Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 11-08-2016 01
Executado por Erika (administrador) em ERIKA-PC (11-08-2016 10:57:11)
Executando a partir de C:\Users\Erika\Desktop
Perfis Carregados: Erika (Perfis Disponíveis: Erika)
Platform: Microsoft Windows 7 Professional (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Marketing Merengue) C:\Users\Erika\AppData\Roaming\Identities\ERIKA-PC.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-216171897-4010221603-4039672753-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-216171897-4010221603-4039672753-1000\...\Run: [4AnDJx1iochKS] => C:\Users\Erika\AppData\Roaming\Identities\ERIKA-PC.exe [4715810 2016-07-13] (Marketing Merengue)
HKU\S-1-5-21-216171897-4010221603-4039672753-1000\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-216171897-4010221603-4039672753-1000\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-21-216171897-4010221603-4039672753-1000\...\Policies\Explorer: [DisallowRun] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll Nenhum Arquivo
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{18F60451-B92B-4DC2-BE9C-B53FD629E12C}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-216171897-4010221603-4039672753-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-07] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll => Nenhum Arquivo
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-07] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-07] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF => não encontrado (a)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR Profile: C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-07]
CHR Extension: (Google Docs) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-07]
CHR Extension: (Google Drive) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-07]
CHR Extension: (Proxy grátis para desbloquear qualquer site
Touch VPN) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2016-08-10]
CHR Extension: (YouTube) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-07]
CHR Extension: (Google Search) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-07]
CHR Extension: (Planilhas do Google) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-07]
CHR Extension: (Documentos Google off-line) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-08-10]
CHR Extension: (Skype) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-24]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-07]
CHR Extension: (Chrome Media Router) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-09]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
R2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2014-03-28] (Google Inc)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus.sys [14336 2014-05-08] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2014-03-28] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2014-03-28] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-06-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-06-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91680 2016-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-06-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [816304 2016-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [438296 2016-07-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118152 2016-06-30] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224616 2016-08-05] (AVAST Software)
R3 SrvHsfPCI; C:\Windows\System32\DRIVERS\VSTBS23.SYS [266752 2009-07-13] (Conexant Systems, Inc.)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [104096 2015-09-08] (BigNox Corporation)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [203424 2015-09-08] (BigNox Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-11 10:57 - 2016-08-11 10:57 - 00010992 _____ C:\Users\Erika\Desktop\FRST.txt
2016-08-11 10:55 - 2016-08-11 10:57 - 00000000 ____D C:\FRST
2016-08-11 10:54 - 2016-08-11 10:54 - 01744384 _____ (Farbar) C:\Users\Erika\Desktop\FRST.exe
2016-08-11 10:52 - 2015-06-23 04:00 - 00088248 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\vcruntime140.dll
2016-08-11 10:51 - 2016-08-11 10:51 - 00047223 _____ C:\Users\Erika\Downloads\vcruntime140.zip
2016-08-11 10:49 - 2016-08-11 10:49 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-08-11 10:49 - 2016-08-11 10:49 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-11 10:47 - 2016-08-11 10:49 - 13969576 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\vc_redist.x86 (1).exe
2016-08-11 10:46 - 2016-08-11 10:47 - 00629006 _____ C:\Users\Erika\Downloads\Windows6.1-KB2999226-x86 (1).msu
2016-08-11 10:43 - 2016-08-11 10:43 - 00370860 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\Não confirmado 804865.crdownload
2016-08-11 10:42 - 2016-08-11 10:43 - 13969576 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\vc_redist.x86.exe
2016-08-11 10:41 - 2016-08-11 10:41 - 00629006 _____ C:\Users\Erika\Downloads\Windows6.1-KB2999226-x86.msu
2016-08-10 11:57 - 2016-08-10 11:58 - 05848960 _____ C:\Users\Erika\Downloads\PokemonGo-Bot-master (4).zip
2016-08-10 11:42 - 2016-08-10 11:42 - 05855206 _____ C:\Users\Erika\Downloads\PokemonGo-Bot-master (3).zip
2016-08-10 11:42 - 2016-08-10 11:42 - 00000000 ____D C:\Users\Erika\Downloads\PokemonGo-Bot-master (3)
2016-08-10 11:22 - 2016-08-10 11:22 - 00000000 ____D C:\Users\Erika\AppData\Roaming\WinRAR
2016-08-10 11:22 - 2016-08-10 11:22 - 00000000 ____D C:\Users\Erika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-10 11:22 - 2016-08-10 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-10 11:22 - 2016-08-10 11:22 - 00000000 ____D C:\Program Files\WinRAR
2016-08-10 11:21 - 2016-08-10 11:21 - 01808528 _____ C:\Users\Erika\Downloads\wrar531.exe
2016-08-10 11:18 - 2016-08-10 11:18 - 05515727 _____ C:\Users\Erika\Downloads\PokemonGo-Bot-master (2).zip
2016-08-10 10:52 - 2016-08-10 10:52 - 05513534 _____ C:\Users\Erika\Downloads\PokemonGo-Bot-master (1).zip
2016-08-10 10:52 - 2016-08-10 10:52 - 00000000 ____D C:\Users\Erika\Downloads\PokemonGo-Bot-master (1)
2016-08-10 10:27 - 2016-08-10 10:27 - 00000000 ____D C:\Users\Erika\AppData\Local\GMap.NET
2016-08-10 10:19 - 2016-08-10 10:19 - 00000000 ____D C:\Users\Erika\Downloads\PokemonGo-Bot-master
2016-08-10 10:15 - 2016-08-10 10:15 - 05513423 _____ C:\Users\Erika\Downloads\PokemonGo-Bot-master.zip
2016-08-10 10:05 - 2016-08-10 10:05 - 01005568 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\dotNetFx45_Full_setup.exe
2016-08-10 10:04 - 2016-08-10 10:04 - 01429344 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP462-KB3151802-Web (3).exe
2016-08-10 08:55 - 2016-08-10 08:57 - 67681000 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP461-KB3102436-x86-x64-AllOS-ENU (1).exe
2016-08-10 08:44 - 2016-08-10 08:45 - 67681000 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP461-KB3102436-x86-x64-AllOS-ENU.exe
2016-08-10 08:42 - 2016-08-10 08:43 - 62008080 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP462-KB3151800-x86-x64-AllOS-ENU.exe
2016-08-10 08:40 - 2016-08-10 08:40 - 01424328 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP461-KB3102438-Web.exe
2016-08-10 08:39 - 2016-08-10 08:40 - 01429344 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP462-KB3151802-Web (2).exe
2016-08-10 08:34 - 2016-08-10 08:34 - 00889416 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\dotNetFx40_Full_setup (1).exe
2016-08-10 08:32 - 2016-08-10 08:32 - 01429344 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP462-KB3151802-Web.exe
2016-08-10 08:32 - 2016-08-10 08:32 - 01429344 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP462-KB3151802-Web (1).exe
2016-08-10 08:24 - 2016-08-10 08:24 - 01390418 _____ C:\Users\Erika\Downloads\Haxton-SytharixEdit_v2.14.zip
2016-08-10 08:24 - 2016-08-10 08:24 - 00000000 ____D C:\Users\Erika\Downloads\Haxton-SytharixEdit_v2.14
2016-08-10 07:18 - 2016-08-11 10:56 - 00000000 ____D C:\Users\Erika\AppData\Local\Ckerjikghoguied
2016-08-10 07:18 - 2016-08-10 13:38 - 00000000 ____D C:\Program Files\Reewdom
2016-08-10 07:18 - 2016-08-10 07:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Social2Se
2016-08-10 07:18 - 2016-08-10 07:18 - 00000000 ____D C:\Program Files\45911d5f35b83ac20056ab20efb006c2
2016-08-10 07:17 - 2016-08-10 07:17 - 00001451 _____ C:\Users\Public\Desktop\Download xposed_v72_sdk...lnk
2016-08-10 07:17 - 2016-08-10 07:17 - 00001431 _____ C:\Users\Public\Desktop\Download xposed framewo...lnk
2016-08-10 07:16 - 2016-08-10 07:16 - 00788771 _____ C:\Users\Erika\Downloads\Xposed Installer ( Mano Tec ).apk
2016-08-10 07:15 - 2016-08-10 07:16 - 01868089 _____ C:\Users\Erika\Downloads\Wanam Xposed ( Mano Tec ).apk
2016-08-10 06:23 - 2016-08-10 06:23 - 19792361 _____ C:\Users\Erika\Downloads\twrp&cwm reidosnoob`s.rar
2016-08-10 05:34 - 2016-08-10 05:34 - 00788771 _____ C:\Users\Erika\Downloads\de.robv.android.xposed.installer_v33_36570c.apk
2016-08-10 05:24 - 2016-08-10 05:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2016-08-10 05:20 - 2016-08-10 05:21 - 06845248 _____ C:\Users\Erika\Downloads\xposed-v65-sdk21-arm-arter97-V5-generic.zip
2016-08-10 05:19 - 2016-08-10 05:19 - 03540352 _____ C:\Users\Erika\Downloads\xposed-v67-sdk22-arm-by-romracer-20150716.zip
2016-08-10 05:00 - 2016-08-10 05:00 - 00626521 _____ C:\Users\Erika\Downloads\XposedInstaller_3.0_alpha4.apk
2016-08-10 04:32 - 2016-08-10 04:39 - 08851538 _____ C:\Users\Erika\Downloads\Kingroot v4.8.0 build 20160203 (One Click Root) - android-zone.ws.apk
2016-08-10 03:17 - 2016-08-10 03:17 - 00000000 ____D C:\Users\Erika\.android
2016-08-10 03:13 - 2016-08-10 03:13 - 00000000 ____D C:\Users\Erika\Downloads\LG_Root
2016-08-10 03:08 - 2016-08-10 03:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf
2016-08-10 03:06 - 2016-08-10 03:06 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-08-10 03:06 - 2016-08-10 03:06 - 00000000 ____D C:\Program Files\LG Electronics
2016-08-10 03:06 - 2014-05-08 18:52 - 00014336 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetbus.sys
2016-08-10 03:06 - 2014-03-28 15:40 - 00025856 _____ (Google Inc) C:\Windows\system32\Drivers\lgandnetadb.sys
2016-08-10 03:06 - 2014-03-28 15:22 - 00027776 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem.sys
2016-08-10 03:06 - 2014-03-28 15:22 - 00023168 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag.sys
2016-08-10 03:06 - 2011-07-18 15:01 - 01419232 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01005.dll
2016-08-10 03:01 - 2016-08-10 03:03 - 11445968 _____ (LG Electronics) C:\Users\Erika\Downloads\LGUnitedMobileDriver_S50MAN311AP22_ML_WHQL_Ver_3.11.3.exe
2016-08-10 02:14 - 2016-08-10 02:44 - 311563080 _____ (Duodian Technology Co. Ltd.) C:\Users\Erika\Downloads\nox_setup_v3.7.1.0_full_En.exe
2016-08-09 18:33 - 2016-08-09 18:33 - 00061248 _____ C:\Users\Erika\Downloads\psp0220r (10).pdf
2016-08-09 10:51 - 2016-08-09 10:51 - 00142497 _____ C:\Windows\8679be4bd357d6c8bee1e642cb7d4057.exe
2016-08-08 13:30 - 2016-08-08 13:57 - 04654527 _____ C:\Users\Erika\Downloads\tutuapp_v1.2.05 (2).apk
2016-08-08 13:23 - 2016-08-08 13:30 - 04654527 _____ C:\Users\Erika\Downloads\tutuapp_v1.2.05 (1).apk
2016-08-08 13:08 - 2016-08-08 13:13 - 01356924 _____ C:\Users\Erika\Downloads\tutuapp_v1.2.05.apk
2016-08-07 13:32 - 2016-06-30 14:02 - 00319248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-08-06 11:12 - 2016-08-06 11:12 - 00000000 ____D C:\Users\Erika\AppData\Local\nox_video_tool
2016-08-06 11:07 - 2016-08-06 11:07 - 00000000 ____D C:\Users\Erika\Nox_share
2016-08-06 11:07 - 2016-08-06 11:07 - 00000000 ____D C:\Users\Erika\.BigNox
2016-08-06 11:07 - 2016-08-06 11:07 - 00000000 ____D C:\Program Files\DIFX
2016-08-06 11:07 - 2015-09-08 05:16 - 00104096 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-08-06 11:06 - 2016-08-07 13:29 - 00000000 ____D C:\Program Files\Bignox
2016-08-06 11:04 - 2016-08-06 11:04 - 00000000 ____D C:\Users\Erika\Downloads\nox_setup_v3.6.0.0_full_en
2016-08-06 11:01 - 2016-08-10 03:01 - 00000000 ____D C:\Users\Erika\AppData\Local\Nox
2016-08-06 10:45 - 2016-08-06 10:56 - 266510096 _____ (Duodian Technology Co. Ltd.) C:\Users\Erika\Downloads\nox_setup_v3.6.0.0_full_en.exe
2016-08-06 10:32 - 2016-08-06 10:43 - 266510096 _____ (Duodian Technology Co. Ltd.) C:\Users\Erika\Downloads\Não confirmado 266336.crdownload
2016-08-06 10:32 - 2016-08-06 10:33 - 62830864 _____ C:\Users\Erika\Downloads\pokemon go.apk
2016-07-30 16:55 - 2016-07-30 16:55 - 02086725 _____ C:\Users\Erika\Desktop\Curso_4_Possibilidades_de_uma_Educacao_Integral_em_Tempo_Integral.pdf
2016-07-28 08:35 - 2016-07-28 08:35 - 00000000 ____D C:\Users\Erika\AppData\Roaming\Macromedia
2016-07-24 11:13 - 2016-07-24 11:13 - 00057522 _____ C:\Users\Erika\Desktop\hol 07.pdf
2016-07-24 11:12 - 2016-07-24 11:12 - 00057522 _____ C:\Users\Erika\Downloads\psp0220r (9).pdf
2016-07-19 21:49 - 2016-07-19 21:49 - 02890645 _____ C:\Users\Erika\Downloads\71B7.tmp
2016-07-12 15:03 - 2016-07-12 15:03 - 01535708 _____ C:\Users\Erika\Desktop\creche segura.pdf
2016-07-12 14:49 - 2016-07-12 14:49 - 00062360 _____ C:\Users\Erika\Downloads\ADINALVA (2).pdf
2016-07-12 14:49 - 2016-07-12 14:49 - 00016878 _____ C:\Users\Erika\Downloads\Untitled
2016-07-12 14:49 - 2016-07-12 14:49 - 00013692 _____ C:\Users\Erika\Downloads\Untitled (1)
2016-07-11 22:41 - 2016-07-11 22:41 - 00277877 _____ C:\Users\Erika\Desktop\Adi, 43 _ Brasília _ Twoo.html
2016-07-11 22:39 - 2016-07-11 22:41 - 00000000 ____D C:\Users\Erika\Desktop\Adi, 43 _ Brasília _ Twoo_files
2016-07-07 10:23 - 2016-07-07 10:23 - 03247037 _____ C:\Users\Erika\Desktop\campos de experiências.pptx
2016-07-06 20:28 - 2016-07-06 22:43 - 00000000 ____D C:\Users\Erika\Desktop\Camera
2016-07-06 15:24 - 2016-07-06 15:24 - 60876068 _____ C:\Users\Erika\Downloads\com.nianticlabs.pokemongo_0.29.0-2016070500_minAPI19(armeabi-v7a)(nodpi)_apkmirror.com.apk
2016-07-05 18:44 - 2016-07-05 18:45 - 04671437 _____ C:\Users\Erika\Downloads\starter.zip
2016-07-04 20:34 - 2016-07-04 20:34 - 00000000 ____D C:\Users\Erika\Desktop\DCIM
2016-06-30 14:02 - 2016-06-30 14:02 - 00921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
2016-06-30 14:02 - 2016-06-30 14:02 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-26 23:15 - 2016-06-26 23:15 - 02036700 _____ C:\Users\Erika\Desktop\Curso_3_A_importancia_de_um_Curriculo_Integrador_da_Infancia.pdf
2016-06-25 13:27 - 2016-06-25 13:27 - 00057554 _____ C:\Users\Erika\Desktop\hol 06.pdf
2016-06-25 13:26 - 2016-06-25 13:26 - 00057554 _____ C:\Users\Erika\Downloads\psp0220r (8).pdf
2016-06-24 13:45 - 2016-06-24 13:45 - 00062360 _____ C:\Users\Erika\Desktop\comprovante de quitação.pdf
2016-06-24 13:31 - 2016-06-24 13:31 - 00062360 _____ C:\Users\Erika\Downloads\ADINALVA (1).pdf
2016-06-23 17:39 - 2016-06-23 17:39 - 00001880 _____ C:\Users\Erika\Downloads\ADC6353179620000070014218808.pdf
2016-06-21 21:29 - 2016-06-21 21:29 - 00012531 _____ C:\Users\Erika\Downloads\Birds.mid
2016-06-21 17:56 - 2016-08-11 10:35 - 00000000 ____D C:\Users\Erika\Desktop\dbs
2016-06-20 16:37 - 2016-08-03 17:43 - 00000000 ____D C:\Users\Erika\Desktop\3ds
2016-06-20 13:42 - 2016-06-20 16:35 - 39089921 _____ C:\Users\Erika\Downloads\tm_o3ds_eur.bin
2016-06-18 23:00 - 2016-06-18 23:00 - 00018263 _____ C:\Users\Erika\Downloads\sinistro retrovisor Rosalvo.pdf
2016-06-18 23:00 - 2016-06-18 23:00 - 00018263 _____ C:\Users\Erika\Desktop\sinistro retrovisor Rosalvo.pdf
2016-06-16 22:03 - 2016-06-16 22:03 - 00078684 _____ C:\Users\Erika\Desktop\Aproveita ABC - Cupom.pdf
2016-06-14 17:35 - 2016-06-14 17:35 - 00001118 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-06-14 17:35 - 2016-06-14 17:35 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-14 12:59 - 2016-06-30 14:01 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-06-08 13:42 - 2016-06-08 13:42 - 00008934 _____ C:\Users\Erika\Downloads\5F36A4C4.vbs
2016-05-31 22:05 - 2016-05-31 22:04 - 02845732 _____ C:\Users\Erika\Desktop\ROSALVO PEREIRA DOS SANTOS - Proposta Endosso Substituição.pdf
2016-05-31 22:02 - 2016-05-31 22:03 - 02845732 _____ C:\Users\Erika\Downloads\ROSALVO PEREIRA DOS SANTOS - Proposta Endosso Substituição.pdf
2016-05-31 00:06 - 2016-05-31 00:06 - 00335666 _____ C:\Users\Erika\Desktop\carta assinada artes (1).pdf
2016-05-31 00:05 - 2016-05-31 00:05 - 00335666 _____ C:\Users\Erika\Desktop\carta assinada artes.pdf
2016-05-31 00:04 - 2016-05-31 00:04 - 00335666 _____ C:\Users\Erika\Downloads\carta assinada artes.pdf
2016-05-27 15:32 - 2016-05-27 15:32 - 00061248 _____ C:\Users\Erika\Desktop\holerit 05.pdf
2016-05-27 15:31 - 2016-05-27 15:31 - 00061248 _____ C:\Users\Erika\Downloads\psp0220r (7).pdf
2016-05-27 15:21 - 2016-05-27 15:21 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-05-26 13:21 - 2016-05-26 13:21 - 00000000 ____D C:\Users\Erika\Tracing
2016-05-24 10:16 - 2016-05-24 10:16 - 00203770 _____ C:\Users\Erika\Desktop\boletos de Artes.pdf
2016-05-24 10:13 - 2016-05-24 10:13 - 00203770 _____ C:\Users\Erika\Downloads\adinalva.pdf
2016-05-22 18:05 - 2016-05-22 18:05 - 01091008 _____ (Unity Technologies ApS) C:\Users\Erika\Downloads\UnityWebPlayer.exe
2016-05-22 12:29 - 2016-05-22 12:29 - 632814413 _____ C:\Users\Erika\Downloads\Não confirmado 780939.crdownload
2016-05-22 12:16 - 2016-05-22 12:17 - 00000000 ____D C:\Users\Erika\Downloads\P0016_5791e60c7
2016-05-22 11:15 - 2016-05-22 12:16 - 217867811 _____ C:\Users\Erika\Downloads\P0016_5791e60c7.zip
2016-05-21 23:00 - 2016-05-21 23:00 - 00081403 _____ C:\Users\Erika\Downloads\declaracao_14917383838_2016_21052016_c1e5e48c79924fd98eb0f4988ec938e2.pdf
2016-05-21 23:00 - 2016-05-21 23:00 - 00081403 _____ C:\Users\Erika\Desktop\declaracao_14917383838_2016_21052016_c1e5e48c79924fd98eb0f4988ec938e2.pdf
2016-05-21 22:59 - 2016-05-21 22:59 - 00081399 _____ C:\Users\Erika\Downloads\declaracao_14917383838_2015_21052015_3bccf949deb44a74b06de83fc63eb4f4.pdf
2016-05-21 22:59 - 2016-05-21 22:59 - 00081399 _____ C:\Users\Erika\Desktop\declaracao_14917383838_2015_21052015_3bccf949deb44a74b06de83fc63eb4f4.pdf
2016-05-17 22:32 - 2016-05-17 22:32 - 00000000 ____D C:\Users\Erika\Desktop\pombinha
2016-05-16 23:43 - 2016-05-16 20:58 - 00896706 _____ C:\Users\Erika\Desktop\Quebrando_preconceitos_estudando_ind+¡genas.pdf
2016-05-16 23:43 - 2016-05-16 20:58 - 00896298 _____ C:\Users\Erika\Desktop\a_tematica_indigena_nos_livros_didaticos.pdf
2016-05-16 23:43 - 2016-05-16 20:58 - 00237312 _____ C:\Users\Erika\Desktop\EVC - todo mundo +®.pdf
2016-05-16 20:43 - 2016-05-16 20:44 - 01725090 _____ C:\Users\Erika\Downloads\Anexos_2016516.zip
2016-05-16 19:45 - 2016-05-16 19:45 - 02071699 _____ C:\Users\Erika\Desktop\Curso_2_completo_-_Avaliacao_na_Educacao_Infantil_ampliando_os_olhares_-_baixa_resoluacao.pdf
2016-05-14 12:25 - 2016-05-14 12:26 - 02366795 _____ C:\Users\Erika\Downloads\13017742_1604767339848151_5051399_n.mp4
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-11 10:55 - 2016-03-15 11:17 - 00000000 ____D C:\Users\Erika\AppData\Roaming\Skype
2016-08-11 10:52 - 2009-07-14 01:34 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-11 10:52 - 2009-07-14 01:34 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-11 10:44 - 2016-01-07 09:38 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-11 10:44 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-10 19:28 - 2016-01-07 10:15 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-10 19:09 - 2016-01-07 09:38 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-10 10:12 - 2016-01-07 09:20 - 01602708 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-10 10:12 - 2009-07-29 15:38 - 00706932 _____ C:\Windows\system32\prfh0416.dat
2016-08-10 10:12 - 2009-07-29 15:38 - 00147126 _____ C:\Windows\system32\prfc0416.dat
2016-08-10 10:12 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-08-10 03:17 - 2016-01-07 09:15 - 00000000 ____D C:\Users\Erika
2016-08-08 20:11 - 2016-01-07 09:38 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-08 20:11 - 2016-01-07 09:38 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-08 19:44 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\NDF
2016-08-07 17:52 - 2016-04-10 10:35 - 00000000 ____D C:\Users\Erika\AppData\Local\ElevatedDiagnostics
2016-08-07 13:33 - 2016-01-07 10:10 - 00002003 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-08-07 13:29 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\registration
2016-08-07 13:29 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\AppCompat
2016-08-06 11:06 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-05 09:02 - 2016-01-07 10:09 - 00224616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-08-02 15:58 - 2016-01-07 10:16 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-30 14:28 - 2009-07-14 01:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-26 14:24 - 2016-01-07 09:40 - 00406184 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-15 09:30 - 2016-01-07 10:15 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-07-15 09:30 - 2016-01-07 10:15 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-07-13 14:02 - 2016-01-07 10:09 - 00438296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-07-12 13:29 - 2016-01-07 10:15 - 00000000 ____D C:\Windows\system32\Macromed
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
Executado por Erika (administrador) em ERIKA-PC (11-08-2016 10:57:11)
Executando a partir de C:\Users\Erika\Desktop
Perfis Carregados: Erika (Perfis Disponíveis: Erika)
Platform: Microsoft Windows 7 Professional (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Marketing Merengue) C:\Users\Erika\AppData\Roaming\Identities\ERIKA-PC.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-216171897-4010221603-4039672753-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-216171897-4010221603-4039672753-1000\...\Run: [4AnDJx1iochKS] => C:\Users\Erika\AppData\Roaming\Identities\ERIKA-PC.exe [4715810 2016-07-13] (Marketing Merengue)
HKU\S-1-5-21-216171897-4010221603-4039672753-1000\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-216171897-4010221603-4039672753-1000\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-21-216171897-4010221603-4039672753-1000\...\Policies\Explorer: [DisallowRun] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll Nenhum Arquivo
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{18F60451-B92B-4DC2-BE9C-B53FD629E12C}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-216171897-4010221603-4039672753-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-07] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll => Nenhum Arquivo
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-07] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-07] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF => não encontrado (a)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR Profile: C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-07]
CHR Extension: (Google Docs) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-07]
CHR Extension: (Google Drive) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-07]
CHR Extension: (Proxy grátis para desbloquear qualquer site
Touch VPN) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2016-08-10]
CHR Extension: (YouTube) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-07]
CHR Extension: (Google Search) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-07]
CHR Extension: (Planilhas do Google) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-07]
CHR Extension: (Documentos Google off-line) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-08-10]
CHR Extension: (Skype) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-24]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-07]
CHR Extension: (Chrome Media Router) - C:\Users\Erika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-09]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
R2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2014-03-28] (Google Inc)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus.sys [14336 2014-05-08] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2014-03-28] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2014-03-28] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-06-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-06-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91680 2016-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-06-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [816304 2016-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [438296 2016-07-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118152 2016-06-30] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224616 2016-08-05] (AVAST Software)
R3 SrvHsfPCI; C:\Windows\System32\DRIVERS\VSTBS23.SYS [266752 2009-07-13] (Conexant Systems, Inc.)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [104096 2015-09-08] (BigNox Corporation)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [203424 2015-09-08] (BigNox Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-11 10:57 - 2016-08-11 10:57 - 00010992 _____ C:\Users\Erika\Desktop\FRST.txt
2016-08-11 10:55 - 2016-08-11 10:57 - 00000000 ____D C:\FRST
2016-08-11 10:54 - 2016-08-11 10:54 - 01744384 _____ (Farbar) C:\Users\Erika\Desktop\FRST.exe
2016-08-11 10:52 - 2015-06-23 04:00 - 00088248 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\vcruntime140.dll
2016-08-11 10:51 - 2016-08-11 10:51 - 00047223 _____ C:\Users\Erika\Downloads\vcruntime140.zip
2016-08-11 10:49 - 2016-08-11 10:49 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-08-11 10:49 - 2016-08-11 10:49 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-11 10:47 - 2016-08-11 10:49 - 13969576 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\vc_redist.x86 (1).exe
2016-08-11 10:46 - 2016-08-11 10:47 - 00629006 _____ C:\Users\Erika\Downloads\Windows6.1-KB2999226-x86 (1).msu
2016-08-11 10:43 - 2016-08-11 10:43 - 00370860 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\Não confirmado 804865.crdownload
2016-08-11 10:42 - 2016-08-11 10:43 - 13969576 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\vc_redist.x86.exe
2016-08-11 10:41 - 2016-08-11 10:41 - 00629006 _____ C:\Users\Erika\Downloads\Windows6.1-KB2999226-x86.msu
2016-08-10 11:57 - 2016-08-10 11:58 - 05848960 _____ C:\Users\Erika\Downloads\PokemonGo-Bot-master (4).zip
2016-08-10 11:42 - 2016-08-10 11:42 - 05855206 _____ C:\Users\Erika\Downloads\PokemonGo-Bot-master (3).zip
2016-08-10 11:42 - 2016-08-10 11:42 - 00000000 ____D C:\Users\Erika\Downloads\PokemonGo-Bot-master (3)
2016-08-10 11:22 - 2016-08-10 11:22 - 00000000 ____D C:\Users\Erika\AppData\Roaming\WinRAR
2016-08-10 11:22 - 2016-08-10 11:22 - 00000000 ____D C:\Users\Erika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-10 11:22 - 2016-08-10 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-10 11:22 - 2016-08-10 11:22 - 00000000 ____D C:\Program Files\WinRAR
2016-08-10 11:21 - 2016-08-10 11:21 - 01808528 _____ C:\Users\Erika\Downloads\wrar531.exe
2016-08-10 11:18 - 2016-08-10 11:18 - 05515727 _____ C:\Users\Erika\Downloads\PokemonGo-Bot-master (2).zip
2016-08-10 10:52 - 2016-08-10 10:52 - 05513534 _____ C:\Users\Erika\Downloads\PokemonGo-Bot-master (1).zip
2016-08-10 10:52 - 2016-08-10 10:52 - 00000000 ____D C:\Users\Erika\Downloads\PokemonGo-Bot-master (1)
2016-08-10 10:27 - 2016-08-10 10:27 - 00000000 ____D C:\Users\Erika\AppData\Local\GMap.NET
2016-08-10 10:19 - 2016-08-10 10:19 - 00000000 ____D C:\Users\Erika\Downloads\PokemonGo-Bot-master
2016-08-10 10:15 - 2016-08-10 10:15 - 05513423 _____ C:\Users\Erika\Downloads\PokemonGo-Bot-master.zip
2016-08-10 10:05 - 2016-08-10 10:05 - 01005568 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\dotNetFx45_Full_setup.exe
2016-08-10 10:04 - 2016-08-10 10:04 - 01429344 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP462-KB3151802-Web (3).exe
2016-08-10 08:55 - 2016-08-10 08:57 - 67681000 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP461-KB3102436-x86-x64-AllOS-ENU (1).exe
2016-08-10 08:44 - 2016-08-10 08:45 - 67681000 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP461-KB3102436-x86-x64-AllOS-ENU.exe
2016-08-10 08:42 - 2016-08-10 08:43 - 62008080 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP462-KB3151800-x86-x64-AllOS-ENU.exe
2016-08-10 08:40 - 2016-08-10 08:40 - 01424328 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP461-KB3102438-Web.exe
2016-08-10 08:39 - 2016-08-10 08:40 - 01429344 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP462-KB3151802-Web (2).exe
2016-08-10 08:34 - 2016-08-10 08:34 - 00889416 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\dotNetFx40_Full_setup (1).exe
2016-08-10 08:32 - 2016-08-10 08:32 - 01429344 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP462-KB3151802-Web.exe
2016-08-10 08:32 - 2016-08-10 08:32 - 01429344 _____ (Microsoft Corporation) C:\Users\Erika\Downloads\NDP462-KB3151802-Web (1).exe
2016-08-10 08:24 - 2016-08-10 08:24 - 01390418 _____ C:\Users\Erika\Downloads\Haxton-SytharixEdit_v2.14.zip
2016-08-10 08:24 - 2016-08-10 08:24 - 00000000 ____D C:\Users\Erika\Downloads\Haxton-SytharixEdit_v2.14
2016-08-10 07:18 - 2016-08-11 10:56 - 00000000 ____D C:\Users\Erika\AppData\Local\Ckerjikghoguied
2016-08-10 07:18 - 2016-08-10 13:38 - 00000000 ____D C:\Program Files\Reewdom
2016-08-10 07:18 - 2016-08-10 07:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Social2Se
2016-08-10 07:18 - 2016-08-10 07:18 - 00000000 ____D C:\Program Files\45911d5f35b83ac20056ab20efb006c2
2016-08-10 07:17 - 2016-08-10 07:17 - 00001451 _____ C:\Users\Public\Desktop\Download xposed_v72_sdk...lnk
2016-08-10 07:17 - 2016-08-10 07:17 - 00001431 _____ C:\Users\Public\Desktop\Download xposed framewo...lnk
2016-08-10 07:16 - 2016-08-10 07:16 - 00788771 _____ C:\Users\Erika\Downloads\Xposed Installer ( Mano Tec ).apk
2016-08-10 07:15 - 2016-08-10 07:16 - 01868089 _____ C:\Users\Erika\Downloads\Wanam Xposed ( Mano Tec ).apk
2016-08-10 06:23 - 2016-08-10 06:23 - 19792361 _____ C:\Users\Erika\Downloads\twrp&cwm reidosnoob`s.rar
2016-08-10 05:34 - 2016-08-10 05:34 - 00788771 _____ C:\Users\Erika\Downloads\de.robv.android.xposed.installer_v33_36570c.apk
2016-08-10 05:24 - 2016-08-10 05:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2016-08-10 05:20 - 2016-08-10 05:21 - 06845248 _____ C:\Users\Erika\Downloads\xposed-v65-sdk21-arm-arter97-V5-generic.zip
2016-08-10 05:19 - 2016-08-10 05:19 - 03540352 _____ C:\Users\Erika\Downloads\xposed-v67-sdk22-arm-by-romracer-20150716.zip
2016-08-10 05:00 - 2016-08-10 05:00 - 00626521 _____ C:\Users\Erika\Downloads\XposedInstaller_3.0_alpha4.apk
2016-08-10 04:32 - 2016-08-10 04:39 - 08851538 _____ C:\Users\Erika\Downloads\Kingroot v4.8.0 build 20160203 (One Click Root) - android-zone.ws.apk
2016-08-10 03:17 - 2016-08-10 03:17 - 00000000 ____D C:\Users\Erika\.android
2016-08-10 03:13 - 2016-08-10 03:13 - 00000000 ____D C:\Users\Erika\Downloads\LG_Root
2016-08-10 03:08 - 2016-08-10 03:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf
2016-08-10 03:06 - 2016-08-10 03:06 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-08-10 03:06 - 2016-08-10 03:06 - 00000000 ____D C:\Program Files\LG Electronics
2016-08-10 03:06 - 2014-05-08 18:52 - 00014336 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetbus.sys
2016-08-10 03:06 - 2014-03-28 15:40 - 00025856 _____ (Google Inc) C:\Windows\system32\Drivers\lgandnetadb.sys
2016-08-10 03:06 - 2014-03-28 15:22 - 00027776 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem.sys
2016-08-10 03:06 - 2014-03-28 15:22 - 00023168 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag.sys
2016-08-10 03:06 - 2011-07-18 15:01 - 01419232 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01005.dll
2016-08-10 03:01 - 2016-08-10 03:03 - 11445968 _____ (LG Electronics) C:\Users\Erika\Downloads\LGUnitedMobileDriver_S50MAN311AP22_ML_WHQL_Ver_3.11.3.exe
2016-08-10 02:14 - 2016-08-10 02:44 - 311563080 _____ (Duodian Technology Co. Ltd.) C:\Users\Erika\Downloads\nox_setup_v3.7.1.0_full_En.exe
2016-08-09 18:33 - 2016-08-09 18:33 - 00061248 _____ C:\Users\Erika\Downloads\psp0220r (10).pdf
2016-08-09 10:51 - 2016-08-09 10:51 - 00142497 _____ C:\Windows\8679be4bd357d6c8bee1e642cb7d4057.exe
2016-08-08 13:30 - 2016-08-08 13:57 - 04654527 _____ C:\Users\Erika\Downloads\tutuapp_v1.2.05 (2).apk
2016-08-08 13:23 - 2016-08-08 13:30 - 04654527 _____ C:\Users\Erika\Downloads\tutuapp_v1.2.05 (1).apk
2016-08-08 13:08 - 2016-08-08 13:13 - 01356924 _____ C:\Users\Erika\Downloads\tutuapp_v1.2.05.apk
2016-08-07 13:32 - 2016-06-30 14:02 - 00319248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-08-06 11:12 - 2016-08-06 11:12 - 00000000 ____D C:\Users\Erika\AppData\Local\nox_video_tool
2016-08-06 11:07 - 2016-08-06 11:07 - 00000000 ____D C:\Users\Erika\Nox_share
2016-08-06 11:07 - 2016-08-06 11:07 - 00000000 ____D C:\Users\Erika\.BigNox
2016-08-06 11:07 - 2016-08-06 11:07 - 00000000 ____D C:\Program Files\DIFX
2016-08-06 11:07 - 2015-09-08 05:16 - 00104096 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-08-06 11:06 - 2016-08-07 13:29 - 00000000 ____D C:\Program Files\Bignox
2016-08-06 11:04 - 2016-08-06 11:04 - 00000000 ____D C:\Users\Erika\Downloads\nox_setup_v3.6.0.0_full_en
2016-08-06 11:01 - 2016-08-10 03:01 - 00000000 ____D C:\Users\Erika\AppData\Local\Nox
2016-08-06 10:45 - 2016-08-06 10:56 - 266510096 _____ (Duodian Technology Co. Ltd.) C:\Users\Erika\Downloads\nox_setup_v3.6.0.0_full_en.exe
2016-08-06 10:32 - 2016-08-06 10:43 - 266510096 _____ (Duodian Technology Co. Ltd.) C:\Users\Erika\Downloads\Não confirmado 266336.crdownload
2016-08-06 10:32 - 2016-08-06 10:33 - 62830864 _____ C:\Users\Erika\Downloads\pokemon go.apk
2016-07-30 16:55 - 2016-07-30 16:55 - 02086725 _____ C:\Users\Erika\Desktop\Curso_4_Possibilidades_de_uma_Educacao_Integral_em_Tempo_Integral.pdf
2016-07-28 08:35 - 2016-07-28 08:35 - 00000000 ____D C:\Users\Erika\AppData\Roaming\Macromedia
2016-07-24 11:13 - 2016-07-24 11:13 - 00057522 _____ C:\Users\Erika\Desktop\hol 07.pdf
2016-07-24 11:12 - 2016-07-24 11:12 - 00057522 _____ C:\Users\Erika\Downloads\psp0220r (9).pdf
2016-07-19 21:49 - 2016-07-19 21:49 - 02890645 _____ C:\Users\Erika\Downloads\71B7.tmp
2016-07-12 15:03 - 2016-07-12 15:03 - 01535708 _____ C:\Users\Erika\Desktop\creche segura.pdf
2016-07-12 14:49 - 2016-07-12 14:49 - 00062360 _____ C:\Users\Erika\Downloads\ADINALVA (2).pdf
2016-07-12 14:49 - 2016-07-12 14:49 - 00016878 _____ C:\Users\Erika\Downloads\Untitled
2016-07-12 14:49 - 2016-07-12 14:49 - 00013692 _____ C:\Users\Erika\Downloads\Untitled (1)
2016-07-11 22:41 - 2016-07-11 22:41 - 00277877 _____ C:\Users\Erika\Desktop\Adi, 43 _ Brasília _ Twoo.html
2016-07-11 22:39 - 2016-07-11 22:41 - 00000000 ____D C:\Users\Erika\Desktop\Adi, 43 _ Brasília _ Twoo_files
2016-07-07 10:23 - 2016-07-07 10:23 - 03247037 _____ C:\Users\Erika\Desktop\campos de experiências.pptx
2016-07-06 20:28 - 2016-07-06 22:43 - 00000000 ____D C:\Users\Erika\Desktop\Camera
2016-07-06 15:24 - 2016-07-06 15:24 - 60876068 _____ C:\Users\Erika\Downloads\com.nianticlabs.pokemongo_0.29.0-2016070500_minAPI19(armeabi-v7a)(nodpi)_apkmirror.com.apk
2016-07-05 18:44 - 2016-07-05 18:45 - 04671437 _____ C:\Users\Erika\Downloads\starter.zip
2016-07-04 20:34 - 2016-07-04 20:34 - 00000000 ____D C:\Users\Erika\Desktop\DCIM
2016-06-30 14:02 - 2016-06-30 14:02 - 00921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
2016-06-30 14:02 - 2016-06-30 14:02 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-26 23:15 - 2016-06-26 23:15 - 02036700 _____ C:\Users\Erika\Desktop\Curso_3_A_importancia_de_um_Curriculo_Integrador_da_Infancia.pdf
2016-06-25 13:27 - 2016-06-25 13:27 - 00057554 _____ C:\Users\Erika\Desktop\hol 06.pdf
2016-06-25 13:26 - 2016-06-25 13:26 - 00057554 _____ C:\Users\Erika\Downloads\psp0220r (8).pdf
2016-06-24 13:45 - 2016-06-24 13:45 - 00062360 _____ C:\Users\Erika\Desktop\comprovante de quitação.pdf
2016-06-24 13:31 - 2016-06-24 13:31 - 00062360 _____ C:\Users\Erika\Downloads\ADINALVA (1).pdf
2016-06-23 17:39 - 2016-06-23 17:39 - 00001880 _____ C:\Users\Erika\Downloads\ADC6353179620000070014218808.pdf
2016-06-21 21:29 - 2016-06-21 21:29 - 00012531 _____ C:\Users\Erika\Downloads\Birds.mid
2016-06-21 17:56 - 2016-08-11 10:35 - 00000000 ____D C:\Users\Erika\Desktop\dbs
2016-06-20 16:37 - 2016-08-03 17:43 - 00000000 ____D C:\Users\Erika\Desktop\3ds
2016-06-20 13:42 - 2016-06-20 16:35 - 39089921 _____ C:\Users\Erika\Downloads\tm_o3ds_eur.bin
2016-06-18 23:00 - 2016-06-18 23:00 - 00018263 _____ C:\Users\Erika\Downloads\sinistro retrovisor Rosalvo.pdf
2016-06-18 23:00 - 2016-06-18 23:00 - 00018263 _____ C:\Users\Erika\Desktop\sinistro retrovisor Rosalvo.pdf
2016-06-16 22:03 - 2016-06-16 22:03 - 00078684 _____ C:\Users\Erika\Desktop\Aproveita ABC - Cupom.pdf
2016-06-14 17:35 - 2016-06-14 17:35 - 00001118 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-06-14 17:35 - 2016-06-14 17:35 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-14 12:59 - 2016-06-30 14:01 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-06-08 13:42 - 2016-06-08 13:42 - 00008934 _____ C:\Users\Erika\Downloads\5F36A4C4.vbs
2016-05-31 22:05 - 2016-05-31 22:04 - 02845732 _____ C:\Users\Erika\Desktop\ROSALVO PEREIRA DOS SANTOS - Proposta Endosso Substituição.pdf
2016-05-31 22:02 - 2016-05-31 22:03 - 02845732 _____ C:\Users\Erika\Downloads\ROSALVO PEREIRA DOS SANTOS - Proposta Endosso Substituição.pdf
2016-05-31 00:06 - 2016-05-31 00:06 - 00335666 _____ C:\Users\Erika\Desktop\carta assinada artes (1).pdf
2016-05-31 00:05 - 2016-05-31 00:05 - 00335666 _____ C:\Users\Erika\Desktop\carta assinada artes.pdf
2016-05-31 00:04 - 2016-05-31 00:04 - 00335666 _____ C:\Users\Erika\Downloads\carta assinada artes.pdf
2016-05-27 15:32 - 2016-05-27 15:32 - 00061248 _____ C:\Users\Erika\Desktop\holerit 05.pdf
2016-05-27 15:31 - 2016-05-27 15:31 - 00061248 _____ C:\Users\Erika\Downloads\psp0220r (7).pdf
2016-05-27 15:21 - 2016-05-27 15:21 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-05-26 13:21 - 2016-05-26 13:21 - 00000000 ____D C:\Users\Erika\Tracing
2016-05-24 10:16 - 2016-05-24 10:16 - 00203770 _____ C:\Users\Erika\Desktop\boletos de Artes.pdf
2016-05-24 10:13 - 2016-05-24 10:13 - 00203770 _____ C:\Users\Erika\Downloads\adinalva.pdf
2016-05-22 18:05 - 2016-05-22 18:05 - 01091008 _____ (Unity Technologies ApS) C:\Users\Erika\Downloads\UnityWebPlayer.exe
2016-05-22 12:29 - 2016-05-22 12:29 - 632814413 _____ C:\Users\Erika\Downloads\Não confirmado 780939.crdownload
2016-05-22 12:16 - 2016-05-22 12:17 - 00000000 ____D C:\Users\Erika\Downloads\P0016_5791e60c7
2016-05-22 11:15 - 2016-05-22 12:16 - 217867811 _____ C:\Users\Erika\Downloads\P0016_5791e60c7.zip
2016-05-21 23:00 - 2016-05-21 23:00 - 00081403 _____ C:\Users\Erika\Downloads\declaracao_14917383838_2016_21052016_c1e5e48c79924fd98eb0f4988ec938e2.pdf
2016-05-21 23:00 - 2016-05-21 23:00 - 00081403 _____ C:\Users\Erika\Desktop\declaracao_14917383838_2016_21052016_c1e5e48c79924fd98eb0f4988ec938e2.pdf
2016-05-21 22:59 - 2016-05-21 22:59 - 00081399 _____ C:\Users\Erika\Downloads\declaracao_14917383838_2015_21052015_3bccf949deb44a74b06de83fc63eb4f4.pdf
2016-05-21 22:59 - 2016-05-21 22:59 - 00081399 _____ C:\Users\Erika\Desktop\declaracao_14917383838_2015_21052015_3bccf949deb44a74b06de83fc63eb4f4.pdf
2016-05-17 22:32 - 2016-05-17 22:32 - 00000000 ____D C:\Users\Erika\Desktop\pombinha
2016-05-16 23:43 - 2016-05-16 20:58 - 00896706 _____ C:\Users\Erika\Desktop\Quebrando_preconceitos_estudando_ind+¡genas.pdf
2016-05-16 23:43 - 2016-05-16 20:58 - 00896298 _____ C:\Users\Erika\Desktop\a_tematica_indigena_nos_livros_didaticos.pdf
2016-05-16 23:43 - 2016-05-16 20:58 - 00237312 _____ C:\Users\Erika\Desktop\EVC - todo mundo +®.pdf
2016-05-16 20:43 - 2016-05-16 20:44 - 01725090 _____ C:\Users\Erika\Downloads\Anexos_2016516.zip
2016-05-16 19:45 - 2016-05-16 19:45 - 02071699 _____ C:\Users\Erika\Desktop\Curso_2_completo_-_Avaliacao_na_Educacao_Infantil_ampliando_os_olhares_-_baixa_resoluacao.pdf
2016-05-14 12:25 - 2016-05-14 12:26 - 02366795 _____ C:\Users\Erika\Downloads\13017742_1604767339848151_5051399_n.mp4
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-11 10:55 - 2016-03-15 11:17 - 00000000 ____D C:\Users\Erika\AppData\Roaming\Skype
2016-08-11 10:52 - 2009-07-14 01:34 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-11 10:52 - 2009-07-14 01:34 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-11 10:44 - 2016-01-07 09:38 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-11 10:44 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-10 19:28 - 2016-01-07 10:15 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-10 19:09 - 2016-01-07 09:38 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-10 10:12 - 2016-01-07 09:20 - 01602708 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-10 10:12 - 2009-07-29 15:38 - 00706932 _____ C:\Windows\system32\prfh0416.dat
2016-08-10 10:12 - 2009-07-29 15:38 - 00147126 _____ C:\Windows\system32\prfc0416.dat
2016-08-10 10:12 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-08-10 03:17 - 2016-01-07 09:15 - 00000000 ____D C:\Users\Erika
2016-08-08 20:11 - 2016-01-07 09:38 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-08 20:11 - 2016-01-07 09:38 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-08 19:44 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\NDF
2016-08-07 17:52 - 2016-04-10 10:35 - 00000000 ____D C:\Users\Erika\AppData\Local\ElevatedDiagnostics
2016-08-07 13:33 - 2016-01-07 10:10 - 00002003 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-08-07 13:29 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\registration
2016-08-07 13:29 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\AppCompat
2016-08-06 11:06 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-05 09:02 - 2016-01-07 10:09 - 00224616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-08-02 15:58 - 2016-01-07 10:16 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-30 14:28 - 2009-07-14 01:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-26 14:24 - 2016-01-07 09:40 - 00406184 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-15 09:30 - 2016-01-07 10:15 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-07-15 09:30 - 2016-01-07 10:15 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-07-13 14:02 - 2016-01-07 10:09 - 00438296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-07-12 13:29 - 2016-01-07 10:15 - 00000000 ____D C:\Windows\system32\Macromed
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente