Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) VersÃ£o: 01-03-2017
Executado por Oem (administrador) em OEM-PC (02-03-2017 14:03:51)
Executando a partir de C:\Users\Oem\Downloads
Perfis Carregados: Oem (Perfis DisponÃ­veis: Oem)
Platform: Windows 7 Professional (X64) Idioma: PortuguÃªs (Brasil)
Internet Explorer VersÃ£o 8 (Navegador padrÃ£o: Chrome)
Modo da InicializaÃ§Ã£o: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluÃ­da na fixlist, o processo serÃ¡ fechado. O arquivo nÃ£o serÃ¡ movido.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Kingsoft Corporation) C:\Program Files (x86)\cmcm\Clean Master\cmcore.exe
(Kingsoft Corporation) C:\Program Files (x86)\cmcm\Clean Master\cmtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Valve Corporation) C:\Program Files (x86)\Razer\Razer Services\GSS\SteamCmd\steamerrorreporter.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\FPSRunner32.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\x64\FPSRunner64.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzFpsApplet\RzFpsApplet.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Oem\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Oem\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Oem\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Oem\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registro (Whitelisted) ====================

(Se uma entrada for incluÃ­da na fixlist, o Ã­tem no Registro serÃ¡ restaurado para o padrÃ£o ou removido. O arquivo nÃ£o serÃ¡ movido.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6962720 2009-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-26] (AVAST Software)
HKLM-x32\...\Run: [cmsc] => c:\program files (x86)\cmcm\Clean Master\cmtray.exe [771912 2017-01-03] (Kingsoft Corporation)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe [222160 2016-09-28] (Razer Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5566984 2017-02-02] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3334502368-2637348180-3641649268-1000\...\Run: [uTorrent] => C:\Users\Oem\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-02-26] (BitTorrent Inc.)
HKU\S-1-5-21-3334502368-2637348180-3641649268-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-18] (Valve Corporation)
HKU\S-1-5-21-3334502368-2637348180-3641649268-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3334502368-2637348180-3641649268-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-22] (Disc Soft Ltd)
HKU\S-1-5-21-3334502368-2637348180-3641649268-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3334502368-2637348180-3641649268-1000\...\MountPoints2: {36fb762e-dffd-11e6-94f0-eed9a98cc5f5} - E:\setup\rsrc\Autorun.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-26] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-26] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SkyShield.lnk [2017-01-07]
ShortcutTarget: SkyShield.lnk -> C:\Users\Oem\AppData\Local\SkyShield\SkyShield.exe (SkyCraft Network)
GroupPolicy: RestriÃ§Ã£o <======= ATENÃÃO
CHR HKLM\SOFTWARE\Policies\Google: RestriÃ§Ã£o <======= ATENÃÃO

==================== Internet (Whitelisted) ====================

(Se um Ã­tem for incluÃ­do na fixlist, sendo um Ã­tem do Registro, serÃ¡ removido ou restaurado para o padrÃ£o.)

Hosts: HÃ¡ mais de uma entrada no Hosts. Veja a seÃ§Ã£o Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.3.3
Tcpip\..\Interfaces\{9AF7736E-75A1-4F1C-9E8E-A70D6B1E03A2}: [DhcpNameServer] 192.168.1.1 192.168.3.3

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bitmontr_17_04&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FyByCzytDtD0DyCzztDtN0D0Tzu0StCzzyEzytN1L2XzutAtFtByDtFtCtFtCtCyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyCyC0EyEyEyBzztGtAyCyBtBtGyC0BtA0CtGyDyBzy0DtG0C0AtAzztB0CtBtByDyBtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyEtDyCzztA0DyDtGzz0AtCyCtGyEyDtCtBtG0B0DyD0BtGyEtBtAyEyDyEyCzyyD0AtCtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyCzzyC%26cr%3D1376823108%26a%3Dwbf_bitmontr_17_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bitmontr_17_04&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FyByCzytDtD0DyCzztDtN0D0Tzu0StCzzyEzytN1L2XzutAtFtByDtFtCtFtCtCyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyCyC0EyEyEyBzztGtAyCyBtBtGyC0BtA0CtGyDyBzy0DtG0C0AtAzztB0CtBtByDyBtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyEtDyCzztA0DyDtGzz0AtCyCtGyEyDtCtBtG0B0DyD0BtGyEtBtAyEyDyEyCzyyD0AtCtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyCzzyC%26cr%3D1376823108%26a%3Dwbf_bitmontr_17_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKU\S-1-5-21-3334502368-2637348180-3641649268-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bitmontr_17_04&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FyByCzytDtD0DyCzztDtN0D0Tzu0StCzzyEzytN1L2XzutAtFtByDtFtCtFtCtCyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyCyC0EyEyEyBzztGtAyCyBtBtGyC0BtA0CtGyDyBzy0DtG0C0AtAzztB0CtBtByDyBtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyEtDyCzztA0DyDtGzz0AtCyCtGyEyDtCtBtG0B0DyD0BtGyEtBtAyEyDyEyCzyyD0AtCtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyCzzyC%26cr%3D1376823108%26a%3Dwbf_bitmontr_17_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKU\S-1-5-21-3334502368-2637348180-3641649268-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bitmontr_17_04&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FyByCzytDtD0DyCzztDtN0D0Tzu0StCzzyEzytN1L2XzutAtFtByDtFtCtFtCtCyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyCyC0EyEyEyBzztGtAyCyBtBtGyC0BtA0CtGyDyBzy0DtG0C0AtAzztB0CtBtByDyBtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyEtDyCzztA0DyDtGzz0AtCyCtGyEyDtCtBtG0B0DyD0BtGyEtBtAyEyDyEyCzyyD0AtCtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyCzzyC%26cr%3D1376823108%26a%3Dwbf_bitmontr_17_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bitmontr_17_04&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FyByCzytDtD0DyCzztDtN0D0Tzu0StCzzyEzytN1L2XzutAtFtByDtFtCtFtCtCyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyCyC0EyEyEyBzztGtAyCyBtBtGyC0BtA0CtGyDyBzy0DtG0C0AtAzztB0CtBtByDyBtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyEtDyCzztA0DyDtGzz0AtCyCtGyEyDtCtBtG0B0DyD0BtGyEtBtAyEyDyEyCzyyD0AtCtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyCzzyC%26cr%3D1376823108%26a%3Dwbf_bitmontr_17_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bitmontr_17_04&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FyByCzytDtD0DyCzztDtN0D0Tzu0StCzzyEzytN1L2XzutAtFtByDtFtCtFtCtCyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyCyC0EyEyEyBzztGtAyCyBtBtGyC0BtA0CtGyDyBzy0DtG0C0AtAzztB0CtBtByDyBtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyEtDyCzztA0DyDtGzz0AtCyCtGyEyDtCtBtG0B0DyD0BtGyEtBtAyEyDyEyCzyyD0AtCtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyCzzyC%26cr%3D1376823108%26a%3Dwbf_bitmontr_17_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bitmontr_17_04&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FyByCzytDtD0DyCzztDtN0D0Tzu0StCzzyEzytN1L2XzutAtFtByDtFtCtFtCtCyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyCyC0EyEyEyBzztGtAyCyBtBtGyC0BtA0CtGyDyBzy0DtG0C0AtAzztB0CtBtByDyBtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyEtDyCzztA0DyDtGzz0AtCyCtGyEyDtCtBtG0B0DyD0BtGyEtBtAyEyDyEyCzyyD0AtCtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyCzzyC%26cr%3D1376823108%26a%3Dwbf_bitmontr_17_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3334502368-2637348180-3641649268-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bitmontr_17_04&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FyByCzytDtD0DyCzztDtN0D0Tzu0StCzzyEzytN1L2XzutAtFtByDtFtCtFtCtCyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyCyC0EyEyEyBzztGtAyCyBtBtGyC0BtA0CtGyDyBzy0DtG0C0AtAzztB0CtBtByDyBtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyEtDyCzztA0DyDtGzz0AtCyCtGyEyDtCtBtG0B0DyD0BtGyEtBtAyEyDyEyCzyyD0AtCtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyCzzyC%26cr%3D1376823108%26a%3Dwbf_bitmontr_17_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3334502368-2637348180-3641649268-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bitmontr_17_04&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FyByCzytDtD0DyCzztDtN0D0Tzu0StCzzyEzytN1L2XzutAtFtByDtFtCtFtCtCyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEyCyC0EyEyEyBzztGtAyCyBtBtGyC0BtA0CtGyDyBzy0DtG0C0AtAzztB0CtBtByDyBtC0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyEtDyCzztA0DyDtGzz0AtCyCtGyEyDtCtBtG0B0DyD0BtGyEtBtAyEyDyEyCzyyD0AtCtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyCzzyC%26cr%3D1376823108%26a%3Dwbf_bitmontr_17_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2017-01-03] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2017-01-03] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Oem\AppData\Roaming\Mozilla\Firefox\Profiles\ae3mg95i.default [2017-03-02]
FF Extension: (Firefox Hotfix) - C:\Users\Oem\AppData\Roaming\Mozilla\Firefox\Profiles\ae3mg95i.default\Extensions\firefox-hotfix@mozilla.org.xpi [2017-03-01]
FF Extension: (SQLite Manager) - C:\Users\Oem\AppData\Roaming\Mozilla\Firefox\Profiles\ae3mg95i.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2017-02-26]
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2017-01-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2017-01-03] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-02] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)

Chrome: 
=======
CHR HomePage: Default -> hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=58553e7bb28bbd2b508210553e51e806
CHR StartupUrls: Default -> "hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=58553e7bb28bbd2b508210553e51e806"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default [2017-03-02]
CHR Extension: (Google ApresentaÃ§Ãµes) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-02]
CHR Extension: (Google Docs) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-02]
CHR Extension: (Google Drive) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-02]
CHR Extension: (Dark Skin for Youtubeâ¢) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2017-02-26]
CHR Extension: (Razer) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbcjclholhnenkngiajifpenjnklokk [2017-02-26]
CHR Extension: (YouTube) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-02]
CHR Extension: (Smart Pause for YouTube) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcflkimagfnicklojfonbbcppnikogih [2017-02-26]
CHR Extension: (Spider-Man News) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghkadandlfjjohcgomaeogbiabjcfki [2017-01-02]
CHR Extension: (MopeX - Ultimate Mope.io Mods + Sandbox) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ealcighliccncahjkkggpchpcbphfaok [2017-01-31]
CHR Extension: (Planilhas do Google) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-02]
CHR Extension: (Documentos Google off-line) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-02]
CHR Extension: (Webcam Toy) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2017-01-02]
CHR Extension: (Comic Webcam) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfffhmndpldceogndeognocbpmlgdemi [2017-01-02]
CHR Extension: (Skype) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-02-26]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Gmail) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-02]
CHR Extension: (Chrome Media Router) - C:\Users\Oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-26]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3334502368-2637348180-3641649268-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx

==================== ServiÃ§os (Whitelisted) ====================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7142136 2017-02-26] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-26] (AVAST Software)
S2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [146912 2017-01-18] (Byte Technologies LLC)
R2 cmcore; c:\program files (x86)\cmcm\Clean Master\cmcore.exe [315208 2017-01-03] (Kingsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2629640 2017-02-02] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2017-02-02] (LogMeIn, Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [304456 2017-02-26] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [133376 2016-09-28] (Razer Inc.)
R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S3 ACTION_SVC; C:\Program Files (x86)\Mirillis\Action!\action_svc.exe [X]

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309784 2017-02-26] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-02-26] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-02-26] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-02-26] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-02-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126088 2017-02-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-02-26] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [74680 2017-02-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [991496 2017-02-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [547904 2017-02-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-02-26] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337080 2017-02-26] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-01-21] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-01-21] (Disc Soft Ltd)
R3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [56680 2017-01-03] (Kingsoft Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
S3 xspirit; \??\C:\Windows\xspirit.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)


==================== Um MÃªs Criados arquivos e pastas ========

(Se uma entrada for incluÃ­da na fixlist, o arquivo/pasta serÃ¡ movido.)

2017-03-02 14:02 - 2017-03-02 14:03 - 00037116 _____ C:\Users\Oem\Downloads\Addition.txt
2017-03-02 14:01 - 2017-03-02 14:03 - 00024842 _____ C:\Users\Oem\Downloads\FRST.txt
2017-03-02 14:01 - 2017-03-02 14:03 - 00000000 ____D C:\FRST
2017-03-02 13:59 - 2017-03-02 14:00 - 02423808 _____ (Farbar) C:\Users\Oem\Downloads\FRST64.exe
2017-03-02 13:59 - 2017-03-02 13:59 - 01765888 _____ (Farbar) C:\Users\Oem\Downloads\FRST (2).exe
2017-03-02 13:58 - 2017-03-02 13:59 - 01765888 _____ (Farbar) C:\Users\Oem\Downloads\FRST (1).exe
2017-03-02 13:58 - 2017-03-02 13:58 - 01765888 _____ (Farbar) C:\Users\Oem\Downloads\FRST.exe
2017-03-02 13:33 - 2017-03-02 13:33 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2017-03-02 13:33 - 2017-03-02 13:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-02 13:33 - 2017-03-02 13:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-02 13:27 - 2017-03-02 13:27 - 00318760 _____ C:\Users\Oem\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-02 13:25 - 2017-03-02 13:25 - 01631200 _____ (Skype Technologies S.A.) C:\Users\Oem\Downloads\SkypeSetup.exe
2017-03-02 13:24 - 2017-03-02 13:24 - 00000000 ____D C:\Windows\system32\appmgmt
2017-03-02 13:16 - 2017-03-02 13:16 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\SWCUTemp
2017-03-02 13:16 - 2017-03-02 13:16 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-01 18:14 - 2017-03-01 18:14 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2017-03-01 18:14 - 2017-03-01 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-03-01 18:14 - 2017-03-01 18:14 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2017-03-01 14:23 - 2017-03-01 14:23 - 00394736 _____ C:\Users\Oem\Downloads\musica-3.mp3.sfk
2017-02-28 22:13 - 2017-02-28 22:14 - 00726315 _____ C:\Users\Oem\Downloads\FMR 5.0 (Edit by ComicArts e BrazDzn).lib4d
2017-02-28 21:32 - 2017-02-28 22:12 - 50428364 _____ C:\Users\Oem\Downloads\Rigs Exclusivas YasDzn.rar
2017-02-28 19:07 - 2017-02-28 19:14 - 08278016 _____ C:\Users\Oem\Downloads\hamachi.msi
2017-02-27 13:17 - 2017-02-27 13:24 - 42198639 _____ C:\Users\Oem\Documents\Untitled.wmv
2017-02-26 13:43 - 2017-02-26 13:43 - 00062424 _____ C:\Users\Oem\Documents\Track 2 - 1.sfk
2017-02-26 13:39 - 2017-02-26 13:43 - 15966962 _____ C:\Users\Oem\Documents\Track 2 - 1.wav
2017-02-26 12:47 - 2017-02-26 12:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-26 09:39 - 2017-02-27 22:27 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\Mozilla
2017-02-26 09:39 - 2017-02-27 22:27 - 00000000 ____D C:\ProgramData\Mozilla
2017-02-26 09:39 - 2017-02-26 09:39 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-26 09:39 - 2017-02-26 09:39 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-02-26 09:39 - 2017-02-26 09:39 - 00000000 ____D C:\Users\Oem\AppData\Roaming\Mozilla
2017-02-26 08:46 - 2014-12-09 20:21 - 00000000 ____D C:\sqlite-amalgamation-3080704
2017-02-26 08:41 - 2017-03-01 12:04 - 00000427 _____ C:\Users\Oem\Desktop\Downloads.lnk
2017-02-26 08:40 - 2017-03-02 13:22 - 00000266 _____ C:\Windows\Tasks\{5AB1FBB4-0223-4BCB-A4D8-863CB1F1CE21}.job
2017-02-26 08:40 - 2017-02-26 08:40 - 00003198 _____ C:\Windows\System32\Tasks\{5AB1FBB4-0223-4BCB-A4D8-863CB1F1CE21}
2017-02-26 08:28 - 2017-02-26 08:28 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-02-26 08:28 - 2017-02-26 08:28 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-02-26 08:26 - 2017-02-26 08:26 - 00334600 ____C (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-02-26 08:26 - 2017-02-26 08:26 - 00309784 ____C (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-02-26 08:26 - 2017-02-26 08:26 - 00189768 ____C (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-02-26 08:26 - 2017-02-26 08:26 - 00048528 ____C (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-02-24 15:15 - 2017-02-24 15:15 - 00003352 ____N C:\bootsqm.dat
2017-02-23 14:24 - 2017-02-23 14:24 - 00000000 ____D C:\Users\Oem\Documents\My Games
2017-02-10 14:08 - 2017-02-27 22:27 - 00000000 ____D C:\Windows\Minidump
2017-02-02 14:13 - 2017-02-02 14:13 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys
2017-01-31 14:18 - 2017-01-31 14:18 - 00000132 _____ C:\Users\Oem\AppData\Roaming\PreferÃªncias do Formato PNG do Adobe CS6
2017-01-31 10:32 - 2017-01-31 10:32 - 00000000 ____D C:\Users\Oem\AppData\Local\{0F376500-DFBE-47DE-A1F0-B86761A82BF2}
2017-01-31 10:31 - 2017-01-31 10:32 - 00000000 ____D C:\Users\Oem\AppData\Local\UmmyVideoDownloader
2017-01-31 10:31 - 2017-01-31 10:31 - 00001180 _____ C:\Users\Oem\Desktop\UmmyVideoDownloader.lnk
2017-01-31 10:31 - 2017-01-31 10:31 - 00000000 ____D C:\Users\Oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader
2017-01-31 10:00 - 2017-01-31 10:00 - 00000746 _____ C:\Users\Oem\Desktop\FaceRig.lnk
2017-01-31 10:00 - 2017-01-31 10:00 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\Steam
2017-01-31 10:00 - 2017-01-31 10:00 - 00000000 ____D C:\Users\Oem\Documents\Holotech
2017-01-31 10:00 - 2017-01-31 10:00 - 00000000 ____D C:\ProgramData\Steam
2017-01-31 09:56 - 2017-01-31 21:50 - 00000000 ____D C:\4739e87e838797704ad275016d2bd8cd
2017-01-31 09:56 - 2017-01-31 09:56 - 01193161 _____ C:\Windows\unins002.exe
2017-01-31 09:55 - 2017-01-31 09:55 - 01193161 _____ C:\Windows\unins001.exe
2017-01-31 08:55 - 2017-01-31 09:56 - 00005110 _____ C:\Windows\unins002.dat
2017-01-31 08:55 - 2017-01-31 09:56 - 00000000 ____D C:\Program Files (x86)\Larmkanal
2017-01-31 08:53 - 2017-01-31 09:55 - 00005092 _____ C:\Windows\unins001.dat
2017-01-31 08:53 - 2017-01-31 09:55 - 00000000 ____D C:\Program Files (x86)\Phosgene
2017-01-31 08:48 - 2017-01-31 08:48 - 00000000 ____D C:\Program Files (x86)\directx
2017-01-31 08:47 - 2017-01-31 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FaceRig

==================== Um MÃªs Modificados arquivos e pastas ========

(Se uma entrada for incluÃ­da na fixlist, o arquivo/pasta serÃ¡ movido.)

2017-03-02 13:51 - 2017-01-05 12:49 - 00000000 ____D C:\Users\Oem\AppData\Local\LogMeIn Hamachi
2017-03-02 13:38 - 2017-01-07 18:03 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\{E168240B-6B2A-AECD-EDEC-308F77AEBB41}
2017-03-02 13:38 - 2017-01-07 18:03 - 00000000 ____D C:\ProgramData\{E168240B-6B2A-AECD-EDEC-308F77AEBB41}
2017-03-02 13:33 - 2017-01-02 14:58 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\Skype
2017-03-02 13:33 - 2017-01-02 14:58 - 00000000 ____D C:\ProgramData\Skype
2017-03-02 13:28 - 2009-07-14 01:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-02 13:28 - 2009-07-14 01:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-02 13:27 - 2017-01-23 15:37 - 00000000 ____D C:\Program Files\ByteFence
2017-03-02 13:26 - 2017-01-02 15:03 - 00000000 ____D C:\Users\Oem\AppData\Roaming\uTorrent
2017-03-02 13:26 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-03-02 13:21 - 2017-01-19 17:31 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\Package Cache
2017-03-02 13:21 - 2017-01-19 17:31 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-02 13:21 - 2017-01-02 14:58 - 00000000 ____D C:\Users\Oem\AppData\Roaming\Skype
2017-03-02 13:18 - 2017-01-07 11:45 - 00000000 ____D C:\Users\Oem\AppData\Local\SkyShield
2017-03-02 13:17 - 2017-01-02 17:08 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-02 13:15 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-28 19:20 - 2017-01-02 14:10 - 00001386 _____ C:\Users\Oem\Desktop\nativelog.txt
2017-02-28 19:19 - 2017-01-02 13:55 - 00000000 ____D C:\Users\Oem\AppData\Roaming\.minecraft
2017-02-28 18:45 - 2017-01-05 13:08 - 00000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-02-27 13:06 - 2017-01-02 18:10 - 00000000 ____D C:\Games
2017-02-27 13:05 - 2017-01-12 17:44 - 00000000 ____D C:\Users\Oem\Desktop\motionjoy
2017-02-27 12:24 - 2017-01-02 21:15 - 00000000 ____D C:\Users\Oem\AppData\Roaming\PhotoScape
2017-02-26 20:10 - 2017-01-07 20:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-26 16:32 - 2017-01-05 10:38 - 00000000 ____D C:\Users\Oem\AppData\Roaming\.technic
2017-02-26 16:27 - 2017-01-05 17:51 - 00000000 ____D C:\Users\Oem\Desktop\mods 1.7.10
2017-02-26 15:05 - 2017-01-12 20:13 - 04734784 _____ () C:\Users\Oem\Desktop\TechnicLauncher.exe
2017-02-26 14:55 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2017-02-26 14:42 - 2017-01-02 13:53 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-02-26 14:06 - 2017-01-02 13:49 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-26 09:22 - 2017-01-25 12:41 - 00000209 _____ C:\Users\Oem\AppData\Roaming\WB.CFG
2017-02-26 09:20 - 2017-01-07 20:19 - 00000000 ____D C:\Users\Oem\AppData\LocalLow\Mozilla
2017-02-26 08:40 - 2017-01-23 15:39 - 00000000 ____D C:\Users\Oem\AppData\Roaming\4042b573ed028fb0608516ae55baaede
2017-02-26 08:29 - 2017-01-02 15:06 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-02-26 08:28 - 2017-01-02 15:06 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-02-26 08:28 - 2017-01-02 15:06 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148810854523204
2017-02-26 08:28 - 2017-01-02 15:06 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-02-26 08:28 - 2017-01-02 15:06 - 00126088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-02-26 08:28 - 2017-01-02 15:06 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-02-26 08:28 - 2017-01-02 15:06 - 00074680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-02-26 08:28 - 2017-01-02 15:06 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-02-26 08:27 - 2017-01-02 15:06 - 00991496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-02-23 15:38 - 2017-01-21 17:03 - 00000000 ____D C:\Users\Oem\AppData\Roaming\DAEMON Tools Lite
2017-02-19 13:24 - 2016-12-27 15:55 - 00000000 ____D C:\Intel
2017-02-15 16:11 - 2009-07-29 12:58 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2017-02-15 16:11 - 2009-07-29 12:58 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2017-02-15 16:11 - 2009-07-14 02:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-08 13:27 - 2009-07-14 02:08 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-31 10:06 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
2017-01-31 09:32 - 2009-07-14 04:47 - 00000000 ____D C:\Program Files\Windows Journal
2017-01-31 09:32 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\SysWOW64\winrm
2017-01-31 09:32 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2017-01-31 09:32 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-01-31 09:32 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\Windows Defender
2017-01-31 09:32 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-01-31 09:32 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2017-01-31 09:32 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-01-31 09:32 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-01-31 09:32 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2017-01-31 09:31 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\SysWOW64\WCN
2017-01-31 09:31 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2017-01-31 09:31 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\winrm
2017-01-31 09:31 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\WCN
2017-01-31 09:31 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\slmgr
2017-01-31 09:31 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2017-01-31 09:31 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-01-31 09:31 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\migwiz
2017-01-31 09:31 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\Dism

==================== Arquivos na raiz de alguns diretÃ³rios =======

2017-01-31 14:18 - 2017-01-31 14:18 - 0000132 _____ () C:\Users\Oem\AppData\Roaming\PreferÃªncias do Formato PNG do Adobe CS6
2017-01-25 12:41 - 2017-02-26 09:22 - 0000209 _____ () C:\Users\Oem\AppData\Roaming\WB.CFG

Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{5AB1FBB4-0223-4BCB-A4D8-863CB1F1CE21}.job


Alguns arquivos em TEMP:
====================
2017-03-02 13:20 - 2017-03-02 13:27 - 14456872 _____ (Microsoft Corporation) C:\Users\Oem\AppData\Local\Temp\vc_redist.x86.exe

==================== Bamital & volsnap ======================

(NÃ£o hÃ¡ correÃ§Ã£o automÃ¡tica para arquivos que nÃ£o passaram na verificaÃ§Ã£o.)

C:\Windows\system32\winlogon.exe => O arquivo Ã© assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo Ã© assinado digitalmente
C:\Windows\explorer.exe => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo Ã© assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo Ã© assinado digitalmente
C:\Windows\system32\services.exe => O arquivo Ã© assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo Ã© assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo Ã© assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo Ã© assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo Ã© assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo Ã© assinado digitalmente

LastRegBack: 2017-01-31 08:13

==================== Fim de FRST.txt ============================