Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) VersÃ£o: 26-08-2020
Executado por erious (administrador) em ERIOUS-PC (VS Company VS-G31T-M) (28-08-2020 17:29:00)
Executando a partir de C:\Users\erious\Downloads
Perfis Carregados: erious
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: PortuguÃªs (Brasil)
Internet Explorer VersÃ£o 8 (Navegador padrÃ£o: Chrome)
Modo da InicializaÃ§Ã£o: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluÃ­da na fixlist, o processo serÃ¡ fechado. O arquivo nÃ£o serÃ¡ movido.)

() [Arquivo nÃ£o assinado] C:\Windows\Temp\g196.tmp.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11>
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluÃ­da na fixlist, o Ã­tem no Registro serÃ¡ restaurado para o padrÃ£o ou removido. O arquivo nÃ£o serÃ¡ movido.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\RunOnce: [q04lcw0so3r] => C:\Program Files (x86)\zelg\516670447.exe [1056768 2020-08-28] () [Arquivo nÃ£o assinado]
HKLM\ DisallowedCertificates: 0A0CF21F2AD2796FCC1309F2993659FC9F4BBFB9 (Curio Systems GmbH) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 1518752920E9221E1FE1728AACAC536728B37BA7 (Trend Micro) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 1B581436B0ED7536755B8B1C81112509A5AAF6ED (Panda Security S.L) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 328E73F58737F1AB8DB0DA98FECFA17EB7BFAA40 (Bitdefender SRL) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 3C92C9274AB6D3DD520B13029A2490C4A1D98BC0 (Kaspersky Lab) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 4E393AA1586C93E0BC9E7FEBCF7BFB62066DC22A (Doctor Web Ltd.) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 4E564B9FBCE8F496FFF51278CCD14EE17F09A1CE (Qihu 360 Software Co. Limited) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 58939B78BC28EF464220127BB754E3D130306988 (AVG Technologies CZ) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 5AACB6A43D9D806E6963937BE702B7A43C1978AE (F-Secure Corporation) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 5DE56B2BAAA995F447949B869356528F91230A49 (VIPRE Security) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 7450C07722C75E711EF24209A22F0C5C6A5BEC4E (Trend Micro) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 78C55D604474B534EB2B565CAD312FC7D71FE9DE (Webroot Inc.) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 816BE9397F66D1A26EFA04035BCA3BB9E3779740 (Malwarebytes Corporation) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 8887AF2636E0D3B763AC4D56729218AF89653CA4 (Avira Operations GmbH & Co. KG) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 8B6DD299C6E4092040E98EB773F3818DF50B038D (Bitdefender SRL) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 8DC9FE53D5F1D7D558EBE131E922730780D88865 (ESET) <==== ATENÃÃO
HKLM\ DisallowedCertificates: 9A32249E9A6B9CF5C36B0749C81613524D37C594 (Safer Networking Ltd.) <==== ATENÃÃO
HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATENÃÃO
HKLM\ DisallowedCertificates: AA8399A239AE1785200917D32C21F6B662477BE4 (K7 Computing Pvt Ltd) <==== ATENÃÃO
HKLM\ DisallowedCertificates: AEEA60E86C66327BFBB8492C33122687AB2B5D91 (Support.com, Inc.) <==== ATENÃÃO
HKLM\ DisallowedCertificates: B7E607E1FB8943C634580F621788C01C962E8280 (K7 Computing Pvt Ltd) <==== ATENÃÃO
HKLM\ DisallowedCertificates: BDEEFEC5F002E281B2292A8C72EACA468CBF9952 (Emsisoft Ltd) <==== ATENÃÃO
HKLM\ DisallowedCertificates: BE894F99B870DA5FCA623F7F4A85D3970A46CDE1 (Symantec Corporation) <==== ATENÃÃO
HKLM\ DisallowedCertificates: BF9254919794C1075EA027889C5D304F1121C653 (Kaspersky Lab) <==== ATENÃÃO
HKLM\ DisallowedCertificates: D70D7D00CA12E1B3E20F3BF7534DEB2C2E7C2404 (Comodo Security Solutions) <==== ATENÃÃO
HKLM\ DisallowedCertificates: DBFAD9D59A6A07DCEB004DBE2DC246B547249E86 (Malwarebytes Corporation) <==== ATENÃÃO
HKLM\ DisallowedCertificates: E27AA5FFDCA62A60E435292A243D0C6D43DCC513 (Doctor Web Ltd.) <==== ATENÃÃO
HKLM\ DisallowedCertificates: E4A0C1054F8025DD88EE5053094A9A61661AE123 (Webroot Inc.) <==== ATENÃÃO
HKLM\ DisallowedCertificates: F75019695C0504E3ABEFEDCD8FBE500DA08EC8FA (Avast Antivirus/Software) <==== ATENÃÃO
HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATENÃÃO
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: RestriÃ§Ã£o <==== ATENÃÃO
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\85.0.4183.83\Installer\chrmstp.exe [2020-08-28] (Google LLC -> Google LLC)
GroupPolicy: RestriÃ§Ã£o ? <==== ATENÃÃO

==================== Tarefas Agendadas (Whitelisted) ============

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

Task: {00955960-C74B-4887-A655-21352E839B16} - System32\Tasks\Driver Booster SkipUAC (erious) => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\DriverBooster.exe [7945488 2020-07-27] (IObit Information Technology -> IObit)
Task: {1C99310F-123C-4A37-A5E5-2618BF1819C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-28] (Google LLC -> Google LLC)
Task: {669D0155-E437-4ADC-99D4-24C3B1D5D631} - System32\Tasks\fNnhtkQtH => C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\fNnhtkQtH\fNnhtkQtH.dll",fNnhtkQtH <==== ATENÃÃO
Task: {76DCB20E-C07E-48F1-9255-67CA1A1BFB70} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\Scheduler.exe [149776 2020-07-27] (IObit Information Technology -> IObit)
Task: {B1334758-13C2-4749-8BB5-0239657FBDC6} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [10219208 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {F4250343-A972-4E3D-876F-5EB0D63B5485} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\AutoUpdate.exe [2375952 2020-07-27] (IObit Information Technology -> IObit)
Task: {F49E4D56-4E27-45FB-A79B-CE2B52ECE5E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-28] (Google LLC -> Google LLC)

(Se uma entrada for incluÃ­da na fixlist, o arquivo da tarefa (.job) serÃ¡ movido. O arquivo que estÃ¡ sendo executado pela tarefa nÃ£o serÃ¡ movido.)


==================== Internet (Whitelisted) ====================

(Se um Ã­tem for incluÃ­do na fixlist, sendo um Ã­tem do Registro, serÃ¡ removido ou restaurado para o padrÃ£o.)

Hosts: HÃ¡ mais de uma entrada no Hosts. Veja a seÃ§Ã£o Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 1.1.1.1 1.0.0.1
Tcpip\..\Interfaces\{CEF35A02-8949-4F2C-9CED-066C2EBA5057}: [DhcpNameServer] 1.1.1.1 1.0.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3909884866-232531499-2513854173-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
BHO-x32: Octh Class -> {000123B4-9B42-4900-B3F7-F4B073EFC214} -> C:\Program Files (x86)\Orbitdownloader\orbitcth.dll [2014-01-16] (KORAM GAMES LIMITED -> Orbitdownloader.com) [Arquivo nÃ£o assinado]
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: dc78py01.default
FF ProfilePath: C:\Users\erious\AppData\Roaming\Waterfox\Profiles\dc78py01.default [2020-08-28]
FF ProfilePath: C:\Users\erious\AppData\Roaming\Waterfox\Profiles\3f4bnjsw.68-edition-default [2020-08-28]

Chrome: 
=======
CHR Profile: C:\Users\erious\AppData\Local\Google\Chrome\User Data\Default [2020-08-28]
CHR Extension: (ApresentaÃ§Ãµes) - C:\Users\erious\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-08-28]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\erious\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-08-28]
StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe

==================== ServiÃ§os (Whitelisted) ===================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-08-28] (Martin Malik - REALiX -> REALiX(tm))
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)


==================== TrÃªs meses (criados) ===================

(Se uma entrada for incluÃ­da na fixlist, o arquivo/pasta serÃ¡ movido.)

2020-08-28 17:29 - 2020-08-28 17:31 - 000011313 _____ C:\Users\erious\Downloads\FRST.txt
2020-08-28 17:28 - 2020-08-28 17:30 - 000000000 ____D C:\FRST
2020-08-28 17:27 - 2020-08-28 17:27 - 002298368 _____ (Farbar) C:\Users\erious\Downloads\FRST64.exe
2020-08-28 17:02 - 2020-08-28 17:02 - 000000000 ____D C:\Users\erious\AppData\Local\AMD
2020-08-28 17:01 - 2020-08-28 17:01 - 000000000 _____ C:\Windows\ativpsrm.bin
2020-08-28 15:42 - 2020-08-28 15:42 - 000001385 _____ C:\Users\erious\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2020-08-28 15:42 - 2014-05-14 09:23 - 000198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2020-08-28 15:42 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2020-08-28 15:42 - 2014-05-14 09:20 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2020-08-28 15:42 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2020-08-28 15:41 - 2020-08-28 15:42 - 000001419 _____ C:\Users\erious\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-08-28 15:41 - 2020-08-28 15:41 - 000000020 ___SH C:\Users\erious\ntuser.ini
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\Modelos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\Meus documentos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\Menu Iniciar
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\Documents\Minhas mÃºsicas
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\Documents\Minhas imagens
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\Documents\Meus vÃ­deos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\Dados de aplicativos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\ConfiguraÃ§Ãµes locais
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\AppData\Local\HistÃ³rico
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\AppData\Local\Dados de aplicativos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\Ambiente de rede
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\Ambiente de impressÃ£o
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Todos os UsuÃ¡rios\Modelos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Todos os UsuÃ¡rios\Menu Iniciar
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Todos os UsuÃ¡rios\Favoritos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Todos os UsuÃ¡rios\Documents\Minhas mÃºsicas
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Todos os UsuÃ¡rios\Documents\Minhas imagens
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Todos os UsuÃ¡rios\Documents\Meus vÃ­deos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Todos os UsuÃ¡rios\Documentos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Todos os UsuÃ¡rios\Dados de aplicativos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Todos os UsuÃ¡rios
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Public\Documents\Minhas mÃºsicas
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Public\Documents\Meus vÃ­deos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\erious\Modelos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\erious\Meus documentos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\erious\Menu Iniciar
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\erious\Documents\Minhas mÃºsicas
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\erious\Documents\Minhas imagens
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\erious\Documents\Meus vÃ­deos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\erious\Dados de aplicativos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\erious\ConfiguraÃ§Ãµes locais
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\erious\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\erious\AppData\Local\HistÃ³rico
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\erious\AppData\Local\Dados de aplicativos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\erious\Ambiente de rede
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\erious\Ambiente de impressÃ£o
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default\Modelos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default\Meus documentos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default\Menu Iniciar
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default\Documents\Minhas mÃºsicas
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default\Documents\Meus vÃ­deos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default\Dados de aplicativos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default\ConfiguraÃ§Ãµes locais
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default\AppData\Local\HistÃ³rico
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default\Ambiente de rede
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default\Ambiente de impressÃ£o
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default User\Modelos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default User\Meus documentos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default User\Menu Iniciar
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default User\Documents\Minhas mÃºsicas
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default User\Documents\Meus vÃ­deos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default User\Dados de aplicativos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default User\ConfiguraÃ§Ãµes locais
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default User\AppData\Local\HistÃ³rico
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default User\Ambiente de rede
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Users\Default User\Ambiente de impressÃ£o
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\ProgramData\Modelos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\ProgramData\Menu Iniciar
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\ProgramData\Favoritos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\ProgramData\Documents\Minhas mÃºsicas
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\ProgramData\Documents\Minhas imagens
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\ProgramData\Documents\Meus vÃ­deos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\ProgramData\Documentos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\ProgramData\Dados de aplicativos
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Program Files\Common Files\Sistema
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Program Files\Arquivos Comuns
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 _SHDL C:\Arquivos de Programas
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 ____D C:\Users\erious\AppData\Local\VirtualStore
2020-08-28 15:41 - 2020-08-28 15:41 - 000000000 ____D C:\Users\erious
2020-08-28 15:41 - 2011-04-12 11:20 - 000000000 ____D C:\Users\erious\AppData\Roaming\Media Center Programs
2020-08-28 15:37 - 2020-08-28 15:37 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2020-08-28 15:37 - 2020-08-28 15:37 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2020-08-28 15:33 - 2020-08-28 15:41 - 000000000 ____D C:\Windows\Panther
2020-08-28 13:49 - 2020-08-28 13:49 - 000004230 _____ C:\Windows\system32\Tasks\AMD Updater
2020-08-28 13:48 - 2020-08-28 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2020-08-28 13:48 - 2020-08-28 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2020-08-28 13:48 - 2020-08-28 13:48 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2020-08-28 13:47 - 2020-08-28 13:47 - 000000000 ____D C:\Program Files (x86)\AMD
2020-08-28 13:37 - 2020-08-28 13:38 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\Package Cache
2020-08-28 13:37 - 2020-08-28 13:38 - 000000000 ____D C:\ProgramData\Package Cache
2020-08-28 13:35 - 2020-08-28 13:35 - 001565646 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-08-28 13:31 - 2020-08-28 13:31 - 000000000 ____D C:\Users\erious\AppData\Roaming\lighteningplayer
2020-08-28 13:31 - 2020-08-28 13:31 - 000000000 ____D C:\AMD
2020-08-28 13:31 - 2020-08-28 13:31 - 000000000 _____ C:\Program Files (x86)\temp_files
2020-08-28 13:29 - 2020-08-28 17:32 - 000016706 _____ C:\Windows\system32\Tasks\fNnhtkQtH
2020-08-28 13:29 - 2020-08-28 17:02 - 000000438 __RSH C:\Users\Todos os UsuÃ¡rios\ntuser.pol
2020-08-28 13:29 - 2020-08-28 17:02 - 000000438 __RSH C:\ProgramData\ntuser.pol
2020-08-28 13:28 - 2011-04-12 10:40 - 000000000 ____D C:\Program Files (x86)\fNnhtkQtH
2020-08-28 13:26 - 2020-08-28 13:31 - 000000000 ____D C:\Program Files (x86)\lighteningplayer
2020-08-28 13:26 - 2020-08-28 13:27 - 359243276 _____ (AMD Inc.) C:\Users\erious\Downloads\non-whql-win8.1-win7-radeon-software-crimson-relive-16.2.1-sep20.exe
2020-08-28 13:26 - 2020-08-28 13:26 - 000001826 _____ C:\Users\erious\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightening Media Player.lnk
2020-08-28 13:26 - 2020-08-28 13:26 - 000000886 _____ C:\Users\erious\Desktop\Lightening Media Player.lnk
2020-08-28 13:23 - 2020-08-28 13:23 - 000002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-08-28 13:23 - 2020-08-28 13:23 - 000002199 _____ C:\Users\Todos os UsuÃ¡rios\Desktop\Google Chrome.lnk
2020-08-28 13:23 - 2020-08-28 13:23 - 000002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-08-28 13:23 - 2020-08-28 13:23 - 000002199 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-08-28 13:23 - 2020-08-28 13:23 - 000000000 ____D C:\Program Files (x86)\zelg
2020-08-28 13:22 - 2020-08-28 13:22 - 000000000 ____D C:\Program Files\Google
2020-08-28 13:21 - 2020-08-28 13:21 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-08-28 13:21 - 2020-08-28 13:21 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-08-28 13:21 - 2020-08-28 13:21 - 000000000 ____D C:\Program Files (x86)\Google
2020-08-28 13:20 - 2020-08-28 13:23 - 000000000 ____D C:\Users\erious\AppData\Local\Google
2020-08-28 13:19 - 2020-08-28 13:19 - 000000000 ____D C:\Users\erious\AppData\Roaming\ProgSense
2020-08-28 13:18 - 2020-08-28 13:18 - 000001051 _____ C:\Users\erious\Desktop\Orbit.lnk
2020-08-28 13:18 - 2020-08-28 13:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit
2020-08-28 13:18 - 2020-08-28 13:18 - 000000000 ____D C:\Program Files (x86)\Orbitdownloader
2020-08-28 13:17 - 2020-08-28 13:49 - 000000000 ____D C:\Users\erious\AppData\Roaming\Orbit
2020-08-28 13:10 - 2020-08-28 13:43 - 000000000 ____D C:\Program Files\AMD
2020-08-28 13:10 - 2020-08-28 13:10 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2020-08-28 13:09 - 2020-08-28 13:09 - 001187342 _____ C:\Windows\system32\amdocl_as64.exe
2020-08-28 13:09 - 2020-08-28 13:09 - 001061902 _____ C:\Windows\system32\amdocl_ld64.exe
2020-08-28 13:09 - 2020-08-28 13:09 - 000995342 _____ C:\Windows\SysWOW64\amdocl_as32.exe
2020-08-28 13:09 - 2020-08-28 13:09 - 000798734 _____ C:\Windows\SysWOW64\amdocl_ld32.exe
2020-08-28 13:09 - 2020-08-28 13:09 - 000737410 _____ C:\Windows\system32\atiicdxx.dat
2020-08-28 13:09 - 2020-08-28 13:09 - 000332800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2020-08-28 13:09 - 2020-08-28 13:09 - 000204952 _____ C:\Windows\SysWOW64\ativvsvl.dat
2020-08-28 13:09 - 2020-08-28 13:09 - 000204952 _____ C:\Windows\system32\ativvsvl.dat
2020-08-28 13:09 - 2020-08-28 13:09 - 000157144 _____ C:\Windows\SysWOW64\ativvsva.dat
2020-08-28 13:09 - 2020-08-28 13:09 - 000157144 _____ C:\Windows\system32\ativvsva.dat
2020-08-28 13:09 - 2020-08-28 13:09 - 000051200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2020-08-28 13:09 - 2020-08-28 13:09 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2020-08-28 13:09 - 2020-08-28 13:09 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2020-08-28 13:07 - 2020-08-28 13:11 - 023215806 _____ (IObit ) C:\Users\erious\Downloads\driver_booster_setup.exe.part
2020-08-28 13:07 - 2020-08-28 13:07 - 000000000 _____ C:\Users\erious\Downloads\driver_booster_setup.exe
2020-08-28 12:58 - 2020-08-28 13:24 - 000000000 ____D C:\Users\erious\AppData\LocalLow\Mozilla
2020-08-28 12:58 - 2020-08-28 12:58 - 000000000 ____D C:\Users\erious\AppData\Roaming\Mozilla
2020-08-28 12:56 - 2020-08-28 12:59 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\Mozilla
2020-08-28 12:56 - 2020-08-28 12:59 - 000000000 ____D C:\ProgramData\Mozilla
2020-08-28 12:56 - 2020-08-28 12:56 - 000000000 ____D C:\Users\erious\AppData\Roaming\Waterfox
2020-08-28 12:56 - 2020-08-28 12:56 - 000000000 ____D C:\Users\erious\AppData\Local\Waterfox
2020-08-28 12:55 - 2020-08-28 13:12 - 000000000 ____D C:\Users\erious\AppData\Roaming\instinfo
2020-08-28 12:55 - 2020-08-28 12:55 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\Waterfox
2020-08-28 12:55 - 2020-08-28 12:55 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\ProductData
2020-08-28 12:55 - 2020-08-28 12:55 - 000000000 ____D C:\ProgramData\Waterfox
2020-08-28 12:55 - 2020-08-28 12:55 - 000000000 ____D C:\ProgramData\ProductData
2020-08-28 12:54 - 2020-08-28 17:04 - 000003100 _____ C:\Windows\system32\Tasks\Driver Booster Scheduler
2020-08-28 12:54 - 2020-08-28 17:04 - 000003092 _____ C:\Windows\system32\Tasks\Driver Booster Update
2020-08-28 12:54 - 2020-08-28 17:04 - 000002848 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (erious)
2020-08-28 12:54 - 2020-08-28 12:56 - 000002274 _____ C:\Users\Todos os UsuÃ¡rios\Desktop\Driver Booster 7.lnk
2020-08-28 12:54 - 2020-08-28 12:56 - 000002274 _____ C:\Users\Public\Desktop\Driver Booster 7.lnk
2020-08-28 12:54 - 2020-08-28 12:56 - 000002274 _____ C:\ProgramData\Desktop\Driver Booster 7.lnk
2020-08-28 12:54 - 2020-08-28 12:55 - 000000000 ____D C:\Users\erious\AppData\LocalLow\IObit
2020-08-28 12:54 - 2020-08-28 12:54 - 000057560 _____ C:\Users\erious\AppData\Local\GDIPFONTCACHEV1.DAT
2020-08-28 12:54 - 2020-08-28 12:54 - 000027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2020-08-28 12:54 - 2020-08-28 12:54 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\{E0224FF9-7AE3-4F9E-991A-2F004F7E3952}
2020-08-28 12:54 - 2020-08-28 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2020-08-28 12:54 - 2020-08-28 12:54 - 000000000 ____D C:\ProgramData\{E0224FF9-7AE3-4F9E-991A-2F004F7E3952}
2020-08-28 12:54 - 2020-08-28 12:54 - 000000000 ____D C:\Program Files (x86)\IObit
2020-08-28 12:53 - 2020-08-28 12:55 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\IObit
2020-08-28 12:53 - 2020-08-28 12:55 - 000000000 ____D C:\ProgramData\IObit
2020-08-28 12:53 - 2020-08-28 12:53 - 000000000 ____D C:\Users\erious\AppData\Roaming\IObit
2020-08-28 12:52 - 2020-08-28 12:53 - 025840544 _____ (IObit ) C:\Users\erious\Downloads\driver_booster_setup_trial.exe
2020-08-28 12:46 - 2020-08-28 13:31 - 000007604 _____ C:\Users\erious\AppData\Local\Resmon.ResmonCfg
2020-08-28 12:43 - 2014-05-14 13:23 - 002477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-08-28 12:43 - 2014-05-14 13:23 - 000058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-08-28 12:43 - 2014-05-14 13:23 - 000044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-08-28 12:43 - 2014-05-14 13:21 - 002620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

==================== TrÃªs meses (modificados) ==================

(Se uma entrada for incluÃ­da na fixlist, o arquivo/pasta serÃ¡ movido.)

2020-08-28 17:12 - 2009-07-14 01:45 - 000022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-08-28 17:12 - 2009-07-14 01:45 - 000022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-08-28 17:08 - 2011-04-12 10:40 - 000705070 _____ C:\Windows\system32\prfh0416.dat
2020-08-28 17:08 - 2011-04-12 10:40 - 000146910 _____ C:\Windows\system32\prfc0416.dat
2020-08-28 17:08 - 2009-07-14 02:13 - 001635070 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-28 17:08 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2020-08-28 17:01 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-08-28 15:41 - 2009-07-14 00:20 - 000000000 __RHD C:\Users\Public\Libraries
2020-08-28 15:41 - 2009-07-14 00:20 - 000000000 ____D C:\Program Files\Windows NT
2020-08-28 15:40 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\rescache
2020-08-28 15:39 - 2009-07-14 01:45 - 000274824 _____ C:\Windows\system32\FNTCACHE.DAT
2020-08-28 15:37 - 2009-07-14 02:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-08-28 15:37 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\sysprep
2020-08-28 15:34 - 2011-04-12 11:21 - 000000000 ____D C:\Windows\CSC
2020-08-28 15:33 - 2009-07-14 02:32 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2020-08-28 13:30 - 2009-07-14 02:08 - 000003264 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-08-28 13:29 - 2009-07-14 00:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy

==================== Arquivos na raiz de alguns diretÃ³rios ========

2020-08-28 13:31 - 2020-08-28 13:31 - 000000000 _____ () C:\Program Files (x86)\temp_files
2020-08-28 12:46 - 2020-08-28 13:31 - 000007604 _____ () C:\Users\erious\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(NÃ£o hÃ¡ correÃ§Ã£o automÃ¡tica para arquivos que nÃ£o passaram na verificaÃ§Ã£o.)

==================== Fim de FRST.txt ========================