cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 07-12-2016
Executado por Luiz (administrador) em LUIZ-PC (12-12-2016 20:25:23)
Executando a partir de C:\Users\Luiz\Downloads
Perfis Carregados: Luiz (Perfis Disponíveis: Luiz)
Platform: Windows 7 Professional (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: "C:\Program Files (x86)\Coldold\Application\chrome.exe" "%1")
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Qksee Pvt Ltd.) C:\Program Files (x86)\qksee\qkseeSvc.exe
(ExWzp Pvt Ltd.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(EVANGEL TECHNOLOGY (HK) LIMITED) C:\Program Files (x86)\Uncheckit\cktSvc.exe
() C:\Users\Luiz\AppData\Roaming\cficf\UvConverter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Trend Corp.) C:\Users\Luiz\AppData\Roaming\setup1\TSvr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\InterHop\InterHop.exe
() C:\Program Files (x86)\GrassSoft\Macro Expert\MacroService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
() C:\Program Files (x86)\GrassSoft\Macro Expert\MacroServiceWnd.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(evangel technology (hk) limited) C:\Program Files (x86)\Uncheckit\UncheckitSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(EVANGEL TECHNOLOGY (HK) LIMITED) C:\Program Files (x86)\Uncheckit\UncheckitBsn.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\Luiz\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Luiz\AppData\Roaming\Spotify\Spotify.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Spotify Ltd) C:\Users\Luiz\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Spotify Ltd) C:\Users\Luiz\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Luiz\AppData\Roaming\Spotify\Spotify.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(hxxp://www.amule.org/) C:\Program Files (x86)\amuleC\ed2k.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Coldold\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Coldold\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Coldold\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Coldold\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Coldold\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Coldold\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Coldold\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Coldold\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Coldold\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Users\Luiz\Downloads\vc_redist.x86.exe
(Microsoft Corporation) C:\Users\Luiz\AppData\Local\Temp\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}\.be\VC_redist.x86.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsMap.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsShld.exe

==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8461528 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [719272 2015-04-02] (McAfee, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKU\S-1-5-21-154130239-2606723808-3142729235-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-09] (Valve Corporation)
HKU\S-1-5-21-154130239-2606723808-3142729235-1000\...\Run: [Spotify Web Helper] => C:\Users\Luiz\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-09] (Spotify Ltd)
HKU\S-1-5-21-154130239-2606723808-3142729235-1000\...\Run: [Spotify] => C:\Users\Luiz\AppData\Roaming\Spotify\Spotify.exe [7095408 2016-12-09] (Spotify Ltd)
HKU\S-1-5-21-154130239-2606723808-3142729235-1000\...\Run: [uTorrent] => C:\Users\Luiz\AppData\Roaming\uTorrent\updates\3.4.9_42973.exe [2145984 2016-11-27] (BitTorrent Inc.)
HKU\S-1-5-21-154130239-2606723808-3142729235-1000\...\MountPoints2: {77743e47-da6f-11e5-a744-806e6f6e6963} - D:\setup.exe
IFEO\MRT.exe: [Debugger] C:\Program Files (x86)\WinZipper\ucp~5017616\Gubed.exe -Yrrehs
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-11-06]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2296B047-CFD1-4479-95CF-F5B6848D74CF}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1466511984&z=a2e981ad24df6cac978ea52g3zbqeq0w9g2g2t0b8t&from=wpm0616&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1466511984&z=a2e981ad24df6cac978ea52g3zbqeq0w9g2g2t0b8t&from=wpm0616&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1465908706&z=de3138bbaa24d05ad01b3d9gcz1q2wdt2efb7maefm&from=wpm0614&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1465908706&z=de3138bbaa24d05ad01b3d9gcz1q2wdt2efb7maefm&from=wpm0614&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1466511984&z=a2e981ad24df6cac978ea52g3zbqeq0w9g2g2t0b8t&from=wpm0616&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1466511984&z=a2e981ad24df6cac978ea52g3zbqeq0w9g2g2t0b8t&from=wpm0616&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465908706&z=de3138bbaa24d05ad01b3d9gcz1q2wdt2efb7maefm&from=wpm0614&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465908706&z=de3138bbaa24d05ad01b3d9gcz1q2wdt2efb7maefm&from=wpm0614&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4&q={searchTerms}
HKU\S-1-5-21-154130239-2606723808-3142729235-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1466511984&z=a2e981ad24df6cac978ea52g3zbqeq0w9g2g2t0b8t&from=wpm0616&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4
HKU\S-1-5-21-154130239-2606723808-3142729235-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
HKU\S-1-5-21-154130239-2606723808-3142729235-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1466511984&z=a2e981ad24df6cac978ea52g3zbqeq0w9g2g2t0b8t&from=wpm0616&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465908706&z=de3138bbaa24d05ad01b3d9gcz1q2wdt2efb7maefm&from=wpm0614&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465908706&z=de3138bbaa24d05ad01b3d9gcz1q2wdt2efb7maefm&from=wpm0614&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465908706&z=de3138bbaa24d05ad01b3d9gcz1q2wdt2efb7maefm&from=wpm0614&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465908706&z=de3138bbaa24d05ad01b3d9gcz1q2wdt2efb7maefm&from=wpm0614&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4&q={searchTerms}
SearchScopes: HKU\S-1-5-21-154130239-2606723808-3142729235-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465908706&z=de3138bbaa24d05ad01b3d9gcz1q2wdt2efb7maefm&from=wpm0614&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4&q={searchTerms}
SearchScopes: HKU\S-1-5-21-154130239-2606723808-3142729235-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465908706&z=de3138bbaa24d05ad01b3d9gcz1q2wdt2efb7maefm&from=wpm0614&uid=ST1000DM003-1ER162_Z4Y4GGS4XXXXZ4Y4GGS4&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02] (Intel Security)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02] (Intel Security)
Toolbar: HKU\S-1-5-21-154130239-2606723808-3142729235-1000 -> Sem Nome - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - Nenhum Arquivo
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-04-07] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-04-07] (McAfee, Inc.)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-08-06]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-02-23] [não assinado]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [1999-12-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [1999-12-31] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2016-02-29] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.nicesearches.com?type=hp&ts=1477309891&from=e2dd1024&uid=st1000dm003-1er162_z4y4ggs4xxxxz4y4ggs4&z=b5204d63f87e23b722add01g6zdmfm5cfe2t2t2e4m
CHR StartupUrls: Default -> "hxxp://www.nicesearches.com?type=hp&ts=1477309891&from=e2dd1024&uid=st1000dm003-1er162_z4y4ggs4xxxxz4y4ggs4&z=b5204d63f87e23b722add01g6zdmfm5cfe2t2t2e4m"
CHR DefaultSearchURL: Default -> hxxp://www.nicesearches.com/search.php?type=ds&ts=1477309891&from=e2dd1024&uid=st1000dm003-1er162_z4y4ggs4xxxxz4y4ggs4&z=b5204d63f87e23b722add01g6zdmfm5cfe2t2t2e4m&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nice
CHR Profile: C:\Users\Luiz\AppData\Local\Google\Chrome\User Data\Default [2016-12-12]
CHR Extension: (Google Apresentações) - C:\Users\Luiz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-23]
CHR Extension: (Google Docs) - C:\Users\Luiz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-23]
CHR Extension: (Google Drive) - C:\Users\Luiz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-23]
CHR Extension: (YouTube) - C:\Users\Luiz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-23]
CHR Extension: (Google Search) - C:\Users\Luiz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-23]
CHR Extension: (Planilhas do Google) - C:\Users\Luiz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-23]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Luiz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-10-17]
CHR Extension: (Documentos Google off-line) - C:\Users\Luiz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Luiz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\Luiz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-23]
CHR Extension: (Chrome Media Router) - C:\Users\Luiz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-23]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-23]

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 Archer; C:\Program Files (x86)\WinArcher\Archer.dll [796160 2016-12-08] (Fun Dw) [Arquivo não assinado]
R2 cktSvc; C:\Program Files (x86)\Uncheckit\cktSvc.exe [274152 2016-08-09] (EVANGEL TECHNOLOGY (HK) LIMITED)
R2 Convxxxx; C:\Users\Luiz\AppData\Roaming\cficf\UvConverter.exe [403968 2016-12-07] () [Arquivo não assinado]
R2 ed2kidle; C:\Program Files (x86)\amuleC\ed2k.exe [237568 2016-10-08] (hxxp://www.amule.org/) [Arquivo não assinado] <==== ATENÇÃO
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28736 2016-03-16] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 IhPul; C:\Users\Luiz\AppData\Roaming\setup1\TSvr.exe [205520 2016-09-19] (Trend Corp.)
R2 IlS; C:\ProgramData\Tencent\QQ\dr\qmdr.dll [323584 2016-10-28] () [Arquivo não assinado]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 InterHop; C:\Program Files (x86)\InterHop\InterHop.exe [486912 2016-10-31] () [Arquivo não assinado]
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2016-05-23] (Elex do Brasil Participações Ltda)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 1999-12-31] (Intel Corporation)
R2 Macro Expert; c:\program files (x86)\grasssoft\macro expert\MacroService.exe [420352 2016-11-01] () [Arquivo não assinado]
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [154856 2016-02-12] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [753768 2015-04-07] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe [329480 2016-10-13] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [612688 2015-04-09] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-04-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
R2 qkseeService; C:\Program Files (x86)\qksee\qkseeSvc.exe [735448 2016-06-29] (Qksee Pvt Ltd.)
S2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation) [DependOnService: iThemes5]<==== ATENÇÃO
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [990656 2016-10-28] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-10-28] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-10-28] (McAfee, Inc.)
R2 UncheckitSvc; C:\Program Files (x86)\Uncheckit\UncheckitSvc.exe [241664 2016-07-05] (evangel technology (hk) limited) [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 WinSAPSvc; C:\ProgramData\WinSAPSvc\WinSap.dll [211456 2016-12-08] () [Arquivo não assinado]
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [1982576 2016-09-14] (ExWzp Pvt Ltd.) [Arquivo não assinado] <==== ATENÇÃO
S2 4ee41c7b3cbacf9db551cc86fe28090b; "C:\Program Files\04b1c7bebb2c51bcde977b2d38412c67\6a65f20b56cb6b7e73da875aaaf56126.exe" [X]
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-02-17] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-23] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 1999-12-31] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [482600 2015-01-16] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2015-01-16] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340448 2015-02-17] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2016-02-24] (SlimWare Utilities, Inc.)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN60.sys [32400 2012-09-01] (Realtek Corporation)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S1 5032458e0a8902dbe160cb1bb0d3e304; system32\DRIVERS\5032458e0a8902dbe160cb1bb0d3e304.sys [X]
S1 MPCKpt; system32\DRIVERS\MPCKpt.sys [X] <==== ATENÇÃO

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-12-12 20:25 - 2016-12-12 20:25 - 00030690 _____ C:\Users\Luiz\Downloads\FRST.txt
2016-12-12 20:24 - 2016-12-12 20:25 - 00000000 ____D C:\FRST
2016-12-12 20:24 - 2016-12-12 20:24 - 02420224 _____ (Farbar) C:\Users\Luiz\Downloads\FRST64.exe
2016-12-12 20:19 - 2016-12-12 20:21 - 13969576 _____ (Microsoft Corporation) C:\Users\Luiz\Downloads\vc_redist.x86.exe
2016-12-12 20:17 - 2016-12-12 20:17 - 00001125 _____ C:\Users\Public\Desktop\DLL-Files.com Client.lnk
2016-12-12 20:17 - 2016-12-12 20:17 - 00000000 ____D C:\Users\Luiz\AppData\Roaming\DLL-files.com
2016-12-12 20:17 - 2016-12-12 20:17 - 00000000 ____D C:\Users\Luiz\AppData\Roaming\DFXCT
2016-12-12 20:17 - 2016-12-12 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client
2016-12-12 20:17 - 2016-12-12 20:17 - 00000000 ____D C:\Program Files (x86)\DLL-Files.com Client
2016-12-12 20:16 - 2016-12-12 20:16 - 02729024 _____ (DLL-Files.com Client ) C:\Users\Luiz\Downloads\clientsetup_d-0.exe
2016-12-12 20:15 - 2016-12-12 20:15 - 17837152 _____ C:\Users\Luiz\Downloads\pcsx2-1.4.0-setup (3).exe
2016-12-12 20:14 - 2016-12-12 20:14 - 17837152 _____ C:\Users\Luiz\Downloads\pcsx2-1.4.0-setup (2).exe
2016-12-12 20:05 - 2016-12-12 20:22 - 887490480 _____ C:\Users\Luiz\Downloads\Yu-Gi-Oh! The Duelists of the Roses.7z
2016-12-12 20:04 - 2016-12-12 20:15 - 00001939 _____ C:\Users\Public\Desktop\PCSX2 1.4.0.lnk
2016-12-12 20:04 - 2016-12-12 20:15 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-12-12 20:04 - 2016-12-12 20:15 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-12-12 20:04 - 2016-12-12 20:15 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.4.0
2016-12-12 20:04 - 2016-12-12 20:04 - 17837152 _____ C:\Users\Luiz\Downloads\pcsx2-1.4.0-setup (1).exe
2016-12-12 20:04 - 2016-12-12 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-12-12 20:02 - 2016-12-12 20:02 - 17837152 _____ C:\Users\Luiz\Downloads\pcsx2-1.4.0-setup.exe
2016-12-09 10:30 - 2016-12-09 10:30 - 00000000 ____D C:\Program Files (x86)\amuleC1
2016-12-09 09:11 - 2016-12-09 09:11 - 00204898 _____ C:\Users\Luiz\Downloads\DOC091216.pdf
2016-12-08 13:21 - 2016-12-08 13:21 - 00000000 ____D C:\Users\Todos os Usuários\WinSAPSvc
2016-12-08 13:21 - 2016-12-08 13:21 - 00000000 ____D C:\Users\Todos os Usuários\cfjcf
2016-12-08 13:21 - 2016-12-08 13:21 - 00000000 ____D C:\ProgramData\WinSAPSvc
2016-12-08 13:21 - 2016-12-08 13:21 - 00000000 ____D C:\ProgramData\cfjcf
2016-12-07 11:38 - 2016-12-07 11:38 - 00166101 _____ C:\Users\Luiz\Downloads\Metodos.pdf
2016-12-07 06:26 - 2016-12-07 06:26 - 00000000 ____D C:\Users\Todos os Usuários\gjcfj
2016-12-07 06:26 - 2016-12-07 06:26 - 00000000 ____D C:\Users\Todos os Usuários\cgjcf
2016-12-07 06:26 - 2016-12-07 06:26 - 00000000 ____D C:\Users\Luiz\AppData\Roaming\cficf
2016-12-07 06:26 - 2016-12-07 06:26 - 00000000 ____D C:\ProgramData\gjcfj
2016-12-07 06:26 - 2016-12-07 06:26 - 00000000 ____D C:\ProgramData\cgjcf
2016-12-05 21:16 - 2016-12-05 21:16 - 00249364 _____ C:\Users\Luiz\Downloads\sobre_FORMATO (2).pdf
2016-12-05 15:12 - 2016-12-05 15:12 - 00071955 _____ C:\Users\Luiz\Downloads\8637638-7696-1-PB.pdf
2016-12-05 15:10 - 2016-12-05 15:10 - 00093689 _____ C:\Users\Luiz\Downloads\BoletimEF.org_Reflexoes-sobre-as-abordagens-pedagogicas-em-Educacao-Fisica.pdf
2016-12-05 14:28 - 2016-12-05 14:28 - 00249364 _____ C:\Users\Luiz\Downloads\sobre_FORMATO (1).pdf
2016-12-05 14:27 - 2016-12-05 14:27 - 00249364 _____ C:\Users\Luiz\Downloads\sobre_FORMATO.pdf
2016-12-01 11:11 - 2016-12-01 11:11 - 00000000 ____D C:\Users\Todos os Usuários\aehae
2016-12-01 11:11 - 2016-12-01 11:11 - 00000000 ____D C:\ProgramData\aehae
2016-12-01 11:10 - 2016-12-01 11:11 - 00000000 ____D C:\Users\Todos os Usuários\jcgjc
2016-12-01 11:10 - 2016-12-01 11:11 - 00000000 ____D C:\ProgramData\jcgjc
2016-11-30 14:42 - 2016-11-30 14:42 - 00044032 _____ C:\Users\Luiz\Downloads\Aval_EFA_2016_final (1).xls
2016-11-30 14:40 - 2016-11-30 14:40 - 00044032 _____ C:\Users\Luiz\Downloads\Aval_EFA_2016_final.xls
2016-11-30 14:39 - 2016-11-30 14:39 - 00026000 _____ C:\Users\Luiz\Downloads\avaliação_seminarioT01.xlsx
2016-11-27 15:43 - 2016-11-27 15:43 - 10689721 _____ C:\Users\Luiz\Downloads\WhatsApp Video 2016-11-26 at 23.22.36.mp4
2016-11-27 15:43 - 2016-11-27 15:43 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-11-27 15:43 - 2016-11-27 15:43 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-11-27 15:42 - 2016-11-27 15:42 - 00000000 ____D C:\Program Files (x86)\Windows Live
2016-11-27 15:38 - 2016-12-03 13:02 - 00000000 ____D C:\Users\Luiz\AppData\Local\Windows Live
2016-11-27 15:38 - 2016-11-27 15:38 - 01242312 _____ (Microsoft Corporation) C:\Users\Luiz\Downloads\wlsetup-web.exe
2016-11-27 15:37 - 2016-11-27 15:37 - 01785936 _____ ( ) C:\Users\Luiz\Downloads\Baixaki_windows-movie-maker.exe
2016-11-27 13:18 - 2016-11-27 13:18 - 14032414 _____ C:\Users\Luiz\Downloads\sistema endócrino resumida part2 .pdf
2016-11-27 13:17 - 2016-11-27 13:18 - 15967858 _____ C:\Users\Luiz\Downloads\sistema endócrino resumida parte 1.pdf
2016-11-23 22:13 - 2016-11-23 22:13 - 00001163 _____ C:\Users\Luiz\Downloads\Flash-Win-v9.1.2.3.zip
2016-11-23 22:13 - 2016-11-23 22:13 - 00001163 _____ C:\Users\Luiz\Downloads\Flash-Win-v9.1.2.3 (1).zip
2016-11-23 21:33 - 2016-11-23 21:33 - 00000000 ____D C:\Program Files (x86)\uvconvrx_00000002
2016-11-23 20:57 - 2016-11-23 20:57 - 00690072 _____ (Dropbox, Inc.) C:\Users\Luiz\Downloads\DropboxInstaller.exe
2016-11-23 17:33 - 2016-11-23 17:33 - 00000000 ____D C:\Program Files (x86)\uvconvrx_00000001
2016-11-23 13:32 - 2016-11-23 13:32 - 00000000 ____D C:\Program Files (x86)\uvconvrx_00000000
2016-11-21 12:23 - 2016-11-21 12:23 - 00002932 _____ C:\Users\Luiz\Downloads\App-FL-Player-v11.70.66.10.11.BR_-_Novembro.zip
2016-11-18 12:37 - 2016-11-18 12:37 - 00000000 ____D C:\Users\Todos os Usuários\ficfi
2016-11-18 12:37 - 2016-11-18 12:37 - 00000000 ____D C:\ProgramData\ficfi
2016-11-16 18:37 - 2016-11-16 18:37 - 00001841 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Uncheckit.lnk
2016-11-16 18:37 - 2016-11-16 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uncheckit
2016-11-16 18:34 - 2016-11-16 18:34 - 00000000 ____D C:\Users\Luiz\AppData\Local\Chromium
2016-11-10 11:42 - 2016-12-08 13:21 - 00000000 ____D C:\Program Files (x86)\WinArcher
2016-11-10 11:42 - 2016-11-10 11:42 - 00000000 ____D C:\Users\Todos os Usuários\adgad
2016-11-10 11:42 - 2016-11-10 11:42 - 00000000 ____D C:\ProgramData\adgad
2016-11-08 09:37 - 2016-11-08 09:37 - 00000000 ____D C:\Users\Todos os Usuários\gjcgj
2016-11-08 09:37 - 2016-11-08 09:37 - 00000000 ____D C:\ProgramData\gjcgj
2016-11-08 08:39 - 2016-11-18 12:37 - 00000000 ____D C:\Users\Todos os Usuários\BaofengUpdate_U
2016-11-08 08:39 - 2016-11-18 12:37 - 00000000 ____D C:\ProgramData\BaofengUpdate_U
2016-11-08 08:39 - 2016-11-08 08:39 - 00000000 ____D C:\Users\Todos os Usuários\jcfjc
2016-11-08 08:39 - 2016-11-08 08:39 - 00000000 ____D C:\ProgramData\jcfjc
2016-11-07 13:38 - 2016-11-07 13:38 - 00057856 _____ C:\Users\Luiz\Downloads\biopoder power point.ppt
2016-11-07 00:31 - 2016-11-07 00:31 - 00000000 ____D C:\Users\Todos os Usuários\Grasssoft
2016-11-07 00:31 - 2016-11-07 00:31 - 00000000 ____D C:\Users\Luiz\AppData\Roaming\Grasssoft
2016-11-07 00:31 - 2016-11-07 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macro Expert
2016-11-07 00:31 - 2016-11-07 00:31 - 00000000 ____D C:\ProgramData\Grasssoft
2016-11-07 00:31 - 2016-11-07 00:31 - 00000000 ____D C:\Program Files (x86)\GrassSoft
2016-11-07 00:30 - 2016-11-07 00:30 - 05568768 _____ C:\Users\Luiz\Downloads\Baixaki_macro-expert [1].exe
2016-11-07 00:27 - 2016-11-07 00:27 - 01867472 _____ ( ) C:\Users\Luiz\Downloads\Baixaki_macro-expert.exe
2016-11-06 19:19 - 2016-11-06 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-11-02 13:38 - 2016-11-21 09:57 - 00000003 _____ C:\Windows\SysWOW64\hoewmds
2016-10-31 13:09 - 2016-10-31 13:09 - 00000000 ____D C:\Users\Luiz\AppData\LocalLow\Cygames
2016-10-31 09:15 - 2016-10-31 09:15 - 00000000 ____D C:\Program Files (x86)\InterHop
2016-10-30 11:14 - 2016-10-30 11:14 - 00015872 _____ (Grass Software) C:\Windows\SysWOW64\MacroSAS.exe
2016-10-29 14:37 - 2016-10-29 14:37 - 01065376 _____ (Google Inc.) C:\Users\Luiz\Downloads\ChromeSetup (1).exe
2016-10-28 10:24 - 2016-12-07 06:26 - 00000000 ____D C:\Users\Todos os Usuários\QQBrowser
2016-10-28 10:24 - 2016-12-07 06:26 - 00000000 ____D C:\ProgramData\QQBrowser
2016-10-28 10:24 - 2016-10-28 10:24 - 00000000 ____D C:\Users\Todos os Usuários\aehad
2016-10-28 10:24 - 2016-10-28 10:24 - 00000000 ____D C:\ProgramData\aehad
2016-10-28 10:22 - 2016-10-28 10:22 - 00000000 ____D C:\Users\Luiz\AppData\Local\Coldold
2016-10-28 10:21 - 2016-12-12 12:22 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2016-10-28 10:21 - 2016-12-07 06:26 - 00000000 ____D C:\Users\Todos os Usuários\ttff
2016-10-28 10:21 - 2016-12-07 06:26 - 00000000 ____D C:\ProgramData\ttff
2016-10-28 10:21 - 2016-11-18 12:37 - 00002180 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-28 10:21 - 2016-10-28 10:21 - 00000000 ____D C:\Users\Todos os Usuários\Tencent
2016-10-28 10:21 - 2016-10-28 10:21 - 00000000 ____D C:\ProgramData\Tencent
2016-10-28 10:21 - 2016-10-28 10:21 - 00000000 ____D C:\Program Files (x86)\Coldold
2016-10-24 09:50 - 2016-12-09 10:30 - 00000000 ____D C:\Users\Luiz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
2016-10-24 09:50 - 2016-12-09 10:30 - 00000000 ____D C:\Users\Luiz\AppData\Roaming\aMule
2016-10-24 09:50 - 2016-10-24 09:50 - 00000000 ____D C:\Program Files (x86)\amuleC
2016-10-19 12:57 - 2016-10-19 12:57 - 00677264 _____ C:\Users\Luiz\Downloads\pesquisa_quali_1.pdf
2016-10-17 15:33 - 2016-12-12 19:38 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-17 15:33 - 2016-12-12 15:38 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-17 15:33 - 2016-10-17 15:33 - 00004060 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-10-17 15:33 - 2016-10-17 15:33 - 00003808 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-10-17 15:32 - 2016-10-17 15:32 - 01065376 _____ (Google Inc.) C:\Users\Luiz\Downloads\ChromeSetup.exe
2016-10-13 09:58 - 2016-10-13 09:58 - 00150826 _____ C:\Users\Luiz\Downloads\texto_saúde.pdf
2016-10-09 15:41 - 2016-10-09 15:41 - 03905520 _____ C:\Users\Luiz\Downloads\Sistema Respiratório_2.pdf
2016-10-09 15:34 - 2016-10-09 15:35 - 02349228 _____ C:\Users\Luiz\Downloads\Aula Sistema Renal.pdf

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-12-12 20:19 - 2009-07-14 02:45 - 00009600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-12 20:19 - 2009-07-14 02:45 - 00009600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-12 20:08 - 2015-11-23 10:24 - 00000000 ____D C:\Users\Luiz\Desktop\UNESP
2016-12-12 20:07 - 2016-07-31 16:11 - 00000000 ____D C:\Users\Luiz\Desktop\Desmume
2016-12-12 20:06 - 2015-12-13 13:33 - 00000000 ____D C:\Users\Luiz\Desktop\PokeStorm
2016-12-12 19:59 - 2016-02-23 20:59 - 00000364 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Luiz).job
2016-12-12 19:33 - 2016-02-29 17:26 - 00000000 ____D C:\Users\Luiz\AppData\Roaming\Spotify
2016-12-12 14:34 - 2016-02-23 21:18 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-12 14:33 - 2016-03-30 20:21 - 00000000 ____D C:\Users\Luiz\AppData\Roaming\uTorrent
2016-12-12 12:23 - 2016-05-03 11:02 - 00000198 _____ C:\Windows\Tasks\AutoKMS.job
2016-12-12 12:23 - 2016-03-30 20:23 - 00000000 ___SD C:\Users\Luiz\AppData\LocalLow\Temp
2016-12-12 12:22 - 2016-02-29 17:27 - 00000000 ____D C:\Users\Luiz\AppData\Local\Spotify
2016-12-12 12:22 - 2016-02-23 21:14 - 00000000 ____D C:\Users\Luiz\AppData\Local\CrashDumps
2016-12-12 12:21 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-12 03:56 - 2016-02-23 21:10 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2016-12-12 03:56 - 2016-02-23 21:10 - 00000000 ____D C:\ProgramData\McAfee
2016-12-11 13:24 - 2016-05-02 20:18 - 00000000 ____D C:\Program Files\TrueKey
2016-12-10 16:52 - 2016-02-23 22:41 - 00000000 ____D C:\Users\Luiz\AppData\Roaming\TS3Client
2016-12-09 21:09 - 2016-05-02 20:28 - 00001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2016-12-09 10:30 - 2016-07-25 06:26 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-12-08 12:24 - 2016-06-29 09:37 - 00000000 ____D C:\Program Files (x86)\qksee
2016-12-07 06:26 - 2016-05-19 11:44 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-12-01 21:03 - 2016-02-23 22:41 - 00000000 ____D C:\Users\Luiz\AppData\Local\TeamSpeak 3 Client
2016-11-30 15:23 - 2016-04-01 15:56 - 00000000 ____D C:\Users\Luiz\AppData\Roaming\vlc
2016-11-27 15:42 - 2016-03-26 14:33 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-11-27 15:42 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-11-25 07:15 - 2009-07-14 15:55 - 00706836 _____ C:\Windows\system32\prfh0416.dat
2016-11-25 07:15 - 2009-07-14 15:55 - 00148174 _____ C:\Windows\system32\prfc0416.dat
2016-11-25 07:15 - 2009-07-14 03:13 - 01639248 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-25 07:15 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-11-24 21:33 - 2016-02-23 21:14 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-11-18 12:37 - 2016-02-23 20:27 - 00002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-16 18:37 - 2016-08-10 19:06 - 00003890 _____ C:\Windows\System32\Tasks\UncheckitUpdateTaskDB
2016-11-16 18:37 - 2016-08-10 19:06 - 00003888 _____ C:\Windows\System32\Tasks\UncheckitUpdateTaskC
2016-11-16 18:37 - 2016-08-10 19:06 - 00003872 _____ C:\Windows\System32\Tasks\UncheckitTaskMN
2016-11-16 18:37 - 2016-08-10 19:06 - 00000000 ____D C:\Program Files (x86)\Uncheckit

==================== Arquivos na raiz de alguns diretórios =======

2016-08-01 22:48 - 2016-08-25 11:00 - 3026805 _____ (Update) C:\Program Files (x86)\SSFK.exe
2016-03-30 20:57 - 2016-03-30 20:57 - 0099384 _____ () C:\Users\Luiz\AppData\Roaming\inst.exe
2016-03-30 20:57 - 2016-03-30 20:57 - 0007859 _____ () C:\Users\Luiz\AppData\Roaming\pcouffin.cat
2016-03-30 20:57 - 2016-03-30 20:57 - 0001167 _____ () C:\Users\Luiz\AppData\Roaming\pcouffin.inf
2016-03-30 20:57 - 2016-03-30 20:57 - 0000055 _____ () C:\Users\Luiz\AppData\Roaming\pcouffin.log
2016-03-30 20:57 - 2016-03-30 20:57 - 0082816 _____ (VSO Software) C:\Users\Luiz\AppData\Roaming\pcouffin.sys
2016-07-24 22:18 - 2016-07-24 22:18 - 0000804 _____ () C:\Users\Luiz\AppData\Local\Nox_crash.log
2016-06-21 18:54 - 2016-06-21 18:54 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-02-23 21:16 - 2016-02-23 21:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-02-24 13:07 - 2014-11-05 07:51 - 1654869 _____ (Dynu Systems Inc.) C:\ProgramData\DynuEncrypt.dll

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\DynuEncrypt.dll
C:\Users\Todos os Usuários\DynuEncrypt.dll


Alguns arquivos em TEMP:
====================
C:\Users\Luiz\AppData\Local\Temp\HD-Logger-Native.dll
C:\Users\Luiz\AppData\Local\Temp\HD-ShortcutHandler.dll
C:\Users\Luiz\AppData\Local\Temp\kernel32.dll
C:\Users\Luiz\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Luiz\AppData\Local\Temp\NetFramework45.exe
C:\Users\Luiz\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Luiz\AppData\Local\Temp\nvStInst.exe
C:\Users\Luiz\AppData\Local\Temp\pcspeedup_aa3cfbfe7016469a8aa04eef47b88c6b_.exe
C:\Users\Luiz\AppData\Local\Temp\scpEE84.tmp.exe
C:\Users\Luiz\AppData\Local\Temp\uninstall.exe
C:\Users\Luiz\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Luiz\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll
[2009-07-13 21:38] - [2016-07-24 19:28] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2009-07-13 21:24] - [2016-07-24 19:28] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2016-12-04 18:14

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité