Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 02-07-2016
Executado por Zucolo (administrador) em ZUCOLO-PC (08-07-2016 21:39:21)
Executando a partir de C:\Users\Zucolo\Downloads
Perfis Carregados: Zucolo (Perfis Disponíveis: Zucolo & Mcx1-ZUCOLO-PC)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: "C:\Program Files (x86)\Junedoor\Application\chrome.exe" "%1")
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Winziper Pvt Ltd.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TData.com) C:\Program Files (x86)\TData\TData.exe
() C:\Program Files (x86)\systips\tipssvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\ProgramData\Junedoor\Junedoor.exe
(WFini LIMITED) C:\ProgramData\1winp1\WFini.exe
(tsvr.com) C:\Users\Zucolo\AppData\Roaming\TSv\TSvr.exe
(Qksee Pvt Ltd.) C:\Program Files (x86)\qksee\qkseeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(evangel technology (hk) limited) C:\Program Files (x86)\Uncheckit\UncheckitSvc.exe
(EVANGEL TECHNOLOGY (HK) LIMITED) C:\Program Files (x86)\Uncheckit\UncheckitBsn.exe
(EVANGEL TECHNOLOGY (HK) LIMITED) C:\Program Files (x86)\Uncheckit\cktSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Users\Zucolo\AppData\Local\{5AD06~1\dati.exe
() C:\Users\Zucolo\AppData\Local\Temp\71432.del
() C:\Users\Zucolo\AppData\Local\Temp\71432.del
() C:\Users\Zucolo\AppData\Local\Temp\71432.del
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Users\Zucolo\AppData\Local\{5AD06~1\dati.exe
() C:\Users\Zucolo\AppData\Local\{5A8D6~1\trz25A1.tmp
() C:\Program Files (x86)\PCSX2 1.4.0\pcsx2.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 1999-12-31] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-06] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Del550523472] => C:\Users\Zucolo\AppData\Local\Temp\71432.del [567808 2013-04-13] () <===== ATENÇÃO
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-30] (Disc Soft Ltd)
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\...\Run: [Chromium] => c:\users\zucolo\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\...\RunOnce: [Del550523472] => C:\Users\Zucolo\AppData\Local\Temp\71432.del [567808 2013-04-13] () <===== ATENÇÃO
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\...\MountPoints2: D - D:\setup.exe
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\...\MountPoints2: {19a21986-a346-11e5-806d-001e8c096a17} - D:\setup.exe
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\...\MountPoints2: {53212036-405a-11e6-82d4-001e8c096a17} - E:\setup.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-21] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-08-21]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
BootExecute: autocheck autochk aswBoot.exe /M:18b30a72ae55 /wow /dir:"C:\Program Files\AVAST Software\Avast"
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{EAC51A6D-4C5B-405E-8822-CFD14CC4DB61}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449816002&z=c776bac7593dba12f92875bg3z3z4tbbdg6q6e4e2g&from=ient07021&uid=395049983_397233_C0A8047A&q={searchTerms}
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449816002&z=c776bac7593dba12f92875bg3z3z4tbbdg6q6e4e2g&from=ient07021&uid=395049983_397233_C0A8047A&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
SearchScopes: HKLM-x32 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1392382216-3583813168-2077223590-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1467639904&z=804013c06bf3bb5f53e533dg8zcqemfq5c2t6batew&from=wpm0616&uid=395049983_397233_C0A8047A&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1392382216-3583813168-2077223590-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-1392382216-3583813168-2077223590-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1467639904&z=804013c06bf3bb5f53e533dg8zcqemfq5c2t6batew&from=wpm0616&uid=395049983_397233_C0A8047A&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1392382216-3583813168-2077223590-1000 -> {F0109899-486E-4346-95CE-99BBB7334C3E} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-21] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-12] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-21] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-12] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Zucolo\AppData\Roaming\Mozilla\Firefox\Profiles\o65hlmc7.default
FF NewTab: hxxp://www.nicesearches.com?type=hp&ts=1465887203&from=6b1d0614&uid=395049983_397233_c0a8047a&z=88752c1458c1dc9dc6ed9f2g0z2q3web5b9mfgftet
FF Homepage: hxxp://www.nicesearches.com?type=hp&ts=1465887203&from=6b1d0614&uid=395049983_397233_c0a8047a&z=88752c1458c1dc9dc6ed9f2g0z2q3web5b9mfgftet
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-12] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2010-03-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF user.js: detected! => C:\Users\Zucolo\AppData\Roaming\Mozilla\Firefox\Profiles\o65hlmc7.default\user.js [2016-06-23]
FF SearchPlugin: C:\Users\Zucolo\AppData\Roaming\Mozilla\Firefox\Profiles\o65hlmc7.default\searchplugins\nice.xml [2016-06-23]
FF Extension: xRocket Toolbar - C:\Users\Zucolo\AppData\Roaming\Mozilla\Firefox\Profiles\o65hlmc7.default\extensions\arthurj8283@gmail.com [2016-06-23] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Zucolo\AppData\Roaming\Mozilla\Firefox\Profiles\o65hlmc7.default\extensions\arthurj8283@gmail.com
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: Default -> s.piesearch.com/?type=chhp
CHR StartupUrls: Default -> "hxxp://www.nicesearches.com?type=hp&ts=1462264305&from=86490503&uid=395049983_397233_c0a8047a&z=48ee4791ff4e78c2a6226eeg3z9q1odocqbz2o1t4t"
CHR DefaultSearchURL: Default -> hxxp://www.nicesearches.com/search.php?type=ds&ts=1462264305&from=86490503&uid=395049983_397233_c0a8047a&z=48ee4791ff4e78c2a6226eeg3z9q1odocqbz2o1t4t&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nice
CHR Profile: C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (AdBlock) - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-08]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-24]
CHR Extension: (Search Manager) - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2016-07-08]
CHR Extension: (Gmail) - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-26]
CHR HKLM\...\Chrome\Extension: [ljnfelhdldlokjkohcmjpogkdjgbgjpj] - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljnfelhdldlokjkohcmjpogkdjgbgjpj.crx [2015-10-10]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [ljnfelhdldlokjkohcmjpogkdjgbgjpj] - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljnfelhdldlokjkohcmjpogkdjgbgjpj.crx [2015-10-10]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-21] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 cktSvc; C:\Program Files (x86)\Uncheckit\cktSvc.exe [274176 2016-07-05] (EVANGEL TECHNOLOGY (HK) LIMITED)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1368408 2015-11-30] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [243984 2016-03-11] (EasyAntiCheat Ltd)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-08-26] (Hi-Rez Studios) [Arquivo não assinado]
R2 IhPul; C:\Users\Zucolo\AppData\Roaming\TSv\TSvr.exe [475856 2016-07-04] (tsvr.com)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2016-05-22] (Elex do Brasil Participações Ltda)
R2 JunedoorP; C:\ProgramData\Junedoor\Junedoor.exe [424832 2016-06-28] ()
S2 JunedoorU; C:\Program Files (x86)\Junedoor\Update\JunedoorUpdate.exe [589184 2016-06-28] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S2 MustangService_2015_10_10; C:\ProgramData\TempMoudleSet\MustangSer1021.exe [236816 2015-10-09] (MustangService)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3535512 2015-11-29] (INCA Internet Co., Ltd.)
R2 qkseeService; C:\Program Files (x86)\qksee\qkseeSvc.exe [733944 2016-07-03] (Qksee Pvt Ltd.)
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [254264 2016-07-08] ()
S2 server; C:\Program Files (x86)\Window Update\server Update\server.exe [289496 2015-12-10] ()
R2 TDataSvr; C:\Program Files (x86)\TData\TData.exe [137416 2016-06-23] (TData.com)
R2 TipsService; C:\Program Files (x86)\systips\tipssvc.exe [317440 2015-07-06] () [Arquivo não assinado]
R2 UncheckitSvc; C:\Program Files (x86)\Uncheckit\UncheckitSvc.exe [247552 2016-07-05] (evangel technology (hk) limited)
R2 WdMan; C:\ProgramData\1winp1\WFini.exe [562408 2016-07-04] (WFini LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 Winsere; C:\Program Files (x86)\Winsere\Winsere\Winsere.exe [316984 2016-03-23] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [1140856 2016-05-30] (Winziper Pvt Ltd.) <==== ATENÇÃO
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [Arquivo não assinado]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-21] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-12-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [46392 2015-12-16] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-22] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2016-05-22] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-22] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-22] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-22] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2014-04-08] (Realtek Semiconductor Corporation )
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2016-05-05] (SlimWare Utilities, Inc.)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-08 21:39 - 2016-07-08 21:40 - 00025018 _____ C:\Users\Zucolo\Downloads\FRST.txt
2016-07-08 21:39 - 2016-07-08 21:39 - 00000000 ____D C:\FRST
2016-07-08 21:38 - 2016-07-08 21:38 - 02390016 _____ (Farbar) C:\Users\Zucolo\Downloads\FRST64.exe
2016-07-08 21:32 - 2016-07-08 21:32 - 00001943 _____ C:\Users\Public\Desktop\PCSX2 1.4.0.lnk
2016-07-08 21:32 - 2016-07-08 21:32 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-07-08 21:32 - 2016-07-08 21:32 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-07-08 21:30 - 2016-07-08 21:31 - 17837152 _____ C:\Users\Zucolo\Downloads\pcsx2-1.4.0-setup.exe
2016-07-08 19:49 - 2016-07-08 19:49 - 00003480 _____ C:\Windows\System32\Tasks\ByteFence Scan
2016-07-08 19:49 - 2016-07-08 19:49 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
2016-07-08 19:37 - 2016-07-08 19:37 - 27689605 _____ C:\Users\Zucolo\Downloads\Donkey Kong 64 (U).zip
2016-07-08 19:33 - 2016-07-08 19:33 - 00004344 _____ C:\Windows\System32\Tasks\Yahoo! Powered dalos
2016-07-08 19:31 - 2016-07-08 19:32 - 01026864 _____ ( ) C:\Users\Zucolo\Downloads\Donkey Kong 64 (U).exe
2016-07-08 18:56 - 2016-07-08 18:56 - 00000000 ____D C:\Users\Todos os Usuários\ByteFence
2016-07-08 18:56 - 2016-07-08 18:56 - 00000000 ____D C:\ProgramData\ByteFence
2016-07-08 18:47 - 2016-07-08 18:47 - 00002267 _____ C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2016-07-08 18:46 - 2016-07-08 18:48 - 00000000 ____D C:\Users\Zucolo\AppData\Local\Chromium
2016-07-08 18:46 - 2016-07-08 18:46 - 00003380 _____ C:\Windows\System32\Tasks\ByteFence
2016-07-08 18:45 - 2016-07-08 20:34 - 00000000 ____D C:\Users\Zucolo\AppData\Local\{5A8D6C36-7FDF-0140-14E9-2692C83BDBAC}
2016-07-08 18:45 - 2016-07-08 19:33 - 00002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-07-08 18:45 - 2016-07-08 18:45 - 00003812 _____ C:\Windows\System32\Tasks\foxydeal 1D
2016-07-08 18:45 - 2016-07-08 18:45 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\foxydeal
2016-07-08 18:45 - 2016-07-08 18:45 - 00000000 ____D C:\Users\Todos os Usuários\{3392F6F1-B9D0-7C37-3F16-E275A55469BB}
2016-07-08 18:45 - 2016-07-08 18:45 - 00000000 ____D C:\ProgramData\{3392F6F1-B9D0-7C37-3F16-E275A55469BB}
2016-07-08 18:44 - 2016-07-08 20:50 - 00000000 ____D C:\Program Files\ByteFence
2016-07-08 18:44 - 2016-07-08 19:33 - 00000000 ____D C:\Users\Zucolo\AppData\Local\{5AD06C8C-7E78-0034-13E0-25DC3788D944}
2016-07-08 18:44 - 2016-07-08 18:44 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\foxydeal
2016-07-08 18:42 - 2016-07-08 18:43 - 01038400 _____ ( ) C:\Users\Zucolo\Downloads\Donkey Kong 64.exe
2016-07-08 18:35 - 2016-07-08 18:35 - 03703013 _____ C:\Users\Zucolo\Downloads\Project64 2.1.rar
2016-07-07 14:56 - 2016-07-08 18:58 - 00000001 _____ C:\Windows\SysWOW64\br.html
2016-07-07 02:26 - 2016-07-07 02:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uncheckit
2016-07-07 00:58 - 2016-07-08 12:25 - 00000000 ____D C:\Users\Zucolo\Documents\Bully Scholarship Edition
2016-07-07 00:57 - 2016-07-07 00:57 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
2016-07-07 00:57 - 2016-07-07 00:57 - 00000000 ____D C:\Program Files (x86)\GameVicio
2016-07-07 00:49 - 2016-07-07 00:49 - 00001297 _____ C:\Users\Zucolo\Desktop\Bully. Scholarship Edition.lnk
2016-07-07 00:49 - 2016-07-07 00:49 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Bully. Scholarship Edition
2016-07-07 00:49 - 2016-07-07 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-07-07 00:30 - 2016-07-07 00:30 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2016-07-06 23:41 - 2016-07-06 23:42 - 00736123 _____ (GameVicio Brasil®) C:\Users\Zucolo\Downloads\bully_br[www.gamevicio.com.br].exe
2016-07-06 23:40 - 2016-07-07 00:18 - 2307790848 ____R C:\Users\Zucolo\Downloads\Bully. Scholarship Edition [R.G. Механики].iso
2016-07-06 21:39 - 2016-07-06 21:39 - 00000000 ____D C:\Users\Zucolo\Downloads\SpongeBob SquarePants - The Movie - PS2 (USA)
2016-07-06 21:12 - 2016-07-08 21:32 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.4.0
2016-07-06 21:12 - 2016-07-06 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-07-06 20:59 - 2016-07-06 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2016-07-06 20:59 - 2016-07-06 20:59 - 00000000 ____D C:\Program Files (x86)\THQ
2016-07-06 12:48 - 2016-07-06 12:48 - 00000000 ____D C:\Users\Todos os Usuários\GeoComply
2016-07-06 12:48 - 2016-07-06 12:48 - 00000000 ____D C:\ProgramData\GeoComply
2016-07-04 10:46 - 2016-07-04 10:46 - 00000072 _____ C:\Windows\SysWOW64\EN_173280278.html
2016-07-04 10:46 - 2016-07-04 10:46 - 00000072 _____ C:\Windows\SysWOW64\EN_173278484.html
2016-07-04 10:46 - 2016-07-04 10:46 - 00000072 _____ C:\Windows\SysWOW64\EN_173278266.html
2016-07-04 10:46 - 2016-07-04 10:46 - 00000072 _____ C:\Windows\SysWOW64\EN_173229547.html
2016-07-04 10:46 - 2016-07-04 10:46 - 00000072 _____ C:\Windows\SysWOW64\EN_173228424.html
2016-07-04 10:45 - 2016-07-04 10:45 - 00000072 _____ C:\Windows\SysWOW64\EN_173205601.html
2016-07-04 10:45 - 2016-07-04 10:45 - 00000072 _____ C:\Windows\SysWOW64\EN_173204228.html
2016-07-04 10:45 - 2016-07-04 10:45 - 00000072 _____ C:\Windows\SysWOW64\EN_173194431.html
2016-07-04 10:45 - 2016-07-04 10:45 - 00000072 _____ C:\Windows\SysWOW64\EN_173194041.html
2016-07-04 10:45 - 2016-07-04 10:45 - 00000072 _____ C:\Windows\SysWOW64\EN_173188581.html
2016-07-04 10:45 - 2016-07-04 10:45 - 00000072 _____ C:\Windows\SysWOW64\EN_173188331.html
2016-07-04 10:45 - 2016-07-04 10:45 - 00000000 ____D C:\Users\Todos os Usuários\1winp1
2016-07-04 10:45 - 2016-07-04 10:45 - 00000000 ____D C:\ProgramData\1winp1
2016-07-04 10:44 - 2016-07-04 10:44 - 00000074 _____ C:\Windows\SysWOW64\EN_173165977.html
2016-07-04 10:44 - 2016-07-04 10:44 - 00000072 _____ C:\Windows\SysWOW64\br_173165243.html
2016-07-02 10:55 - 2016-07-02 10:58 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\GT
2016-06-30 14:35 - 2016-07-02 10:17 - 00000000 ____D C:\Users\Zucolo\.aria2
2016-06-30 12:03 - 2016-06-30 12:03 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2016-06-30 12:03 - 2016-06-30 12:03 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2016-06-30 12:03 - 2016-06-30 12:03 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2016-06-30 12:03 - 2016-06-30 12:03 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2016-06-30 12:03 - 2016-06-30 12:03 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-06-29 13:02 - 2016-06-29 13:02 - 00000000 ____D C:\Users\Zucolo\AppData\Local\Junedoor
2016-06-29 05:08 - 2016-07-07 00:48 - 00003470 _____ C:\Windows\System32\Tasks\JunedoorUpdateTaskMachineUA
2016-06-29 05:08 - 2016-07-04 14:45 - 00003468 _____ C:\Windows\System32\Tasks\JunedoorUpdateTaskMachineCore
2016-06-29 05:08 - 2016-06-29 05:08 - 00000000 ____D C:\Users\Todos os Usuários\Junedoor
2016-06-29 05:08 - 2016-06-29 05:08 - 00000000 ____D C:\ProgramData\Junedoor
2016-06-29 05:07 - 2016-06-29 05:08 - 00000000 ____D C:\Program Files (x86)\Junedoor
2016-06-28 05:06 - 2016-06-29 05:08 - 00000000 ____D C:\Users\Public\Documents\chrome
2016-06-28 04:31 - 2016-07-04 10:44 - 00000000 ____D C:\Users\Todos os Usuários\NwinpN
2016-06-28 04:31 - 2016-07-04 10:44 - 00000000 ____D C:\ProgramData\NwinpN
2016-06-24 06:15 - 2016-06-24 06:15 - 00000072 _____ C:\Windows\SysWOW64\EN_115578566.html
2016-06-24 06:15 - 2016-06-24 06:15 - 00000072 _____ C:\Windows\SysWOW64\EN_115576616.html
2016-06-24 06:15 - 2016-06-24 06:15 - 00000072 _____ C:\Windows\SysWOW64\EN_115576226.html
2016-06-24 06:14 - 2016-06-24 06:14 - 00000072 _____ C:\Windows\SysWOW64\EN_115483655.html
2016-06-24 06:14 - 2016-06-24 06:14 - 00000072 _____ C:\Windows\SysWOW64\EN_115483437.html
2016-06-24 06:14 - 2016-06-24 06:14 - 00000072 _____ C:\Windows\SysWOW64\EN_115473000.html
2016-06-24 06:14 - 2016-06-24 06:14 - 00000072 _____ C:\Windows\SysWOW64\EN_115472579.html
2016-06-24 06:13 - 2016-06-24 06:13 - 00000072 _____ C:\Windows\SysWOW64\EN_115445388.html
2016-06-24 06:13 - 2016-06-24 06:13 - 00000072 _____ C:\Windows\SysWOW64\EN_115444452.html
2016-06-24 06:13 - 2016-06-24 06:13 - 00000072 _____ C:\Windows\SysWOW64\EN_115440568.html
2016-06-24 06:13 - 2016-06-24 06:13 - 00000072 _____ C:\Windows\SysWOW64\EN_115440147.html
2016-06-24 06:12 - 2016-07-04 10:44 - 00000000 ____D C:\Windows\SysWOW64\_TSpm
2016-06-24 06:12 - 2016-06-24 06:12 - 04398324 _____ (Update) C:\Windows\SysWOW64\pt3.exe
2016-06-24 06:12 - 2016-06-24 06:12 - 00000072 _____ C:\Windows\SysWOW64\EN_115403096.html
2016-06-24 06:12 - 2016-06-24 06:12 - 00000072 _____ C:\Windows\SysWOW64\EN_115402784.html
2016-06-24 06:12 - 2016-06-24 06:12 - 00000072 _____ C:\Windows\SysWOW64\EN_115393955.html
2016-06-24 06:12 - 2016-06-24 06:12 - 00000072 _____ C:\Windows\SysWOW64\br_115391521.html
2016-06-20 23:31 - 2016-06-20 23:31 - 00000000 ____D C:\Program Files (x86)\llud3mdt
2016-06-17 23:18 - 2016-06-17 23:18 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\NVIDIA
2016-06-17 03:26 - 2016-06-17 03:26 - 00000074 _____ C:\Windows\SysWOW64\br_57736874.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57785125.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57783331.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57783113.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57781491.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57781272.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57776109.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57775906.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57746390.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57746156.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57744144.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57743910.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57737686.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000000 ____D C:\Users\Todos os Usuários\kwinpk
2016-06-17 03:26 - 2016-06-17 03:26 - 00000000 ____D C:\ProgramData\kwinpk
2016-06-12 13:54 - 2016-06-20 10:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-07 08:25 - 2016-05-22 23:41 - 00055056 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2016-06-07 08:25 - 2016-05-19 03:42 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2016-06-07 08:24 - 2016-07-07 02:26 - 00003894 _____ C:\Windows\System32\Tasks\UncheckitUpdateTaskDB
2016-06-07 08:24 - 2016-07-07 02:26 - 00003892 _____ C:\Windows\System32\Tasks\UncheckitUpdateTaskC
2016-06-07 08:24 - 2016-06-24 06:14 - 00000000 ____D C:\Program Files (x86)\qksee
2016-06-07 08:24 - 2016-06-07 08:24 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Elex-tech
2016-06-07 08:23 - 2016-07-08 20:49 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-06-07 04:36 - 2016-06-07 04:36 - 00000072 _____ C:\Windows\SysWOW64\EN_490486159.html
2016-06-07 04:36 - 2016-06-07 04:36 - 00000072 _____ C:\Windows\SysWOW64\EN_490484209.html
2016-06-07 04:36 - 2016-06-07 04:36 - 00000072 _____ C:\Windows\SysWOW64\EN_490483975.html
2016-06-07 04:36 - 2016-06-07 04:36 - 00000072 _____ C:\Windows\SysWOW64\EN_490482010.html
2016-06-07 04:36 - 2016-06-07 04:36 - 00000072 _____ C:\Windows\SysWOW64\EN_490481791.html
2016-06-07 04:35 - 2016-06-07 04:35 - 00000072 _____ C:\Windows\SysWOW64\EN_490451402.html
2016-06-07 04:35 - 2016-06-07 04:35 - 00000072 _____ C:\Windows\SysWOW64\EN_490451122.html
2016-06-07 04:35 - 2016-06-07 04:35 - 00000072 _____ C:\Windows\SysWOW64\EN_490448610.html
2016-06-07 04:35 - 2016-06-07 04:35 - 00000072 _____ C:\Windows\SysWOW64\EN_490448407.html
2016-06-07 04:35 - 2016-06-07 04:35 - 00000000 ____D C:\Users\Todos os Usuários\lwinpl
2016-06-07 04:35 - 2016-06-07 04:35 - 00000000 ____D C:\ProgramData\lwinpl
2016-06-07 04:34 - 2016-06-07 04:34 - 00000072 _____ C:\Windows\SysWOW64\EN_490411076.html
2016-06-07 04:34 - 2016-06-07 04:34 - 00000072 _____ C:\Windows\SysWOW64\EN_490410624.html
2016-06-07 04:34 - 2016-06-07 04:34 - 00000072 _____ C:\Windows\SysWOW64\EN_490380765.html
2016-06-07 04:34 - 2016-06-07 04:34 - 00000072 _____ C:\Windows\SysWOW64\br_490379611.html
2016-06-01 12:36 - 2016-06-01 17:49 - 00000000 ____D C:\Users\Zucolo\Documents\LogoMaker
2016-06-01 12:36 - 2016-06-01 12:36 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\LogoMaker
2016-06-01 12:35 - 2016-06-01 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio V5
2016-06-01 12:33 - 2016-06-01 12:33 - 00000000 ____D C:\Program Files (x86)\Studio V5
2016-06-01 12:21 - 2016-06-01 12:21 - 00262144 ____N C:\Windows\Minidump\060116-28563-01.dmp
2016-05-31 05:34 - 2016-06-07 08:23 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\qksee
2016-05-31 05:34 - 2016-05-31 05:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-05-31 05:34 - 2016-05-31 05:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
2016-05-31 05:33 - 2016-07-08 19:37 - 00000000 ____D C:\Users\Todos os Usuários\Uncheckit
2016-05-31 05:33 - 2016-07-08 19:37 - 00000000 ____D C:\ProgramData\Uncheckit
2016-05-31 05:33 - 2016-07-07 02:26 - 00003876 _____ C:\Windows\System32\Tasks\UncheckitTaskMN
2016-05-31 05:32 - 2016-07-07 02:26 - 00000000 ____D C:\Program Files (x86)\Uncheckit
2016-05-31 05:32 - 2016-06-22 14:11 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\eCyber
2016-05-31 05:31 - 2016-07-04 10:45 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\TSv
2016-05-31 05:31 - 2016-06-27 06:31 - 00000000 ____D C:\Users\Todos os Usuários\uckt
2016-05-31 05:31 - 2016-06-27 06:31 - 00000000 ____D C:\ProgramData\uckt
2016-05-31 05:31 - 2016-06-24 06:13 - 00000000 ____D C:\Program Files (x86)\TData
2016-05-31 05:31 - 2016-05-31 05:31 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Uncheckit
2016-05-31 05:31 - 2016-05-31 05:31 - 00000000 ____D C:\Program Files (x86)\TXQQBrowser
2016-05-29 10:25 - 2016-05-29 10:25 - 00262144 ____N C:\Windows\Minidump\052916-28563-01.dmp
2016-05-22 13:42 - 2016-05-22 13:42 - 00262144 ____N C:\Windows\Minidump\052216-17331-01.dmp
2016-05-17 23:00 - 2016-05-17 23:00 - 00262144 ____N C:\Windows\Minidump\051716-16036-01.dmp
2016-05-16 23:09 - 2016-05-16 23:09 - 00000020 ___SH C:\Users\Mcx1-ZUCOLO-PC\ntuser.ini
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Modelos
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Meus documentos
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Menu Iniciar
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Documents\Minhas músicas
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Documents\Minhas imagens
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Documents\Meus vídeos
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Dados de aplicativos
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Configurações locais
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\AppData\Local\Histórico
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\AppData\Local\Dados de aplicativos
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Ambiente de rede
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Ambiente de impressão
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 ____D C:\Users\Mcx1-ZUCOLO-PC
2016-05-16 23:09 - 2009-07-14 04:45 - 00000000 ____D C:\Users\Mcx1-ZUCOLO-PC\AppData\Roaming\Media Center Programs
2016-05-16 23:08 - 2016-07-08 19:33 - 00000476 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-05-16 23:08 - 2016-07-08 19:33 - 00000476 __RSH C:\ProgramData\ntuser.pol
2016-05-16 17:16 - 2016-05-16 17:16 - 00262144 ____N C:\Windows\Minidump\051616-17768-01.dmp
2016-05-16 07:48 - 2016-05-16 07:48 - 00262144 ____N C:\Windows\Minidump\051616-18548-01.dmp
2016-05-15 10:57 - 2016-05-15 10:57 - 00262144 ____N C:\Windows\Minidump\051516-17893-01.dmp
2016-05-14 20:12 - 2016-05-14 20:12 - 00262144 ____N C:\Windows\Minidump\051416-21200-01.dmp
2016-05-14 11:34 - 2016-05-14 11:34 - 00262144 ____N C:\Windows\Minidump\051416-19484-01.dmp
2016-05-12 14:19 - 2016-05-12 14:19 - 00262144 ____N C:\Windows\Minidump\051216-28579-01.dmp
2016-05-12 14:15 - 2016-05-12 14:15 - 00262144 ____N C:\Windows\Minidump\051216-22448-01.dmp
2016-05-12 10:06 - 2016-05-12 10:06 - 00262144 ____N C:\Windows\Minidump\051216-18127-01.dmp
2016-05-12 10:03 - 2016-05-12 10:03 - 00262144 ____N C:\Windows\Minidump\051216-39312-01.dmp
2016-05-12 10:00 - 2016-05-12 10:00 - 00262144 ____N C:\Windows\Minidump\051216-18454-01.dmp
2016-05-11 14:19 - 2016-05-11 14:19 - 00262144 ____N C:\Windows\Minidump\051116-17222-01.dmp
2016-05-11 12:47 - 2016-05-11 12:47 - 00262144 ____N C:\Windows\Minidump\051116-29780-01.dmp
2016-05-10 13:56 - 2016-05-10 13:56 - 00262144 ____N C:\Windows\Minidump\051016-22230-01.dmp
2016-05-10 10:59 - 2016-05-10 13:56 - 00000000 ____D C:\Users\Zucolo\AppData\Local\FSDART
2016-05-10 10:59 - 2016-05-10 11:08 - 00000000 ____D C:\Users\Todos os Usuários\F-Secure
2016-05-10 10:59 - 2016-05-10 11:08 - 00000000 ____D C:\ProgramData\F-Secure
2016-05-09 10:12 - 2016-05-09 10:12 - 00262144 ____N C:\Windows\Minidump\050916-18252-01.dmp
2016-05-08 11:12 - 2016-05-08 11:12 - 00262144 ____N C:\Windows\Minidump\050816-18829-01.dmp
2016-05-08 10:59 - 2016-05-08 10:59 - 00262144 ____N C:\Windows\Minidump\050816-20155-01.dmp
2016-05-07 17:24 - 2016-05-07 17:24 - 00262144 ____N C:\Windows\Minidump\050716-15163-01.dmp
2016-05-07 12:44 - 2016-05-07 12:44 - 00262144 ____N C:\Windows\Minidump\050716-19968-01.dmp
2016-05-07 10:02 - 2016-05-07 10:02 - 00262144 ____N C:\Windows\Minidump\050716-37206-01.dmp
2016-05-06 16:14 - 2016-05-06 16:14 - 00262144 ____N C:\Windows\Minidump\050616-24694-01.dmp
2016-05-06 00:11 - 2016-05-06 00:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-05-06 00:11 - 2016-05-06 00:11 - 00000000 ____D C:\Program Files\CCleaner
2016-05-05 13:45 - 2016-05-05 13:45 - 00000000 ____D C:\Users\Zucolo\AppData\Local\Mozilla
2016-05-05 13:44 - 2016-07-05 23:46 - 00001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-05 13:44 - 2016-06-20 10:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-27 07:28 - 2016-04-27 07:28 - 00000000 ____D C:\Program Files (x86)\vreXjvX
2016-04-21 08:21 - 2016-04-21 08:21 - 00000000 ____D C:\Program Files (x86)\jIxmRfR
2016-04-14 03:31 - 2016-04-21 08:21 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\WinZiper
2016-04-14 03:30 - 2016-04-14 03:31 - 00000000 ____D C:\Users\Todos os Usuários\ywinpy
2016-04-14 03:30 - 2016-04-14 03:31 - 00000000 ____D C:\ProgramData\ywinpy
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-08 21:28 - 2015-08-21 11:37 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-08 19:15 - 2015-08-21 11:38 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-08 18:47 - 2015-10-10 03:20 - 00000000 ____D C:\Program Files (x86)\SFK
2016-07-08 18:46 - 2015-08-27 01:46 - 00000432 _____ C:\Windows\Tasks\ToolsUpdatePlatform_ScheduledTask.job
2016-07-08 18:46 - 2015-08-26 21:34 - 00000000 ____D C:\Users\Todos os Usuários\ToolsUpdatePlatform
2016-07-08 18:46 - 2015-08-26 21:34 - 00000000 ____D C:\ProgramData\ToolsUpdatePlatform
2016-07-08 18:46 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-08 18:45 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-08 18:44 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-07-08 13:23 - 2015-08-24 13:23 - 00000368 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Zucolo).job
2016-07-07 00:32 - 2015-08-30 13:42 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\uTorrent
2016-07-06 23:38 - 2016-01-19 11:44 - 00000000 ___SD C:\Users\Zucolo\AppData\LocalLow\Temp
2016-07-06 21:32 - 2015-12-16 11:23 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\DAEMON Tools Lite
2016-07-06 21:15 - 2015-12-14 14:26 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-06 21:15 - 2015-12-14 14:26 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-06 20:59 - 2015-08-21 11:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-06 12:47 - 2016-03-06 13:09 - 00000000 ____D C:\Users\Zucolo\AppData\Local\PokerStars
2016-07-05 23:46 - 2015-08-21 02:23 - 00001695 _____ C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-07-05 23:46 - 2015-08-21 02:23 - 00001661 _____ C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-07-05 13:32 - 2009-07-29 13:08 - 00702882 _____ C:\Windows\system32\prfh0416.dat
2016-07-05 13:32 - 2009-07-29 13:08 - 00145668 _____ C:\Windows\system32\prfc0416.dat
2016-07-05 13:32 - 2009-07-14 02:13 - 01626900 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-05 13:32 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-07-05 13:29 - 2015-08-21 19:51 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Skype
2016-07-05 10:45 - 2015-08-21 11:39 - 00002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-05 07:28 - 2015-08-21 19:51 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-07-05 07:28 - 2015-08-21 19:51 - 00000000 ____D C:\ProgramData\Skype
2016-07-04 10:45 - 2015-08-26 21:36 - 00002330 _____ C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk
2016-07-02 10:49 - 2015-08-23 21:13 - 00000000 ____D C:\Windows\Minidump
2016-07-02 10:47 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-02 10:47 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-02 10:41 - 2016-02-19 17:24 - 00000000 ____D C:\Users\Zucolo\AppData\Local\LogMeIn Hamachi
2016-07-02 10:40 - 2015-08-23 23:11 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-07-02 10:40 - 2015-08-23 23:11 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-02 02:45 - 2015-08-30 13:32 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up
2016-07-02 02:23 - 2015-08-30 19:46 - 00000000 ____D C:\Level Up
2016-07-02 02:21 - 2015-08-25 18:55 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-07-02 02:19 - 2015-08-25 18:45 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-01 19:46 - 2015-08-30 13:18 - 00000000 ____D C:\Users\Zucolo\Documents\LevelUp Data
2016-07-01 18:46 - 2015-08-21 11:38 - 00000000 ____D C:\Users\Zucolo\AppData\Local\Deployment
2016-07-01 18:45 - 2015-08-21 20:17 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-07-01 18:42 - 2015-12-15 00:28 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-06-30 14:35 - 2015-08-21 02:21 - 00000000 ____D C:\Users\Zucolo
2016-06-30 11:23 - 2015-12-14 14:33 - 00000000 ____D C:\Users\Zucolo\Documents\Duels of the Planeswalkers Dumps
2016-06-28 11:27 - 2015-12-16 11:28 - 00000000 ____D C:\Program Files (x86)\yessearches-bnd
2016-06-28 04:30 - 2016-03-24 12:30 - 00009430 _____ C:\Windows\System32\Tasks\Browser Updater Task(Core)
2016-06-17 23:17 - 2015-08-21 19:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-17 14:28 - 2015-08-21 11:37 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-17 14:28 - 2015-08-21 11:37 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-17 14:28 - 2015-08-21 11:37 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-17 03:26 - 2016-03-18 00:43 - 00000000 ____D C:\Windows\SysWOW64\_tWm
2016-06-09 17:51 - 2016-03-06 13:06 - 00000000 ____D C:\Program Files (x86)\PokerStars
==================== Arquivos na raiz de alguns diretórios =======
2015-08-26 14:05 - 2015-08-26 14:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-26 21:34 - 2016-03-18 00:45 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Arquivos para serem movidos ou deletados:
====================
C:\Users\Zucolo\AppData\Local\Temp\71432.del
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Alguns arquivos em TEMP:
====================
C:\Users\Zucolo\AppData\Local\Temp\ICReinstall_Donkey Kong 64 (U).exe
C:\Users\Zucolo\AppData\Local\Temp\jre-8u91-windows-au.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-07-07 02:19
==================== Fim de FRST.txt ============================
Executado por Zucolo (administrador) em ZUCOLO-PC (08-07-2016 21:39:21)
Executando a partir de C:\Users\Zucolo\Downloads
Perfis Carregados: Zucolo (Perfis Disponíveis: Zucolo & Mcx1-ZUCOLO-PC)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: "C:\Program Files (x86)\Junedoor\Application\chrome.exe" "%1")
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Winziper Pvt Ltd.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TData.com) C:\Program Files (x86)\TData\TData.exe
() C:\Program Files (x86)\systips\tipssvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\ProgramData\Junedoor\Junedoor.exe
(WFini LIMITED) C:\ProgramData\1winp1\WFini.exe
(tsvr.com) C:\Users\Zucolo\AppData\Roaming\TSv\TSvr.exe
(Qksee Pvt Ltd.) C:\Program Files (x86)\qksee\qkseeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(evangel technology (hk) limited) C:\Program Files (x86)\Uncheckit\UncheckitSvc.exe
(EVANGEL TECHNOLOGY (HK) LIMITED) C:\Program Files (x86)\Uncheckit\UncheckitBsn.exe
(EVANGEL TECHNOLOGY (HK) LIMITED) C:\Program Files (x86)\Uncheckit\cktSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Users\Zucolo\AppData\Local\{5AD06~1\dati.exe
() C:\Users\Zucolo\AppData\Local\Temp\71432.del
() C:\Users\Zucolo\AppData\Local\Temp\71432.del
() C:\Users\Zucolo\AppData\Local\Temp\71432.del
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Users\Zucolo\AppData\Local\{5AD06~1\dati.exe
() C:\Users\Zucolo\AppData\Local\{5A8D6~1\trz25A1.tmp
() C:\Program Files (x86)\PCSX2 1.4.0\pcsx2.exe
(Google Inc.) C:\Program Files (x86)\Junedoor\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 1999-12-31] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-06] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Del550523472] => C:\Users\Zucolo\AppData\Local\Temp\71432.del [567808 2013-04-13] () <===== ATENÇÃO
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-30] (Disc Soft Ltd)
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\...\Run: [Chromium] => c:\users\zucolo\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\...\RunOnce: [Del550523472] => C:\Users\Zucolo\AppData\Local\Temp\71432.del [567808 2013-04-13] () <===== ATENÇÃO
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\...\MountPoints2: D - D:\setup.exe
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\...\MountPoints2: {19a21986-a346-11e5-806d-001e8c096a17} - D:\setup.exe
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\...\MountPoints2: {53212036-405a-11e6-82d4-001e8c096a17} - E:\setup.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-21] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-08-21]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
BootExecute: autocheck autochk aswBoot.exe /M:18b30a72ae55 /wow /dir:"C:\Program Files\AVAST Software\Avast"
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{EAC51A6D-4C5B-405E-8822-CFD14CC4DB61}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449816002&z=c776bac7593dba12f92875bg3z3z4tbbdg6q6e4e2g&from=ient07021&uid=395049983_397233_C0A8047A&q={searchTerms}
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A
HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449816002&z=c776bac7593dba12f92875bg3z3z4tbbdg6q6e4e2g&from=ient07021&uid=395049983_397233_C0A8047A&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
SearchScopes: HKLM-x32 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465284876&z=eff62a34252023b7348d161g6z5q0weo5b9z4b0m5m&from=wpm0607&uid=395049983_397233_C0A8047A&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1392382216-3583813168-2077223590-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1467639904&z=804013c06bf3bb5f53e533dg8zcqemfq5c2t6batew&from=wpm0616&uid=395049983_397233_C0A8047A&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1392382216-3583813168-2077223590-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-1392382216-3583813168-2077223590-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1467639904&z=804013c06bf3bb5f53e533dg8zcqemfq5c2t6batew&from=wpm0616&uid=395049983_397233_C0A8047A&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1392382216-3583813168-2077223590-1000 -> {F0109899-486E-4346-95CE-99BBB7334C3E} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-21] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-12] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-21] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-12] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Zucolo\AppData\Roaming\Mozilla\Firefox\Profiles\o65hlmc7.default
FF NewTab: hxxp://www.nicesearches.com?type=hp&ts=1465887203&from=6b1d0614&uid=395049983_397233_c0a8047a&z=88752c1458c1dc9dc6ed9f2g0z2q3web5b9mfgftet
FF Homepage: hxxp://www.nicesearches.com?type=hp&ts=1465887203&from=6b1d0614&uid=395049983_397233_c0a8047a&z=88752c1458c1dc9dc6ed9f2g0z2q3web5b9mfgftet
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-12] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2010-03-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF user.js: detected! => C:\Users\Zucolo\AppData\Roaming\Mozilla\Firefox\Profiles\o65hlmc7.default\user.js [2016-06-23]
FF SearchPlugin: C:\Users\Zucolo\AppData\Roaming\Mozilla\Firefox\Profiles\o65hlmc7.default\searchplugins\nice.xml [2016-06-23]
FF Extension: xRocket Toolbar - C:\Users\Zucolo\AppData\Roaming\Mozilla\Firefox\Profiles\o65hlmc7.default\extensions\arthurj8283@gmail.com [2016-06-23] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Zucolo\AppData\Roaming\Mozilla\Firefox\Profiles\o65hlmc7.default\extensions\arthurj8283@gmail.com
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: Default -> s.piesearch.com/?type=chhp
CHR StartupUrls: Default -> "hxxp://www.nicesearches.com?type=hp&ts=1462264305&from=86490503&uid=395049983_397233_c0a8047a&z=48ee4791ff4e78c2a6226eeg3z9q1odocqbz2o1t4t"
CHR DefaultSearchURL: Default -> hxxp://www.nicesearches.com/search.php?type=ds&ts=1462264305&from=86490503&uid=395049983_397233_c0a8047a&z=48ee4791ff4e78c2a6226eeg3z9q1odocqbz2o1t4t&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nice
CHR Profile: C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (AdBlock) - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-08]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-24]
CHR Extension: (Search Manager) - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2016-07-08]
CHR Extension: (Gmail) - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-26]
CHR HKLM\...\Chrome\Extension: [ljnfelhdldlokjkohcmjpogkdjgbgjpj] - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljnfelhdldlokjkohcmjpogkdjgbgjpj.crx [2015-10-10]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1392382216-3583813168-2077223590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [ljnfelhdldlokjkohcmjpogkdjgbgjpj] - C:\Users\Zucolo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljnfelhdldlokjkohcmjpogkdjgbgjpj.crx [2015-10-10]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-21] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 cktSvc; C:\Program Files (x86)\Uncheckit\cktSvc.exe [274176 2016-07-05] (EVANGEL TECHNOLOGY (HK) LIMITED)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1368408 2015-11-30] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [243984 2016-03-11] (EasyAntiCheat Ltd)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-08-26] (Hi-Rez Studios) [Arquivo não assinado]
R2 IhPul; C:\Users\Zucolo\AppData\Roaming\TSv\TSvr.exe [475856 2016-07-04] (tsvr.com)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2016-05-22] (Elex do Brasil Participações Ltda)
R2 JunedoorP; C:\ProgramData\Junedoor\Junedoor.exe [424832 2016-06-28] ()
S2 JunedoorU; C:\Program Files (x86)\Junedoor\Update\JunedoorUpdate.exe [589184 2016-06-28] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S2 MustangService_2015_10_10; C:\ProgramData\TempMoudleSet\MustangSer1021.exe [236816 2015-10-09] (MustangService)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3535512 2015-11-29] (INCA Internet Co., Ltd.)
R2 qkseeService; C:\Program Files (x86)\qksee\qkseeSvc.exe [733944 2016-07-03] (Qksee Pvt Ltd.)
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [254264 2016-07-08] ()
S2 server; C:\Program Files (x86)\Window Update\server Update\server.exe [289496 2015-12-10] ()
R2 TDataSvr; C:\Program Files (x86)\TData\TData.exe [137416 2016-06-23] (TData.com)
R2 TipsService; C:\Program Files (x86)\systips\tipssvc.exe [317440 2015-07-06] () [Arquivo não assinado]
R2 UncheckitSvc; C:\Program Files (x86)\Uncheckit\UncheckitSvc.exe [247552 2016-07-05] (evangel technology (hk) limited)
R2 WdMan; C:\ProgramData\1winp1\WFini.exe [562408 2016-07-04] (WFini LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 Winsere; C:\Program Files (x86)\Winsere\Winsere\Winsere.exe [316984 2016-03-23] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [1140856 2016-05-30] (Winziper Pvt Ltd.) <==== ATENÇÃO
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [Arquivo não assinado]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-21] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-12-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [46392 2015-12-16] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-22] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2016-05-22] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-22] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-22] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-22] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2014-04-08] (Realtek Semiconductor Corporation )
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2016-05-05] (SlimWare Utilities, Inc.)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-08 21:39 - 2016-07-08 21:40 - 00025018 _____ C:\Users\Zucolo\Downloads\FRST.txt
2016-07-08 21:39 - 2016-07-08 21:39 - 00000000 ____D C:\FRST
2016-07-08 21:38 - 2016-07-08 21:38 - 02390016 _____ (Farbar) C:\Users\Zucolo\Downloads\FRST64.exe
2016-07-08 21:32 - 2016-07-08 21:32 - 00001943 _____ C:\Users\Public\Desktop\PCSX2 1.4.0.lnk
2016-07-08 21:32 - 2016-07-08 21:32 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-07-08 21:32 - 2016-07-08 21:32 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-07-08 21:30 - 2016-07-08 21:31 - 17837152 _____ C:\Users\Zucolo\Downloads\pcsx2-1.4.0-setup.exe
2016-07-08 19:49 - 2016-07-08 19:49 - 00003480 _____ C:\Windows\System32\Tasks\ByteFence Scan
2016-07-08 19:49 - 2016-07-08 19:49 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
2016-07-08 19:37 - 2016-07-08 19:37 - 27689605 _____ C:\Users\Zucolo\Downloads\Donkey Kong 64 (U).zip
2016-07-08 19:33 - 2016-07-08 19:33 - 00004344 _____ C:\Windows\System32\Tasks\Yahoo! Powered dalos
2016-07-08 19:31 - 2016-07-08 19:32 - 01026864 _____ ( ) C:\Users\Zucolo\Downloads\Donkey Kong 64 (U).exe
2016-07-08 18:56 - 2016-07-08 18:56 - 00000000 ____D C:\Users\Todos os Usuários\ByteFence
2016-07-08 18:56 - 2016-07-08 18:56 - 00000000 ____D C:\ProgramData\ByteFence
2016-07-08 18:47 - 2016-07-08 18:47 - 00002267 _____ C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2016-07-08 18:46 - 2016-07-08 18:48 - 00000000 ____D C:\Users\Zucolo\AppData\Local\Chromium
2016-07-08 18:46 - 2016-07-08 18:46 - 00003380 _____ C:\Windows\System32\Tasks\ByteFence
2016-07-08 18:45 - 2016-07-08 20:34 - 00000000 ____D C:\Users\Zucolo\AppData\Local\{5A8D6C36-7FDF-0140-14E9-2692C83BDBAC}
2016-07-08 18:45 - 2016-07-08 19:33 - 00002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-07-08 18:45 - 2016-07-08 18:45 - 00003812 _____ C:\Windows\System32\Tasks\foxydeal 1D
2016-07-08 18:45 - 2016-07-08 18:45 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\foxydeal
2016-07-08 18:45 - 2016-07-08 18:45 - 00000000 ____D C:\Users\Todos os Usuários\{3392F6F1-B9D0-7C37-3F16-E275A55469BB}
2016-07-08 18:45 - 2016-07-08 18:45 - 00000000 ____D C:\ProgramData\{3392F6F1-B9D0-7C37-3F16-E275A55469BB}
2016-07-08 18:44 - 2016-07-08 20:50 - 00000000 ____D C:\Program Files\ByteFence
2016-07-08 18:44 - 2016-07-08 19:33 - 00000000 ____D C:\Users\Zucolo\AppData\Local\{5AD06C8C-7E78-0034-13E0-25DC3788D944}
2016-07-08 18:44 - 2016-07-08 18:44 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\foxydeal
2016-07-08 18:42 - 2016-07-08 18:43 - 01038400 _____ ( ) C:\Users\Zucolo\Downloads\Donkey Kong 64.exe
2016-07-08 18:35 - 2016-07-08 18:35 - 03703013 _____ C:\Users\Zucolo\Downloads\Project64 2.1.rar
2016-07-07 14:56 - 2016-07-08 18:58 - 00000001 _____ C:\Windows\SysWOW64\br.html
2016-07-07 02:26 - 2016-07-07 02:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uncheckit
2016-07-07 00:58 - 2016-07-08 12:25 - 00000000 ____D C:\Users\Zucolo\Documents\Bully Scholarship Edition
2016-07-07 00:57 - 2016-07-07 00:57 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
2016-07-07 00:57 - 2016-07-07 00:57 - 00000000 ____D C:\Program Files (x86)\GameVicio
2016-07-07 00:49 - 2016-07-07 00:49 - 00001297 _____ C:\Users\Zucolo\Desktop\Bully. Scholarship Edition.lnk
2016-07-07 00:49 - 2016-07-07 00:49 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Bully. Scholarship Edition
2016-07-07 00:49 - 2016-07-07 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-07-07 00:30 - 2016-07-07 00:30 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2016-07-06 23:41 - 2016-07-06 23:42 - 00736123 _____ (GameVicio Brasil®) C:\Users\Zucolo\Downloads\bully_br[www.gamevicio.com.br].exe
2016-07-06 23:40 - 2016-07-07 00:18 - 2307790848 ____R C:\Users\Zucolo\Downloads\Bully. Scholarship Edition [R.G. Механики].iso
2016-07-06 21:39 - 2016-07-06 21:39 - 00000000 ____D C:\Users\Zucolo\Downloads\SpongeBob SquarePants - The Movie - PS2 (USA)
2016-07-06 21:12 - 2016-07-08 21:32 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.4.0
2016-07-06 21:12 - 2016-07-06 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-07-06 20:59 - 2016-07-06 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2016-07-06 20:59 - 2016-07-06 20:59 - 00000000 ____D C:\Program Files (x86)\THQ
2016-07-06 12:48 - 2016-07-06 12:48 - 00000000 ____D C:\Users\Todos os Usuários\GeoComply
2016-07-06 12:48 - 2016-07-06 12:48 - 00000000 ____D C:\ProgramData\GeoComply
2016-07-04 10:46 - 2016-07-04 10:46 - 00000072 _____ C:\Windows\SysWOW64\EN_173280278.html
2016-07-04 10:46 - 2016-07-04 10:46 - 00000072 _____ C:\Windows\SysWOW64\EN_173278484.html
2016-07-04 10:46 - 2016-07-04 10:46 - 00000072 _____ C:\Windows\SysWOW64\EN_173278266.html
2016-07-04 10:46 - 2016-07-04 10:46 - 00000072 _____ C:\Windows\SysWOW64\EN_173229547.html
2016-07-04 10:46 - 2016-07-04 10:46 - 00000072 _____ C:\Windows\SysWOW64\EN_173228424.html
2016-07-04 10:45 - 2016-07-04 10:45 - 00000072 _____ C:\Windows\SysWOW64\EN_173205601.html
2016-07-04 10:45 - 2016-07-04 10:45 - 00000072 _____ C:\Windows\SysWOW64\EN_173204228.html
2016-07-04 10:45 - 2016-07-04 10:45 - 00000072 _____ C:\Windows\SysWOW64\EN_173194431.html
2016-07-04 10:45 - 2016-07-04 10:45 - 00000072 _____ C:\Windows\SysWOW64\EN_173194041.html
2016-07-04 10:45 - 2016-07-04 10:45 - 00000072 _____ C:\Windows\SysWOW64\EN_173188581.html
2016-07-04 10:45 - 2016-07-04 10:45 - 00000072 _____ C:\Windows\SysWOW64\EN_173188331.html
2016-07-04 10:45 - 2016-07-04 10:45 - 00000000 ____D C:\Users\Todos os Usuários\1winp1
2016-07-04 10:45 - 2016-07-04 10:45 - 00000000 ____D C:\ProgramData\1winp1
2016-07-04 10:44 - 2016-07-04 10:44 - 00000074 _____ C:\Windows\SysWOW64\EN_173165977.html
2016-07-04 10:44 - 2016-07-04 10:44 - 00000072 _____ C:\Windows\SysWOW64\br_173165243.html
2016-07-02 10:55 - 2016-07-02 10:58 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\GT
2016-06-30 14:35 - 2016-07-02 10:17 - 00000000 ____D C:\Users\Zucolo\.aria2
2016-06-30 12:03 - 2016-06-30 12:03 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2016-06-30 12:03 - 2016-06-30 12:03 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2016-06-30 12:03 - 2016-06-30 12:03 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2016-06-30 12:03 - 2016-06-30 12:03 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2016-06-30 12:03 - 2016-06-30 12:03 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-06-29 13:02 - 2016-06-29 13:02 - 00000000 ____D C:\Users\Zucolo\AppData\Local\Junedoor
2016-06-29 05:08 - 2016-07-07 00:48 - 00003470 _____ C:\Windows\System32\Tasks\JunedoorUpdateTaskMachineUA
2016-06-29 05:08 - 2016-07-04 14:45 - 00003468 _____ C:\Windows\System32\Tasks\JunedoorUpdateTaskMachineCore
2016-06-29 05:08 - 2016-06-29 05:08 - 00000000 ____D C:\Users\Todos os Usuários\Junedoor
2016-06-29 05:08 - 2016-06-29 05:08 - 00000000 ____D C:\ProgramData\Junedoor
2016-06-29 05:07 - 2016-06-29 05:08 - 00000000 ____D C:\Program Files (x86)\Junedoor
2016-06-28 05:06 - 2016-06-29 05:08 - 00000000 ____D C:\Users\Public\Documents\chrome
2016-06-28 04:31 - 2016-07-04 10:44 - 00000000 ____D C:\Users\Todos os Usuários\NwinpN
2016-06-28 04:31 - 2016-07-04 10:44 - 00000000 ____D C:\ProgramData\NwinpN
2016-06-24 06:15 - 2016-06-24 06:15 - 00000072 _____ C:\Windows\SysWOW64\EN_115578566.html
2016-06-24 06:15 - 2016-06-24 06:15 - 00000072 _____ C:\Windows\SysWOW64\EN_115576616.html
2016-06-24 06:15 - 2016-06-24 06:15 - 00000072 _____ C:\Windows\SysWOW64\EN_115576226.html
2016-06-24 06:14 - 2016-06-24 06:14 - 00000072 _____ C:\Windows\SysWOW64\EN_115483655.html
2016-06-24 06:14 - 2016-06-24 06:14 - 00000072 _____ C:\Windows\SysWOW64\EN_115483437.html
2016-06-24 06:14 - 2016-06-24 06:14 - 00000072 _____ C:\Windows\SysWOW64\EN_115473000.html
2016-06-24 06:14 - 2016-06-24 06:14 - 00000072 _____ C:\Windows\SysWOW64\EN_115472579.html
2016-06-24 06:13 - 2016-06-24 06:13 - 00000072 _____ C:\Windows\SysWOW64\EN_115445388.html
2016-06-24 06:13 - 2016-06-24 06:13 - 00000072 _____ C:\Windows\SysWOW64\EN_115444452.html
2016-06-24 06:13 - 2016-06-24 06:13 - 00000072 _____ C:\Windows\SysWOW64\EN_115440568.html
2016-06-24 06:13 - 2016-06-24 06:13 - 00000072 _____ C:\Windows\SysWOW64\EN_115440147.html
2016-06-24 06:12 - 2016-07-04 10:44 - 00000000 ____D C:\Windows\SysWOW64\_TSpm
2016-06-24 06:12 - 2016-06-24 06:12 - 04398324 _____ (Update) C:\Windows\SysWOW64\pt3.exe
2016-06-24 06:12 - 2016-06-24 06:12 - 00000072 _____ C:\Windows\SysWOW64\EN_115403096.html
2016-06-24 06:12 - 2016-06-24 06:12 - 00000072 _____ C:\Windows\SysWOW64\EN_115402784.html
2016-06-24 06:12 - 2016-06-24 06:12 - 00000072 _____ C:\Windows\SysWOW64\EN_115393955.html
2016-06-24 06:12 - 2016-06-24 06:12 - 00000072 _____ C:\Windows\SysWOW64\br_115391521.html
2016-06-20 23:31 - 2016-06-20 23:31 - 00000000 ____D C:\Program Files (x86)\llud3mdt
2016-06-17 23:18 - 2016-06-17 23:18 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\NVIDIA
2016-06-17 03:26 - 2016-06-17 03:26 - 00000074 _____ C:\Windows\SysWOW64\br_57736874.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57785125.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57783331.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57783113.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57781491.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57781272.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57776109.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57775906.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57746390.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57746156.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57744144.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57743910.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000072 _____ C:\Windows\SysWOW64\EN_57737686.html
2016-06-17 03:26 - 2016-06-17 03:26 - 00000000 ____D C:\Users\Todos os Usuários\kwinpk
2016-06-17 03:26 - 2016-06-17 03:26 - 00000000 ____D C:\ProgramData\kwinpk
2016-06-12 13:54 - 2016-06-20 10:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-07 08:25 - 2016-05-22 23:41 - 00055056 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2016-06-07 08:25 - 2016-05-19 03:42 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2016-06-07 08:24 - 2016-07-07 02:26 - 00003894 _____ C:\Windows\System32\Tasks\UncheckitUpdateTaskDB
2016-06-07 08:24 - 2016-07-07 02:26 - 00003892 _____ C:\Windows\System32\Tasks\UncheckitUpdateTaskC
2016-06-07 08:24 - 2016-06-24 06:14 - 00000000 ____D C:\Program Files (x86)\qksee
2016-06-07 08:24 - 2016-06-07 08:24 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Elex-tech
2016-06-07 08:23 - 2016-07-08 20:49 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-06-07 04:36 - 2016-06-07 04:36 - 00000072 _____ C:\Windows\SysWOW64\EN_490486159.html
2016-06-07 04:36 - 2016-06-07 04:36 - 00000072 _____ C:\Windows\SysWOW64\EN_490484209.html
2016-06-07 04:36 - 2016-06-07 04:36 - 00000072 _____ C:\Windows\SysWOW64\EN_490483975.html
2016-06-07 04:36 - 2016-06-07 04:36 - 00000072 _____ C:\Windows\SysWOW64\EN_490482010.html
2016-06-07 04:36 - 2016-06-07 04:36 - 00000072 _____ C:\Windows\SysWOW64\EN_490481791.html
2016-06-07 04:35 - 2016-06-07 04:35 - 00000072 _____ C:\Windows\SysWOW64\EN_490451402.html
2016-06-07 04:35 - 2016-06-07 04:35 - 00000072 _____ C:\Windows\SysWOW64\EN_490451122.html
2016-06-07 04:35 - 2016-06-07 04:35 - 00000072 _____ C:\Windows\SysWOW64\EN_490448610.html
2016-06-07 04:35 - 2016-06-07 04:35 - 00000072 _____ C:\Windows\SysWOW64\EN_490448407.html
2016-06-07 04:35 - 2016-06-07 04:35 - 00000000 ____D C:\Users\Todos os Usuários\lwinpl
2016-06-07 04:35 - 2016-06-07 04:35 - 00000000 ____D C:\ProgramData\lwinpl
2016-06-07 04:34 - 2016-06-07 04:34 - 00000072 _____ C:\Windows\SysWOW64\EN_490411076.html
2016-06-07 04:34 - 2016-06-07 04:34 - 00000072 _____ C:\Windows\SysWOW64\EN_490410624.html
2016-06-07 04:34 - 2016-06-07 04:34 - 00000072 _____ C:\Windows\SysWOW64\EN_490380765.html
2016-06-07 04:34 - 2016-06-07 04:34 - 00000072 _____ C:\Windows\SysWOW64\br_490379611.html
2016-06-01 12:36 - 2016-06-01 17:49 - 00000000 ____D C:\Users\Zucolo\Documents\LogoMaker
2016-06-01 12:36 - 2016-06-01 12:36 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\LogoMaker
2016-06-01 12:35 - 2016-06-01 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio V5
2016-06-01 12:33 - 2016-06-01 12:33 - 00000000 ____D C:\Program Files (x86)\Studio V5
2016-06-01 12:21 - 2016-06-01 12:21 - 00262144 ____N C:\Windows\Minidump\060116-28563-01.dmp
2016-05-31 05:34 - 2016-06-07 08:23 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\qksee
2016-05-31 05:34 - 2016-05-31 05:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-05-31 05:34 - 2016-05-31 05:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
2016-05-31 05:33 - 2016-07-08 19:37 - 00000000 ____D C:\Users\Todos os Usuários\Uncheckit
2016-05-31 05:33 - 2016-07-08 19:37 - 00000000 ____D C:\ProgramData\Uncheckit
2016-05-31 05:33 - 2016-07-07 02:26 - 00003876 _____ C:\Windows\System32\Tasks\UncheckitTaskMN
2016-05-31 05:32 - 2016-07-07 02:26 - 00000000 ____D C:\Program Files (x86)\Uncheckit
2016-05-31 05:32 - 2016-06-22 14:11 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\eCyber
2016-05-31 05:31 - 2016-07-04 10:45 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\TSv
2016-05-31 05:31 - 2016-06-27 06:31 - 00000000 ____D C:\Users\Todos os Usuários\uckt
2016-05-31 05:31 - 2016-06-27 06:31 - 00000000 ____D C:\ProgramData\uckt
2016-05-31 05:31 - 2016-06-24 06:13 - 00000000 ____D C:\Program Files (x86)\TData
2016-05-31 05:31 - 2016-05-31 05:31 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Uncheckit
2016-05-31 05:31 - 2016-05-31 05:31 - 00000000 ____D C:\Program Files (x86)\TXQQBrowser
2016-05-29 10:25 - 2016-05-29 10:25 - 00262144 ____N C:\Windows\Minidump\052916-28563-01.dmp
2016-05-22 13:42 - 2016-05-22 13:42 - 00262144 ____N C:\Windows\Minidump\052216-17331-01.dmp
2016-05-17 23:00 - 2016-05-17 23:00 - 00262144 ____N C:\Windows\Minidump\051716-16036-01.dmp
2016-05-16 23:09 - 2016-05-16 23:09 - 00000020 ___SH C:\Users\Mcx1-ZUCOLO-PC\ntuser.ini
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Modelos
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Meus documentos
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Menu Iniciar
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Documents\Minhas músicas
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Documents\Minhas imagens
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Documents\Meus vídeos
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Dados de aplicativos
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Configurações locais
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\AppData\Local\Histórico
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\AppData\Local\Dados de aplicativos
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Ambiente de rede
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 _SHDL C:\Users\Mcx1-ZUCOLO-PC\Ambiente de impressão
2016-05-16 23:09 - 2016-05-16 23:09 - 00000000 ____D C:\Users\Mcx1-ZUCOLO-PC
2016-05-16 23:09 - 2009-07-14 04:45 - 00000000 ____D C:\Users\Mcx1-ZUCOLO-PC\AppData\Roaming\Media Center Programs
2016-05-16 23:08 - 2016-07-08 19:33 - 00000476 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-05-16 23:08 - 2016-07-08 19:33 - 00000476 __RSH C:\ProgramData\ntuser.pol
2016-05-16 17:16 - 2016-05-16 17:16 - 00262144 ____N C:\Windows\Minidump\051616-17768-01.dmp
2016-05-16 07:48 - 2016-05-16 07:48 - 00262144 ____N C:\Windows\Minidump\051616-18548-01.dmp
2016-05-15 10:57 - 2016-05-15 10:57 - 00262144 ____N C:\Windows\Minidump\051516-17893-01.dmp
2016-05-14 20:12 - 2016-05-14 20:12 - 00262144 ____N C:\Windows\Minidump\051416-21200-01.dmp
2016-05-14 11:34 - 2016-05-14 11:34 - 00262144 ____N C:\Windows\Minidump\051416-19484-01.dmp
2016-05-12 14:19 - 2016-05-12 14:19 - 00262144 ____N C:\Windows\Minidump\051216-28579-01.dmp
2016-05-12 14:15 - 2016-05-12 14:15 - 00262144 ____N C:\Windows\Minidump\051216-22448-01.dmp
2016-05-12 10:06 - 2016-05-12 10:06 - 00262144 ____N C:\Windows\Minidump\051216-18127-01.dmp
2016-05-12 10:03 - 2016-05-12 10:03 - 00262144 ____N C:\Windows\Minidump\051216-39312-01.dmp
2016-05-12 10:00 - 2016-05-12 10:00 - 00262144 ____N C:\Windows\Minidump\051216-18454-01.dmp
2016-05-11 14:19 - 2016-05-11 14:19 - 00262144 ____N C:\Windows\Minidump\051116-17222-01.dmp
2016-05-11 12:47 - 2016-05-11 12:47 - 00262144 ____N C:\Windows\Minidump\051116-29780-01.dmp
2016-05-10 13:56 - 2016-05-10 13:56 - 00262144 ____N C:\Windows\Minidump\051016-22230-01.dmp
2016-05-10 10:59 - 2016-05-10 13:56 - 00000000 ____D C:\Users\Zucolo\AppData\Local\FSDART
2016-05-10 10:59 - 2016-05-10 11:08 - 00000000 ____D C:\Users\Todos os Usuários\F-Secure
2016-05-10 10:59 - 2016-05-10 11:08 - 00000000 ____D C:\ProgramData\F-Secure
2016-05-09 10:12 - 2016-05-09 10:12 - 00262144 ____N C:\Windows\Minidump\050916-18252-01.dmp
2016-05-08 11:12 - 2016-05-08 11:12 - 00262144 ____N C:\Windows\Minidump\050816-18829-01.dmp
2016-05-08 10:59 - 2016-05-08 10:59 - 00262144 ____N C:\Windows\Minidump\050816-20155-01.dmp
2016-05-07 17:24 - 2016-05-07 17:24 - 00262144 ____N C:\Windows\Minidump\050716-15163-01.dmp
2016-05-07 12:44 - 2016-05-07 12:44 - 00262144 ____N C:\Windows\Minidump\050716-19968-01.dmp
2016-05-07 10:02 - 2016-05-07 10:02 - 00262144 ____N C:\Windows\Minidump\050716-37206-01.dmp
2016-05-06 16:14 - 2016-05-06 16:14 - 00262144 ____N C:\Windows\Minidump\050616-24694-01.dmp
2016-05-06 00:11 - 2016-05-06 00:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-05-06 00:11 - 2016-05-06 00:11 - 00000000 ____D C:\Program Files\CCleaner
2016-05-05 13:45 - 2016-05-05 13:45 - 00000000 ____D C:\Users\Zucolo\AppData\Local\Mozilla
2016-05-05 13:44 - 2016-07-05 23:46 - 00001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-05 13:44 - 2016-06-20 10:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-27 07:28 - 2016-04-27 07:28 - 00000000 ____D C:\Program Files (x86)\vreXjvX
2016-04-21 08:21 - 2016-04-21 08:21 - 00000000 ____D C:\Program Files (x86)\jIxmRfR
2016-04-14 03:31 - 2016-04-21 08:21 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\WinZiper
2016-04-14 03:30 - 2016-04-14 03:31 - 00000000 ____D C:\Users\Todos os Usuários\ywinpy
2016-04-14 03:30 - 2016-04-14 03:31 - 00000000 ____D C:\ProgramData\ywinpy
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-08 21:28 - 2015-08-21 11:37 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-08 19:15 - 2015-08-21 11:38 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-08 18:47 - 2015-10-10 03:20 - 00000000 ____D C:\Program Files (x86)\SFK
2016-07-08 18:46 - 2015-08-27 01:46 - 00000432 _____ C:\Windows\Tasks\ToolsUpdatePlatform_ScheduledTask.job
2016-07-08 18:46 - 2015-08-26 21:34 - 00000000 ____D C:\Users\Todos os Usuários\ToolsUpdatePlatform
2016-07-08 18:46 - 2015-08-26 21:34 - 00000000 ____D C:\ProgramData\ToolsUpdatePlatform
2016-07-08 18:46 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-08 18:45 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-08 18:44 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-07-08 13:23 - 2015-08-24 13:23 - 00000368 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Zucolo).job
2016-07-07 00:32 - 2015-08-30 13:42 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\uTorrent
2016-07-06 23:38 - 2016-01-19 11:44 - 00000000 ___SD C:\Users\Zucolo\AppData\LocalLow\Temp
2016-07-06 21:32 - 2015-12-16 11:23 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\DAEMON Tools Lite
2016-07-06 21:15 - 2015-12-14 14:26 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-06 21:15 - 2015-12-14 14:26 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-06 20:59 - 2015-08-21 11:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-06 12:47 - 2016-03-06 13:09 - 00000000 ____D C:\Users\Zucolo\AppData\Local\PokerStars
2016-07-05 23:46 - 2015-08-21 02:23 - 00001695 _____ C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-07-05 23:46 - 2015-08-21 02:23 - 00001661 _____ C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-07-05 13:32 - 2009-07-29 13:08 - 00702882 _____ C:\Windows\system32\prfh0416.dat
2016-07-05 13:32 - 2009-07-29 13:08 - 00145668 _____ C:\Windows\system32\prfc0416.dat
2016-07-05 13:32 - 2009-07-14 02:13 - 01626900 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-05 13:32 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-07-05 13:29 - 2015-08-21 19:51 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Skype
2016-07-05 10:45 - 2015-08-21 11:39 - 00002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-05 07:28 - 2015-08-21 19:51 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-07-05 07:28 - 2015-08-21 19:51 - 00000000 ____D C:\ProgramData\Skype
2016-07-04 10:45 - 2015-08-26 21:36 - 00002330 _____ C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk
2016-07-02 10:49 - 2015-08-23 21:13 - 00000000 ____D C:\Windows\Minidump
2016-07-02 10:47 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-02 10:47 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-02 10:41 - 2016-02-19 17:24 - 00000000 ____D C:\Users\Zucolo\AppData\Local\LogMeIn Hamachi
2016-07-02 10:40 - 2015-08-23 23:11 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-07-02 10:40 - 2015-08-23 23:11 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-02 02:45 - 2015-08-30 13:32 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up
2016-07-02 02:23 - 2015-08-30 19:46 - 00000000 ____D C:\Level Up
2016-07-02 02:21 - 2015-08-25 18:55 - 00000000 ____D C:\Users\Zucolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-07-02 02:19 - 2015-08-25 18:45 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-01 19:46 - 2015-08-30 13:18 - 00000000 ____D C:\Users\Zucolo\Documents\LevelUp Data
2016-07-01 18:46 - 2015-08-21 11:38 - 00000000 ____D C:\Users\Zucolo\AppData\Local\Deployment
2016-07-01 18:45 - 2015-08-21 20:17 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-07-01 18:42 - 2015-12-15 00:28 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-06-30 14:35 - 2015-08-21 02:21 - 00000000 ____D C:\Users\Zucolo
2016-06-30 11:23 - 2015-12-14 14:33 - 00000000 ____D C:\Users\Zucolo\Documents\Duels of the Planeswalkers Dumps
2016-06-28 11:27 - 2015-12-16 11:28 - 00000000 ____D C:\Program Files (x86)\yessearches-bnd
2016-06-28 04:30 - 2016-03-24 12:30 - 00009430 _____ C:\Windows\System32\Tasks\Browser Updater Task(Core)
2016-06-17 23:17 - 2015-08-21 19:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-17 14:28 - 2015-08-21 11:37 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-17 14:28 - 2015-08-21 11:37 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-17 14:28 - 2015-08-21 11:37 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-17 03:26 - 2016-03-18 00:43 - 00000000 ____D C:\Windows\SysWOW64\_tWm
2016-06-09 17:51 - 2016-03-06 13:06 - 00000000 ____D C:\Program Files (x86)\PokerStars
==================== Arquivos na raiz de alguns diretórios =======
2015-08-26 14:05 - 2015-08-26 14:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-26 21:34 - 2016-03-18 00:45 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Arquivos para serem movidos ou deletados:
====================
C:\Users\Zucolo\AppData\Local\Temp\71432.del
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Alguns arquivos em TEMP:
====================
C:\Users\Zucolo\AppData\Local\Temp\ICReinstall_Donkey Kong 64 (U).exe
C:\Users\Zucolo\AppData\Local\Temp\jre-8u91-windows-au.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-07-07 02:19
==================== Fim de FRST.txt ============================