads\rankevento.sql
2016-04-29 00:25 - 2016-04-29 00:25 - 00007976 _____ C:\Users\Paulo\Downloads\Efeito Regador Habbo - Criando Habbos.rar
2016-04-29 00:24 - 2016-04-29 00:24 - 00049931 _____ C:\Users\Paulo\Downloads\3 Novos Efeitos Habbo - Criando Habbos.rar
2016-04-24 18:53 - 2016-04-24 18:54 - 00633872 _____ (Nsasoft LLC. ) C:\Users\Paulo\Downloads\FreePortScanner.exe
2016-04-23 12:52 - 2016-04-23 12:52 - 00000000 ____D C:\Users\Paulo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eclipse
2016-04-23 12:23 - 2016-04-23 12:23 - 00000000 ____D C:\Users\Paulo\eclipse
2016-04-23 12:22 - 2016-04-23 12:23 - 00000000 ____D C:\Users\Paulo\.p2
2016-04-23 12:22 - 2016-04-23 12:23 - 00000000 ____D C:\Users\Paulo\.eclipse
2016-04-23 12:21 - 2016-04-23 12:22 - 06481378 _____ C:\Users\Paulo\Downloads\Habbonew.swf
2016-04-23 11:01 - 2016-04-23 11:08 - 46890808 _____ C:\Users\Paulo\Downloads\eclipse-inst-win32(1).exe
2016-04-21 21:19 - 2016-04-21 21:38 - 00000000 ____D C:\Users\Paulo\Desktop\Comet
2016-04-21 21:17 - 2016-04-21 21:18 - 01403381 _____ C:\Users\Paulo\Downloads\eInEun9YJYc2.zip
2016-04-21 04:19 - 2016-06-08 13:53 - 00000000 ____D C:\Users\Todos os Usuários\Windows Security
2016-04-19 13:06 - 2016-04-19 13:06 - 00024813 _____ C:\Users\Paulo\Downloads\cms_news.sql
2016-04-19 05:01 - 2016-04-19 05:02 - 01123322 _____ C:\Users\Paulo\Downloads\furniture.sql
2016-04-19 05:01 - 2016-04-19 05:01 - 00604534 _____ C:\Users\Paulo\Downloads\catalog_items(1).sql
2016-04-19 05:01 - 2016-04-19 05:01 - 00065661 _____ C:\Users\Paulo\Downloads\catalog_pages(7).sql
2016-04-18 21:48 - 2016-04-18 21:48 - 00398403 _____ C:\Users\Paulo\Downloads\Furnis 1 By Glavez.rar
2016-04-17 22:58 - 2016-04-17 22:58 - 11319984 _____ C:\Users\Paulo\Downloads\Luan Martins FIX.rar
2016-04-14 04:13 - 2016-04-14 04:13 - 00005971 _____ C:\Users\Paulo\Downloads\Esconder Client - www.likehotel.com.br - By LoToS.rar
2016-04-14 03:05 - 2016-04-14 03:05 - 00065337 _____ C:\Users\Paulo\Downloads\catalog_pages(6).sql
2016-04-14 01:37 - 2016-04-14 01:37 - 00065335 _____ C:\Users\Paulo\Downloads\catalog_pages(5).sql
2016-04-14 01:28 - 2016-04-14 01:28 - 00065320 _____ C:\Users\Paulo\Downloads\catalog_pages(4).sql
2016-04-14 00:53 - 2016-04-14 00:53 - 00601241 _____ C:\Users\Paulo\Downloads\catalog_items.sql
2016-04-14 00:53 - 2016-04-14 00:53 - 00065354 _____ C:\Users\Paulo\Downloads\catalog_pages(3).sql
2016-04-14 00:34 - 2016-04-14 00:35 - 07371812 _____ C:\Users\Paulo\Downloads\line(2).sql
2016-04-13 22:30 - 2016-04-13 22:30 - 06947653 _____ C:\Users\Paulo\Downloads\line(1).sql
2016-04-13 00:00 - 2016-04-13 00:00 - 04540690 _____ C:\Users\Paulo\Downloads\line.sql
2016-04-12 15:31 - 2016-04-12 15:31 - 00065424 _____ C:\Users\Paulo\Downloads\catalog_pages(2).sql
2016-04-12 15:30 - 2016-04-12 15:30 - 00065309 _____ C:\Users\Paulo\Downloads\catalog_pages(1).sql
2016-04-12 14:05 - 2016-04-12 14:05 - 00019674 _____ C:\Users\Paulo\Downloads\rooms.sql
2016-04-12 03:59 - 2016-04-12 04:00 - 10595984 _____ (Stellar Information Technology Pvt Ltd. ) C:\Users\Paulo\Downloads\stellar-photo-recovery.exe
2016-04-12 03:46 - 2016-04-12 03:46 - 00000000 ____D C:\Users\Todos os Usuários\AutoUpdate
2016-04-12 03:46 - 2016-04-12 03:46 - 00000000 ____D C:\Users\Paulo\Documents\DbgLogs
2016-04-12 03:46 - 2016-04-12 03:46 - 00000000 ____D C:\Program Files\Eltima Software
2016-04-12 03:45 - 2016-04-12 03:46 - 28165480 _____ (Eltima Software ) C:\Users\Paulo\Downloads\flash_decompiler.exe
2016-04-12 03:42 - 2016-04-12 03:42 - 00065313 _____ C:\Users\Paulo\Downloads\catalog_pages.sql
2016-04-12 03:35 - 2016-04-12 03:35 - 00000000 ____D C:\Users\Paulo\Documents\Navicat
2016-04-12 03:35 - 2016-04-12 03:35 - 00000000 ____D C:\Program Files\PremiumSoft
2016-04-12 03:33 - 2016-04-12 03:34 - 34071840 _____ (PremiumSoft CyberTech Ltd. ) C:\Users\Paulo\Downloads\navicat112_premium_en_x86.exe
2016-04-09 08:42 - 2016-04-09 09:21 - 426172168 _____ C:\Users\Paulo\Desktop\wwwroot.rar
2016-04-08 03:40 - 2016-04-08 03:40 - 00008738 _____ C:\Users\Paulo\Desktop\1 Novo Efeito Habbo Março - Criando Habbos.rar
2016-04-07 15:44 - 2016-04-07 15:46 - 03864866 _____ C:\Users\Paulo\Desktop\line.sql
2016-04-06 16:03 - 2016-06-08 10:56 - 00027040 ____H (LogMeIn, Inc.) C:\windows\system32\hamachi.sys
2016-04-06 00:00 - 2016-04-06 00:00 - 00000010 _____ C:\Users\Paulo\Desktop\Vps.txt
2016-04-05 16:37 - 2016-04-05 16:37 - 00065312 _____ C:\Users\Paulo\Desktop\catalog_pages.sql
2016-04-05 16:04 - 2016-04-05 16:04 - 00000000 ____D C:\Users\Paulo\AppData\Roaming\HeidiSQL
2016-04-05 16:01 - 2016-04-05 16:01 - 00000000 ____D C:\Users\Todos os Usuários\HeidiSQL
2016-04-05 16:01 - 2016-04-05 16:01 - 00000000 ____D C:\Program Files\HeidiSQL
2016-04-05 15:58 - 2016-05-31 11:30 - 00000000 ____D C:\Program Files\cFosSpeed
2016-04-05 15:58 - 2015-09-09 16:42 - 01426856 _____ (cFos Software GmbH) C:\windows\system32\Drivers\cfosspeed6.sys
2016-04-05 15:54 - 2016-06-13 17:37 - 00000000 ____D C:\Users\Todos os Usuários\System32
2016-04-05 15:48 - 2016-04-05 15:48 - 00000000 ____D C:\Users\Paulo\AppData\Roaming\XBox
2016-04-05 15:48 - 2016-04-05 15:48 - 00000000 ____D C:\Users\Paulo\AppData\Roaming\FrivLauncher
2016-04-04 12:33 - 2016-04-04 12:34 - 04017792 _____ C:\Users\Paulo\Downloads\heidisql32.r5063.exe
2016-04-04 12:29 - 2016-04-04 12:30 - 04449808 _____ (Ansgar Becker ) C:\Users\Paulo\Downloads\HeidiSQL_9.3.0.5062-32_Setup.exe
2016-04-03 22:26 - 2016-04-03 22:26 - 00182951 _____ C:\Users\Paulo\Desktop\badge_definitions.sql
2016-04-03 21:52 - 2016-04-03 21:52 - 00004513 _____ C:\Users\Paulo\Desktop\permissions_commands.sql
2016-04-03 19:17 - 2016-03-09 23:07 - 02210224 _____ C:\Users\Paulo\Desktop\BOOM DB.sql
2016-04-03 19:16 - 2016-04-03 19:17 - 00247670 _____ C:\Users\Paulo\Desktop\BOOMDB.rar
2016-04-02 21:25 - 2016-04-09 01:40 - 00000000 ____D C:\Users\Paulo\AppData\Roaming\Maxthon3
2016-04-02 21:25 - 2016-04-02 21:25 - 00000000 ____D C:\Program Files\Maxthon
2016-04-02 21:01 - 2016-04-02 21:24 - 46798944 _____ (Maxthon International ltd.) C:\Users\Paulo\Downloads\mx4.9.1.1000.exe
2016-04-02 15:55 - 2016-04-02 15:55 - 00272319 _____ C:\Users\Paulo\Downloads\fix para db horizon.rar
2016-04-02 14:53 - 2016-04-02 14:56 - 07575791 _____ C:\Users\Paulo\Downloads\Comet-swf.zip
2016-04-02 13:57 - 2016-06-08 23:38 - 00000000 ____D C:\Users\Paulo\Desktop\Habbline
2016-03-30 21:58 - 2016-03-30 21:58 - 00009062 _____ C:\Users\Paulo\Desktop\client.php
2016-03-29 01:34 - 2016-03-29 01:34 - 00056680 _____ C:\Users\Paulo\Downloads\contacts.vcf
2016-03-28 22:42 - 2016-03-28 15:28 - 00001603 _____ C:\Users\Paulo\Desktop\^D35B6C5EDF5752311555158B0D58B7C69DA654B400E4BEDB4A^pimgpsh_fullsize_distr.png
2016-03-27 23:08 - 2016-03-27 23:08 - 00220836 _____ C:\Users\Paulo\Downloads\DiagnosticTool.zip
2016-03-27 18:06 - 2016-03-27 18:06 - 00000000 ____D C:\Users\Paulo\AppData\Roaming\Microsoft FxCop
2016-03-27 17:29 - 2016-03-27 17:32 - 09191870 _____ C:\Users\Paulo\Downloads\Emulator.rar
2016-03-27 16:56 - 2016-03-07 20:07 - 00000000 ____D C:\Users\Paulo\Desktop\Plus Emulador (Habboon Edit) - Criando Habbos
2016-03-27 16:55 - 2016-03-27 16:56 - 07890870 _____ C:\Users\Paulo\Downloads\Plus Emulador (Habboon Edit) - Criando Habbos.rar
2016-03-27 14:05 - 2016-06-14 16:16 - 00000000 ____D C:\Users\Paulo\AppData\Local\LogMeIn Hamachi
2016-03-27 14:05 - 2016-03-27 14:05 - 00000000 ____D C:\Users\Todos os Usuários\LogMeIn
2016-03-27 14:05 - 2016-03-27 14:05 - 00000000 ____D C:\Users\Paulo\AppData\Local\LogMeIn
2016-03-27 14:03 - 2016-03-27 14:03 - 02321075 _____ C:\Users\Paulo\Downloads\database.sql
2016-03-27 14:00 - 2016-03-27 14:02 - 08818688 _____ C:\Users\Paulo\Downloads\hamachi.msi
2016-03-27 03:19 - 2016-03-27 03:20 - 03026176 _____ (Microsoft Corporation) C:\Users\Paulo\Downloads\vs_langpack (1).exe
2016-03-27 02:48 - 2016-03-27 02:48 - 00000000 ____D C:\Program Files\AppInsights
2016-03-27 02:45 - 2016-03-27 02:45 - 00000000 ____D C:\Users\Todos os Usuários\PreEmptive Solutions
2016-03-27 02:07 - 2016-03-27 02:07 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2016-03-27 01:57 - 2016-03-27 01:57 - 00000000 ____D C:\Program Files\IIS Express
2016-03-27 01:54 - 2016-03-27 01:54 - 00000000 ____D C:\Users\Todos os Usuários\NuGet
2016-03-27 01:54 - 2016-03-27 01:54 - 00000000 ____D C:\Program Files\NuGet
2016-03-27 01:53 - 2016-03-27 01:53 - 00000000 ____D C:\Users\Paulo\AppData\Local\VSIXInstaller
2016-03-27 01:53 - 2016-03-27 01:53 - 00000000 ____D C:\Program Files\Microsoft Office365 Tools
2016-03-27 01:14 - 2016-03-27 01:33 - 00000000 ____D C:\c25e3f8bcfa20058264293
2016-03-27 00:45 - 2016-03-27 00:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-03-27 00:42 - 2016-03-27 00:42 - 00000000 ____D C:\Program Files\ShellDir
2016-03-27 00:33 - 2016-03-27 00:33 - 00000000 ____D C:\Program Files\Microsoft DNX
2016-03-27 00:07 - 2016-03-27 00:07 - 00000000 ____D C:\Program Files\Microsoft WCF Data Services
2016-03-26 23:53 - 2016-03-27 00:43 - 00000000 ____D C:\Program Files\Windows Kits
2016-03-26 23:53 - 2016-03-26 23:53 - 00000000 ____D C:\windows\symbols
2016-03-26 23:49 - 2016-03-26 23:49 - 00000000 ____D C:\Program Files\Common Files\Merge Modules
2016-03-26 23:35 - 2016-03-26 23:35 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-03-26 22:14 - 2016-03-26 22:14 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-03-26 15:33 - 2016-03-26 15:33 - 00211592 _____ (Microsoft Corporation) C:\Users\Paulo\Downloads\vs_community_ENU.exe
2016-03-26 11:20 - 2016-03-26 11:21 - 09438784 _____ C:\Users\Paulo\Downloads\SirioEMU - Criando Habbos.zip
2016-03-25 23:11 - 2016-03-25 23:12 - 04204144 _____ C:\Users\Paulo\Downloads\npp.6.9.Installer.exe
2016-03-24 13:29 - 2016-03-24 13:29 - 00000000 ____D C:\Program Files\Common Files\Java
2016-03-22 16:20 - 2016-03-22 16:20 - 00027040 ____H (LogMeIn, Inc.) C:\windows\system32\Drivers\hamachi.sys
2016-03-21 02:44 - 2016-03-24 13:28 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2016-03-21 02:41 - 2016-03-21 02:41 - 00734816 _____ (Oracle Corporation) C:\Users\Paulo\Downloads\jre-8u73-windows-i586-iftw (1).exe
2016-03-17 17:57 - 2016-05-25 00:30 - 00000000 ___RD C:\Program Files\Skype
2016-03-17 17:37 - 2016-03-17 17:37 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Paulo\Downloads\SkypeSetup (2).exe
2016-03-17 15:39 - 2016-06-11 21:48 - 00000964 _____ C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-03-17 15:33 - 2016-03-17 15:35 - 01190608 _____ (Adobe Systems Incorporated) C:\Users\Paulo\Downloads\flashplayer21pp_fa_install.exe
2016-03-17 15:19 - 2016-03-17 15:19 - 00000000 ____D C:\Users\Paulo\AppData\Roaming\Opera Software
2016-03-17 15:19 - 2016-03-17 15:19 - 00000000 ____D C:\Users\Paulo\AppData\Local\Opera Software
2016-03-17 15:15 - 2016-03-31 17:49 - 00000000 ____D C:\Program Files\Opera
2016-03-17 15:14 - 2016-03-17 15:14 - 00724864 _____ (Opera Software) C:\Users\Paulo\Downloads\OperaSetup.exe

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-14 19:30 - 2014-09-28 11:28 - 00000000 ____D C:\Users\Paulo\AppData\Roaming\Skype
2016-06-14 19:09 - 2014-06-22 06:48 - 00001058 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-14 17:36 - 2014-10-22 23:31 - 00000928 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2240306623-60622281-3918578315-1000UA.job
2016-06-14 16:46 - 2009-07-13 23:04 - 00000579 _____ C:\windows\win.ini
2016-06-14 15:36 - 2009-07-14 01:34 - 00025216 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-14 15:36 - 2009-07-14 01:34 - 00025216 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-14 15:17 - 2009-07-13 23:37 - 00000000 ____D C:\windows\system32\inetsrv
2016-06-14 15:15 - 2015-07-31 21:28 - 00000640 _____ C:\windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job
2016-06-14 15:15 - 2014-06-22 06:48 - 00001054 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-14 15:15 - 2009-07-14 01:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-06-14 15:15 - 2009-07-14 01:34 - 00000000 ____D C:\windows\Setup
2016-06-13 23:36 - 2014-10-22 23:31 - 00000906 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2240306623-60622281-3918578315-1000Core.job
2016-06-13 22:56 - 2015-08-01 20:30 - 00000000 ____D C:\Users\Paulo\Documents\Visual Studio 2015
2016-06-13 22:56 - 2014-10-09 23:21 - 00000000 ____D C:\Users\Paulo\AppData\Local\CrashDumps
2016-06-13 18:41 - 2014-10-24 23:15 - 00002052 ____H C:\Users\Paulo\Documents\Default.rdp
2016-06-13 17:31 - 2014-09-28 13:49 - 00000000 ____D C:\Users\Paulo\AppData\Roaming\foobar2000
2016-06-13 15:53 - 2014-09-27 17:27 - 00000000 ____D C:\Users\Paulo
2016-06-11 14:40 - 2014-11-19 12:26 - 00000000 ____D C:\Users\Paulo\AppData\Roaming\Notepad++
2016-06-10 20:41 - 2011-02-04 14:30 - 01771280 _____ C:\windows\system32\PerfStringBackup.INI
2016-06-10 20:41 - 2009-07-14 05:31 - 00759062 _____ C:\windows\system32\prfh0416.dat
2016-06-10 20:41 - 2009-07-14 05:31 - 00164778 _____ C:\windows\system32\prfc0416.dat
2016-06-10 20:41 - 2009-07-13 23:37 - 00000000 ____D C:\windows\inf
2016-06-10 17:52 - 2014-11-20 18:56 - 00000000 ____D C:\AdwCleaner
2016-06-09 14:37 - 2014-09-06 18:22 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-08 18:08 - 2009-07-13 23:37 - 00000000 ____D C:\windows\system32\NDF
2016-06-08 17:55 - 2014-09-29 00:09 - 00000000 ____D C:\Users\Paulo\AppData\Local\ElevatedDiagnostics
2016-06-08 16:41 - 2015-05-03 20:26 - 00000000 ____D C:\Program Files\Steam
2016-05-31 11:26 - 2014-06-22 07:00 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-05-31 11:25 - 2016-02-09 21:00 - 00000000 ____D C:\Program Files\RapidTyping 5
2016-05-31 11:24 - 2015-07-25 16:35 - 00000000 ____D C:\Users\Paulo\AppData\Local\Deployment
2016-05-31 11:21 - 2014-12-22 23:45 - 00000000 ____D C:\Program Files\Baixo Cidade
2016-05-30 15:06 - 2014-06-22 06:50 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-05-24 21:36 - 2014-09-28 11:09 - 00000000 ____D C:\Users\Todos os Usuários\TEMP
2016-05-22 17:59 - 2014-11-13 17:43 - 00000000 ____D C:\Users\Paulo\Desktop\Emblemas
2016-05-15 16:04 - 2014-11-18 23:00 - 00000902 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-05-15 16:04 - 2009-07-14 01:33 - 03814048 _____ C:\windows\system32\FNTCACHE.DAT

==================== Arquivos na raiz de alguns diretórios =======

2014-11-13 17:46 - 2014-11-13 17:46 - 0000132 _____ () C:\Users\Paulo\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2015-12-23 10:27 - 2015-12-23 10:29 - 0000016 _____ () C:\Users\Paulo\AppData\Roaming\translate.ini
2014-11-24 00:35 - 2014-11-24 00:35 - 0000045 _____ () C:\Users\Paulo\AppData\Roaming\WB.CFG
2014-10-01 10:38 - 2015-10-11 17:05 - 0007168 _____ () C:\Users\Paulo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-12 22:43 - 2016-05-12 22:46 - 0000600 _____ () C:\Users\Paulo\AppData\Local\PUTTY.RND
2014-09-30 18:15 - 2014-11-14 17:22 - 0000437 _____ () C:\Users\Paulo\AppData\Local\UserProducts.xml
2014-09-27 18:09 - 2014-09-27 18:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-12-29 02:12 - 2015-12-29 02:12 - 0004999 _____ () C:\ProgramData\wwznqdpf.eax

Arquivos para serem movidos ou deletados:
====================
C:\Users\Paulo\intel display adapter agement tool by x[a]rtur.exe
C:\Users\Paulo\MemoryOptimizerProSetup.exe
C:\Users\Paulo\raidcall_7.3.6.exe
C:\Users\Paulo\ZHPDiag3.exe
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job


Alguns arquivos em TEMP:
====================
C:\Users\Paulo\AppData\Local\Temp\npp.6.9.2.Installer.exe
C:\Users\Paulo\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\windows\explorer.exe => O arquivo é assinado digitalmente
C:\windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\windows\system32\services.exe => O arquivo é assinado digitalmente
C:\windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-06-08 20:45

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité