Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 15-03-2017
Executado por Us Treezy (administrador) em USTREEZY-PC (15-03-2017 12:18:19)
Executando a partir de C:\Users\Us Treezy\Desktop
Perfis Carregados: Us Treezy (Perfis Disponíveis: Us Treezy)
Platform: Windows 7 Professional (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() C:\Program Files (x86)\WeatherTool\2.0.1.11244\WeatherService.exe
() C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshotServ.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(ShenZhen Enode Techology co,.Ltd) C:\Program Files (x86)\WeatherTool\2.0.1.11244\weather.exe
() C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshot.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(PortableAppZ.blogspot.com) C:\Users\Us Treezy\Desktop\PhotoshopPortable\PhotoshopCS6Portable.exe
(Adobe Systems, Incorporated) C:\Users\Us Treezy\Desktop\PhotoshopPortable\App\PhotoshopCS6_x64\Photoshop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM-x32\...\Run: [avast5] => C:\Program Files\Alwil Software\Avast5\avastUI.exe [3396624 2011-01-13] (AVAST Software)
HKU\S-1-5-21-3307409709-3406038262-757881656-1000\...\Run: [UHIUMSEAL] => C:\Users\Us Treezy\AppData\Local\configurations\SBtoolzcharp0.exe
HKU\S-1-5-21-3307409709-3406038262-757881656-1000\...\MountPoints2: {0c180a57-2810-11e6-9939-001060d1e763} - F:\LGAutoRun.exe
HKU\S-1-5-21-3307409709-3406038262-757881656-1000\...\MountPoints2: {1810d9af-6897-11e5-962f-806e6f6e6963} - D:\Startup.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyServer: [S-1-5-21-3307409709-3406038262-757881656-1000] => 189.8.69.36:80
Tcpip\Parameters: [DhcpNameServer] 189.7.88.27 189.7.88.32
Tcpip\..\Interfaces\{7DC97D42-F333-47FA-9987-6E2238B82654}: [DhcpNameServer] 189.7.88.27 189.7.88.32
Tcpip\..\Interfaces\{DCFE5737-502C-4739-B68C-513A369C548F}: [DhcpNameServer] 189.7.88.27 189.7.88.32

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=4daa39da274d647146710e04d5eec662
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=4daa39da274d647146710e04d5eec662
HKU\S-1-5-21-3307409709-3406038262-757881656-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=4daa39da274d647146710e04d5eec662
HKU\S-1-5-21-3307409709-3406038262-757881656-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQsBUl9EFVEXbQxcB1xcFVESeBRaVg1ADA0RIV8PBQ1GGFFHch9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWFML3JWDk4=&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQsBUl9EFVEXbQxcB1xcFVESeBRaVg1ADA0RIV8PBQ1GGFFHch9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWFML3JWDk4=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3307409709-3406038262-757881656-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQsBUl9EFVEXbQxcB1xcFVESeBRaVg1ADA0RIV8PBQ1GGFFHch9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWFML3JWDk4=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3307409709-3406038262-757881656-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQsBUl9EFVEXbQxcB1xcFVESeBRaVg1ADA0RIV8PBQ1GGFFHch9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWFML3JWDk4=&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-12-24] (DVDVideoSoft Ltd.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2016-01-19] (DVDVideoSoft Ltd.)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-23] (Microsoft Corporation)

Chrome: 
=======
CHR HomePage: Default -> hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=4daa39da274d647146710e04d5eec662
CHR StartupUrls: Default -> "hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=4daa39da274d647146710e04d5eec662"
CHR NewTab: Default ->  Not-active:"chrome-extension://bahkljhhdeciiaodlkppoonappfnheoi/content/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Us Treezy\AppData\Local\Google\Chrome\User Data\Default [2017-03-15]
CHR Extension: (Google Apresentações) - C:\Users\Us Treezy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-01]
CHR Extension: (Google Docs) - C:\Users\Us Treezy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-01]
CHR Extension: (Google Drive) - C:\Users\Us Treezy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Search Manager) - C:\Users\Us Treezy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi [2017-03-15]
CHR Extension: (YouTube) - C:\Users\Us Treezy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Google Search) - C:\Users\Us Treezy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Planilhas do Google) - C:\Users\Us Treezy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-01]
CHR Extension: (Documentos Google off-line) - C:\Users\Us Treezy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Ad Block - Chega de Publicidade) - C:\Users\Us Treezy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjdkfeeffbfcoanbnkeedjccphcmpehm [2016-04-25]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Us Treezy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
CHR Extension: (Gmail) - C:\Users\Us Treezy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-01]
CHR Extension: (Chrome Media Router) - C:\Users\Us Treezy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384 2011-01-13] (AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-19] (Digital Wave Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-13] (Electronic Arts)
R2 TheDesktopWeatherService; C:\Program Files (x86)\WeatherTool\2.0.1.11244\WeatherService.exe [141960 2016-03-11] ()
R2 ThevSnapshotService; C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshotServ.exe [152264 2016-12-24] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2015-06-25] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [20560 2011-01-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [62032 2011-01-13] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [29264 2011-01-13] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [273488 2011-01-13] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [51792 2011-01-13] (AVAST Software)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 smserial; C:\Windows\System32\DRIVERS\SmSerl64.sys [1227776 2009-06-10] (Motorola Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [31144 2015-06-04] (TuneUp Software)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-03-15 12:18 - 2017-03-15 12:19 - 00014953 _____ C:\Users\Us Treezy\Desktop\FRST.txt
2017-03-15 12:17 - 2017-03-15 12:18 - 00000000 ____D C:\FRST
2017-03-15 12:15 - 2017-03-15 12:16 - 02424832 _____ (Farbar) C:\Users\Us Treezy\Desktop\FRST64.exe
2017-03-15 12:15 - 2017-03-15 12:15 - 01766912 _____ (Farbar) C:\Users\Us Treezy\Downloads\FRST.exe
2017-03-15 12:12 - 2017-03-15 12:13 - 00629006 _____ C:\Users\Us Treezy\Downloads\Windows6.1-KB2999226-x86.msu
2017-03-15 12:06 - 2017-03-15 12:06 - 14749120 _____ (Microsoft Corporation) C:\Users\Us Treezy\Downloads\vc_redist.x64.exe
2017-03-15 12:02 - 2017-03-15 12:02 - 00000000 ____D C:\Users\Us Treezy\Desktop\dll
2017-03-15 11:56 - 2017-03-15 11:58 - 76565008 _____ C:\Users\Us Treezy\Downloads\WacomTablet_6.3.20-7.exe
2017-03-15 11:45 - 2017-03-15 11:45 - 00000000 ____D C:\Users\Us Treezy\AppData\Roaming\Adobe
2017-03-15 11:45 - 2017-03-15 11:45 - 00000000 ____D C:\Users\Us Treezy\AppData\Local\Adobe
2017-03-15 11:45 - 2017-03-15 11:45 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2017-03-15 11:45 - 2017-03-15 11:45 - 00000000 ____D C:\ProgramData\Adobe
2017-03-15 11:45 - 2017-03-15 11:45 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-03-15 11:25 - 2017-03-15 11:27 - 76912576 _____ C:\Users\Us Treezy\Downloads\WacomTablet_6.3.21-3.exe
2017-03-14 14:43 - 2017-02-26 00:16 - 00502228 _____ C:\Users\Us Treezy\Downloads\coffeyto.ttf
2017-03-14 14:41 - 2017-03-14 14:41 - 00262367 _____ C:\Users\Us Treezy\Downloads\coffeyto.zip
2017-03-13 13:38 - 2017-03-13 13:38 - 00078833 _____ C:\Users\Us Treezy\Downloads\63911.pdf
2017-03-13 13:38 - 2017-03-13 13:38 - 00078471 _____ C:\Users\Us Treezy\Downloads\2541047.pdf
2017-03-13 13:38 - 2017-03-13 13:38 - 00077753 _____ C:\Users\Us Treezy\Downloads\58561.pdf
2017-03-10 14:32 - 2017-03-10 14:32 - 00006214 _____ C:\Users\Us Treezy\Downloads\smime (1).p7s
2017-03-02 18:58 - 2017-03-02 18:58 - 00007415 _____ C:\Users\Us Treezy\Downloads\video_1488544257.zip
2017-02-24 09:02 - 2017-02-24 09:02 - 00069446 _____ C:\Users\Us Treezy\Downloads\WhatsApp Image 2017-02-21 at 21.09.38 (2).jpeg
2017-02-24 09:02 - 2017-02-24 09:02 - 00065052 _____ C:\Users\Us Treezy\Downloads\WhatsApp Image 2017-02-21 at 21.09.38 (1).jpeg
2017-02-24 09:01 - 2017-02-24 09:02 - 00072407 _____ C:\Users\Us Treezy\Downloads\WhatsApp Image 2017-02-21 at 21.09.38.jpeg
2017-02-23 18:25 - 2017-02-23 18:26 - 00069294 _____ C:\Users\Us Treezy\Downloads\WhatsApp Image 2017-02-22 at 13.44.50.jpeg
2017-02-21 12:10 - 2017-02-21 12:10 - 00000000 _____ C:\Users\Us Treezy\AppData\Local\FLOOPER417.T33
2017-02-21 12:08 - 2017-02-23 18:52 - 00000000 ____D C:\Users\Us Treezy\AppData\Local\configurations
2017-02-21 12:06 - 2017-02-21 12:07 - 01955530 _____ C:\Users\Us Treezy\Downloads\Adobe F Player - 2017 .exe
2017-02-20 20:05 - 2017-02-20 20:05 - 00034975 _____ C:\Users\Us Treezy\Downloads\photographs.zip
2017-02-20 20:05 - 2015-10-15 14:00 - 00065476 _____ C:\Users\Us Treezy\Downloads\Photographs.ttf
2017-02-20 19:31 - 2016-12-31 03:55 - 00000815 _____ C:\Users\Us Treezy\Downloads\Readme.txt
2017-02-20 19:31 - 2016-12-31 02:55 - 00088876 _____ C:\Users\Us Treezy\Downloads\Om Telolet Om.ttf
2017-02-20 19:31 - 2016-12-31 02:55 - 00041252 _____ C:\Users\Us Treezy\Downloads\Om Telolet Om.otf
2017-02-20 19:30 - 2017-02-20 19:30 - 00080523 _____ C:\Users\Us Treezy\Downloads\om_telolet_om.zip
2017-02-20 17:30 - 2017-01-29 21:19 - 00413556 ____N C:\Users\Us Treezy\Downloads\DeliverDEMO.otf
2017-02-20 17:30 - 2017-01-25 01:07 - 00000732 ____N C:\Users\Us Treezy\Downloads\pizzadudedotdk.txt
2017-02-20 17:29 - 2017-02-20 17:29 - 00277878 _____ C:\Users\Us Treezy\Downloads\deliver.zip
2017-02-20 17:24 - 2017-02-20 17:24 - 00121372 _____ C:\Users\Us Treezy\Downloads\italiano.zip
2017-02-20 17:24 - 2017-02-16 20:58 - 00162804 _____ C:\Users\Us Treezy\Downloads\Italiano.otf
2017-02-20 15:02 - 2007-03-30 11:12 - 00084284 _____ C:\Users\Us Treezy\Downloads\deathrattlebb_reg.ttf
2017-02-20 15:02 - 2006-11-29 17:23 - 00001103 _____ C:\Users\Us Treezy\Downloads\font info.txt
2017-02-20 14:57 - 2017-02-20 14:57 - 00634342 _____ C:\Users\Us Treezy\Downloads\wc_roughtrad_bta.zip
2017-02-20 14:57 - 2006-03-08 22:35 - 00103797 ____R C:\Users\Us Treezy\Downloads\WC_ROUGHTRAD_BTA.pdf
2017-02-20 14:57 - 2006-03-08 22:25 - 00254304 ____R C:\Users\Us Treezy\Downloads\WC_RoughTrad.otf
2017-02-20 14:57 - 2006-03-08 22:24 - 00689936 ____R C:\Users\Us Treezy\Downloads\WC_RoughTrad.ttf
2017-02-20 14:56 - 2017-02-20 14:57 - 00050685 _____ C:\Users\Us Treezy\Downloads\deathrattle_bb.zip
2017-02-18 09:16 - 2017-02-18 09:16 - 00025247 _____ C:\Users\Us Treezy\Downloads\WhatsApp Image 2017-02-18 at 09.16.12.jpeg
2017-02-16 15:20 - 2017-03-14 13:42 - 00000000 ____D C:\Users\Us Treezy\Desktop\FOTOSHOP MONTAGENS
2017-02-16 14:46 - 2015-09-17 08:18 - 00000500 _____ C:\Users\Us Treezy\Downloads\Another America (Personal Use) - READ ME.txt
2017-02-16 14:46 - 2015-09-17 08:03 - 00051528 _____ C:\Users\Us Treezy\Downloads\Another America.otf
2017-02-16 14:46 - 2015-09-17 08:03 - 00044752 _____ C:\Users\Us Treezy\Downloads\Another America.ttf
2017-02-16 14:38 - 2014-08-24 18:12 - 00182796 _____ C:\Users\Us Treezy\Downloads\Carnaval de Mai.ttf
2017-02-16 14:34 - 2017-02-16 14:35 - 00118632 _____ C:\Users\Us Treezy\Downloads\carnaval_de_mai.zip
2017-02-16 14:32 - 2017-02-16 14:33 - 01098491 _____ C:\Users\Us Treezy\Downloads\another_america.zip
2017-02-16 14:28 - 1998-09-07 15:26 - 00129780 _____ C:\Users\Us Treezy\Downloads\fonte13
2017-02-16 14:21 - 1998-10-04 09:28 - 00002572 _____ C:\Users\Us Treezy\Downloads\Sketchy.txt
2017-02-16 14:21 - 1998-09-07 15:26 - 00129780 _____ C:\Users\Us Treezy\Downloads\sketchy.ttf
2017-02-16 14:10 - 2017-02-16 14:10 - 00033556 _____ C:\Users\Us Treezy\Downloads\WhatsApp Image 2017-02-16 at 14.09.47.jpeg
2017-02-16 14:10 - 2017-02-16 14:10 - 00031764 _____ C:\Users\Us Treezy\Downloads\WhatsApp Image 2017-02-16 at 14.09.43.jpeg
2017-02-16 14:09 - 2017-02-16 14:10 - 00114803 _____ C:\Users\Us Treezy\Downloads\WhatsApp Image 2017-02-16 at 14.09.51.jpeg
2017-02-16 13:00 - 2017-02-16 13:00 - 00086474 _____ C:\Users\Us Treezy\Downloads\sketchy.zip
2017-02-15 15:46 - 2017-02-15 15:46 - 00133293 _____ C:\Users\Us Treezy\Downloads\WhatsApp Image 2017-02-15 at 15.46.17.jpeg
2017-02-15 15:46 - 2017-02-15 15:46 - 00124285 _____ C:\Users\Us Treezy\Downloads\WhatsApp Image 2017-02-15 at 15.46.17 (1).jpeg
2017-02-15 15:46 - 2017-02-15 15:46 - 00124125 _____ C:\Users\Us Treezy\Downloads\WhatsApp Image 2017-02-15 at 15.46.17 (2).jpeg
2017-02-15 09:45 - 2017-02-15 09:45 - 00000000 ____D C:\Users\Us Treezy\AppData\Roaming\Adobe-BackupByPhotoshopCS6Portable
2017-02-15 09:45 - 2017-02-15 09:45 - 00000000 ____D C:\Users\Us Treezy\AppData\Local\Adobe-BackupByPhotoshopCS6Portable
2017-02-15 09:45 - 2017-02-15 09:45 - 00000000 ____D C:\Users\Todos os Usuários\Adobe-BackupByPhotoshopCS6Portable
2017-02-15 09:45 - 2017-02-15 09:45 - 00000000 ____D C:\ProgramData\Adobe-BackupByPhotoshopCS6Portable
2017-02-07 08:47 - 2017-02-07 08:47 - 00017652 _____ C:\Users\Us Treezy\Downloads\WhatsApp Image 2017-02-07 at 09.47.43.jpeg
2017-02-06 16:03 - 2017-02-06 16:04 - 00044180 _____ C:\Users\Us Treezy\Downloads\05511519953 (4).pdf
2017-02-04 11:43 - 2017-02-04 11:45 - 72123282 _____ C:\Users\Us Treezy\Downloads\Beat trezzy (Prod.Affonso beats).wav
2017-02-02 18:57 - 2017-02-02 18:57 - 00284552 _____ C:\Windows\Minidump\020217-18142-01.dmp
2017-02-01 04:28 - 2017-03-15 11:43 - 00000520 _____ C:\Windows\Tasks\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}.job
2017-02-01 04:28 - 2017-03-15 08:02 - 00000000 ____D C:\Users\Us Treezy\AppData\Roaming\vSnapshot
2017-02-01 04:28 - 2017-02-01 04:28 - 00003622 _____ C:\Windows\System32\Tasks\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}
2017-02-01 04:28 - 2017-02-01 04:28 - 00000000 ____D C:\Users\Us Treezy\AppData\Roaming\Tools
2017-02-01 04:28 - 2017-02-01 04:28 - 00000000 ____D C:\Users\Todos os Usuários\tools
2017-02-01 04:28 - 2017-02-01 04:28 - 00000000 ____D C:\ProgramData\tools
2017-02-01 04:28 - 2017-02-01 04:28 - 00000000 ____D C:\Program Files (x86)\vSnapshot
2017-02-01 04:28 - 2017-02-01 04:28 - 00000000 ____D C:\Program Files (x86)\Tools
2017-01-20 14:09 - 2017-03-15 11:44 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2017-01-11 16:51 - 2017-01-11 16:51 - 00002296 _____ C:\Users\Us Treezy\Downloads\Não confirmado 27398.crdownload
2017-01-11 13:13 - 2017-01-11 13:13 - 01235069 _____ C:\Users\Us Treezy\Downloads\tattoo escrita.mp4
2016-12-29 14:38 - 2016-12-29 14:41 - 00000000 ____D C:\Users\Us Treezy\AppData\OICE_15_974FA576_32C1D314_34DB
2016-12-29 14:38 - 2016-12-29 14:38 - 00013153 _____ C:\Users\Us Treezy\Downloads\rap pexe.docx
2016-12-29 12:14 - 2016-12-29 12:15 - 05623671 _____ C:\Users\Us Treezy\Downloads\video-1483023824.mp4
2016-12-15 16:30 - 2016-12-15 16:31 - 00143575 _____ C:\Users\Us Treezy\Downloads\15387574_223750038065180_955289783_o.jpg
2016-12-15 11:06 - 2017-02-15 15:52 - 00000000 ____D C:\Users\Us Treezy\Desktop\tattoos pra postar

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-03-15 12:08 - 2015-11-05 16:36 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-03-15 12:08 - 2015-11-05 16:36 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-15 11:50 - 2009-07-29 12:58 - 00703080 _____ C:\Windows\system32\prfh0416.dat
2017-03-15 11:50 - 2009-07-29 12:58 - 00145866 _____ C:\Windows\system32\prfc0416.dat
2017-03-15 11:50 - 2009-07-14 02:13 - 01626900 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-15 11:50 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-03-15 11:45 - 2015-10-01 22:09 - 00114736 _____ C:\Users\Us Treezy\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-15 11:43 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-15 11:43 - 2009-07-14 01:45 - 00452552 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-15 11:42 - 2009-07-14 01:45 - 00009600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-15 11:42 - 2009-07-14 01:45 - 00009600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-15 08:02 - 2016-02-17 09:41 - 00000000 ____D C:\Users\Us Treezy\AppData\Roaming\WeatherTool
2017-03-14 15:10 - 2015-10-03 15:54 - 00000000 ____D C:\Users\Us Treezy\Desktop\imagens variadas
2017-03-14 13:20 - 2016-05-16 18:38 - 00000000 ____D C:\Users\Us Treezy\Desktop\bella
2017-02-24 10:38 - 2015-10-01 21:13 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-21 11:32 - 2015-11-19 13:14 - 00000000 ____D C:\Users\Us Treezy\AppData\Roaming\DVDVideoSoft
2017-02-18 08:15 - 2015-10-01 22:22 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update

==================== Arquivos na raiz de alguns diretórios =======

2017-02-21 12:10 - 2017-02-21 12:10 - 0000000 _____ () C:\Users\Us Treezy\AppData\Local\FLOOPER417.T33

Alguns arquivos em TEMP:
====================
2017-03-15 10:58 - 2017-03-15 10:59 - 76912576 _____ () C:\Users\Us Treezy\AppData\Local\Temp\mpa00460.exe
2017-03-15 11:00 - 2017-03-15 11:50 - 76912576 _____ () C:\Users\Us Treezy\AppData\Local\Temp\Setup-Wacom.exe

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll
[2009-07-13 20:38] - [2009-07-13 22:41] - 1008640 ____A (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E

C:\Windows\SysWOW64\User32.dll
[2015-10-01 23:23] - [2015-10-01 23:23] - 0833024 ____A (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356

C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2017-03-14 09:32

==================== Fim de FRST.txt ============================