cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:28-11-2015
Executado por isabella (administrador) em ISABELLA (29-11-2015 11:49:05)
Executando a partir de C:\Users\isabella\Desktop
Perfis Carregados: isabella & CONVIDADO01 (Perfis Disponíveis: isabella & CONVIDADO01 & Administrador & Convidado)
Platform: Windows 10 Home Single Language (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(TODO: ) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\wifitask.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\isabella\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6418.23501.0_x64__8wekyb3d8bbwe\HubTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-09-04] (Banco Itaú Unibanco)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-583024316-3517088077-1566585298-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd)
HKU\S-1-5-21-583024316-3517088077-1566585298-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-583024316-3517088077-1566585298-1001\...\Run: [Spotify Web Helper] => C:\Users\isabella\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-11-27] (Spotify Ltd)
HKU\S-1-5-21-583024316-3517088077-1566585298-1001\...\Run: [Spotify] => C:\Users\isabella\AppData\Roaming\Spotify\Spotify.exe [8270448 2015-11-27] (Spotify Ltd)
HKU\S-1-5-21-583024316-3517088077-1566585298-1001\...\RunOnce: [Uninstall C:\Users\isabella\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\isabella\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-583024316-3517088077-1566585298-1001\...\RunOnce: [Uninstall C:\Users\isabella\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\isabella\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-583024316-3517088077-1566585298-1010\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1104384 2014-03-22] (Spotify Ltd)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1896696 2015-09-04] (Banco Itaú Unibanco)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2702186f-3278-4076-985a-1ac2dfe523bf}: [DhcpNameServer] 127.0.0.1
Tcpip\..\Interfaces\{ed98bb5e-6169-40e4-8a5e-21c14355c490}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{ed98bb5e-6169-40e4-8a5e-21c14355c490}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-583024316-3517088077-1566585298-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-583024316-3517088077-1566585298-1010\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-583024316-3517088077-1566585298-1010\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-583024316-3517088077-1566585298-1001 -> DefaultScope {20DAF68B-C82C-471F-963F-B90722A3CEBD} URL =
SearchScopes: HKU\S-1-5-21-583024316-3517088077-1566585298-1001 -> {20DAF68B-C82C-471F-963F-B90722A3CEBD} URL =
SearchScopes: HKU\S-1-5-21-583024316-3517088077-1566585298-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-15] (Microsoft Corporation)
BHO-x32: Sem Nome -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> Nenhum Arquivo
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2015-09-04] (Banco Itaú Unibanco)
BHO-x32: Sem Nome -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Nenhum Arquivo
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\isabella\AppData\Roaming\Mozilla\Firefox\Profiles\m4izunpa.default-1447540609073
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-14] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\isabella\AppData\Roaming\Mozilla\Firefox\Profiles\m4izunpa.default-1447540609073\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-25]

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Profile: C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-08]
CHR Extension: (Google Docs) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-08]
CHR Extension: (Google Drive) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Super Animes - Dragon Ball Z) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfockllnekmckgpanpkhfopkonbkdoa [2015-08-08]
CHR Extension: (Adblock Plus) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-24]
CHR Extension: (Google Search) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-08-08]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2015-08-08]
CHR Extension: (Planilhas do Google) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-08]
CHR Extension: (Documentos Google off-line) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (AdBlock) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-24]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-28]
CHR Extension: (TumTaster) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\nanfbkacbckngfcklahdgfagjlghfbgm [2015-08-08]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-08]
CHR Extension: (Gmail) - C:\Users\isabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-08]
CHR HKU\S-1-5-21-583024316-3517088077-1566585298-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: ) [Arquivo não assinado]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [587576 2015-08-12] (GAS Tecnologia)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 athr; C:\Windows\System32\drivers\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-08-09] (Disc Soft Ltd)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-11-29] ()
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2015-11-26] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-04] (GAS Tecnologia)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-04] (GAS Tecnologia LTDA)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-04-01] (Basil)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2015-11-29 11:43 - 2015-11-29 11:45 - 00042967 _____ C:\Users\isabella\Desktop\Addition.txt
2015-11-29 11:40 - 2015-11-29 11:49 - 00021183 _____ C:\Users\isabella\Desktop\FRST.txt
2015-11-29 11:40 - 2015-11-29 11:49 - 00000000 ____D C:\FRST
2015-11-29 11:39 - 2015-11-29 11:39 - 02349056 _____ (Farbar) C:\Users\isabella\Desktop\FRST64.exe
2015-11-29 11:38 - 2015-11-29 11:38 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2015-11-29 11:38 - 2015-11-29 11:38 - 00000000 ____D C:\Program Files\Enigma Software Group
2015-11-29 11:16 - 2015-11-29 11:16 - 00016148 _____ C:\WINDOWS\system32\ISABELLA_isabella_HistoryPrediction.bin
2015-11-29 11:16 - 2015-11-29 11:16 - 00016148 _____ C:\WINDOWS\system32\ISABELLA_CONVIDADO01_HistoryPrediction.bin
2015-11-28 21:05 - 2015-11-28 22:56 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Roaming\Spotify
2015-11-28 21:05 - 2015-11-28 21:06 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Local\Spotify
2015-11-27 19:16 - 2015-11-27 19:16 - 00000000 ____D C:\Users\isabella\Downloads\25
2015-11-27 18:38 - 2015-11-27 19:16 - 00000000 ____D C:\Users\isabella\Downloads\21
2015-11-27 01:23 - 2015-11-27 01:30 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Local\Mozilla
2015-11-27 01:23 - 2015-11-27 01:24 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Roaming\Mozilla
2015-11-24 20:59 - 2015-11-24 20:59 - 04062327 _____ C:\Users\isabella\Downloads\danilo_marcondes_iniciacao_a_historia_da_filosofia_i_unidade.pdf
2015-11-24 18:23 - 2015-11-24 18:23 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-11-24 17:55 - 2015-11-24 17:55 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe
2015-11-24 17:55 - 2015-11-24 17:55 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll
2015-11-24 17:54 - 2015-11-29 11:44 - 00000000 ____D C:\Program Files\KMSpico
2015-11-24 17:23 - 2015-11-24 17:24 - 04565672 _____ (Microsoft Corporation) C:\Users\isabella\Downloads\Setup.x64.pt-br_ProfessionalRetail_NKGG6-WBPCC-HXWMY-6DQGJ-CPQVG_act_1_.exe
2015-11-23 14:47 - 2015-11-23 14:47 - 00232743 _____ C:\Users\isabella\Downloads\gabarito-lista-4-_2011_.pdf
2015-11-22 09:58 - 2015-11-22 11:28 - 00000000 ____D C:\Users\isabella\Documents\Livro Digital Saraiva
2015-11-20 18:59 - 2015-11-20 18:59 - 00035099 _____ C:\Users\isabella\Downloads\Boleto_3E850BDD.pdf
2015-11-20 17:55 - 2015-11-20 17:55 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Roaming\HpUpdate
2015-11-19 23:33 - 2015-11-27 20:23 - 00000000 ____D C:\Users\isabella\AppData\Local\Spotify
2015-11-19 23:33 - 2015-11-27 19:22 - 00000000 ____D C:\Users\isabella\AppData\Roaming\Spotify
2015-11-18 17:50 - 2015-11-18 17:50 - 00000000 ____D C:\Users\Todos os Usuários\Avg_Update_0615pit
2015-11-18 17:50 - 2015-11-18 17:50 - 00000000 ____D C:\ProgramData\Avg_Update_0615pit
2015-11-18 17:46 - 2015-11-18 17:46 - 00000000 ____D C:\Users\isabella\AppData\Roaming\AVG
2015-11-18 17:45 - 2015-11-18 17:45 - 00000000 ____D C:\Users\isabella\AppData\Roaming\TuneUp Software
2015-11-18 17:40 - 2015-11-18 18:12 - 00000000 ____D C:\Users\Todos os Usuários\Avg
2015-11-18 17:40 - 2015-11-18 18:12 - 00000000 ____D C:\ProgramData\Avg
2015-11-18 17:39 - 2015-11-18 18:12 - 00000000 ____D C:\Users\isabella\AppData\Local\Avg
2015-11-18 17:39 - 2015-11-18 18:10 - 00000000 ____D C:\Users\isabella\AppData\Local\AvgSetupLog
2015-11-18 17:38 - 2015-11-18 18:12 - 00000000 ____D C:\Users\Todos os Usuários\MFAData
2015-11-18 17:38 - 2015-11-18 18:12 - 00000000 ____D C:\ProgramData\MFAData
2015-11-18 17:38 - 2015-11-18 17:38 - 00000000 ____D C:\Users\isabella\AppData\Local\MFAData
2015-11-18 17:38 - 2015-11-18 17:38 - 00000000 ____D C:\Users\isabella\AppData\Local\Avg2015
2015-11-15 12:45 - 2015-11-15 12:49 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-15 12:33 - 2015-11-28 17:01 - 00003804 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-11-15 12:33 - 2015-11-18 17:53 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2015-11-15 12:33 - 2015-11-18 17:53 - 00000000 ____D C:\ProgramData\AVAST Software
2015-11-15 12:33 - 2015-11-15 12:41 - 00000000 ____D C:\WINDOWS\AutoKMS
2015-11-15 12:30 - 2015-11-15 12:30 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Toolkit
2015-11-15 12:30 - 2015-11-15 12:30 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2015-11-15 10:43 - 2015-11-15 12:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-13 12:11 - 2015-11-13 12:11 - 00246238 _____ C:\Users\CONVIDADO01\Downloads\Minha Conta - Meus Pedidos - Netshoes - Viva o esporte..html
2015-11-13 12:11 - 2015-11-13 12:11 - 00000000 ____D C:\Users\CONVIDADO01\Downloads\Minha Conta - Meus Pedidos - Netshoes - Viva o esporte._files
2015-11-11 17:18 - 2015-11-11 17:18 - 00000784 _____ C:\Users\CONVIDADO01\Downloads\UPENET_IAUPE - Concursos do Instituto de Apoio a Universidade de Pernambuco.html
2015-11-11 17:18 - 2015-11-11 17:18 - 00000000 ____D C:\Users\CONVIDADO01\Downloads\UPENET_IAUPE - Concursos do Instituto de Apoio a Universidade de Pernambuco_files
2015-11-10 20:28 - 2015-11-10 20:29 - 00935160 _____ (Program Web Application ) C:\Users\CONVIDADO01\Downloads\MediaDownloaderSetup.exe.a97u45r.partial
2015-11-08 03:02 - 2015-11-08 03:02 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Roaming\Macromedia
2015-11-07 12:34 - 2015-11-07 12:34 - 00000000 ____D C:\Users\isabella\AppData\Local\CEF
2015-11-07 11:36 - 2015-11-28 15:59 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-07 11:36 - 2015-11-07 11:36 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-06 12:35 - 2015-11-08 03:02 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Local\MicrosoftEdge
2015-11-04 20:08 - 2015-11-04 20:09 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Local\Comms
2015-11-03 21:00 - 2015-11-03 21:00 - 00016148 _____ C:\WINDOWS\system32\ISABELLA_Cristina_HistoryPrediction.bin
2015-11-03 20:58 - 2015-11-03 20:59 - 00002362 _____ C:\Users\CONVIDADO01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-03 20:58 - 2015-11-03 20:59 - 00000000 ___RD C:\Users\CONVIDADO01\OneDrive
2015-11-03 20:56 - 2015-11-03 20:56 - 00001333 _____ C:\Users\CONVIDADO01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk
2015-11-03 20:54 - 2015-11-03 20:54 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Local\Publishers
2015-11-03 20:52 - 2015-11-06 12:26 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Local\clear.fi
2015-11-03 20:52 - 2015-11-03 20:52 - 00000000 ____D C:\Users\CONVIDADO01\PicStream
2015-11-03 20:52 - 2015-11-03 20:52 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Local\NetworkTiles
2015-11-03 20:51 - 2015-11-03 20:51 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Local\VirtualStore
2015-11-03 20:50 - 2015-11-29 11:09 - 00000000 __SHD C:\Users\CONVIDADO01\IntelGraphicsProfiles
2015-11-03 20:50 - 2015-11-14 14:35 - 00000000 ____D C:\Users\CONVIDADO01
2015-11-03 20:50 - 2015-11-06 12:41 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Local\Packages
2015-11-03 20:50 - 2015-11-03 21:07 - 00002334 _____ C:\Users\CONVIDADO01\Desktop\Google Chrome.lnk
2015-11-03 20:50 - 2015-11-03 20:50 - 00000020 ___SH C:\Users\CONVIDADO01\ntuser.ini
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 _SHDL C:\Users\CONVIDADO01\Modelos
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 _SHDL C:\Users\CONVIDADO01\Meus Documentos
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 _SHDL C:\Users\CONVIDADO01\Menu Iniciar
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 _SHDL C:\Users\CONVIDADO01\Documents\Minhas Músicas
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 _SHDL C:\Users\CONVIDADO01\Documents\Minhas Imagens
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 _SHDL C:\Users\CONVIDADO01\Documents\Meus Vídeos
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 _SHDL C:\Users\CONVIDADO01\Dados de Aplicativos
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 _SHDL C:\Users\CONVIDADO01\Configurações Locais
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 _SHDL C:\Users\CONVIDADO01\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 _SHDL C:\Users\CONVIDADO01\AppData\Local\Histórico
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 _SHDL C:\Users\CONVIDADO01\AppData\Local\Dados de Aplicativos
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 _SHDL C:\Users\CONVIDADO01\Ambiente de Rede
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 _SHDL C:\Users\CONVIDADO01\Ambiente de Impressão
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Roaming\Adobe
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Local\TileDataLayer
2015-11-03 20:50 - 2015-11-03 20:50 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Local\Google
2015-11-03 20:50 - 2015-10-18 17:52 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Local\Pokki
2015-11-03 20:50 - 2015-10-18 17:52 - 00000000 ____D C:\Users\CONVIDADO01\AppData\Local\Microsoft Help
2015-11-02 09:23 - 2015-11-02 09:23 - 00000000 ____D C:\Users\isabella\AppData\LocalLow\BitTorrent
2015-11-01 05:52 - 2015-11-01 05:52 - 00625848 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2015-11-01 05:52 - 2015-11-01 05:52 - 00430264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2015-11-01 05:52 - 2015-11-01 05:52 - 00381128 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2015-11-01 05:52 - 2015-11-01 05:52 - 00323792 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2015-11-01 05:52 - 2015-11-01 05:52 - 00257736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2015-11-01 05:52 - 2015-11-01 05:52 - 00234192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2015-11-01 05:52 - 2015-11-01 05:52 - 00079544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2015-11-01 05:52 - 2015-11-01 05:52 - 00075960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2021-10-21 11:36 - 2014-03-22 01:59 - 00000852 _____ C:\WINDOWS\system32\Drivers\RTKHDRC.dat
2021-10-04 05:34 - 2014-03-22 01:59 - 00000712 _____ C:\WINDOWS\system32\Drivers\RTMICEQ0.dat
2015-11-29 11:46 - 2015-07-10 07:47 - 00000000 ____D C:\Windows
2015-11-29 11:41 - 2015-08-08 23:24 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-29 11:16 - 2015-10-18 18:28 - 00000000 __SHD C:\Users\isabella\IntelGraphicsProfiles
2015-11-29 11:16 - 2015-08-08 23:24 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-28 22:57 - 2015-10-18 17:41 - 00000000 ____D C:\Users\isabella
2015-11-28 22:57 - 2015-08-09 16:03 - 00000000 ____D C:\Program Files\Microsoft Office
2015-11-28 22:56 - 2015-07-30 20:42 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2015-11-28 22:56 - 2015-07-30 20:42 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-28 22:56 - 2015-07-30 20:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-28 19:45 - 2015-08-27 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-11-27 13:09 - 2015-10-18 18:36 - 00000000 ____D C:\Users\isabella\AppData\Local\Deployment
2015-11-27 13:09 - 2014-09-24 19:47 - 00000000 ____D C:\Users\isabella\AppData\Local\Packages
2015-11-26 23:12 - 2015-07-30 20:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-26 23:03 - 2015-10-11 23:42 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2015-11-26 23:03 - 2015-10-11 23:42 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2015-11-26 23:03 - 2015-07-30 19:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-26 23:02 - 2015-07-10 07:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-11-26 22:58 - 2015-07-30 20:42 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-25 20:40 - 2015-08-21 18:23 - 00000000 ____D C:\Users\isabella\Downloads\DIREITO
2015-11-24 21:11 - 2015-07-30 19:49 - 00349568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-24 19:51 - 2015-07-30 20:40 - 00000000 ____D C:\WINDOWS\INF
2015-11-20 00:13 - 2015-07-30 20:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-18 18:09 - 2015-07-30 20:42 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-11-18 17:50 - 2015-07-10 07:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-11-18 17:36 - 2015-09-28 21:06 - 00000000 ____D C:\Program Files (x86)\ABC 3GP Converter
2015-11-17 21:50 - 2015-07-30 20:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-16 23:49 - 2015-07-30 20:42 - 00000000 ____D C:\WINDOWS\rescache
2015-11-15 12:38 - 2015-08-27 15:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-14 20:42 - 2015-08-27 15:49 - 00000000 ____D C:\Users\isabella\AppData\Local\Mozilla
2015-11-14 20:33 - 2015-10-18 18:28 - 00000000 ____D C:\Users\isabella\AppData\Local\Comms
2015-11-09 22:47 - 2015-10-18 18:04 - 01810446 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-09 22:47 - 2015-09-10 03:05 - 00782022 _____ C:\WINDOWS\system32\prfh0416.dat
2015-11-09 22:47 - 2015-09-10 03:05 - 00153010 _____ C:\WINDOWS\system32\prfc0416.dat
2015-11-08 14:28 - 2015-08-29 00:12 - 00000000 ____D C:\Users\isabella\AppData\Roaming\BitTorrent
2015-11-07 15:08 - 2015-10-02 18:18 - 00000000 ____D C:\Users\isabella\AppData\Roaming\vlc
2015-11-07 12:34 - 2015-08-16 15:33 - 00000000 ____D C:\Users\isabella\AppData\Local\Adobe
2015-11-07 11:37 - 2015-08-10 10:38 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-07 11:36 - 2015-08-09 15:54 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2015-11-07 11:36 - 2015-08-09 15:54 - 00000000 ____D C:\ProgramData\Adobe
2015-11-05 16:35 - 2015-08-08 23:18 - 00000000 ____D C:\Users\isabella\AppData\Local\ElevatedDiagnostics
2015-11-03 21:00 - 2014-10-05 11:00 - 00000000 __RDO C:\Users\isabella\OneDrive
2015-11-03 20:51 - 2015-09-10 03:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-11-03 20:46 - 2015-10-17 14:11 - 00000000 ____D C:\Users\isabella\AppData\Roaming\PhotoScape
2015-11-03 20:45 - 2015-10-18 18:34 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-03 20:44 - 2015-07-30 20:42 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-11-03 16:20 - 2015-07-30 20:43 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 16:20 - 2015-07-30 20:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-03 15:42 - 2015-10-18 21:42 - 00002380 _____ C:\Users\Cristina.Isabella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-03 15:42 - 2015-10-18 21:42 - 00000000 ___RD C:\Users\Cristina.Isabella\OneDrive
2015-11-02 20:56 - 2015-10-18 18:39 - 00002353 _____ C:\Users\isabella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-02 15:00 - 2015-08-09 16:03 - 00000000 ____D C:\Users\isabella\AppData\Local\Microsoft Help
2015-11-02 09:19 - 2015-08-28 13:51 - 00000000 ___RD C:\Users\isabella\Google Drive
2015-11-01 20:55 - 2015-10-18 17:41 - 00000000 ____D C:\Users\Cristina.Isabella
2015-10-31 02:21 - 2015-07-30 20:42 - 00000000 ____D C:\WINDOWS\system32\appraiser

==================== Arquivos na raiz de alguns diretórios =======

2015-08-27 19:55 - 2015-08-27 19:55 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-10-18 17:38 - 2015-10-18 17:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Alguns arquivos em TEMP:
====================
C:\Users\isabella\AppData\Local\Temp\EsgInstallerx64Stub.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2015-11-22 23:09

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité