Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 10-09-2017
Executado por PC (administrador) em PC-PC (10-09-2017 18:12:20)
Executando a partir de C:\Users\PC\Downloads
Perfis Carregados: PC (Perfis Disponíveis: PC)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Nero AG) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Spotify Ltd) C:\Users\PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
() C:\Users\PC\AppData\Local\Temp\c8-dbb17-3e9-b2681-81a991a34156e\PYVGSCBOFI.exe
(Scopus Soluções em TI Ltda) C:\Program Files\scpbrad\scpbradserv.exe
(Scopus Soluções em TI Ltda) C:\Program Files\scpbrad\scpbradguard.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(mmn ltd) C:\Program Files\9axPpyfNmCWM\9axppyfnmcwm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-10] (AVAST Software)
HKLM\...\Run: [AVG_UI] => "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=av
HKLM\...\Run: [vProt] => "C:\Program Files\AVG Web TuneUp\vprot.exe"
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\...\Run: [Spotify Web Helper] => C:\Users\PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-13] (Spotify Ltd)
HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\...\Run: [PYVGSCBOFI.exe] => C:\Users\PC\AppData\Local\Temp\c8-dbb17-3e9-b2681-81a991a34156e\PYVGSCBOFI.exe [115712 2017-09-10] () <==== ATENÇÃO
HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\...\MountPoints2: {5e50eb23-18eb-11e4-86bc-eca86bb87168} - D:\iLinker.exe
HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\...\MountPoints2: {ba4b0551-f642-11e3-964d-806e6f6e6963} - E:\DriverPackSolution.exe
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinMySQLadmin.lnk [2017-04-29]
ShortcutTarget: WinMySQLadmin.lnk -> C:\mysql\bin\winmysqladmin.exe (Nenhum Arquivo)
GroupPolicy: Restrição - Chrome <==== ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AA1A2CA0-F21A-435D-8237-4C4536BA3D56}: [NameServer] 82.163.142.8,95.211.158.136
Tcpip\..\Interfaces\{AA1A2CA0-F21A-435D-8237-4C4536BA3D56}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B179C11B-DE94-4CA8-A6A2-912A6633BF3C}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqfDHrz5d6u8a_LeSi03nXgdPC7lDSXnWVbGhQOXwxN-nDANshB_HIeLU7KEAVmjEQ1RjClGDd90Hyl-KfJ8s0nDlYPnm-XsXpENEF7rmZ8J1NyCseYU4VGvIXBc3eebsbYGyC83BDG23GyMLsDRLB2-4uy3ViW6MhnHdhCu2&q={searchTerms}
HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
URLSearchHook: HKLM -> Padrão = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> DefaultScope valor está ausente
SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
SearchScopes: HKU\S-1-5-21-1576592163-1334127847-2756959924-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F351DA73-E765-49AB-B987-F0AB4E6A1D1A}&mid=669e9b8928e047d2ba643de12d5c989b-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0117tb&pr=fr&d=2016-12-13 17:45:31&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1576592163-1334127847-2756959924-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1576592163-1334127847-2756959924-1000 -> {83698346-683E-489E-95C7-93C16026DE6B} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=H9Azltpbl1BU,b115b5b4-c157-4e08-83f0-6811beec29c2,
SearchScopes: HKU\S-1-5-21-1576592163-1334127847-2756959924-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F351DA73-E765-49AB-B987-F0AB4E6A1D1A}&mid=669e9b8928e047d2ba643de12d5c989b-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0117tb&pr=fr&d=2016-12-13 17:45:31&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-16] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll => Nenhum Arquivo
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-16] (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ckodbp4w.default [2017-09-10]
FF NewTab: Mozilla\Firefox\Profiles\ckodbp4w.default -> hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=H9Azltpbl1BU,b115b5b4-c157-4e08-83f0-6811beec29c2,
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ckodbp4w.default ->
FF Homepage: Mozilla\Firefox\Profiles\ckodbp4w.default -> hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=H9Azltpbl1BU,b115b5b4-c157-4e08-83f0-6811beec29c2,
FF Keyword.URL: Mozilla\Firefox\Profiles\ckodbp4w.default -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=H9Azltpbl1BU,b115b5b4-c157-4e08-83f0-6811beec29c2,
FF Extension: (AVG Web TuneUp) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ckodbp4w.default\Extensions\avg@toolbar.xpi [2017-01-26]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\priberam.xml [2012-06-01]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\sapo.xml [2012-06-01]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wikipedia-ptpt.xml [2012-06-01]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wtu-secure-search.xml [2017-01-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-09] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-16] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2017-09-10]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-10]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-10]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-10]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-10]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-10]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-09-10]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-08]
CHR HKLM\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-10] (AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2013-11-15] (Intel Corporation)
R2 scpbradserv; C:\Program Files\scpbrad\scpbradserv.exe [1997792 2017-08-10] (Scopus Soluções em TI Ltda)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
S2 9axPpyfNmCWM Updater; C:\Program Files\9axPpyfNmCWM Updater\9axPpyfNmCWM Updater.exe [X]
S2 DMWin32UpdateSrv; %SystemRoot%\System32\normalmoon.dll [X]
S3 FirebirdServerDefaultInstance; "C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe" -s DefaultInstance [X]
S2 MySql; C:/mysql/bin/mysqld-nt.exe [X]
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-09-12] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-09-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-09-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-09-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-09-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-09-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [107648 2016-07-22] (Samsung Electronics Co., Ltd.)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [488808 2013-09-20] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24424 2013-09-20] (Intel Corporation)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-07-17] (Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [56432 2013-01-23] (Intel Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1702032 2014-07-04] (MediaTek Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [146048 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1846448 2013-05-10] (VIA Technologies, Inc.)
S1 Lace514; \SystemRoot\System32\drivers\Lace_wpf_x86.sys [X]
S3 SMUpdd; \??\C:\Program Files\Common Files\Noobzo\GNUpdate\smw.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 vonetframe; \??\C:\Windows\system32\drivers\vonetframe.sys [X]
S1 wfcre; system32\drivers\wfcre.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-09-10 18:08 - 2017-09-10 18:12 - 000045467 _____ C:\Users\PC\Downloads\Addition.txt
2017-09-10 18:03 - 2017-09-10 18:12 - 000017713 _____ C:\Users\PC\Downloads\FRST.txt
2017-09-10 18:02 - 2017-09-10 18:12 - 000000000 ____D C:\FRST
2017-09-10 18:01 - 2017-09-10 18:01 - 001793024 _____ (Farbar) C:\Users\PC\Downloads\FRST.exe
2017-09-10 17:43 - 2017-09-10 17:51 - 476183603 _____ C:\Users\PC\Downloads\CorelDRASuiteX7Installer 32.rar
2017-09-10 16:57 - 2017-09-10 18:03 - 000000000 ____D C:\Users\Todos os Usuários\CorelDRAW Graphics Suite X7
2017-09-10 16:57 - 2017-09-10 18:03 - 000000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7
2017-09-10 16:42 - 2017-09-10 16:42 - 000385024 _____ C:\Users\PC\Downloads\Keygen.exe
2017-09-10 16:41 - 2017-09-10 16:51 - 436690384 _____ (Acresso Software Inc. ) C:\Users\PC\Downloads\CorelDRAWGraphicsSuiteX7Installer_BR32Bit.exe
2017-09-10 15:52 - 2017-09-10 16:10 - 000000000 ____D C:\AdwCleaner
2017-09-10 15:29 - 2017-09-10 15:58 - 000002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-10 13:35 - 2017-09-10 13:35 - 000000000 ____H C:\Windows\system32\BITDEC2.tmp
2017-09-10 13:35 - 2017-09-10 13:35 - 000000000 ____H C:\Windows\system32\BIT1CE.tmp
2017-09-10 12:13 - 2017-09-10 12:13 - 000003010 __RSH C:\Users\Todos os Usuários\ntuser.pol
2017-09-10 12:13 - 2017-09-10 12:13 - 000003010 __RSH C:\ProgramData\ntuser.pol
2017-09-10 12:11 - 2017-09-10 12:12 - 000000000 ____D C:\Program Files\9axPpyfNmCWM
2017-09-10 12:10 - 2017-09-10 12:10 - 000136834 _____ () C:\Users\PC\AppData\Local\Scottam.bin
2017-09-10 12:09 - 2017-09-10 12:09 - 007327744 _____ C:\Users\PC\AppData\Local\agent.dat
2017-09-10 12:09 - 2017-09-10 12:09 - 001899993 _____ C:\Users\PC\AppData\Local\Traneco.tst
2017-09-10 12:09 - 2017-09-10 12:09 - 001895382 _____ C:\Users\PC\AppData\Local\Fasekaytip.bin
2017-09-10 12:09 - 2017-09-10 12:09 - 000278507 _____ C:\Users\PC\AppData\Local\Zuncore.bin
2017-09-10 12:09 - 2017-09-10 12:09 - 000126464 _____ C:\Users\PC\AppData\Local\noah.dat
2017-09-10 12:09 - 2017-09-10 12:09 - 000070800 _____ C:\Users\PC\AppData\Local\Config.xml
2017-09-10 12:09 - 2017-09-10 12:09 - 000005568 _____ C:\Users\PC\AppData\Local\md.xml
2017-09-10 12:09 - 2017-09-10 12:07 - 002446336 _____ (TODO:) C:\Users\PC\AppData\Local\Traneco.exe
2017-09-10 12:08 - 2017-09-10 12:08 - 000140800 _____ C:\Users\PC\AppData\Local\installer.dat
2017-09-10 12:07 - 2017-09-10 12:07 - 000031449 _____ C:\Windows\2f91d622db8900a781abe53270246e57.ps1
2017-09-08 20:53 - 2017-09-08 20:53 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-09-07 17:59 - 2017-09-08 20:52 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-09-07 17:59 - 2017-09-08 20:52 - 000000000 ____D C:\Program Files\Adobe
2017-09-07 13:25 - 2017-09-07 13:25 - 000483840 _____ C:\Windows\b6bcd6667f1329301f2c5b2d858dca37.exe
2017-09-07 13:25 - 2017-09-07 13:25 - 000039816 _____ C:\Windows\uninstaller.dat
2017-08-26 13:00 - 2017-08-26 13:00 - 000000000 ____D C:\Users\PC\AppData\Local\OnixSat_Rastreamento_de_V
2017-08-26 09:23 - 2017-08-26 08:44 - 000000000 ____D C:\Program Files\OnixSat
2017-08-23 18:42 - 2017-08-23 18:42 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-15 12:29 - 2017-08-20 15:42 - 000000000 ____D C:\Users\PC\Desktop\vandim
2017-08-10 18:39 - 2017-08-10 18:39 - 000000000 ____D C:\Users\Todos os Usuários\scpbrad
2017-08-10 18:39 - 2017-08-10 18:39 - 000000000 ____D C:\ProgramData\scpbrad
2017-08-10 18:39 - 2017-08-10 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Componente de Segurança Bradesco
2017-08-10 18:39 - 2017-08-10 18:39 - 000000000 ____D C:\Program Files\scpbrad
2017-08-04 23:59 - 2017-09-04 10:14 - 000000000 ____D C:\Users\PC\Desktop\Nova pasta
2017-07-23 08:23 - 2017-07-23 08:23 - 000000000 ____D C:\Program Files\Common Files\Skype
2017-07-21 22:24 - 2017-07-21 22:24 - 000000000 ____D C:\Users\PC\Documents\Audacity
2017-07-05 13:42 - 2017-07-05 13:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2017-07-05 13:42 - 2017-07-05 13:42 - 000000000 ____D C:\Program Files\DsNET Corp
2017-07-05 13:42 - 2013-05-23 09:52 - 000386560 _____ (Dart Communications) C:\Windows\system32\DartSecure2.dll
2017-07-05 13:42 - 2013-05-23 09:52 - 000234496 _____ (Dart Communications) C:\Windows\system32\DartCertificate.dll
2017-07-05 13:42 - 2013-05-06 13:17 - 000425472 _____ (Dart Communications) C:\Windows\system32\DartSock.dll
2017-07-05 13:42 - 2008-08-18 19:18 - 000077824 _____ (Fox Magic Software) C:\Windows\system32\fmcodec.DLL
2017-06-29 18:00 - 2016-07-22 04:21 - 000146048 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2017-06-29 18:00 - 2016-07-22 04:21 - 000107648 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2017-06-29 17:38 - 2017-06-29 17:38 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2017-06-29 17:35 - 2017-06-29 17:35 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-06-29 17:35 - 2017-06-29 17:35 - 000000000 ____D C:\Users\PC\AppData\Local\Samsung
2017-06-29 17:34 - 2017-06-29 17:34 - 000000000 ____D C:\Users\PC\Documents\samsung
2017-06-29 17:33 - 2017-06-29 17:34 - 000000000 ____D C:\Users\PC\AppData\Roaming\Samsung
2017-06-29 17:33 - 2016-07-22 04:21 - 001121040 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2017-06-29 17:33 - 2016-07-22 04:21 - 000589944 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2017-06-29 17:27 - 2017-06-29 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-06-29 17:27 - 2016-05-18 14:49 - 004659712 _____ (Dmitry Streblechenko) C:\Windows\system32\Redemption.dll
2017-06-29 17:27 - 2016-05-18 14:49 - 000821824 _____ (Devguru Co., Ltd.) C:\Windows\system32\dgderapi.dll
2017-06-29 17:27 - 2016-05-18 14:49 - 000144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\system32\secman.dll
2017-06-29 17:26 - 2017-06-29 17:32 - 000000000 ____D C:\Program Files\Samsung
2017-06-29 17:26 - 2017-06-29 17:30 - 000000000 ____D C:\Users\Todos os Usuários\Samsung
2017-06-29 17:26 - 2017-06-29 17:30 - 000000000 ____D C:\ProgramData\Samsung
2017-06-29 17:17 - 2017-06-29 17:17 - 000000000 ____D C:\Users\PC\AppData\Local\Downloaded Installations
2017-06-29 16:19 - 2017-09-10 16:43 - 000000000 ____D C:\Users\Public\Documents\Evandro
2017-06-27 17:36 - 2017-06-27 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2017-06-27 17:14 - 2013-01-13 18:17 - 000009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:17 - 000002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:16 - 000010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:12 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:11 - 000005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:11 - 000005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:11 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:11 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:11 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-06-27 17:14 - 2013-01-13 17:31 - 001247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-27 17:14 - 2013-01-13 17:30 - 000906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-27 17:14 - 2013-01-13 17:22 - 001988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2017-06-27 17:14 - 2013-01-13 17:20 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2017-06-27 17:14 - 2013-01-13 17:09 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2017-06-27 17:14 - 2013-01-13 17:08 - 001504768 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2017-06-27 17:14 - 2013-01-13 17:08 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2017-06-27 17:14 - 2013-01-13 16:54 - 000604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2017-06-27 17:14 - 2013-01-13 16:53 - 000207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2017-06-27 17:14 - 2013-01-13 16:53 - 000187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-06-27 17:14 - 2013-01-13 16:48 - 000161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2017-06-27 17:14 - 2013-01-13 16:46 - 001080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2017-06-27 17:14 - 2013-01-13 16:43 - 001230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-06-27 17:14 - 2013-01-13 16:37 - 003419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-06-27 17:14 - 2013-01-13 16:02 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2017-06-27 17:14 - 2013-01-13 15:34 - 000364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2017-06-27 17:14 - 2013-01-13 14:26 - 001158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-06-27 17:14 - 2013-01-04 03:11 - 002284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2017-06-18 15:26 - 2017-08-20 22:50 - 000000000 ____D C:\Users\PC\AppData\Roaming\audacity
2017-06-18 15:26 - 2017-06-18 15:26 - 000000981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2017-06-18 15:26 - 2017-06-18 15:26 - 000000000 ____D C:\Users\PC\AppData\Local\Audacity
2017-06-18 15:25 - 2017-07-21 22:42 - 000000000 ____D C:\Program Files\Audacity
2017-06-15 08:50 - 2012-11-03 02:44 - 000000000 ____D C:\Users\Public\Documents\Sam e Crack
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-09-10 18:01 - 2011-02-04 14:30 - 001594940 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-10 18:01 - 2009-07-14 05:31 - 000704226 _____ C:\Windows\system32\prfh0416.dat
2017-09-10 18:01 - 2009-07-14 05:31 - 000146532 _____ C:\Windows\system32\prfc0416.dat
2017-09-10 18:01 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2017-09-10 16:43 - 2009-07-14 01:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-10 16:43 - 2009-07-14 01:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-10 16:34 - 2014-06-20 17:49 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2017-09-10 16:12 - 2016-08-18 19:08 - 000000000 _____ C:\Windows\system32\last.dump
2017-09-10 16:11 - 2014-06-18 09:09 - 000000194 _____ C:\Windows\Tasks\AutoKMS.job
2017-09-10 16:11 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-10 15:58 - 2014-06-17 14:47 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-09-10 15:58 - 2014-06-17 14:30 - 000001351 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-09-10 15:45 - 2016-08-26 11:39 - 000000000 ____D C:\Users\Todos os Usuários\winfirewall
2017-09-10 15:45 - 2016-08-26 11:39 - 000000000 ____D C:\ProgramData\winfirewall
2017-09-10 15:28 - 2016-09-04 09:48 - 000000000 ____D C:\Program Files\Google
2017-09-10 14:58 - 2014-06-18 08:41 - 000000000 ____D C:\Users\PC\AppData\Local\Google
2017-09-10 14:37 - 2016-11-04 22:35 - 000000000 ____D C:\Program Files\AVG
2017-09-10 14:37 - 2016-07-06 22:31 - 000000000 ____D C:\Users\Todos os Usuários\Avg
2017-09-10 14:37 - 2016-07-06 22:31 - 000000000 ____D C:\ProgramData\Avg
2017-09-10 14:36 - 2016-07-06 22:31 - 000000000 ____D C:\Users\PC\AppData\Local\AvgSetupLog
2017-09-10 13:34 - 2017-04-21 13:49 - 000000000 ____D C:\Users\PC\AppData\Local\SpacialAudio
2017-09-10 13:27 - 2017-04-26 17:21 - 000000000 ____D C:\Users\PC\Documents\Arquivos do Outlook
2017-09-10 13:26 - 2014-12-14 11:48 - 000002040 ____H C:\Users\PC\Documents\Default.rdp
2017-09-10 13:25 - 2016-02-06 09:43 - 000000000 ____D C:\Users\PC\AppData\Roaming\Skype
2017-09-10 12:31 - 2014-06-20 17:03 - 000000286 __RSH C:\Users\PC\ntuser.pol
2017-09-10 12:31 - 2014-06-17 14:30 - 000000000 ____D C:\Users\PC
2017-09-10 12:13 - 2009-07-13 23:37 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-09-10 09:43 - 2017-06-01 18:16 - 000000000 ____D C:\Users\Public\Documents\PQS
2017-09-10 00:16 - 2016-04-17 23:43 - 000000000 ____D C:\Users\Public\Documents\COLEGIO CONSTRUTIVO
2017-09-09 19:32 - 2015-04-17 10:38 - 000000000 ___RD C:\Users\PC\OneDrive
2017-09-08 20:55 - 2014-06-22 16:32 - 000000000 ____D C:\Users\PC\AppData\Local\Adobe
2017-09-07 17:58 - 2014-06-17 14:45 - 000000000 ____D C:\Users\Todos os Usuários\Adobe
2017-09-07 17:58 - 2014-06-17 14:45 - 000000000 ____D C:\ProgramData\Adobe
2017-08-26 09:52 - 2016-04-30 18:05 - 000000125 _____ C:\Users\PC\AppData\default.pls
2017-08-26 09:47 - 2016-09-04 09:57 - 000002048 _____ C:\Users\PC\AppData\Roaming\UserDataStore.db
2017-08-26 08:47 - 2009-07-14 01:33 - 000409368 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-26 08:45 - 2014-12-02 22:13 - 000000000 ____D C:\Program Files\TeamViewer
2017-08-26 08:35 - 2014-06-18 09:09 - 000109608 _____ C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2017-08-26 08:13 - 2016-02-06 09:42 - 000000000 ____D C:\Users\Todos os Usuários\Skype
2017-08-26 08:13 - 2016-02-06 09:42 - 000000000 ____D C:\ProgramData\Skype
2017-08-22 10:33 - 2017-01-17 22:16 - 000000000 ____D C:\Users\PC\AppData\Roaming\Kodi
2017-08-17 18:21 - 2013-11-27 18:21 - 000000000 ____D C:\Users\Public\Documents\Adely
==================== Arquivos na raiz de alguns diretórios =======
2005-05-29 14:15 - 2016-07-07 03:48 - 000032268 ____H () C:\Users\PC\AppData\Roaming\PClog.dat
2016-09-04 09:57 - 2017-08-26 09:47 - 000002048 _____ () C:\Users\PC\AppData\Roaming\UserDataStore.db
2017-09-10 12:09 - 2017-09-10 12:09 - 007327744 _____ () C:\Users\PC\AppData\Local\agent.dat
2017-09-10 12:09 - 2017-09-10 12:09 - 000070800 _____ () C:\Users\PC\AppData\Local\Config.xml
2017-09-10 12:09 - 2017-09-10 12:09 - 001895382 _____ () C:\Users\PC\AppData\Local\Fasekaytip.bin
2017-09-10 12:08 - 2017-09-10 12:08 - 000140800 _____ () C:\Users\PC\AppData\Local\installer.dat
2017-09-10 12:09 - 2017-09-10 12:09 - 000005568 _____ () C:\Users\PC\AppData\Local\md.xml
2017-09-10 12:09 - 2017-09-10 12:09 - 000126464 _____ () C:\Users\PC\AppData\Local\noah.dat
2017-04-09 13:24 - 2017-04-09 13:24 - 000007600 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2017-09-10 12:10 - 2017-09-10 12:10 - 000136834 _____ () C:\Users\PC\AppData\Local\Scottam.bin
2016-07-06 21:13 - 2016-07-06 21:14 - 000000046 _____ () C:\Users\PC\AppData\Local\Tempscratch.bat
2017-09-10 12:09 - 2017-09-10 12:07 - 002446336 _____ (TODO:) C:\Users\PC\AppData\Local\Traneco.exe
2017-09-10 12:09 - 2017-09-10 12:09 - 001899993 _____ () C:\Users\PC\AppData\Local\Traneco.tst
2017-09-10 12:10 - 2017-09-10 12:10 - 000001150 _____ () C:\Users\PC\AppData\Local\uninstall_temp.ico
2017-09-10 12:09 - 2017-09-10 12:09 - 000278507 _____ () C:\Users\PC\AppData\Local\Zuncore.bin
2017-04-21 13:47 - 2017-04-21 13:47 - 000004875 _____ () C:\ProgramData\auqrgqib.ttw
2015-02-25 20:26 - 2015-02-25 20:26 - 000000020 _____ () C:\ProgramData\bc.ini
2017-04-21 13:47 - 2017-04-21 13:47 - 000000016 _____ () C:\ProgramData\mntemp
2016-02-03 19:35 - 2016-02-03 19:35 - 000000020 _____ () C:\ProgramData\nbc.ini
Arquivos para serem movidos ou deletados:
====================
C:\Users\PC\AppData\Local\Temp\c8-dbb17-3e9-b2681-81a991a34156e\PYVGSCBOFI.exe
Alguns arquivos em TEMP:
====================
2017-06-15 17:20 - 2017-06-15 17:27 - 022213840 _____ (DsNET Corp ) C:\Users\PC\AppData\Local\Temp\atcMedia6321497547211.exe
2016-06-13 19:37 - 2016-06-13 19:37 - 000000000 _____ () C:\Users\PC\AppData\Local\Temp\GUR58CF.exe
2017-07-19 18:32 - 2017-07-19 18:32 - 000739904 _____ (Oracle Corporation) C:\Users\PC\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-09-10 11:21 - 2017-09-10 11:21 - 000109568 _____ () C:\Users\PC\AppData\Local\Temp\nsh1336.exe
2017-01-15 12:33 - 2017-01-15 12:33 - 000004608 _____ () C:\Users\PC\AppData\Local\Temp\qehhgvqx.dll
2017-01-07 11:39 - 2017-06-01 12:38 - 058128344 _____ (Skype Technologies S.A.) C:\Users\PC\AppData\Local\Temp\SkypeSetup.exe
2016-08-09 21:21 - 2016-08-09 21:21 - 000004608 _____ () C:\Users\PC\AppData\Local\Temp\srikf5ff.dll
2017-04-13 10:57 - 2017-04-13 10:57 - 014456872 _____ (Microsoft Corporation) C:\Users\PC\AppData\Local\Temp\vc_redist.x86.exe
2015-11-09 20:19 - 2015-11-09 20:20 - 028849904 _____ () C:\Users\PC\AppData\Local\Temp\vlc-2.2.1-win32.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
Executado por PC (administrador) em PC-PC (10-09-2017 18:12:20)
Executando a partir de C:\Users\PC\Downloads
Perfis Carregados: PC (Perfis Disponíveis: PC)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Nero AG) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Spotify Ltd) C:\Users\PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
() C:\Users\PC\AppData\Local\Temp\c8-dbb17-3e9-b2681-81a991a34156e\PYVGSCBOFI.exe
(Scopus Soluções em TI Ltda) C:\Program Files\scpbrad\scpbradserv.exe
(Scopus Soluções em TI Ltda) C:\Program Files\scpbrad\scpbradguard.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(mmn ltd) C:\Program Files\9axPpyfNmCWM\9axppyfnmcwm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-10] (AVAST Software)
HKLM\...\Run: [AVG_UI] => "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=av
HKLM\...\Run: [vProt] => "C:\Program Files\AVG Web TuneUp\vprot.exe"
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\...\Run: [Spotify Web Helper] => C:\Users\PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-13] (Spotify Ltd)
HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\...\Run: [PYVGSCBOFI.exe] => C:\Users\PC\AppData\Local\Temp\c8-dbb17-3e9-b2681-81a991a34156e\PYVGSCBOFI.exe [115712 2017-09-10] () <==== ATENÇÃO
HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\...\MountPoints2: {5e50eb23-18eb-11e4-86bc-eca86bb87168} - D:\iLinker.exe
HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\...\MountPoints2: {ba4b0551-f642-11e3-964d-806e6f6e6963} - E:\DriverPackSolution.exe
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinMySQLadmin.lnk [2017-04-29]
ShortcutTarget: WinMySQLadmin.lnk -> C:\mysql\bin\winmysqladmin.exe (Nenhum Arquivo)
GroupPolicy: Restrição - Chrome <==== ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AA1A2CA0-F21A-435D-8237-4C4536BA3D56}: [NameServer] 82.163.142.8,95.211.158.136
Tcpip\..\Interfaces\{AA1A2CA0-F21A-435D-8237-4C4536BA3D56}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B179C11B-DE94-4CA8-A6A2-912A6633BF3C}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqfDHrz5d6u8a_LeSi03nXgdPC7lDSXnWVbGhQOXwxN-nDANshB_HIeLU7KEAVmjEQ1RjClGDd90Hyl-KfJ8s0nDlYPnm-XsXpENEF7rmZ8J1NyCseYU4VGvIXBc3eebsbYGyC83BDG23GyMLsDRLB2-4uy3ViW6MhnHdhCu2&q={searchTerms}
HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
URLSearchHook: HKLM -> Padrão = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> DefaultScope valor está ausente
SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
SearchScopes: HKU\S-1-5-21-1576592163-1334127847-2756959924-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F351DA73-E765-49AB-B987-F0AB4E6A1D1A}&mid=669e9b8928e047d2ba643de12d5c989b-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0117tb&pr=fr&d=2016-12-13 17:45:31&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1576592163-1334127847-2756959924-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1576592163-1334127847-2756959924-1000 -> {83698346-683E-489E-95C7-93C16026DE6B} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=H9Azltpbl1BU,b115b5b4-c157-4e08-83f0-6811beec29c2,
SearchScopes: HKU\S-1-5-21-1576592163-1334127847-2756959924-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F351DA73-E765-49AB-B987-F0AB4E6A1D1A}&mid=669e9b8928e047d2ba643de12d5c989b-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0117tb&pr=fr&d=2016-12-13 17:45:31&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-16] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll => Nenhum Arquivo
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-16] (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ckodbp4w.default [2017-09-10]
FF NewTab: Mozilla\Firefox\Profiles\ckodbp4w.default -> hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=H9Azltpbl1BU,b115b5b4-c157-4e08-83f0-6811beec29c2,
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ckodbp4w.default ->
FF Homepage: Mozilla\Firefox\Profiles\ckodbp4w.default -> hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=H9Azltpbl1BU,b115b5b4-c157-4e08-83f0-6811beec29c2,
FF Keyword.URL: Mozilla\Firefox\Profiles\ckodbp4w.default -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=H9Azltpbl1BU,b115b5b4-c157-4e08-83f0-6811beec29c2,
FF Extension: (AVG Web TuneUp) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ckodbp4w.default\Extensions\avg@toolbar.xpi [2017-01-26]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\priberam.xml [2012-06-01]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\sapo.xml [2012-06-01]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wikipedia-ptpt.xml [2012-06-01]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wtu-secure-search.xml [2017-01-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-09] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-16] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2017-09-10]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-10]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-10]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-10]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-10]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-10]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-09-10]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-08]
CHR HKLM\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1576592163-1334127847-2756959924-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-10] (AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2013-11-15] (Intel Corporation)
R2 scpbradserv; C:\Program Files\scpbrad\scpbradserv.exe [1997792 2017-08-10] (Scopus Soluções em TI Ltda)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
S2 9axPpyfNmCWM Updater; C:\Program Files\9axPpyfNmCWM Updater\9axPpyfNmCWM Updater.exe [X]
S2 DMWin32UpdateSrv; %SystemRoot%\System32\normalmoon.dll [X]
S3 FirebirdServerDefaultInstance; "C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe" -s DefaultInstance [X]
S2 MySql; C:/mysql/bin/mysqld-nt.exe [X]
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-09-12] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-09-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-09-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-09-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-09-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-09-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [107648 2016-07-22] (Samsung Electronics Co., Ltd.)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [488808 2013-09-20] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24424 2013-09-20] (Intel Corporation)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-07-17] (Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [56432 2013-01-23] (Intel Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1702032 2014-07-04] (MediaTek Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [146048 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1846448 2013-05-10] (VIA Technologies, Inc.)
S1 Lace514; \SystemRoot\System32\drivers\Lace_wpf_x86.sys [X]
S3 SMUpdd; \??\C:\Program Files\Common Files\Noobzo\GNUpdate\smw.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 vonetframe; \??\C:\Windows\system32\drivers\vonetframe.sys [X]
S1 wfcre; system32\drivers\wfcre.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-09-10 18:08 - 2017-09-10 18:12 - 000045467 _____ C:\Users\PC\Downloads\Addition.txt
2017-09-10 18:03 - 2017-09-10 18:12 - 000017713 _____ C:\Users\PC\Downloads\FRST.txt
2017-09-10 18:02 - 2017-09-10 18:12 - 000000000 ____D C:\FRST
2017-09-10 18:01 - 2017-09-10 18:01 - 001793024 _____ (Farbar) C:\Users\PC\Downloads\FRST.exe
2017-09-10 17:43 - 2017-09-10 17:51 - 476183603 _____ C:\Users\PC\Downloads\CorelDRASuiteX7Installer 32.rar
2017-09-10 16:57 - 2017-09-10 18:03 - 000000000 ____D C:\Users\Todos os Usuários\CorelDRAW Graphics Suite X7
2017-09-10 16:57 - 2017-09-10 18:03 - 000000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7
2017-09-10 16:42 - 2017-09-10 16:42 - 000385024 _____ C:\Users\PC\Downloads\Keygen.exe
2017-09-10 16:41 - 2017-09-10 16:51 - 436690384 _____ (Acresso Software Inc. ) C:\Users\PC\Downloads\CorelDRAWGraphicsSuiteX7Installer_BR32Bit.exe
2017-09-10 15:52 - 2017-09-10 16:10 - 000000000 ____D C:\AdwCleaner
2017-09-10 15:29 - 2017-09-10 15:58 - 000002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-10 13:35 - 2017-09-10 13:35 - 000000000 ____H C:\Windows\system32\BITDEC2.tmp
2017-09-10 13:35 - 2017-09-10 13:35 - 000000000 ____H C:\Windows\system32\BIT1CE.tmp
2017-09-10 12:13 - 2017-09-10 12:13 - 000003010 __RSH C:\Users\Todos os Usuários\ntuser.pol
2017-09-10 12:13 - 2017-09-10 12:13 - 000003010 __RSH C:\ProgramData\ntuser.pol
2017-09-10 12:11 - 2017-09-10 12:12 - 000000000 ____D C:\Program Files\9axPpyfNmCWM
2017-09-10 12:10 - 2017-09-10 12:10 - 000136834 _____ () C:\Users\PC\AppData\Local\Scottam.bin
2017-09-10 12:09 - 2017-09-10 12:09 - 007327744 _____ C:\Users\PC\AppData\Local\agent.dat
2017-09-10 12:09 - 2017-09-10 12:09 - 001899993 _____ C:\Users\PC\AppData\Local\Traneco.tst
2017-09-10 12:09 - 2017-09-10 12:09 - 001895382 _____ C:\Users\PC\AppData\Local\Fasekaytip.bin
2017-09-10 12:09 - 2017-09-10 12:09 - 000278507 _____ C:\Users\PC\AppData\Local\Zuncore.bin
2017-09-10 12:09 - 2017-09-10 12:09 - 000126464 _____ C:\Users\PC\AppData\Local\noah.dat
2017-09-10 12:09 - 2017-09-10 12:09 - 000070800 _____ C:\Users\PC\AppData\Local\Config.xml
2017-09-10 12:09 - 2017-09-10 12:09 - 000005568 _____ C:\Users\PC\AppData\Local\md.xml
2017-09-10 12:09 - 2017-09-10 12:07 - 002446336 _____ (TODO:
2017-09-10 12:08 - 2017-09-10 12:08 - 000140800 _____ C:\Users\PC\AppData\Local\installer.dat
2017-09-10 12:07 - 2017-09-10 12:07 - 000031449 _____ C:\Windows\2f91d622db8900a781abe53270246e57.ps1
2017-09-08 20:53 - 2017-09-08 20:53 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-09-07 17:59 - 2017-09-08 20:52 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-09-07 17:59 - 2017-09-08 20:52 - 000000000 ____D C:\Program Files\Adobe
2017-09-07 13:25 - 2017-09-07 13:25 - 000483840 _____ C:\Windows\b6bcd6667f1329301f2c5b2d858dca37.exe
2017-09-07 13:25 - 2017-09-07 13:25 - 000039816 _____ C:\Windows\uninstaller.dat
2017-08-26 13:00 - 2017-08-26 13:00 - 000000000 ____D C:\Users\PC\AppData\Local\OnixSat_Rastreamento_de_V
2017-08-26 09:23 - 2017-08-26 08:44 - 000000000 ____D C:\Program Files\OnixSat
2017-08-23 18:42 - 2017-08-23 18:42 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-15 12:29 - 2017-08-20 15:42 - 000000000 ____D C:\Users\PC\Desktop\vandim
2017-08-10 18:39 - 2017-08-10 18:39 - 000000000 ____D C:\Users\Todos os Usuários\scpbrad
2017-08-10 18:39 - 2017-08-10 18:39 - 000000000 ____D C:\ProgramData\scpbrad
2017-08-10 18:39 - 2017-08-10 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Componente de Segurança Bradesco
2017-08-10 18:39 - 2017-08-10 18:39 - 000000000 ____D C:\Program Files\scpbrad
2017-08-04 23:59 - 2017-09-04 10:14 - 000000000 ____D C:\Users\PC\Desktop\Nova pasta
2017-07-23 08:23 - 2017-07-23 08:23 - 000000000 ____D C:\Program Files\Common Files\Skype
2017-07-21 22:24 - 2017-07-21 22:24 - 000000000 ____D C:\Users\PC\Documents\Audacity
2017-07-05 13:42 - 2017-07-05 13:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2017-07-05 13:42 - 2017-07-05 13:42 - 000000000 ____D C:\Program Files\DsNET Corp
2017-07-05 13:42 - 2013-05-23 09:52 - 000386560 _____ (Dart Communications) C:\Windows\system32\DartSecure2.dll
2017-07-05 13:42 - 2013-05-23 09:52 - 000234496 _____ (Dart Communications) C:\Windows\system32\DartCertificate.dll
2017-07-05 13:42 - 2013-05-06 13:17 - 000425472 _____ (Dart Communications) C:\Windows\system32\DartSock.dll
2017-07-05 13:42 - 2008-08-18 19:18 - 000077824 _____ (Fox Magic Software) C:\Windows\system32\fmcodec.DLL
2017-06-29 18:00 - 2016-07-22 04:21 - 000146048 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2017-06-29 18:00 - 2016-07-22 04:21 - 000107648 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2017-06-29 17:38 - 2017-06-29 17:38 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2017-06-29 17:35 - 2017-06-29 17:35 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-06-29 17:35 - 2017-06-29 17:35 - 000000000 ____D C:\Users\PC\AppData\Local\Samsung
2017-06-29 17:34 - 2017-06-29 17:34 - 000000000 ____D C:\Users\PC\Documents\samsung
2017-06-29 17:33 - 2017-06-29 17:34 - 000000000 ____D C:\Users\PC\AppData\Roaming\Samsung
2017-06-29 17:33 - 2016-07-22 04:21 - 001121040 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2017-06-29 17:33 - 2016-07-22 04:21 - 000589944 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2017-06-29 17:27 - 2017-06-29 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-06-29 17:27 - 2016-05-18 14:49 - 004659712 _____ (Dmitry Streblechenko) C:\Windows\system32\Redemption.dll
2017-06-29 17:27 - 2016-05-18 14:49 - 000821824 _____ (Devguru Co., Ltd.) C:\Windows\system32\dgderapi.dll
2017-06-29 17:27 - 2016-05-18 14:49 - 000144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\system32\secman.dll
2017-06-29 17:26 - 2017-06-29 17:32 - 000000000 ____D C:\Program Files\Samsung
2017-06-29 17:26 - 2017-06-29 17:30 - 000000000 ____D C:\Users\Todos os Usuários\Samsung
2017-06-29 17:26 - 2017-06-29 17:30 - 000000000 ____D C:\ProgramData\Samsung
2017-06-29 17:17 - 2017-06-29 17:17 - 000000000 ____D C:\Users\PC\AppData\Local\Downloaded Installations
2017-06-29 16:19 - 2017-09-10 16:43 - 000000000 ____D C:\Users\Public\Documents\Evandro
2017-06-27 17:36 - 2017-06-27 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2017-06-27 17:14 - 2013-01-13 18:17 - 000009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:17 - 000002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:16 - 000010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:12 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:11 - 000005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:11 - 000005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:11 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:11 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-06-27 17:14 - 2013-01-13 18:11 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-06-27 17:14 - 2013-01-13 17:31 - 001247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-27 17:14 - 2013-01-13 17:30 - 000906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-27 17:14 - 2013-01-13 17:22 - 001988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2017-06-27 17:14 - 2013-01-13 17:20 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2017-06-27 17:14 - 2013-01-13 17:09 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2017-06-27 17:14 - 2013-01-13 17:08 - 001504768 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2017-06-27 17:14 - 2013-01-13 17:08 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2017-06-27 17:14 - 2013-01-13 16:54 - 000604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2017-06-27 17:14 - 2013-01-13 16:53 - 000207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2017-06-27 17:14 - 2013-01-13 16:53 - 000187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-06-27 17:14 - 2013-01-13 16:48 - 000161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2017-06-27 17:14 - 2013-01-13 16:46 - 001080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2017-06-27 17:14 - 2013-01-13 16:43 - 001230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-06-27 17:14 - 2013-01-13 16:37 - 003419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-06-27 17:14 - 2013-01-13 16:02 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2017-06-27 17:14 - 2013-01-13 15:34 - 000364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2017-06-27 17:14 - 2013-01-13 14:26 - 001158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-06-27 17:14 - 2013-01-04 03:11 - 002284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2017-06-18 15:26 - 2017-08-20 22:50 - 000000000 ____D C:\Users\PC\AppData\Roaming\audacity
2017-06-18 15:26 - 2017-06-18 15:26 - 000000981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2017-06-18 15:26 - 2017-06-18 15:26 - 000000000 ____D C:\Users\PC\AppData\Local\Audacity
2017-06-18 15:25 - 2017-07-21 22:42 - 000000000 ____D C:\Program Files\Audacity
2017-06-15 08:50 - 2012-11-03 02:44 - 000000000 ____D C:\Users\Public\Documents\Sam e Crack
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-09-10 18:01 - 2011-02-04 14:30 - 001594940 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-10 18:01 - 2009-07-14 05:31 - 000704226 _____ C:\Windows\system32\prfh0416.dat
2017-09-10 18:01 - 2009-07-14 05:31 - 000146532 _____ C:\Windows\system32\prfc0416.dat
2017-09-10 18:01 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2017-09-10 16:43 - 2009-07-14 01:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-10 16:43 - 2009-07-14 01:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-10 16:34 - 2014-06-20 17:49 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2017-09-10 16:12 - 2016-08-18 19:08 - 000000000 _____ C:\Windows\system32\last.dump
2017-09-10 16:11 - 2014-06-18 09:09 - 000000194 _____ C:\Windows\Tasks\AutoKMS.job
2017-09-10 16:11 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-10 15:58 - 2014-06-17 14:47 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-09-10 15:58 - 2014-06-17 14:30 - 000001351 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-09-10 15:45 - 2016-08-26 11:39 - 000000000 ____D C:\Users\Todos os Usuários\winfirewall
2017-09-10 15:45 - 2016-08-26 11:39 - 000000000 ____D C:\ProgramData\winfirewall
2017-09-10 15:28 - 2016-09-04 09:48 - 000000000 ____D C:\Program Files\Google
2017-09-10 14:58 - 2014-06-18 08:41 - 000000000 ____D C:\Users\PC\AppData\Local\Google
2017-09-10 14:37 - 2016-11-04 22:35 - 000000000 ____D C:\Program Files\AVG
2017-09-10 14:37 - 2016-07-06 22:31 - 000000000 ____D C:\Users\Todos os Usuários\Avg
2017-09-10 14:37 - 2016-07-06 22:31 - 000000000 ____D C:\ProgramData\Avg
2017-09-10 14:36 - 2016-07-06 22:31 - 000000000 ____D C:\Users\PC\AppData\Local\AvgSetupLog
2017-09-10 13:34 - 2017-04-21 13:49 - 000000000 ____D C:\Users\PC\AppData\Local\SpacialAudio
2017-09-10 13:27 - 2017-04-26 17:21 - 000000000 ____D C:\Users\PC\Documents\Arquivos do Outlook
2017-09-10 13:26 - 2014-12-14 11:48 - 000002040 ____H C:\Users\PC\Documents\Default.rdp
2017-09-10 13:25 - 2016-02-06 09:43 - 000000000 ____D C:\Users\PC\AppData\Roaming\Skype
2017-09-10 12:31 - 2014-06-20 17:03 - 000000286 __RSH C:\Users\PC\ntuser.pol
2017-09-10 12:31 - 2014-06-17 14:30 - 000000000 ____D C:\Users\PC
2017-09-10 12:13 - 2009-07-13 23:37 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-09-10 09:43 - 2017-06-01 18:16 - 000000000 ____D C:\Users\Public\Documents\PQS
2017-09-10 00:16 - 2016-04-17 23:43 - 000000000 ____D C:\Users\Public\Documents\COLEGIO CONSTRUTIVO
2017-09-09 19:32 - 2015-04-17 10:38 - 000000000 ___RD C:\Users\PC\OneDrive
2017-09-08 20:55 - 2014-06-22 16:32 - 000000000 ____D C:\Users\PC\AppData\Local\Adobe
2017-09-07 17:58 - 2014-06-17 14:45 - 000000000 ____D C:\Users\Todos os Usuários\Adobe
2017-09-07 17:58 - 2014-06-17 14:45 - 000000000 ____D C:\ProgramData\Adobe
2017-08-26 09:52 - 2016-04-30 18:05 - 000000125 _____ C:\Users\PC\AppData\default.pls
2017-08-26 09:47 - 2016-09-04 09:57 - 000002048 _____ C:\Users\PC\AppData\Roaming\UserDataStore.db
2017-08-26 08:47 - 2009-07-14 01:33 - 000409368 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-26 08:45 - 2014-12-02 22:13 - 000000000 ____D C:\Program Files\TeamViewer
2017-08-26 08:35 - 2014-06-18 09:09 - 000109608 _____ C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2017-08-26 08:13 - 2016-02-06 09:42 - 000000000 ____D C:\Users\Todos os Usuários\Skype
2017-08-26 08:13 - 2016-02-06 09:42 - 000000000 ____D C:\ProgramData\Skype
2017-08-22 10:33 - 2017-01-17 22:16 - 000000000 ____D C:\Users\PC\AppData\Roaming\Kodi
2017-08-17 18:21 - 2013-11-27 18:21 - 000000000 ____D C:\Users\Public\Documents\Adely
==================== Arquivos na raiz de alguns diretórios =======
2005-05-29 14:15 - 2016-07-07 03:48 - 000032268 ____H () C:\Users\PC\AppData\Roaming\PClog.dat
2016-09-04 09:57 - 2017-08-26 09:47 - 000002048 _____ () C:\Users\PC\AppData\Roaming\UserDataStore.db
2017-09-10 12:09 - 2017-09-10 12:09 - 007327744 _____ () C:\Users\PC\AppData\Local\agent.dat
2017-09-10 12:09 - 2017-09-10 12:09 - 000070800 _____ () C:\Users\PC\AppData\Local\Config.xml
2017-09-10 12:09 - 2017-09-10 12:09 - 001895382 _____ () C:\Users\PC\AppData\Local\Fasekaytip.bin
2017-09-10 12:08 - 2017-09-10 12:08 - 000140800 _____ () C:\Users\PC\AppData\Local\installer.dat
2017-09-10 12:09 - 2017-09-10 12:09 - 000005568 _____ () C:\Users\PC\AppData\Local\md.xml
2017-09-10 12:09 - 2017-09-10 12:09 - 000126464 _____ () C:\Users\PC\AppData\Local\noah.dat
2017-04-09 13:24 - 2017-04-09 13:24 - 000007600 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2017-09-10 12:10 - 2017-09-10 12:10 - 000136834 _____ () C:\Users\PC\AppData\Local\Scottam.bin
2016-07-06 21:13 - 2016-07-06 21:14 - 000000046 _____ () C:\Users\PC\AppData\Local\Tempscratch.bat
2017-09-10 12:09 - 2017-09-10 12:07 - 002446336 _____ (TODO:
2017-09-10 12:09 - 2017-09-10 12:09 - 001899993 _____ () C:\Users\PC\AppData\Local\Traneco.tst
2017-09-10 12:10 - 2017-09-10 12:10 - 000001150 _____ () C:\Users\PC\AppData\Local\uninstall_temp.ico
2017-09-10 12:09 - 2017-09-10 12:09 - 000278507 _____ () C:\Users\PC\AppData\Local\Zuncore.bin
2017-04-21 13:47 - 2017-04-21 13:47 - 000004875 _____ () C:\ProgramData\auqrgqib.ttw
2015-02-25 20:26 - 2015-02-25 20:26 - 000000020 _____ () C:\ProgramData\bc.ini
2017-04-21 13:47 - 2017-04-21 13:47 - 000000016 _____ () C:\ProgramData\mntemp
2016-02-03 19:35 - 2016-02-03 19:35 - 000000020 _____ () C:\ProgramData\nbc.ini
Arquivos para serem movidos ou deletados:
====================
C:\Users\PC\AppData\Local\Temp\c8-dbb17-3e9-b2681-81a991a34156e\PYVGSCBOFI.exe
Alguns arquivos em TEMP:
====================
2017-06-15 17:20 - 2017-06-15 17:27 - 022213840 _____ (DsNET Corp ) C:\Users\PC\AppData\Local\Temp\atcMedia6321497547211.exe
2016-06-13 19:37 - 2016-06-13 19:37 - 000000000 _____ () C:\Users\PC\AppData\Local\Temp\GUR58CF.exe
2017-07-19 18:32 - 2017-07-19 18:32 - 000739904 _____ (Oracle Corporation) C:\Users\PC\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-09-10 11:21 - 2017-09-10 11:21 - 000109568 _____ () C:\Users\PC\AppData\Local\Temp\nsh1336.exe
2017-01-15 12:33 - 2017-01-15 12:33 - 000004608 _____ () C:\Users\PC\AppData\Local\Temp\qehhgvqx.dll
2017-01-07 11:39 - 2017-06-01 12:38 - 058128344 _____ (Skype Technologies S.A.) C:\Users\PC\AppData\Local\Temp\SkypeSetup.exe
2016-08-09 21:21 - 2016-08-09 21:21 - 000004608 _____ () C:\Users\PC\AppData\Local\Temp\srikf5ff.dll
2017-04-13 10:57 - 2017-04-13 10:57 - 014456872 _____ (Microsoft Corporation) C:\Users\PC\AppData\Local\Temp\vc_redist.x86.exe
2015-11-09 20:19 - 2015-11-09 20:20 - 028849904 _____ () C:\Users\PC\AppData\Local\Temp\vlc-2.2.1-win32.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente