Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 06-05-2017 Executado por JoseAilton (administrador) em JOSEAILTON-PC (06-05-2017 16:02:39) Executando a partir de C:\Users\JoseAilton\Downloads Perfis Carregados: JoseAilton (Perfis Disponíveis: JoseAilton) Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil) Internet Explorer Versão 8 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe () C:\Program Files\Droid4X\Droid4XService.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.551\SSScheduler.exe (Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe () C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe (Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-25] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12009176 2013-09-03] (Realtek Semiconductor) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM\...\Run: [] => [X] HKLM\...\Run: [USBToolTip] => C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH) HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe HKU\S-1-5-21-2857811469-3050701204-3814109667-1000\...\Run: [Chromium] => c:\users\joseailton\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-10-31] () ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-10-31] () ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-10-31] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-05-05] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.551\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\JoseAilton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-11-16] ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited) Startup: C:\Users\JoseAilton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de tela e Iniciador do OneNote 2007.lnk [2016-05-08] ShortcutTarget: Recorte de tela e Iniciador do OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) GroupPolicy: Restrição ? <======= ATENÇÃO CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{31393EA6-3D31-4F31-BDE3-F23EFCCE60A0}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_13¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyyE0D0EzztD0FyB0AyC0AzztB0BzztDtN0D0Tzu0StCzytCtCtN1L2XzutAtFtByBtFyEtFyCtBtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StAtCyCyBtD0FtDyDtGyB0E0DyDtG0B0AtDtAtGtAzz0AyDtG0E0FyEyDyDyE0C0D0CyEyD0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtB0D0CyBtCtD0AtG0DtB0D0AtGyE0FtAyBtG0B0F0D0BtGyCtBtDyCtC0AyDyB0Bzz0C0E2QtN0A0LzuyE%26cr%3D1500949309%26a%3Dwbf_bxinw_17_13%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate HKU\S-1-5-21-2857811469-3050701204-3814109667-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_13¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyyE0D0EzztD0FyB0AyC0AzztB0BzztDtN0D0Tzu0StCzytCtCtN1L2XzutAtFtByBtFyEtFyCtBtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StAtCyCyBtD0FtDyDtGyB0E0DyDtG0B0AtDtAtGtAzz0AyDtG0E0FyEyDyDyE0C0D0CyEyD0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtB0D0CyBtCtD0AtG0DtB0D0AtGyE0FtAyBtG0B0F0D0BtGyCtBtDyCtC0AyDyB0Bzz0C0E2QtN0A0LzuyE%26cr%3D1500949309%26a%3Dwbf_bxinw_17_13%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyyE0D0EzztD0FyB0AyC0AzztB0BzztDtN0D0Tzu0StCzytCtCtN1L2XzutAtFtByBtFyEtFyCtBtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StAtCyCyBtD0FtDyDtGyB0E0DyDtG0B0AtDtAtGtAzz0AyDtG0E0FyEyDyDyE0C0D0CyEyD0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtB0D0CyBtCtD0AtG0DtB0D0AtGyE0FtAyBtG0B0F0D0BtGyCtBtDyCtC0AyDyB0Bzz0C0E2QtN0A0LzuyE%26cr%3D1500949309%26a%3Dwbf_bxinw_17_13%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyyE0D0EzztD0FyB0AyC0AzztB0BzztDtN0D0Tzu0StCzytCtCtN1L2XzutAtFtByBtFyEtFyCtBtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StAtCyCyBtD0FtDyDtGyB0E0DyDtG0B0AtDtAtGtAzz0AyDtG0E0FyEyDyDyE0C0D0CyEyD0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtB0D0CyBtCtD0AtG0DtB0D0AtGyE0FtAyBtG0B0F0D0BtGyCtBtDyCtC0AyDyB0Bzz0C0E2QtN0A0LzuyE%26cr%3D1500949309%26a%3Dwbf_bxinw_17_13%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKU\S-1-5-21-2857811469-3050701204-3814109667-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyyE0D0EzztD0FyB0AyC0AzztB0BzztDtN0D0Tzu0StCzytCtCtN1L2XzutAtFtByBtFyEtFyCtBtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StAtCyCyBtD0FtDyDtGyB0E0DyDtG0B0AtDtAtGtAzz0AyDtG0E0FyEyDyDyE0C0D0CyEyD0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtB0D0CyBtCtD0AtG0DtB0D0AtGyE0FtAyBtG0B0F0D0BtGyCtBtDyCtC0AyDyB0Bzz0C0E2QtN0A0LzuyE%26cr%3D1500949309%26a%3Dwbf_bxinw_17_13%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKU\S-1-5-21-2857811469-3050701204-3814109667-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyyE0D0EzztD0FyB0AyC0AzztB0BzztDtN0D0Tzu0StCzytCtCtN1L2XzutAtFtByBtFyEtFyCtBtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StAtCyCyBtD0FtDyDtGyB0E0DyDtG0B0AtDtAtGtAzz0AyDtG0E0FyEyDyDyE0C0D0CyEyD0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtB0D0CyBtCtD0AtG0DtB0D0AtGyE0FtAyBtG0B0F0D0BtGyCtBtDyCtC0AyDyB0Bzz0C0E2QtN0A0LzuyE%26cr%3D1500949309%26a%3Dwbf_bxinw_17_13%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-26] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-26] (Oracle Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\JoseAilton\AppData\Roaming\Mozilla\Firefox\Profiles\o2dcxzro.default [2017-05-06] FF NewTab: Mozilla\Firefox\Profiles\o2dcxzro.default -> about:newtab FF DefaultSearchEngine: Mozilla\Firefox\Profiles\o2dcxzro.default -> Yahoo! Powered FF SelectedSearchEngine: Mozilla\Firefox\Profiles\o2dcxzro.default -> Google FF Homepage: Mozilla\Firefox\Profiles\o2dcxzro.default -> hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_13¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyyE0D0EzztD0FyB0AyC0AzztB0BzztDtN0D0Tzu0StCzytCtCtN1L2XzutAtFtByBtFyEtFyCtBtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StAtCyCyBtD0FtDyDtGyB0E0DyDtG0B0AtDtAtGtAzz0AyDtG0E0FyEyDyDyE0C0D0CyEyD0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtB0D0CyBtCtD0AtG0DtB0D0AtGyE0FtAyBtG0B0F0D0BtGyCtBtDyCtC0AyDyB0Bzz0C0E2QtN0A0LzuyE%26cr%3D1500949309%26a%3Dwbf_bxinw_17_13%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate FF SearchPlugin: C:\Users\JoseAilton\AppData\Roaming\Mozilla\Firefox\Profiles\o2dcxzro.default\searchplugins\yahoo! powered.xml [2017-04-14] FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\buscape.xml [2009-08-24] FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mercadolivre.xml [2009-08-24] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] () FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2016-05-07] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-26] (Oracle Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2009-08-24] (mozilla.org) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2017-04-04] (Adobe Systems Inc.) StartMenuInternet: FIREFOX.EXE - firefox.exe FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\422252439.js [2016-09-05] <==== ATENÇÃO (Aponta para arquivo *.cfg) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-branding.js [2009-08-24] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-l10n.js [2009-08-24] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox.js [2009-08-24] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\reporter.js [2009-08-24] FF ExtraCheck: C:\Program Files\mozilla firefox\422252439.cfg [2016-09-05] <==== ATENÇÃO Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com CHR StartupUrls: Default -> "hxxps://www.google.com.br/" CHR DefaultSearchKeyword: Default -> google.com.br CHR Profile: C:\Users\JoseAilton\AppData\Local\Google\Chrome\User Data\Default [2017-05-06] CHR Extension: (Duolingo na Web) - C:\Users\JoseAilton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2017-01-11] CHR Extension: (Google Drive) - C:\Users\JoseAilton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-08] CHR Extension: (YouTube) - C:\Users\JoseAilton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-08] CHR Extension: (Adobe Acrobat) - C:\Users\JoseAilton\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\JoseAilton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-08] CHR Extension: (Gmail) - C:\Users\JoseAilton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-08] CHR Extension: (Chrome Media Router) - C:\Users\JoseAilton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-05] CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2857811469-3050701204-3814109667-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2857811469-3050701204-3814109667-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [1002552 2017-04-11] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4153408 2017-04-11] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [935184 2016-12-06] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [606360 2017-04-11] (AVG Technologies CZ, s.r.o.) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2013-10-03] (Intel Corporation) R2 Droid4XService; C:\Program Files\Droid4X\Droid4XService.exe [279552 2016-04-28] () [Arquivo não assinado] R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2015-11-12] (Firebird Project) [Arquivo não assinado] R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [3821568 2015-11-12] (Firebird Project) [Arquivo não assinado] R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [595968 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [642520 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.551\McCHSvc.exe [321768 2017-04-18] (McAfee, Inc.) R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.5\my.ini [8967 2016-05-12] () [Arquivo não assinado] R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [376200 2013-08-01] (SafeNet Inc.) S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus.sys [23424 2016-03-02] (LG Electronics Inc.) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [24064 2016-03-02] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [28672 2016-03-02] (LG Electronics Inc.) R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [259328 2017-02-20] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [207616 2016-10-05] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [244992 2016-11-30] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [197376 2017-04-11] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [231680 2016-07-27] (AVG Technologies CZ, s.r.o.) R0 avgunivx; C:\Windows\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.) S3 cmnxusbser; C:\Windows\System32\DRIVERS\cmnxusbser.sys [130296 2015-11-24] (Wireless Data Device) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [608648 2013-08-01] (SafeNet Inc.) R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [505192 2013-08-07] (Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [25448 2013-08-07] (Intel Corporation) R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-04-25] (Intel Corporation) R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [361968 2013-04-25] (Intel Corporation) R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [793072 2013-04-25] (Intel Corporation) R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH) R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [85464 2013-09-16] (Intel Corporation) R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [33056 2011-06-15] (Realtek ) S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [49808 2012-07-03] (Realtek Corporation) S3 RTVLANPT; C:\Windows\System32\DRIVERS\RtVlan620.sys [27792 2012-08-31] (Realtek Corporation) S3 XXLHASP; c:\windows\system32\drivers\XXLHASP.sys [821248 2016-05-26] () [Arquivo não assinado] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-05-06 16:02 - 2017-05-06 16:02 - 00023322 _____ C:\Users\JoseAilton\Downloads\FRST.txt 2017-05-06 16:02 - 2017-05-06 16:02 - 00000000 ____D C:\FRST 2017-05-06 16:01 - 2017-05-06 16:02 - 01769984 _____ (Farbar) C:\Users\JoseAilton\Downloads\FRST.exe 2017-05-06 15:48 - 2017-05-06 15:48 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache 2017-05-06 15:48 - 2017-05-06 15:48 - 00000000 ____D C:\ProgramData\Package Cache 2017-05-06 15:43 - 2017-05-06 15:45 - 13969576 _____ (Microsoft Corporation) C:\Users\JoseAilton\Downloads\vc_redist.x86.exe 2017-05-06 15:34 - 2017-05-06 15:38 - 00000149 _____ C:\Users\JoseAilton\Desktop\erro.txt 2017-05-06 15:27 - 2016-09-30 10:50 - 00023232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2017-05-06 15:27 - 2016-09-30 10:50 - 00023232 _____ (Microsoft Corporation) C:\Users\JoseAilton\Downloads\api-ms-win-crt-runtime-l1-1-0.dll 2017-05-06 15:26 - 2017-05-06 15:26 - 00013250 _____ C:\Users\JoseAilton\Downloads\api-ms-win-crt-runtime-l1-1-0.zip 2017-05-06 15:20 - 2017-02-02 15:49 - 00083792 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll 2017-05-06 15:19 - 2017-02-02 15:49 - 00083792 _____ (Microsoft Corporation) C:\Users\JoseAilton\Downloads\vcruntime140.dll 2017-05-06 15:19 - 2016-10-12 09:12 - 00001983 _____ C:\Users\JoseAilton\Downloads\README.txt 2017-05-06 14:39 - 2017-05-06 14:39 - 00047609 _____ C:\Users\JoseAilton\Downloads\vcruntime140.zip 2017-05-06 14:18 - 2017-05-06 14:23 - 00000000 ____D C:\www 2017-05-06 14:14 - 2017-05-06 14:15 - 00000000 ____D C:\php 2017-05-06 14:11 - 2017-05-06 14:11 - 00000000 ____D C:\Users\JoseAilton\Desktop\PHP 2017-05-06 14:04 - 2017-05-06 14:10 - 22213466 _____ C:\Users\JoseAilton\Downloads\php-7.0.18-Win32-VC14-x86.zip 2017-05-06 14:01 - 2017-05-06 15:15 - 01396140 _____ C:\Users\JoseAilton\Downloads\Não confirmado 296033.crdownload 2017-05-05 19:33 - 2017-05-05 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2017-05-05 19:32 - 2017-05-05 19:33 - 00000000 ____D C:\Users\Todos os Usuários\McAfee Security Scan 2017-05-05 19:32 - 2017-05-05 19:33 - 00000000 ____D C:\ProgramData\McAfee Security Scan 2017-04-30 15:20 - 2017-04-30 15:21 - 04297296 _____ C:\Users\JoseAilton\Downloads\mysql-connector-java-5.1.42.zip 2017-04-30 13:34 - 2017-05-01 09:53 - 00000000 ____D C:\Users\JoseAilton\workspace 2017-04-30 13:34 - 2017-05-01 09:53 - 00000000 ____D C:\Users\JoseAilton\.eclipse 2017-04-30 13:34 - 2017-05-01 09:27 - 00000000 ____D C:\Users\JoseAilton\AppData\Local\Eclipse 2017-04-30 13:34 - 2017-05-01 09:27 - 00000000 ____D C:\Users\JoseAilton\.p2 2017-04-30 12:41 - 2017-04-30 13:32 - 318960652 _____ C:\Users\JoseAilton\Downloads\eclipse-jee-neon-3-win32.zip 2017-04-30 12:01 - 2017-04-30 12:39 - 104347466 _____ C:\Users\JoseAilton\Downloads\eclipse-java-helios-SR1-win32.zip 2017-04-26 21:36 - 2017-04-26 21:36 - 00053262 _____ C:\Users\JoseAilton\Downloads\boleto_7dee04c26cf42f1755cca8387c9529be1c5dddb4.pdf 2017-04-26 21:29 - 2017-04-26 21:30 - 00840772 _____ C:\Users\JoseAilton\Downloads\fatura.pdf 2017-04-24 20:12 - 2017-04-24 20:12 - 00158082 _____ C:\Users\JoseAilton\Downloads\52675459968 (1).pdf 2017-04-24 19:56 - 2017-04-24 19:56 - 00158082 _____ C:\Users\JoseAilton\Downloads\52675459968.pdf 2017-04-16 14:41 - 2017-04-16 14:43 - 10097579 _____ C:\Users\JoseAilton\Downloads\plaquinhas-formatura-160305191958.pdf 2017-04-16 14:36 - 2017-04-16 14:36 - 04930572 _____ C:\Users\JoseAilton\Downloads\plaquinhas-divertidas-para-casamento.pdf 2017-04-16 14:00 - 2017-04-16 14:00 - 00000000 ____D C:\Users\JoseAilton\Downloads\plaquinhas_para-festa-download_gratis 2017-04-16 12:39 - 2017-04-16 12:46 - 12568635 _____ C:\Users\JoseAilton\Downloads\plaquinhas_para-festa-download_gratis.rar 2017-04-14 22:59 - 2017-04-14 23:16 - 00000000 ____D C:\Users\JoseAilton\AppData\Local\Anvil Studio 2017-04-14 22:59 - 2017-04-14 22:59 - 00002597 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvil Studio 2015.lnk 2017-04-14 22:59 - 2017-04-14 22:59 - 00002585 _____ C:\Users\Public\Desktop\Anvil Studio.lnk 2017-04-14 22:59 - 2017-04-14 22:59 - 00000000 ____D C:\Program Files\Anvil Studio 2015 2017-04-14 22:58 - 2017-03-16 15:18 - 03978752 _____ C:\Users\JoseAilton\Downloads\astudio.msi 2017-04-14 22:58 - 2017-03-16 15:18 - 00433704 _____ () C:\Users\JoseAilton\Downloads\setup.exe 2017-04-14 22:56 - 2017-04-14 22:58 - 03675432 _____ C:\Users\JoseAilton\Downloads\anvil-studio-2017-03-01.exe 2017-04-13 17:45 - 2016-11-28 08:29 - 00050726 _____ C:\Users\JoseAilton\Desktop\Cópia_de_segurança_de_monograma andressa2.cdr 2017-04-13 17:45 - 2016-11-17 08:48 - 00137114 _____ C:\Users\JoseAilton\Desktop\Cópia_de_segurança_de_convite andressa 3.cdr 2017-04-13 17:38 - 2017-04-13 17:53 - 00000000 ____D C:\Program Files\TeamViewer 2017-04-13 17:38 - 2017-04-13 17:38 - 00001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2017-04-13 17:38 - 2017-04-13 17:38 - 00000996 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk 2017-04-13 17:38 - 2017-04-13 17:38 - 00000000 ____D C:\Users\JoseAilton\AppData\Roaming\TeamViewer 2017-04-13 17:36 - 2017-04-13 17:37 - 13189880 _____ (TeamViewer GmbH) C:\Users\JoseAilton\Downloads\TeamViewer_Setup_pt.exe 2017-04-11 12:43 - 2017-04-11 12:43 - 00197376 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys 2017-04-07 12:26 - 2016-08-10 11:22 - 11443560 _____ (MPC-HC Team ) C:\Users\JoseAilton\Desktop\MPC-HC.1.7.8.x86.exe ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2099-01-26 01:13 - 2017-02-27 09:33 - 197558272 ____N C:\Users\JoseAilton\Desktop\Rayman 2 - Revolution (USA).iso 2017-05-06 15:47 - 2009-07-14 01:34 - 00019760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-05-06 15:47 - 2009-07-14 01:34 - 00019760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-05-06 15:35 - 2016-05-26 12:24 - 00000000 _____ C:\hsrv.txt 2017-05-06 15:35 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-05-06 09:39 - 2016-05-08 21:24 - 00000000 ____D C:\Users\Todos os Usuários\MFAData 2017-05-06 09:39 - 2016-05-08 21:24 - 00000000 ____D C:\ProgramData\MFAData 2017-05-05 22:03 - 2016-05-07 21:54 - 00000000 ____D C:\Users\JoseAilton\AppData\Roaming\vlc 2017-05-05 19:33 - 2016-05-12 13:40 - 00002048 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2017-05-05 19:33 - 2016-05-12 13:40 - 00000000 ____D C:\Program Files\McAfee Security Scan 2017-05-01 20:21 - 2016-05-07 21:27 - 01636956 _____ C:\Windows\system32\PerfStringBackup.INI 2017-05-01 20:21 - 2009-07-14 05:31 - 00706108 _____ C:\Windows\system32\prfh0416.dat 2017-05-01 20:21 - 2009-07-14 05:31 - 00147446 _____ C:\Windows\system32\prfc0416.dat 2017-05-01 20:21 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf 2017-04-30 13:34 - 2016-05-07 21:25 - 00000000 ____D C:\Users\JoseAilton 2017-04-21 12:58 - 2016-07-17 13:16 - 00014368 _____ C:\Users\JoseAilton\Documents\planilha debutante.xlsx 2017-04-20 20:07 - 2016-09-07 12:55 - 00000570 _____ C:\Users\JoseAilton\AppData\Roaming\JOSEAILTON-PC.MTBF.txt 2017-04-20 20:07 - 2016-09-07 12:55 - 00000000 ____D C:\Users\JoseAilton\AppData\Local\Avid 2017-04-20 20:07 - 2016-09-05 21:07 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI 2017-04-19 20:42 - 2016-09-07 12:55 - 00000000 ____D C:\Users\JoseAilton\temp 2017-04-19 19:54 - 2016-05-08 22:00 - 00000909 _____ C:\Users\Public\Desktop\AVG Protection.lnk 2017-04-19 19:54 - 2016-05-08 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2017-04-15 17:33 - 2016-05-21 10:23 - 00000000 ____D C:\Users\JoseAilton\AppData\Local\ElevatedDiagnostics 2017-04-14 18:02 - 2009-07-14 01:33 - 00512224 _____ C:\Windows\system32\FNTCACHE.DAT 2017-04-13 17:46 - 2016-11-28 08:29 - 00463318 _____ C:\Users\JoseAilton\Desktop\monograma andressa2.cdr 2017-04-13 17:45 - 2016-11-17 08:48 - 00549533 _____ C:\Users\JoseAilton\Desktop\convite andressa 3.cdr 2017-04-13 17:40 - 2016-05-07 21:36 - 00152816 _____ C:\Users\JoseAilton\AppData\Local\GDIPFONTCACHEV1.DAT 2017-04-11 19:56 - 2016-05-12 13:39 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-04-11 19:28 - 2016-09-30 17:56 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2017-04-11 19:28 - 2016-09-30 17:56 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2017-04-11 19:28 - 2016-09-30 17:56 - 00000000 ____D C:\Windows\system32\Macromed ==================== Arquivos na raiz de alguns diretórios ======= 2009-11-19 21:08 - 2009-11-19 21:08 - 2941288 _____ (Autodesk, Inc.) C:\Program Files\Common Files\adlmint.dll 2009-11-19 21:08 - 2009-11-19 21:08 - 3749224 _____ (Acresso Software Inc.) C:\Program Files\Common Files\adlmint_libFNP.dll 2017-03-16 15:18 - 2017-03-16 15:18 - 0037607 _____ () C:\Program Files\Common Files\license.rtf 2017-03-16 15:18 - 2017-03-16 15:18 - 0008046 _____ () C:\Program Files\Common Files\setupBanner.jpg 2016-05-26 11:24 - 2016-05-26 12:25 - 0002674 _____ () C:\Users\JoseAilton\AppData\Roaming\droid4xinstaller.log 2016-09-07 12:55 - 2017-04-20 20:07 - 0000570 _____ () C:\Users\JoseAilton\AppData\Roaming\JOSEAILTON-PC.MTBF.txt 2017-03-27 20:09 - 2017-03-27 20:09 - 0000044 _____ () C:\Users\JoseAilton\AppData\Roaming\WB.CFG 2016-09-07 12:55 - 2017-04-20 21:18 - 0000672 _____ () C:\Users\JoseAilton\AppData\Roaming\__AvidCloudManager.log 2016-09-07 12:55 - 2017-04-19 21:27 - 0000672 _____ () C:\Users\JoseAilton\AppData\Roaming\__AvidCloudManagerPrevious.log 2016-09-07 12:56 - 2016-09-07 12:56 - 0003584 _____ () C:\Users\JoseAilton\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-06-26 13:44 - 2016-06-26 13:44 - 0000017 _____ () C:\Users\JoseAilton\AppData\Local\resmon.resmoncfg 2016-10-20 06:17 - 2016-10-20 06:18 - 0000000 _____ () C:\Users\JoseAilton\AppData\Local\{9B8C5201-6E9C-4C19-8AE0-AB43DF13E053} 2016-07-11 20:50 - 2016-07-11 20:50 - 0000057 _____ () C:\ProgramData\Ament.ini 2016-05-07 21:28 - 2016-05-07 21:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-05-08 20:18 - 2016-06-30 20:06 - 0000088 __RSH () C:\ProgramData\F9B4ACB9FE.sys 2016-05-08 20:18 - 2016-06-30 20:06 - 0002516 ___SH () C:\ProgramData\KGyGaAvL.sys Alguns arquivos em TEMP: ==================== 2016-09-04 14:55 - 2010-01-14 21:40 - 0161640 _____ (Autodesk, Inc.) C:\Users\JoseAilton\AppData\Local\Temp\AcDeltree.exe 2015-07-10 14:07 - 2015-07-10 14:07 - 1096000 _____ (Ask.com) C:\Users\JoseAilton\AppData\Local\Temp\AskPIP_FF_.exe 2016-05-08 21:26 - 2016-05-08 21:28 - 2892128 _____ (AVG Technologies) C:\Users\JoseAilton\AppData\Local\Temp\avg-1819d320-1061-413c-b70b-4575cc06fa76.exe 2016-07-28 20:43 - 2016-06-21 18:49 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\JoseAilton\AppData\Local\Temp\avguirn_081366520506.exe 2016-06-23 20:46 - 2016-05-18 13:03 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\JoseAilton\AppData\Local\Temp\avguirn_08218334490.exe 2016-08-22 20:18 - 2016-07-20 14:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\JoseAilton\AppData\Local\Temp\avguirn_08262709006.exe 2016-06-04 16:14 - 2016-04-22 10:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\JoseAilton\AppData\Local\Temp\avguirn_08585001052.exe 2016-05-14 08:36 - 2016-04-14 17:29 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\JoseAilton\AppData\Local\Temp\avguirn_0887422106.exe 2016-05-14 21:55 - 2016-05-21 10:33 - 0401920 _____ () C:\Users\JoseAilton\AppData\Local\Temp\borlndlm.dll 2016-09-05 21:26 - 2016-09-05 21:32 - 5065728 _____ () C:\Users\JoseAilton\AppData\Local\Temp\f779-25dd-7c02-13a7.exe 2017-03-26 14:25 - 2017-03-26 14:25 - 1822704 _____ ( ) C:\Users\JoseAilton\AppData\Local\Temp\ICReinstall_Baixaki_favorite-fox-sudoku.exe 2016-11-13 11:36 - 2016-11-13 11:36 - 1383624 _____ (Babarec ) C:\Users\JoseAilton\AppData\Local\Temp\ICReinstall_BlueStacks.exe 2016-04-01 12:34 - 2016-04-01 12:34 - 0739904 _____ (Oracle Corporation) C:\Users\JoseAilton\AppData\Local\Temp\jre-8u91-windows-au.exe 2016-09-14 21:00 - 2016-09-14 21:00 - 2458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\JoseAilton\AppData\Local\Temp\libeay32.dll 2016-09-14 21:00 - 2016-09-14 21:00 - 0970912 _____ (Microsoft Corporation) C:\Users\JoseAilton\AppData\Local\Temp\msvcr120.dll 2016-12-04 09:36 - 2016-12-04 09:37 - 4787326 _____ ( ) C:\Users\JoseAilton\AppData\Local\Temp\MySQL-Front_Setup (2).exe 2016-12-04 09:34 - 2016-12-04 09:36 - 4787326 _____ ( ) C:\Users\JoseAilton\AppData\Local\Temp\MySQL-Front_Setup.exe 2006-10-27 19:14 - 2006-10-27 19:14 - 0145184 ____R (Microsoft Corporation) C:\Users\JoseAilton\AppData\Local\Temp\ose00000.exe 2016-05-15 23:12 - 2016-05-15 23:12 - 16052588 _____ () C:\Users\JoseAilton\AppData\Local\Temp\project1.exe 2016-09-16 22:21 - 2016-09-16 22:36 - 46215248 _____ () C:\Users\JoseAilton\AppData\Local\Temp\SHSetup.exe 2016-09-14 21:00 - 2016-09-14 21:00 - 0772672 _____ () C:\Users\JoseAilton\AppData\Local\Temp\sqlite3.dll 2016-06-30 20:10 - 2007-11-29 18:05 - 0501024 _____ (Corel Corporation) C:\Users\JoseAilton\AppData\Local\Temp\Uninst.exe 2016-11-20 09:30 - 2016-11-20 09:39 - 30533688 _____ () C:\Users\JoseAilton\AppData\Local\Temp\vlc-2.2.4-win32.exe 2006-05-24 01:10 - 2006-05-24 01:10 - 0455600 ____R (Macrovision Corporation) C:\Users\JoseAilton\AppData\Local\Temp\_isD7A8.exe ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2017-05-04 22:13 ==================== Fim de FRST.txt ============================