cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 20-08-2016
Executado por Carlos (administrador) em CARLOS-PC (20-08-2016 15:48:14)
Executando a partir de C:\Users\Carlos\Downloads
Perfis Carregados: Carlos (Perfis Disponíveis: Carlos)
Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimDrivers\SlimDrivers.exe
(Zbshareware Lab) C:\Program Files\USB Disk Security\USBGuard.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Windows\System32\hale.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nota Inc.) C:\Program Files\Gyazo\GyStation.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\slui.exe
(Corel Corporation) C:\Program Files\Corel\CorelDRAW Graphics Suite X6\Programs\CorelDRW.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\Carlos\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\Carlos\AppData\Roaming\uTorrent\updates\3.4.8_42501\utorrentie.exe
(BitTorrent Inc.) C:\Users\Carlos\AppData\Roaming\uTorrent\updates\3.4.8_42501\utorrentie.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [USB Antivirus] => C:\Program Files\USB Disk Security\USBGuard.exe [811008 2009-09-12] (Zbshareware Lab)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-08-08] (AVAST Software)
HKLM\...\Run: [Chew7Hale] => C:\Windows\System32\hale.exe [2169856 2015-02-03] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12111576 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [PRODUCTUPDATER] => C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2016-03-03] ()
HKU\S-1-5-21-1183247494-3874134512-3139305522-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1183247494-3874134512-3139305522-1000\...\Run: [Gyazo] => C:\Program Files\Gyazo\GyStation.exe [3582240 2016-06-13] (Nota Inc.)
HKU\S-1-5-21-1183247494-3874134512-3139305522-1000\...\Run: [Chromium] => c:\users\carlos\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1183247494-3874134512-3139305522-1000\...\MountPoints2: {64e0ff87-2e78-11e5-89b9-e81132a43dc4} - F:\Setup.exe
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Carlos\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Carlos\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Carlos\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-06-30] (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{388E2FD6-EF52-4FDB-9072-1B14F3BEB7E8}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{4763F32C-870D-4B6E-AFAF-271088B99C90}: [NameServer] 77.234.40.79

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_32¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztCtCtAtB0AyEtA0D0CyE0CyDyC0EtN0D0Tzu0StCyCzzyCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0FtC0D0FyDtD0CtGtCyBtAzztGyB0E0FyBtGtAzz0A0FtGtBtCyDyCtByByDtDyEtD0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztA0DtAzytD0B0EtGtDyD0AtCtGyEtD0B0DtGzy0EyEtDtGyE0D0DtBzyyBtA0D0CyCyE0B2QtN0A0LzuyE%26cr%3D2068029012%26a%3Dwbf_ir_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447719176&from=mych123&uid=samsungxhm641ji_s26xj9eb719739&z=14dfd83b2819bef91a23e6bg5z3zdm6m9g9t2g4m2b
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447719176&from=mych123&uid=samsungxhm641ji_s26xj9eb719739&z=14dfd83b2819bef91a23e6bg5z3zdm6m9g9t2g4m2b
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447719176&from=mych123&uid=samsungxhm641ji_s26xj9eb719739&z=14dfd83b2819bef91a23e6bg5z3zdm6m9g9t2g4m2b
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447719176&from=mych123&uid=samsungxhm641ji_s26xj9eb719739&z=14dfd83b2819bef91a23e6bg5z3zdm6m9g9t2g4m2b
HKU\S-1-5-21-1183247494-3874134512-3139305522-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1183247494-3874134512-3139305522-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_32¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztCtCtAtB0AyEtA0D0CyE0CyDyC0EtN0D0Tzu0StCyCzzyCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0FtC0D0FyDtD0CtGtCyBtAzztGyB0E0FyBtGtAzz0A0FtGtBtCyDyCtByByDtDyEtD0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztA0DtAzytD0B0EtGtDyD0AtCtGyEtD0B0DtGzy0EyEtDtGyE0D0DtBzyyBtA0D0CyCyE0B2QtN0A0LzuyE%26cr%3D2068029012%26a%3Dwbf_ir_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-1183247494-3874134512-3139305522-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztCtCtAtB0AyEtA0D0CyE0CyDyC0EtN0D0Tzu0StCyCzzyCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0FtC0D0FyDtD0CtGtCyBtAzztGyB0E0FyBtGtAzz0A0FtGtBtCyDyCtByByDtDyEtD0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztA0DtAzytD0B0EtGtDyD0AtCtGyEtD0B0DtGzy0EyEtDtGyE0D0DtBzyyBtA0D0CyCyE0B2QtN0A0LzuyE%26cr%3D2068029012%26a%3Dwbf_ir_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447719176&from=zzgbkk123&uid=samsungxhm641ji_s26xj9eb719739&z=14dfd83b2819bef91a23e6bg5z3zdm6m9g9t2g4m2b&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztCtCtAtB0AyEtA0D0CyE0CyDyC0EtN0D0Tzu0StCyCzzyCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0FtC0D0FyDtD0CtGtCyBtAzztGyB0E0FyBtGtAzz0A0FtGtBtCyDyCtByByDtDyEtD0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztA0DtAzytD0B0EtGtDyD0AtCtGyEtD0B0DtGzy0EyEtDtGyE0D0DtBzyyBtA0D0CyCyE0B2QtN0A0LzuyE%26cr%3D2068029012%26a%3Dwbf_ir_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1183247494-3874134512-3139305522-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztCtCtAtB0AyEtA0D0CyE0CyDyC0EtN0D0Tzu0StCyCzzyCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0FtC0D0FyDtD0CtGtCyBtAzztGyB0E0FyBtGtAzz0A0FtGtBtCyDyCtByByDtDyEtD0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztA0DtAzytD0B0EtGtDyD0AtCtGyEtD0B0DtGzy0EyEtDtGyE0D0DtBzyyBtA0D0CyCyE0B2QtN0A0LzuyE%26cr%3D2068029012%26a%3Dwbf_ir_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1183247494-3874134512-3139305522-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1183247494-3874134512-3139305522-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447719176&from=zzgbkk123&uid=samsungxhm641ji_s26xj9eb719739&z=14dfd83b2819bef91a23e6bg5z3zdm6m9g9t2g4m2b&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1183247494-3874134512-3139305522-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={2A21A22D-6200-4FB7-8AA3-04AD85BF6FEE}&mid=4070daa2d1d247cc9cfc39587440d437-c024d2b5a6676d7014176f1b52ad2311e46ae8c7&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0616avz&pr=fr&d=2016-03-01 16:08:15&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1183247494-3874134512-3139305522-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_32¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztCtCtAtB0AyEtA0D0CyE0CyDyC0EtN0D0Tzu0StCyCzzyCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0FtC0D0FyDtD0CtGtCyBtAzztGyB0E0FyBtGtAzz0A0FtGtBtCyDyCtByByDtDyEtD0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztA0DtAzytD0B0EtGtDyD0AtCtGyEtD0B0DtGzy0EyEtDtGyE0D0DtBzyyBtA0D0CyCyE0B2QtN0A0LzuyE%26cr%3D2068029012%26a%3Dwbf_ir_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-28] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-30] (AVAST Software)
BHO: Sem Nome -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Nenhum Arquivo
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-28] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\s8yexaew.default
FF SelectedSearchEngine: Yahoo! Powered
FF Homepage: hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_32¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztCtCtAtB0AyEtA0D0CyE0CyDyC0EtN0D0Tzu0StCyCzzyCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0FtC0D0FyDtD0CtGtCyBtAzztGyB0E0FyBtGtAzz0A0FtGtBtCyDyCtByByDtDyEtD0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztA0DtAzytD0B0EtGtDyD0AtCtGyEtD0B0DtGzy0EyEtDtGyE0D0DtBzyyBtA0D0CyCyE0B2QtN0A0LzuyE%26cr%3D2068029012%26a%3Dwbf_ir_16_32%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
FF DefaultSearchUrl: hxxps://www.google.com/search?bcutc=sp-006
FF NewTab: about:newtab
FF DefaultSearchEngine: Yahoo! Powered
FF SearchEngineOrder.1: Google
FF Keyword.URL: user_pref("keyword.URL", true);
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.1\\npsitesafety.dll [Nenhum Arquivo]
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [1999-12-31] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [1999-12-31] (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF SearchPlugin: C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\s8yexaew.default\searchplugins\avg-secure-search.xml [2016-06-09]
FF SearchPlugin: C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\s8yexaew.default\searchplugins\google-avast.xml [2016-07-09]
FF SearchPlugin: C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\s8yexaew.default\searchplugins\istartsurf.xml [2015-08-30]
FF SearchPlugin: C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\s8yexaew.default\searchplugins\yahoo! powered.xml [2016-08-13]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\buscape.xml [2015-02-22]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-02-22]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-06-09]
FF Extension: AVG Web TuneUp - C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\s8yexaew.default\Extensions\avg@toolbar.xpi [2016-06-09]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-03]
FF HKLM\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\s8yexaew.default\extensions\defsearchp@gmail.com => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\s8yexaew.default\extensions\deskCutv2@gmail.com => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\s8yexaew.default\extensions\default_newtabff@gmail.com => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-03]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: Profile 1 -> mysearch.avg.com/?rvt=1
CHR StartupUrls: Profile 1 -> "hxxps://www.google.com.br/"
CHR Profile: C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-02-04]
CHR Extension: (YouTube) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (iClic) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdheemmmofkcnmjpfgjefmacenlklncp [2015-10-28]
CHR Extension: (Google Search) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Hola - Proxy livre VPN) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-11-06]
CHR Extension: (Avast Online Security) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-02]
CHR Extension: (Hedgehog in the fog) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\haocganpkafanhkfldbbmhcpaelmkejg [2015-03-14]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Gmail) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Canvas Rider) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2015-05-08]
CHR Profile: C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (PicMonkey) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm [2016-06-08]
CHR Extension: (Avast Online Security) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-25]
CHR Extension: (Blue/Green Cubes) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iipbjjaibkibpabddphfcgbngfhhfkml [2016-03-01]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-26]
CHR HKLM\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1183247494-3874134512-3139305522-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1183247494-3874134512-3139305522-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-30] (AVAST Software)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [890128 2016-06-21] (AVG Technologies CZ, s.r.o.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 1999-12-31] (Intel Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd)
R3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [595968 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [642520 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 1999-12-31] (Intel Corporation)
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [254264 2016-08-13] ()
R3 sppuinotify; C:\Windows\system32\sppuinotify.dll [53760 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
S3 AvgAMPS; "C:\Program Files\AVG\Av\avgamps.exe" [X]
S2 AVGIDSAgent; "C:\Program Files\AVG\Av\avgidsagent.exe" [X]
S2 avgwd; "C:\Program Files\AVG\Av\avgwdsvcx.exe" [X]
S2 TuneUp.UtilitiesSvc; "C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe" [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-06-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-06-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91680 2016-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-06-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [816304 2016-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [438296 2016-07-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118152 2016-06-30] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38984 2015-02-04] (The OpenVPN Project)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224616 2016-08-05] (AVAST Software)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2239488 2012-04-19] (Qualcomm Atheros Communications, Inc.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [255744 2016-06-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [201472 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [212736 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [191744 2016-06-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [217344 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\Windows\System32\DRIVERS\avgunivx.sys [65280 2016-06-01] (AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25016 2015-07-13] (Disc Soft Ltd)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [489832 2013-11-21] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24424 2013-11-21] (Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [86488 1999-12-31] (Intel Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [11232 2016-08-19] ()
S3 TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-08-20 15:48 - 2016-08-20 15:49 - 00028318 _____ C:\Users\Carlos\Downloads\FRST.txt
2016-08-20 15:47 - 2016-08-20 15:48 - 00000000 ____D C:\FRST
2016-08-20 15:46 - 2016-08-20 15:46 - 01745920 _____ (Farbar) C:\Users\Carlos\Downloads\FRST.exe
2016-08-20 15:40 - 2016-08-20 15:44 - 00002488 _____ C:\Users\Carlos\Downloads\FSS.txt
2016-08-20 15:33 - 2016-08-20 15:34 - 00899584 _____ (Farbar) C:\Users\Carlos\Downloads\FSS.exe
2016-08-20 13:25 - 2016-08-20 13:25 - 00248946 _____ C:\Users\Carlos\Downloads\Install JDownloader.rar
2016-08-20 13:14 - 2016-08-20 13:15 - 00000000 ____D C:\Users\Carlos\AppData\LocalLow\uTorrent
2016-08-20 13:14 - 2016-08-20 13:14 - 00002615 _____ C:\Users\Carlos\Desktop\µTorrent.lnk
2016-08-20 13:14 - 2016-08-20 13:14 - 00002615 _____ C:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-08-20 13:11 - 2016-08-20 13:11 - 02369536 _____ (BitTorrent Inc.) C:\Users\Carlos\Downloads\uTorrent (1).exe
2016-08-19 16:27 - 2016-08-19 16:29 - 00000042 _____ C:\Users\Carlos\Downloads\VMA 2016.txt
2016-08-19 00:19 - 2016-08-19 00:18 - 02370560 _____ (BitTorrent Inc.) C:\Users\Carlos\Downloads\Baixaki_utorrent.exe
2016-08-18 10:49 - 2016-08-18 10:50 - 00000108 _____ C:\Users\Carlos\Downloads\Argumentos para usar com preconceituosos de merda.txt
2016-08-16 18:17 - 2016-08-20 14:36 - 00001787 _____ C:\Users\Public\Desktop\No Man's Sky.lnk
2016-08-16 18:17 - 2016-08-16 18:17 - 00000000 ____D C:\Users\Carlos\AppData\Roaming\HelloGames
2016-08-16 18:17 - 2016-08-16 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-08-16 18:13 - 2016-08-16 18:13 - 00000000 ____D C:\GOG Games
2016-08-16 18:02 - 2016-08-20 14:29 - 00000000 ____D C:\Users\Carlos\Downloads\No Man’s Sky
2016-08-13 23:32 - 2016-08-13 23:32 - 00000000 ____D C:\Users\Carlos\Downloads\Dirty cops Dante Martin and James Huntsman prison fuck PIR@TE
2016-08-13 23:31 - 2016-08-13 23:31 - 00028186 _____ C:\Users\Carlos\Downloads\02020A1A8A38A17DA6A47A8739421EA5772D57B4.torrent
2016-08-13 13:30 - 2016-08-13 13:30 - 00000000 ____D C:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
2016-08-13 12:38 - 2016-08-13 12:38 - 00000000 ____D C:\Users\Todos os Usuários\ByteFence
2016-08-13 12:38 - 2016-08-13 12:38 - 00000000 ____D C:\ProgramData\ByteFence
2016-08-13 12:31 - 2016-08-13 12:31 - 00002237 _____ C:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2016-08-13 12:30 - 2016-08-13 12:31 - 00000000 ____D C:\Users\Carlos\AppData\Local\chromium
2016-08-13 12:30 - 2016-08-13 12:30 - 00000000 ____D C:\Program Files\Tribo Gamer
2016-08-13 12:27 - 2016-08-20 15:27 - 00000980 _____ C:\Windows\Tasks\Yahoo! Powered metas.job
2016-08-13 12:27 - 2016-08-19 21:32 - 00000000 ____D C:\Users\Todos os Usuários\{F28637E5-78C4-BD23-FE02-23616440A8AF}
2016-08-13 12:27 - 2016-08-19 21:32 - 00000000 ____D C:\ProgramData\{F28637E5-78C4-BD23-FE02-23616440A8AF}
2016-08-13 12:27 - 2016-08-13 12:27 - 00002412 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-08-13 12:27 - 2016-08-13 12:27 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-08-13 12:27 - 2016-08-13 12:27 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-08-13 12:27 - 2016-08-13 12:27 - 00000000 ____D C:\Users\Carlos\AppData\Local\{9B99AD22-BECB-C054-D5FD-E786092F1AB8}
2016-08-13 12:26 - 2016-08-13 14:01 - 00000000 ____D C:\Program Files\ByteFence
2016-08-13 12:26 - 2016-08-13 12:31 - 00000000 ____D C:\Users\Carlos\AppData\Local\{9BC4AD98-BF6C-C120-D2F4-E4C8F69C1850}
2016-08-13 12:24 - 2016-08-13 12:25 - 00992080 _____ (Dopud ) C:\Users\Carlos\Downloads\sod_lifeline_br-v.exe
2016-08-11 17:44 - 2016-08-11 17:45 - 00000000 ____D C:\Users\Carlos\Downloads\[Gay]Goodbye Kisses
2016-08-04 12:45 - 2016-08-04 12:45 - 00000000 ____D C:\Users\Carlos\AppData\Local\SKIDROW
2016-08-04 12:31 - 2016-08-04 12:31 - 00002255 _____ C:\Users\Public\Desktop\State of Decay - Lifeline.lnk
2016-08-04 12:31 - 2016-08-04 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Studios
2016-08-04 12:26 - 2016-08-04 12:26 - 00000000 ____D C:\Program Files\Microsoft Studios
2016-08-04 12:15 - 2016-08-13 12:27 - 00000000 ____D C:\Users\Carlos\Downloads\StateoDeLifeline
2016-08-04 01:59 - 2016-08-08 01:47 - 00384770 _____ C:\Windows\system32\perfh00D.dat
2016-08-04 01:59 - 2016-08-08 01:47 - 00084746 _____ C:\Windows\system32\perfc00D.dat
2016-08-04 01:59 - 2016-08-04 01:56 - 00229316 _____ C:\Windows\system32\perfi00D.dat
2016-08-04 01:59 - 2016-08-04 01:56 - 00032166 _____ C:\Windows\system32\perfd00D.dat
2016-08-04 01:57 - 2016-08-04 01:57 - 00000000 ____D C:\Windows\system32\he
2016-08-04 01:09 - 2016-08-08 01:47 - 00732472 _____ C:\Windows\system32\perfh010.dat
2016-08-04 01:09 - 2016-08-08 01:47 - 00146834 _____ C:\Windows\system32\perfc010.dat
2016-08-04 01:09 - 2016-08-04 01:06 - 00335478 _____ C:\Windows\system32\perfi010.dat
2016-08-04 01:09 - 2016-08-04 01:06 - 00037534 _____ C:\Windows\system32\perfd010.dat
2016-08-04 01:07 - 2016-08-04 01:07 - 00000000 ____D C:\Windows\system32\0410
2016-08-04 01:06 - 2016-08-04 01:06 - 00000000 ____D C:\Windows\system32\it
2016-08-04 00:17 - 2016-08-04 00:24 - 00000000 ____D C:\Users\Carlos\Downloads\IGG-StateoDeLifeline
2016-08-03 23:56 - 2016-08-03 23:56 - 00000406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Messenger Center.lnk
2016-08-03 23:56 - 2016-08-03 23:56 - 00000406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Center.lnk
2016-08-03 23:55 - 2016-08-08 01:47 - 00420850 _____ C:\Windows\system32\perfh012.dat
2016-08-03 23:55 - 2016-08-08 01:47 - 00120372 _____ C:\Windows\system32\perfc012.dat
2016-08-03 23:55 - 2016-08-03 23:50 - 00157694 _____ C:\Windows\system32\perfi012.dat
2016-08-03 23:55 - 2016-08-03 23:50 - 00031548 _____ C:\Windows\system32\perfd012.dat
2016-08-03 23:54 - 2016-08-03 23:54 - 00000000 ____D C:\Windows\{52D4CC20-4BED-4462-BAA8-32AA22B7BCDE}
2016-08-03 23:50 - 2016-08-03 23:50 - 00000000 ____D C:\Windows\system32\ko
2016-08-03 23:33 - 2016-08-08 01:47 - 00738142 _____ C:\Windows\system32\perfh00C.dat
2016-08-03 23:33 - 2016-08-08 01:47 - 00149568 _____ C:\Windows\system32\perfc00C.dat
2016-08-03 23:33 - 2016-08-03 23:29 - 00344522 _____ C:\Windows\system32\perfi00C.dat
2016-08-03 23:33 - 2016-08-03 23:29 - 00038160 _____ C:\Windows\system32\perfd00C.dat
2016-08-03 23:30 - 2016-08-03 23:30 - 00000000 ____D C:\Windows\system32\fr
2016-08-03 23:30 - 2016-08-03 23:30 - 00000000 ____D C:\Windows\system32\040C
2016-08-03 23:13 - 2016-08-08 01:47 - 00661266 _____ C:\Windows\system32\perfh005.dat
2016-08-03 23:13 - 2016-08-08 01:47 - 00141414 _____ C:\Windows\system32\perfc005.dat
2016-08-03 23:13 - 2016-08-03 23:10 - 00292004 _____ C:\Windows\system32\perfi005.dat
2016-08-03 23:13 - 2016-08-03 23:10 - 00036232 _____ C:\Windows\system32\perfd005.dat
2016-08-03 23:11 - 2016-08-03 23:11 - 00000000 ____D C:\Windows\system32\cs
2016-08-03 22:48 - 2016-08-08 01:47 - 00473928 _____ C:\Windows\system32\perfh00B.dat
2016-08-03 22:48 - 2016-08-08 01:47 - 00101508 _____ C:\Windows\system32\perfc00B.dat
2016-08-03 22:48 - 2016-08-03 22:45 - 00279790 _____ C:\Windows\system32\perfi00B.dat
2016-08-03 22:48 - 2016-08-03 22:45 - 00038258 _____ C:\Windows\system32\perfd00B.dat
2016-08-03 22:46 - 2016-08-03 22:46 - 00000000 ____D C:\Windows\system32\fi
2016-08-03 21:39 - 2016-08-04 12:09 - 00000000 ___RD C:\Users\Carlos\Documents\MEGA
2016-08-03 21:38 - 2016-08-08 01:47 - 00689634 _____ C:\Windows\system32\perfh007.dat
2016-08-03 21:38 - 2016-08-08 01:47 - 00149104 _____ C:\Windows\system32\perfc007.dat
2016-08-03 21:38 - 2016-08-03 21:33 - 00295922 _____ C:\Windows\system32\perfi007.dat
2016-08-03 21:38 - 2016-08-03 21:33 - 00038104 _____ C:\Windows\system32\perfd007.dat
2016-08-03 21:35 - 2016-08-03 21:35 - 00000000 ____D C:\Windows\system32\0407
2016-08-03 21:34 - 2016-08-03 21:34 - 00000000 ____D C:\Windows\system32\de
2016-08-03 21:29 - 2016-08-03 21:29 - 00000000 ____D C:\Users\Carlos\AppData\Local\Mega Limited
2016-08-03 17:57 - 2016-08-03 17:57 - 00000000 ____D C:\Users\Carlos\Documents\KentuckyRouteZero
2016-08-03 17:12 - 2009-10-09 23:57 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2016-08-03 15:55 - 2010-08-21 02:36 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-03 15:51 - 2015-11-20 01:22 - 00000000 ____D C:\Users\Carlos\Downloads\Right Click to Necromance
2016-07-31 23:06 - 2010-06-21 23:47 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-07-31 23:06 - 2010-06-21 23:47 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-07-31 23:06 - 2010-06-21 23:47 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-07-31 23:06 - 2010-04-07 04:10 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-07-31 23:06 - 2010-03-08 18:33 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-31 23:06 - 2010-02-27 04:32 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-07-31 23:06 - 2010-02-27 04:32 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-07-31 23:06 - 2010-02-27 04:32 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-07-31 23:06 - 2009-12-29 03:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-07-31 23:06 - 2009-12-02 05:17 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-31 23:06 - 2009-09-26 02:58 - 00194488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-07-31 22:39 - 2010-10-16 01:36 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-07-31 22:37 - 2010-01-09 03:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2016-07-28 17:28 - 2016-07-28 17:28 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\Sun
2016-07-28 17:28 - 2016-07-28 17:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Sun
2016-07-28 17:28 - 2016-07-28 17:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Sun
2016-07-27 01:08 - 2016-07-27 01:08 - 00000000 ____D C:\Users\Todos os Usuários\LumaEmu_SteamCloud
2016-07-27 01:08 - 2016-07-27 01:08 - 00000000 ____D C:\ProgramData\LumaEmu_SteamCloud
2016-07-27 01:00 - 2016-07-27 01:00 - 00000000 ___SH C:\Users\Carlos\AppData\Local\LumaEmu
2016-07-27 00:35 - 2016-07-27 00:36 - 00000314 _____ C:\Users\Carlos\Downloads\Donald Trump lixoso.txt
2016-07-23 14:20 - 2016-07-23 14:20 - 274697211 _____ C:\Users\Carlos\Downloads\The PinkPrint Tour part 1.mp4
2016-07-21 10:38 - 2016-07-21 10:40 - 44841071 _____ C:\Users\Carlos\Downloads\Drake - One Dance Live On SNL ft Wizkid Kyla.mp4
2016-07-21 10:34 - 2016-07-21 10:36 - 37809033 _____ C:\Users\Carlos\Downloads\Drake - Hype Live On SNL.mp4
2016-07-19 01:00 - 2016-07-19 01:00 - 00000000 ____D C:\Users\Carlos\AppData\Roaming\Gyazo
2016-07-19 00:59 - 2016-07-21 00:59 - 00000000 ____D C:\Program Files\Gyazo
2016-07-19 00:59 - 2016-07-19 00:59 - 00000953 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk
2016-07-19 00:59 - 2016-07-19 00:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2016-07-17 12:49 - 2016-07-17 12:49 - 00000000 ____D C:\Windows\pss
2016-07-17 11:32 - 2016-07-17 11:32 - 00001235 _____ C:\Users\Carlos\Desktop\Revo Uninstaller.lnk
2016-07-17 11:32 - 2016-07-17 11:32 - 00000000 ____D C:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-07-17 11:32 - 2016-07-17 11:32 - 00000000 ____D C:\Program Files\VS Revo Group
2016-07-17 11:31 - 2016-07-17 11:31 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Carlos\Downloads\revosetup.exe
2016-07-17 00:21 - 2016-07-17 00:21 - 00000000 ____D C:\Program Files\Legendas-3.5
2016-07-17 00:21 - 2016-03-05 14:24 - 00000000 ____D C:\Users\Carlos\Downloads\Legendas35
2016-07-14 19:01 - 2016-07-14 19:02 - 00000000 ____D C:\Users\Carlos\Downloads\LIMBO Game
2016-07-14 09:51 - 2016-07-14 09:51 - 19527360 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2016-07-09 22:40 - 2016-07-09 22:40 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-07-09 22:30 - 2016-07-09 23:09 - 00000000 ____D C:\Users\Carlos\AppData\Roaming\WeatherChickn
2016-07-09 22:26 - 2016-07-31 22:32 - 00000000 ____D C:\Program Files\WeatherChickn
2016-07-09 22:24 - 2016-07-09 22:25 - 00000000 ____D C:\Program Files\4501ddf0e565c3d1bda1c0ddc6ebfac3
2016-07-09 22:24 - 2016-07-09 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Social2Sea
2016-07-08 10:44 - 2016-07-08 10:44 - 00102559 _____ C:\Windows\8879ebd50aac4d3a96271781f9c6237e.exe
2016-07-07 15:43 - 2016-06-25 12:43 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2016-07-03 12:36 - 2016-06-30 23:35 - 00319248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-07-01 11:25 - 2016-07-01 11:27 - 00000000 ____D C:\Users\Carlos\AppData\Roaming\Audacity
2016-07-01 11:25 - 2016-07-01 11:25 - 00000000 ____D C:\Users\Carlos\AppData\Local\Audacity
2016-06-30 23:36 - 2016-06-30 23:36 - 00921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
2016-06-30 23:35 - 2016-06-30 23:35 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-30 23:29 - 2016-07-01 21:37 - 00000000 ____D C:\Users\Carlos\Desktop\festa junina
2016-06-25 12:56 - 2016-06-25 14:24 - 882671271 _____ C:\Users\Carlos\Downloads\13 Lemonade Film.m4v
2016-06-10 00:48 - 2016-06-10 00:48 - 00002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-06-10 00:48 - 2016-06-01 15:13 - 00049936 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2016-06-10 00:48 - 2016-06-01 15:05 - 00039696 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2016-06-10 00:39 - 2016-06-10 00:39 - 03135696 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Carlos\Downloads\AVG_PCTuneUp_890.exe
2016-06-09 10:40 - 2016-06-09 10:40 - 00000000 ____D C:\Windows\system32\vbox
2016-06-09 08:03 - 2016-06-09 08:03 - 00255744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2016-06-02 15:04 - 2016-06-02 15:04 - 00191744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys
2016-06-01 21:30 - 2016-06-01 21:35 - 115824344 _____ (chengdu Everimaging.Inc) C:\Users\Carlos\Downloads\Fotor_Win32%2664_3.0.0.152.exe
2016-06-01 13:29 - 2016-06-01 13:29 - 00217344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdix.sys
2016-06-01 13:29 - 2016-06-01 13:29 - 00212736 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx86.sys
2016-06-01 13:28 - 2016-06-01 13:28 - 00201472 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidshx.sys
2016-06-01 13:28 - 2016-06-01 13:28 - 00065280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgunivx.sys
2016-06-01 13:16 - 2016-06-01 13:16 - 00047360 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx86.sys
2016-05-31 11:11 - 2016-05-31 11:11 - 00000000 ____D C:\Users\Carlos\Documents\Minhas paletas
2016-05-28 22:45 - 2016-05-28 22:45 - 00000000 ____D C:\Program Files\Apple Software Update
2016-05-27 14:04 - 2016-05-27 16:00 - 00000000 ____D C:\Users\Carlos\Downloads\Versos de um Crime (2014) BRRip 720p HD Dublado
2016-05-23 13:08 - 2016-05-23 13:08 - 00001002 _____ C:\Users\Carlos\Desktop\PhotoScape.lnk
2016-05-23 13:08 - 2016-05-23 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2016-05-23 13:07 - 2016-05-23 13:08 - 00000000 ____D C:\Program Files\PhotoScape

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-08-20 15:47 - 2015-02-18 11:48 - 00000000 ____D C:\Users\Carlos\AppData\Roaming\uTorrent
2016-08-20 15:22 - 2015-02-03 14:00 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-20 15:16 - 2009-07-14 01:34 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-20 15:16 - 2009-07-14 01:34 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-20 13:15 - 2016-03-11 17:47 - 00000000 ___SD C:\Users\Carlos\AppData\LocalLow\Temp
2016-08-19 17:27 - 2015-02-03 13:59 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-19 00:06 - 2015-02-17 14:05 - 00011232 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2016-08-19 00:06 - 2015-02-17 14:05 - 00000388 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2016-08-19 00:06 - 2015-02-03 14:05 - 00000000 ____D C:\Users\Carlos\AppData\Local\Adobe
2016-08-19 00:00 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-16 18:20 - 2009-07-14 01:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-13 23:55 - 2015-08-05 21:54 - 00000000 ____D C:\Users\Carlos\Downloads\FILMES
2016-08-13 12:30 - 2015-07-15 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tribo Gamer
2016-08-13 12:26 - 2009-07-13 23:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-08-10 13:43 - 2015-02-07 21:35 - 00000000 ____D C:\Windows\system32\MRT
2016-08-10 12:29 - 2015-02-07 21:35 - 144884648 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-08 18:22 - 2015-02-05 14:36 - 00000000 ____D C:\Users\Carlos\Desktop\Musica
2016-08-08 16:12 - 2015-02-03 14:00 - 00002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-08 16:12 - 2015-02-03 14:00 - 00002166 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-08 01:47 - 2015-02-03 13:51 - 06626402 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-08 01:47 - 2009-07-17 15:48 - 00706306 _____ C:\Windows\system32\prfh0416.dat
2016-08-08 01:47 - 2009-07-17 15:48 - 00147644 _____ C:\Windows\system32\prfc0416.dat
2016-08-08 01:47 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\NDF
2016-08-08 01:47 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-08-07 10:47 - 2009-07-14 01:53 - 00032570 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-08-06 18:39 - 2015-09-10 06:44 - 00000000 ____D C:\Users\Carlos\Downloads\Universe.Sandbox.2.Alpha.15.1
2016-08-05 12:38 - 2015-02-03 14:14 - 00224616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-08-04 17:11 - 2016-04-14 14:41 - 00000000 ____D C:\Users\Carlos\Desktop\fotinhas
2016-08-04 12:07 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\et-EE
2016-08-04 11:30 - 2016-03-26 22:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-04 01:57 - 2009-07-17 15:47 - 00000000 ____D C:\Windows\system32\XPSViewer
2016-08-04 01:57 - 2009-07-14 04:50 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-04 01:57 - 2009-07-14 01:56 - 00000000 ____D C:\Windows\system32\winrm
2016-08-04 01:57 - 2009-07-14 01:56 - 00000000 ____D C:\Windows\system32\WCN
2016-08-04 01:57 - 2009-07-14 01:52 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-08-04 01:57 - 2009-07-14 01:52 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-08-04 01:57 - 2009-07-14 01:52 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-04 01:57 - 2009-07-14 01:52 - 00000000 ____D C:\Program Files\DVD Maker
2016-08-04 01:57 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\sysprep
2016-08-04 01:57 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\oobe
2016-08-04 01:57 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\MUI
2016-08-04 01:57 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\migwiz
2016-08-04 01:57 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\Dism
2016-08-04 01:57 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\servicing
2016-08-04 01:57 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-08-04 01:57 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\IME
2016-08-04 01:57 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\System
2016-08-04 01:33 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\rescache
2016-08-04 01:07 - 2009-07-14 01:56 - 00000000 ____D C:\Windows\system32\slmgr
2016-08-04 01:07 - 2009-07-14 01:56 - 00000000 ____D C:\Windows\DigitalLocker
2016-08-04 01:07 - 2009-07-14 01:52 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-08-04 01:07 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\Setup
2016-08-04 01:06 - 2009-07-14 01:56 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-08-04 01:06 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\com
2016-07-28 18:10 - 2015-02-18 15:05 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-28 18:10 - 2015-02-18 15:05 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-28 17:28 - 2016-03-13 01:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-28 17:22 - 2015-02-03 13:59 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-26 14:24 - 2015-02-03 14:08 - 00406184 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-25 13:12 - 2015-08-30 00:23 - 00000000 ____D C:\Users\Carlos\.oracle_jre_usage
2016-07-25 13:09 - 2015-08-30 00:22 - 00000000 ____D C:\Program Files\Java

==================== Arquivos na raiz de alguns diretórios =======

2016-07-27 01:00 - 2016-07-27 01:00 - 0000000 ___SH () C:\Users\Carlos\AppData\Local\LumaEmu
2015-02-17 14:30 - 2015-02-17 14:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-30 14:35 - 2015-10-12 23:25 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Alguns arquivos em TEMP:
====================
C:\Users\Carlos\AppData\Local\Temp\131161839658177674.exe
C:\Users\Carlos\AppData\Local\Temp\13116183973637601046.exe
C:\Users\Carlos\AppData\Local\Temp\i4jdel0.exe
C:\Users\Carlos\AppData\Local\Temp\ICReinstall_13116183973637601046.exe
C:\Users\Carlos\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Carlos\AppData\Local\Temp\proxy_vole1438284116565606221.dll
C:\Users\Carlos\AppData\Local\Temp\{92FD9E29-130D-4731-BA46-6F34C1243B3A}-52.0.2743.116_51.0.2704.103_chrome_updater.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe
[2009-07-13 20:37] - [2009-07-13 22:14] - 0285696 ____A (Microsoft Corporation) 1562571D6B1541098E677C3BB78709A0

C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll
[2009-07-13 20:24] - [2009-07-13 22:16] - 0811520 ____A (Microsoft Corporation) 85AEB26057AAC125EEC1425305F86960

C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-04-15 16:25

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité