Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 11-08-2016 01 Executado por Erika (administrador) em ERIKA-PC (11-08-2016 10:57:11) Executando a partir de C:\Users\Erika\Desktop Perfis Carregados: Erika (Perfis Disponíveis: Erika) Platform: Microsoft Windows 7 Professional (X86) Idioma: Português (Brasil) Internet Explorer Versão 8 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Marketing Merengue) C:\Users\Erika\AppData\Roaming\Identities\ERIKA-PC.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\reader_sl.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-216171897-4010221603-4039672753-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.) HKU\S-1-5-21-216171897-4010221603-4039672753-1000\...\Run: [4AnDJx1iochKS] => C:\Users\Erika\AppData\Roaming\Identities\ERIKA-PC.exe [4715810 2016-07-13] (Marketing Merengue) HKU\S-1-5-21-216171897-4010221603-4039672753-1000\...\Policies\system: [DisableTaskMgr] 1 HKU\S-1-5-21-216171897-4010221603-4039672753-1000\...\Policies\system: [DisableRegistryTools] 1 HKU\S-1-5-21-216171897-4010221603-4039672753-1000\...\Policies\Explorer: [DisallowRun] 1 ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll Nenhum Arquivo ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{18F60451-B92B-4DC2-BE9C-B53FD629E12C}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-216171897-4010221603-4039672753-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/ BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-07] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll => Nenhum Arquivo BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-07] (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-07] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-07] (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => não encontrado (a) FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF => não encontrado (a) Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com.br/" CHR Profile: C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Apresentações) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-07] CHR Extension: (Google Docs) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-07] CHR Extension: (Google Drive) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-07] CHR Extension: (Proxy grátis para desbloquear qualquer site Touch VPN) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2016-08-10] CHR Extension: (YouTube) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-07] CHR Extension: (Google Search) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-07] CHR Extension: (Planilhas do Google) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-07] CHR Extension: (Documentos Google off-line) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-08-10] CHR Extension: (Skype) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-24] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01] CHR Extension: (Gmail) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-07] CHR Extension: (Chrome Media Router) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-09] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X] R2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X] ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2014-03-28] (Google Inc) S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus.sys [14336 2014-05-08] (LG Electronics Inc.) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2014-03-28] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2014-03-28] (LG Electronics Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-06-30] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-06-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91680 2016-06-30] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-06-30] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-06-30] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [816304 2016-06-30] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [438296 2016-07-13] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118152 2016-06-30] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224616 2016-08-05] (AVAST Software) R3 SrvHsfPCI; C:\Windows\System32\DRIVERS\VSTBS23.SYS [266752 2009-07-13] (Conexant Systems, Inc.) R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [104096 2015-09-08] (BigNox Corporation) R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [203424 2015-09-08] (BigNox Corporation) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três Meses Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-08-11 10:57 - 2016-08-11 10:57 - 00010992 _____ C:\Users\Erika\Desktop\FRST.txt 2016-08-11 10:55 - 2016-08-11 10:57 - 00000000 ____D C:\FRST 2016-08-11 10:54 - 2016-08-11 10:54 - 01744384 _____ (Farbar) C:\Users\Erika\Desktop\FRST.exe 2016-08-11 10:52 - 2015-06-23 04:00 - 00088248 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\vcruntime140.dll 2016-08-11 10:51 - 2016-08-11 10:51 - 00047223 _____ C:\Users\Erika\Downloads\vcruntime140.zip 2016-08-11 10:49 - 2016-08-11 10:49 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache 2016-08-11 10:49 - 2016-08-11 10:49 - 00000000 ____D C:\ProgramData\Package Cache 2016-08-11 10:47 - 2016-08-11 10:49 - 13969576 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\vc_redist.x86 (1).exe 2016-08-11 10:46 - 2016-08-11 10:47 - 00629006 _____ C:\Users\Erika\Downloads\Windows6.1-KB2999226-x86 (1).msu 2016-08-11 10:43 - 2016-08-11 10:43 - 00370860 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\Não confirmado 804865.crdownload 2016-08-11 10:42 - 2016-08-11 10:43 - 13969576 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\vc_redist.x86.exe 2016-08-11 10:41 - 2016-08-11 10:41 - 00629006 _____ C:\Users\Erika\Downloads\Windows6.1-KB2999226-x86.msu 2016-08-10 11:57 - 2016-08-10 11:58 - 05848960 _____ C:\Users\Erika\Downloads\PokemonGo-Bot-master (4).zip 2016-08-10 11:42 - 2016-08-10 11:42 - 05855206 _____ C:\Users\Erika\Downloads\PokemonGo-Bot-master (3).zip 2016-08-10 11:42 - 2016-08-10 11:42 - 00000000 ____D C:\Users\Erika\Downloads\PokemonGo-Bot-master (3) 2016-08-10 11:22 - 2016-08-10 11:22 - 00000000 ____D C:\Users\Erika\AppData\Roaming\WinRAR 2016-08-10 11:22 - 2016-08-10 11:22 - 00000000 ____D C:\Users\Erika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-08-10 11:22 - 2016-08-10 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-08-10 11:22 - 2016-08-10 11:22 - 00000000 ____D C:\Program Files\WinRAR 2016-08-10 11:21 - 2016-08-10 11:21 - 01808528 _____ C:\Users\Erika\Downloads\wrar531.exe 2016-08-10 11:18 - 2016-08-10 11:18 - 05515727 _____ C:\Users\Erika\Downloads\PokemonGo-Bot-master (2).zip 2016-08-10 10:52 - 2016-08-10 10:52 - 05513534 _____ C:\Users\Erika\Downloads\PokemonGo-Bot-master (1).zip 2016-08-10 10:52 - 2016-08-10 10:52 - 00000000 ____D C:\Users\Erika\Downloads\PokemonGo-Bot-master (1) 2016-08-10 10:27 - 2016-08-10 10:27 - 00000000 ____D C:\Users\Erika\AppData\Local\GMap.NET 2016-08-10 10:19 - 2016-08-10 10:19 - 00000000 ____D C:\Users\Erika\Downloads\PokemonGo-Bot-master 2016-08-10 10:15 - 2016-08-10 10:15 - 05513423 _____ C:\Users\Erika\Downloads\PokemonGo-Bot-master.zip 2016-08-10 10:05 - 2016-08-10 10:05 - 01005568 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\dotNetFx45_Full_setup.exe 2016-08-10 10:04 - 2016-08-10 10:04 - 01429344 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP462-KB3151802-Web (3).exe 2016-08-10 08:55 - 2016-08-10 08:57 - 67681000 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP461-KB3102436-x86-x64-AllOS-ENU (1).exe 2016-08-10 08:44 - 2016-08-10 08:45 - 67681000 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP461-KB3102436-x86-x64-AllOS-ENU.exe 2016-08-10 08:42 - 2016-08-10 08:43 - 62008080 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP462-KB3151800-x86-x64-AllOS-ENU.exe 2016-08-10 08:40 - 2016-08-10 08:40 - 01424328 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP461-KB3102438-Web.exe 2016-08-10 08:39 - 2016-08-10 08:40 - 01429344 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP462-KB3151802-Web (2).exe 2016-08-10 08:34 - 2016-08-10 08:34 - 00889416 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\dotNetFx40_Full_setup (1).exe 2016-08-10 08:32 - 2016-08-10 08:32 - 01429344 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP462-KB3151802-Web.exe 2016-08-10 08:32 - 2016-08-10 08:32 - 01429344 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP462-KB3151802-Web (1).exe 2016-08-10 08:24 - 2016-08-10 08:24 - 01390418 _____ C:\Users\Erika\Downloads\Haxton-SytharixEdit_v2.14.zip 2016-08-10 08:24 - 2016-08-10 08:24 - 00000000 ____D C:\Users\Erika\Downloads\Haxton-SytharixEdit_v2.14 2016-08-10 07:18 - 2016-08-11 10:56 - 00000000 ____D C:\Users\Erika\AppData\Local\Ckerjikghoguied 2016-08-10 07:18 - 2016-08-10 13:38 - 00000000 ____D C:\Program Files\Reewdom 2016-08-10 07:18 - 2016-08-10 07:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Social2Se 2016-08-10 07:18 - 2016-08-10 07:18 - 00000000 ____D C:\Program Files\45911d5f35b83ac20056ab20efb006c2 2016-08-10 07:17 - 2016-08-10 07:17 - 00001451 _____ C:\Users\Public\Desktop\Download xposed_v72_sdk...lnk 2016-08-10 07:17 - 2016-08-10 07:17 - 00001431 _____ C:\Users\Public\Desktop\Download xposed framewo...lnk 2016-08-10 07:16 - 2016-08-10 07:16 - 00788771 _____ C:\Users\Erika\Downloads\Xposed Installer ( Mano Tec ).apk 2016-08-10 07:15 - 2016-08-10 07:16 - 01868089 _____ C:\Users\Erika\Downloads\Wanam Xposed ( Mano Tec ).apk 2016-08-10 06:23 - 2016-08-10 06:23 - 19792361 _____ C:\Users\Erika\Downloads\twrp&cwm reidosnoob`s.rar 2016-08-10 05:34 - 2016-08-10 05:34 - 00788771 _____ C:\Users\Erika\Downloads\de.robv.android.xposed.installer_v33_36570c.apk 2016-08-10 05:24 - 2016-08-10 05:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf 2016-08-10 05:20 - 2016-08-10 05:21 - 06845248 _____ C:\Users\Erika\Downloads\xposed-v65-sdk21-arm-arter97-V5-generic.zip 2016-08-10 05:19 - 2016-08-10 05:19 - 03540352 _____ C:\Users\Erika\Downloads\xposed-v67-sdk22-arm-by-romracer-20150716.zip 2016-08-10 05:00 - 2016-08-10 05:00 - 00626521 _____ C:\Users\Erika\Downloads\XposedInstaller_3.0_alpha4.apk 2016-08-10 04:32 - 2016-08-10 04:39 - 08851538 _____ C:\Users\Erika\Downloads\Kingroot v4.8.0 build 20160203 (One Click Root) - android-zone.ws.apk 2016-08-10 03:17 - 2016-08-10 03:17 - 00000000 ____D C:\Users\Erika\.android 2016-08-10 03:13 - 2016-08-10 03:13 - 00000000 ____D C:\Users\Erika\Downloads\LG_Root 2016-08-10 03:08 - 2016-08-10 03:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf 2016-08-10 03:06 - 2016-08-10 03:06 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2016-08-10 03:06 - 2016-08-10 03:06 - 00000000 ____D C:\Program Files\LG Electronics 2016-08-10 03:06 - 2014-05-08 18:52 - 00014336 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetbus.sys 2016-08-10 03:06 - 2014-03-28 15:40 - 00025856 _____ (Google Inc) C:\Windows\system32\Drivers\lgandnetadb.sys 2016-08-10 03:06 - 2014-03-28 15:22 - 00027776 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem.sys 2016-08-10 03:06 - 2014-03-28 15:22 - 00023168 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag.sys 2016-08-10 03:06 - 2011-07-18 15:01 - 01419232 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01005.dll 2016-08-10 03:01 - 2016-08-10 03:03 - 11445968 _____ (LG Electronics) C:\Users\Erika\Downloads\LGUnitedMobileDriver_S50MAN311AP22_ML_WHQL_Ver_3.11.3.exe 2016-08-10 02:14 - 2016-08-10 02:44 - 311563080 _____ (Duodian Technology Co. Ltd.) C:\Users\Erika\Downloads\nox_setup_v3.7.1.0_full_En.exe 2016-08-09 18:33 - 2016-08-09 18:33 - 00061248 _____ C:\Users\Erika\Downloads\psp0220r (10).pdf 2016-08-09 10:51 - 2016-08-09 10:51 - 00142497 _____ C:\Windows\8679be4bd357d6c8bee1e642cb7d4057.exe 2016-08-08 13:30 - 2016-08-08 13:57 - 04654527 _____ C:\Users\Erika\Downloads\tutuapp_v1.2.05 (2).apk 2016-08-08 13:23 - 2016-08-08 13:30 - 04654527 _____ C:\Users\Erika\Downloads\tutuapp_v1.2.05 (1).apk 2016-08-08 13:08 - 2016-08-08 13:13 - 01356924 _____ C:\Users\Erika\Downloads\tutuapp_v1.2.05.apk 2016-08-07 13:32 - 2016-06-30 14:02 - 00319248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2016-08-06 11:12 - 2016-08-06 11:12 - 00000000 ____D C:\Users\Erika\AppData\Local\nox_video_tool 2016-08-06 11:07 - 2016-08-06 11:07 - 00000000 ____D C:\Users\Erika\Nox_share 2016-08-06 11:07 - 2016-08-06 11:07 - 00000000 ____D C:\Users\Erika\.BigNox 2016-08-06 11:07 - 2016-08-06 11:07 - 00000000 ____D C:\Program Files\DIFX 2016-08-06 11:07 - 2015-09-08 05:16 - 00104096 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2016-08-06 11:06 - 2016-08-07 13:29 - 00000000 ____D C:\Program Files\Bignox 2016-08-06 11:04 - 2016-08-06 11:04 - 00000000 ____D C:\Users\Erika\Downloads\nox_setup_v3.6.0.0_full_en 2016-08-06 11:01 - 2016-08-10 03:01 - 00000000 ____D C:\Users\Erika\AppData\Local\Nox 2016-08-06 10:45 - 2016-08-06 10:56 - 266510096 _____ (Duodian Technology Co. Ltd.) C:\Users\Erika\Downloads\nox_setup_v3.6.0.0_full_en.exe 2016-08-06 10:32 - 2016-08-06 10:43 - 266510096 _____ (Duodian Technology Co. Ltd.) C:\Users\Erika\Downloads\Não confirmado 266336.crdownload 2016-08-06 10:32 - 2016-08-06 10:33 - 62830864 _____ C:\Users\Erika\Downloads\pokemon go.apk 2016-07-30 16:55 - 2016-07-30 16:55 - 02086725 _____ C:\Users\Erika\Desktop\Curso_4_Possibilidades_de_uma_Educacao_Integral_em_Tempo_Integral.pdf 2016-07-28 08:35 - 2016-07-28 08:35 - 00000000 ____D C:\Users\Erika\AppData\Roaming\Macromedia 2016-07-24 11:13 - 2016-07-24 11:13 - 00057522 _____ C:\Users\Erika\Desktop\hol 07.pdf 2016-07-24 11:12 - 2016-07-24 11:12 - 00057522 _____ C:\Users\Erika\Downloads\psp0220r (9).pdf 2016-07-19 21:49 - 2016-07-19 21:49 - 02890645 _____ C:\Users\Erika\Downloads\71B7.tmp 2016-07-12 15:03 - 2016-07-12 15:03 - 01535708 _____ C:\Users\Erika\Desktop\creche segura.pdf 2016-07-12 14:49 - 2016-07-12 14:49 - 00062360 _____ C:\Users\Erika\Downloads\ADINALVA (2).pdf 2016-07-12 14:49 - 2016-07-12 14:49 - 00016878 _____ C:\Users\Erika\Downloads\Untitled 2016-07-12 14:49 - 2016-07-12 14:49 - 00013692 _____ C:\Users\Erika\Downloads\Untitled (1) 2016-07-11 22:41 - 2016-07-11 22:41 - 00277877 _____ C:\Users\Erika\Desktop\Adi, 43 _ Brasília _ Twoo.html 2016-07-11 22:39 - 2016-07-11 22:41 - 00000000 ____D C:\Users\Erika\Desktop\Adi, 43 _ Brasília _ Twoo_files 2016-07-07 10:23 - 2016-07-07 10:23 - 03247037 _____ C:\Users\Erika\Desktop\campos de experiências.pptx 2016-07-06 20:28 - 2016-07-06 22:43 - 00000000 ____D C:\Users\Erika\Desktop\Camera 2016-07-06 15:24 - 2016-07-06 15:24 - 60876068 _____ C:\Users\Erika\Downloads\com.nianticlabs.pokemongo_0.29.0-2016070500_minAPI19(armeabi-v7a)(nodpi)_apkmirror.com.apk 2016-07-05 18:44 - 2016-07-05 18:45 - 04671437 _____ C:\Users\Erika\Downloads\starter.zip 2016-07-04 20:34 - 2016-07-04 20:34 - 00000000 ____D C:\Users\Erika\Desktop\DCIM 2016-06-30 14:02 - 2016-06-30 14:02 - 00921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll 2016-06-30 14:02 - 2016-06-30 14:02 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr 2016-06-26 23:15 - 2016-06-26 23:15 - 02036700 _____ C:\Users\Erika\Desktop\Curso_3_A_importancia_de_um_Curriculo_Integrador_da_Infancia.pdf 2016-06-25 13:27 - 2016-06-25 13:27 - 00057554 _____ C:\Users\Erika\Desktop\hol 06.pdf 2016-06-25 13:26 - 2016-06-25 13:26 - 00057554 _____ C:\Users\Erika\Downloads\psp0220r (8).pdf 2016-06-24 13:45 - 2016-06-24 13:45 - 00062360 _____ C:\Users\Erika\Desktop\comprovante de quitação.pdf 2016-06-24 13:31 - 2016-06-24 13:31 - 00062360 _____ C:\Users\Erika\Downloads\ADINALVA (1).pdf 2016-06-23 17:39 - 2016-06-23 17:39 - 00001880 _____ C:\Users\Erika\Downloads\ADC6353179620000070014218808.pdf 2016-06-21 21:29 - 2016-06-21 21:29 - 00012531 _____ C:\Users\Erika\Downloads\Birds.mid 2016-06-21 17:56 - 2016-08-11 10:35 - 00000000 ____D C:\Users\Erika\Desktop\dbs 2016-06-20 16:37 - 2016-08-03 17:43 - 00000000 ____D C:\Users\Erika\Desktop\3ds 2016-06-20 13:42 - 2016-06-20 16:35 - 39089921 _____ C:\Users\Erika\Downloads\tm_o3ds_eur.bin 2016-06-18 23:00 - 2016-06-18 23:00 - 00018263 _____ C:\Users\Erika\Downloads\sinistro retrovisor Rosalvo.pdf 2016-06-18 23:00 - 2016-06-18 23:00 - 00018263 _____ C:\Users\Erika\Desktop\sinistro retrovisor Rosalvo.pdf 2016-06-16 22:03 - 2016-06-16 22:03 - 00078684 _____ C:\Users\Erika\Desktop\Aproveita ABC - Cupom.pdf 2016-06-14 17:35 - 2016-06-14 17:35 - 00001118 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk 2016-06-14 17:35 - 2016-06-14 17:35 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2016-06-14 12:59 - 2016-06-30 14:01 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2016-06-08 13:42 - 2016-06-08 13:42 - 00008934 _____ C:\Users\Erika\Downloads\5F36A4C4.vbs 2016-05-31 22:05 - 2016-05-31 22:04 - 02845732 _____ C:\Users\Erika\Desktop\ROSALVO PEREIRA DOS SANTOS - Proposta Endosso Substituição.pdf 2016-05-31 22:02 - 2016-05-31 22:03 - 02845732 _____ C:\Users\Erika\Downloads\ROSALVO PEREIRA DOS SANTOS - Proposta Endosso Substituição.pdf 2016-05-31 00:06 - 2016-05-31 00:06 - 00335666 _____ C:\Users\Erika\Desktop\carta assinada artes (1).pdf 2016-05-31 00:05 - 2016-05-31 00:05 - 00335666 _____ C:\Users\Erika\Desktop\carta assinada artes.pdf 2016-05-31 00:04 - 2016-05-31 00:04 - 00335666 _____ C:\Users\Erika\Downloads\carta assinada artes.pdf 2016-05-27 15:32 - 2016-05-27 15:32 - 00061248 _____ C:\Users\Erika\Desktop\holerit 05.pdf 2016-05-27 15:31 - 2016-05-27 15:31 - 00061248 _____ C:\Users\Erika\Downloads\psp0220r (7).pdf 2016-05-27 15:21 - 2016-05-27 15:21 - 00000000 ____D C:\Program Files\Common Files\Skype 2016-05-26 13:21 - 2016-05-26 13:21 - 00000000 ____D C:\Users\Erika\Tracing 2016-05-24 10:16 - 2016-05-24 10:16 - 00203770 _____ C:\Users\Erika\Desktop\boletos de Artes.pdf 2016-05-24 10:13 - 2016-05-24 10:13 - 00203770 _____ C:\Users\Erika\Downloads\adinalva.pdf 2016-05-22 18:05 - 2016-05-22 18:05 - 01091008 _____ (Unity Technologies ApS) C:\Users\Erika\Downloads\UnityWebPlayer.exe 2016-05-22 12:29 - 2016-05-22 12:29 - 632814413 _____ C:\Users\Erika\Downloads\Não confirmado 780939.crdownload 2016-05-22 12:16 - 2016-05-22 12:17 - 00000000 ____D C:\Users\Erika\Downloads\P0016_5791e60c7 2016-05-22 11:15 - 2016-05-22 12:16 - 217867811 _____ C:\Users\Erika\Downloads\P0016_5791e60c7.zip 2016-05-21 23:00 - 2016-05-21 23:00 - 00081403 _____ C:\Users\Erika\Downloads\declaracao_14917383838_2016_21052016_c1e5e48c79924fd98eb0f4988ec938e2.pdf 2016-05-21 23:00 - 2016-05-21 23:00 - 00081403 _____ C:\Users\Erika\Desktop\declaracao_14917383838_2016_21052016_c1e5e48c79924fd98eb0f4988ec938e2.pdf 2016-05-21 22:59 - 2016-05-21 22:59 - 00081399 _____ C:\Users\Erika\Downloads\declaracao_14917383838_2015_21052015_3bccf949deb44a74b06de83fc63eb4f4.pdf 2016-05-21 22:59 - 2016-05-21 22:59 - 00081399 _____ C:\Users\Erika\Desktop\declaracao_14917383838_2015_21052015_3bccf949deb44a74b06de83fc63eb4f4.pdf 2016-05-17 22:32 - 2016-05-17 22:32 - 00000000 ____D C:\Users\Erika\Desktop\pombinha 2016-05-16 23:43 - 2016-05-16 20:58 - 00896706 _____ C:\Users\Erika\Desktop\Quebrando_preconceitos_estudando_ind+¡genas.pdf 2016-05-16 23:43 - 2016-05-16 20:58 - 00896298 _____ C:\Users\Erika\Desktop\a_tematica_indigena_nos_livros_didaticos.pdf 2016-05-16 23:43 - 2016-05-16 20:58 - 00237312 _____ C:\Users\Erika\Desktop\EVC - todo mundo +®.pdf 2016-05-16 20:43 - 2016-05-16 20:44 - 01725090 _____ C:\Users\Erika\Downloads\Anexos_2016516.zip 2016-05-16 19:45 - 2016-05-16 19:45 - 02071699 _____ C:\Users\Erika\Desktop\Curso_2_completo_-_Avaliacao_na_Educacao_Infantil_ampliando_os_olhares_-_baixa_resoluacao.pdf 2016-05-14 12:25 - 2016-05-14 12:26 - 02366795 _____ C:\Users\Erika\Downloads\13017742_1604767339848151_5051399_n.mp4 ==================== Três Meses Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-08-11 10:55 - 2016-03-15 11:17 - 00000000 ____D C:\Users\Erika\AppData\Roaming\Skype 2016-08-11 10:52 - 2009-07-14 01:34 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-08-11 10:52 - 2009-07-14 01:34 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-08-11 10:44 - 2016-01-07 09:38 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-11 10:44 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-08-10 19:28 - 2016-01-07 10:15 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-08-10 19:09 - 2016-01-07 09:38 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-08-10 10:12 - 2016-01-07 09:20 - 01602708 _____ C:\Windows\system32\PerfStringBackup.INI 2016-08-10 10:12 - 2009-07-29 15:38 - 00706932 _____ C:\Windows\system32\prfh0416.dat 2016-08-10 10:12 - 2009-07-29 15:38 - 00147126 _____ C:\Windows\system32\prfc0416.dat 2016-08-10 10:12 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf 2016-08-10 03:17 - 2016-01-07 09:15 - 00000000 ____D C:\Users\Erika 2016-08-08 20:11 - 2016-01-07 09:38 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-08-08 20:11 - 2016-01-07 09:38 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-08-08 19:44 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\NDF 2016-08-07 17:52 - 2016-04-10 10:35 - 00000000 ____D C:\Users\Erika\AppData\Local\ElevatedDiagnostics 2016-08-07 13:33 - 2016-01-07 10:10 - 00002003 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2016-08-07 13:29 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\registration 2016-08-07 13:29 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\AppCompat 2016-08-06 11:06 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-08-05 09:02 - 2016-01-07 10:09 - 00224616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2016-08-02 15:58 - 2016-01-07 10:16 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-07-30 14:28 - 2009-07-14 01:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-07-26 14:24 - 2016-01-07 09:40 - 00406184 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-07-15 09:30 - 2016-01-07 10:15 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-07-15 09:30 - 2016-01-07 10:15 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2016-07-13 14:02 - 2016-01-07 10:09 - 00438296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2016-07-12 13:29 - 2016-01-07 10:15 - 00000000 ____D C:\Windows\system32\Macromed ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente