cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:09-12-2015
Executado por Imoby7 (administrador) em IMOBY7-PC (10-12-2015 17:39:18)
Executando a partir de C:\Temp
Perfis Carregados: Imoby7 (Perfis Disponíveis: Imoby7 & UpdatusUser)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(Hagel Technologies Ltd) C:\Program Files\DU Meter\DUMeterSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(TODO: <公司名>) C:\ProgramData\upgsvr.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek) C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
() C:\Program Files\659B521F-1449764692-DF91-5146-10C37BC4965D\jnsb1C9A.tmp
() C:\Program Files\659B521F-1449764692-DF91-5146-10C37BC4965D\knsg27F.tmpfs
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hagel Technologies Ltd) C:\Program Files\DU Meter\DUMeter.exe
() C:\Program Files\659B521F-1449764692-DF91-5146-10C37BC4965D\hnsl353A.tmp
() C:\Program Files\Ditto\Ditto.exe
(Sand Studio) C:\Program Files\AirDroid\AirDroid.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Pushbullet inc) C:\Program Files\Pushbullet\pushbullet.exe
() C:\Users\Imoby7\AppData\Local\Temp\carssn.exe
(Pushbullet Inc) C:\Users\Imoby7\AppData\Local\Pushbullet\bin\pushbullet_client.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(PZ) C:\Program Files\Yeaplayer\Yeaplayermd.exe
() C:\Users\Imoby7\AppData\Roaming\XBox\XBLive.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [506592 2015-09-25] (GAS Tecnologia LTDA)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [36713096 2015-11-04] (Dropbox, Inc.)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [937592 2015-10-09] (BlueStack Systems, Inc.)
HKLM\...\Run: [HomePageHelper] => C:\Users\Imoby7\AppData\Local\Temp\HomePage.exe [1100288 2015-12-10] () <===== ATENÇÃO
HKLM\...\Run: [LightGate] => C:\Users\Imoby7\AppData\Local\Temp\LightGate.exe [1081344 2015-12-10] () <===== ATENÇÃO
Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
HKU\S-1-5-21-514438855-2747877827-1704832415-1001\...\Run: [DU Meter] => C:\Program Files\DU Meter\DUMeter.exe [1030144 2009-03-13] (Hagel Technologies Ltd)
HKU\S-1-5-21-514438855-2747877827-1704832415-1001\...\Run: [Ditto] => C:\Program Files\Ditto\Ditto.exe [1572864 2014-06-06] ()
HKU\S-1-5-21-514438855-2747877827-1704832415-1001\...\Run: [AirDroid 3] => C:\Program Files\AirDroid\AirDroid.exe [7387648 2015-11-20] (Sand Studio)
HKU\S-1-5-21-514438855-2747877827-1704832415-1001\...\Run: [Pushbullet] => C:\Program Files\Pushbullet\pushbullet.exe [345600 2015-07-01] (Pushbullet inc)
HKU\S-1-5-21-514438855-2747877827-1704832415-1001\...\Run: [YeaInstaller] => C:\Users\Imoby7\AppData\Local\Temp\is-8A0UN.tmp\pyeaplayer_soft_partner.exe [2251264 2015-12-10] (TZ) <===== ATENÇÃO
HKU\S-1-5-21-514438855-2747877827-1704832415-1001\...\Run: [-] => C:\Users\Imoby7\AppData\Local\Temp\carssn.exe [1923584 2015-12-10] () <===== ATENÇÃO
HKU\S-1-5-21-514438855-2747877827-1704832415-1001\...\Run: [Yeaplayer] => C:\Program Files\Yeaplayer\Yeaplayermd.exe [2932736 2015-09-10] (PZ)
HKU\S-1-5-21-514438855-2747877827-1704832415-1001\...\MountPoints2: {7d372dd4-6b6c-11e5-89a2-00e04c811157} - H:\SISetup.exe
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES\GbPlugin\gbieh.dll [1945472 2015-10-20] (Banco do Brasil)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-11-04] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: 127.0.0.1 down.baidu2016.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F074C71-837B-4083-A6F6-E3C98E74E54D}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{7F074C71-837B-4083-A6F6-E3C98E74E54D}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{9028270F-1A54-47AF-B3AE-461A9832374D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A7287278-EEE1-4446-BACB-2CA90CD97627}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nav.brotlab.net?uid={4618c7fa7aa14373a347e93a612be53e}&r=102br
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nav.brotlab.net?uid={4618c7fa7aa14373a347e93a612be53e}&r=102br
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-514438855-2747877827-1704832415-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-514438855-2747877827-1704832415-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nav.brotlab.net?uid={4618c7fa7aa14373a347e93a612be53e}&r=102br
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES\GBPLUGIN\gbieh.dll [2015-10-20] (Banco do Brasil)
IE Session Restore: HKU\S-1-5-21-514438855-2747877827-1704832415-1001 -> está habilitado.

FireFox:
========
FF ProfilePath: C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default
FF Homepage: hxxp://nav.brotlab.net?uid={4618c7fa7aa14373a347e93a612be53e}&r=102br
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF SearchPlugin: C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\searchplugins\navegaki.xml [2015-12-10]
FF Extension: Tab Mix Plus - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-10-05]
FF Extension: Download Manager Tweak - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi [2015-10-05]
FF Extension: WhatsApp Panel - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\extensions\whatsapppanel@alejandrobrizuela.com.ar.xpi [2015-10-05]
FF Extension: Fess Google Bookmark Extension - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\extensions\GBE@fess16.blogspot.com.xpi [2015-10-05]
FF Extension: Search term highlighter - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\extensions\{458482f0-90fb-4257-855f-0ba2790584f9}.xpi [2015-10-26]
FF Extension: YouTube™ Enhancer Plus - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\extensions\firefoxaddon@youtubeenhancer.com [2015-11-23]
FF Extension: FEBE - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-12-01]
FF Extension: Xmarks - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\Extensions\foxmarks@kei.com [2015-10-05]
FF Extension: Sem Nome - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\Extensions\jid0-hyjN250ZzTOOX3evFwwAQBxE4ik@jetpack.xpi [2015-10-05] [não assinado]
FF Extension: Dolphin Connect - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\Extensions\jid1-79nQAfjhUybb3A@jetpack.xpi [2015-10-05]
FF Extension: Pushbullet - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\Extensions\jid1-BYcQOfYfmBMd9A@jetpack.xpi [2015-12-05]
FF Extension: Google™ Translator - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\Extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi [2015-11-30]
FF Extension: YouTube™ Flash® Player - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2015-11-09]
FF Extension: Enable WhatsApp Web - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\Extensions\jid1-SDFC9fEAZRW7ab@jetpack.xpi [2015-10-05]
FF Extension: Multifox - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\Extensions\multifox@hultmann.xpi [2015-12-05]
FF Extension: Nimbus Screen Capture - editable screenshots. - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\Extensions\nimbusscreencaptureff@everhelper.me.xpi [2015-12-03]
FF Extension: The Addon Bar (restored) - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\Extensions\the-addon-bar@GeekInTraining-GiT.xpi [2015-10-05]
FF Extension: Capture & Print - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\Extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi [2015-10-09]
FF Extension: Garmin Communicator - C:\Users\Imoby7\AppData\Roaming\Mozilla\Firefox\Profiles\l9fac9t8.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-10-05]
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [não assinado]
FF HKLM\...\Firefox\Extensions: [{99B7BE9E-884C-4F6F-9C8C-A0717C49AD97}] - C:\Program Files\shopperz101220151638\Firefox\{99B7BE9E-884C-4F6F-9C8C-A0717C49AD97}.xpi => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [{161B5DD4-A261-42F4-8DF4-486262A84C9F}] - C:\Program Files\shopperz101220151409\Firefox\{161B5DD4-A261-42F4-8DF4-486262A84C9F}.xpi => não encontrado (a)
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe hxxp://nav.brotlab.net?uid={4618c7fa7aa14373a347e93a612be53e}&r=102br
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\!3C0EBEEC300E0C52CBDA6272BD5CD8643C0E.js [2015-12-10]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

"Warsaw Technology" => serviço foi desbloqueado. <===== ATENÇÃO

S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [441976 2015-10-09] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [421496 2015-10-09] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [867960 2015-10-09] (BlueStack Systems, Inc.)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-06] (Dropbox, Inc.)
R2 DUMeterSvc; C:\Program Files\DU Meter\DUMeterSvc.exe [503808 2009-03-13] (Hagel Technologies Ltd) [Arquivo não assinado]
R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 GoogleChromeUpService; C:\ProgramData\upgsvr.exe [1762304 2015-11-16] (TODO: <公司名>) [Arquivo não assinado]
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14652704 2013-11-14] (NVIDIA Corporation)
R2 Realtek11nSU; C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtlService.exe [45056 2010-01-21] (Realtek) [Arquivo não assinado]
R2 rizyqibe; C:\Program Files\659B521F-1449764692-DF91-5146-10C37BC4965D\jnsb1C9A.tmp [307712 2015-12-10] () [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [506592 2015-09-25] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 XBox; C:\Users\Imoby7\AppData\Roaming\XBox\XBLive.exe [7142328 2015-12-08] ()
R2 zizusyju; C:\Program Files\659B521F-1449764692-DF91-5146-10C37BC4965D\hnsl353A.tmp [817152 2015-12-10] () [Arquivo não assinado]
S2 hidekoqe; C:\Users\Imoby7\AppData\Local\659B521F-1449767509-DF91-5146-10C37BC4965D\qnscA4F8.tmp [X]
R2 sywywicy; C:\Program Files\659B521F-1449764692-DF91-5146-10C37BC4965D\knsg27F.tmpfs [X]
S2 UpdateSvc; "C:\Windows\Updatesvc.exe" [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [132216 2015-10-09] (BlueStack Systems)
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [49496 2015-08-19] (GAS Tecnologia)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-04-26] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [361968 2013-04-26] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [793072 2013-04-26] (Intel Corporation)
R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2015-10-05] (GAS Tecnologia)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [33568 2013-11-14] (NVIDIA Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert32.sys [31448 2015-07-07] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [80728 2015-12-10] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [79064 2015-03-18] (GAS Tecnologia)
S0 gbpddreg; system32\drivers\gbpddreg32.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2015-12-10 18:04 - 2015-12-10 18:04 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2015-12-10 18:04 - 2015-12-10 18:04 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2015-12-10 18:04 - 2015-12-10 18:04 - 00000000 ____D C:\Users\Todos os Usuários\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2015-12-10 18:04 - 2015-12-10 18:04 - 00000000 ____D C:\Users\Imoby7\AppData\Roaming\IObit
2015-12-10 18:04 - 2015-12-10 18:04 - 00000000 ____D C:\Users\Imoby7\AppData\Roaming\Apple Computer
2015-12-10 18:04 - 2015-12-10 18:04 - 00000000 ____D C:\Users\Imoby7\AppData\LocalLow\IObit
2015-12-10 18:04 - 2015-12-10 18:04 - 00000000 ____D C:\ProgramData\ProductData
2015-12-10 18:04 - 2015-12-10 18:04 - 00000000 ____D C:\ProgramData\IObit
2015-12-10 18:04 - 2015-12-10 18:04 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2015-12-10 18:04 - 2015-12-10 18:04 - 00000000 ____D C:\Program Files\IObit
2015-12-10 18:00 - 2015-12-10 18:00 - 00000000 _____ C:\Users\Imoby7\AppData\Local\{FB45A469-C6F2-45E8-B77F-1B042386C27A}
2015-12-10 17:54 - 2015-12-10 17:54 - 00011194 _____ C:\AdwCleaner[S1].txt
2015-12-10 17:54 - 2015-12-10 17:54 - 00010622 _____ C:\AdwCleaner[C1].txt
2015-12-10 17:54 - 2015-12-10 17:54 - 00000000 ____D C:\AdwCleaner
2015-12-10 17:54 - 2015-12-09 14:55 - 01923584 _____ C:\Users\Imoby7\AppData\Roaming\carssn.exe
2015-12-10 17:53 - 2015-12-10 17:53 - 00000000 ____D C:\Users\Imoby7\AppData\Local\Yeaplayer
2015-12-10 17:52 - 2015-12-10 17:52 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-10 17:52 - 2015-12-10 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\navegaki
2015-12-10 17:52 - 2015-12-10 17:52 - 00000000 ____D C:\Program Files\navegaki
2015-12-10 17:52 - 2015-12-10 17:33 - 00000000 ____D C:\Users\Imoby7\AppData\Roaming\XBox
2015-12-10 17:52 - 2015-11-14 21:06 - 02496403 _____ ( ) C:\Users\Imoby7\AppData\Roaming\yeaplayer_51447.exe
2015-12-10 17:50 - 2015-12-10 08:39 - 01015808 _____ (d) C:\Users\Imoby7\AppData\Roaming\download.exe
2015-12-10 17:48 - 2015-11-16 08:01 - 01762304 _____ (TODO: <公司名>) C:\Users\Todos os Usuários\upgsvr.exe
2015-12-10 17:48 - 2015-11-16 08:01 - 01762304 _____ (TODO: <公司名>) C:\ProgramData\upgsvr.exe
2015-12-10 17:47 - 2015-11-16 08:01 - 01762304 _____ (TODO: <公司名>) C:\Users\Imoby7\AppData\Roaming\upgsvr.exe
2015-12-10 17:45 - 2015-12-10 17:45 - 00000000 ____D C:\Program Files\UniqueApps
2015-12-10 17:45 - 2015-07-27 18:51 - 00228352 _____ (drms media group) C:\Windows\Provider.dll
2015-12-10 17:45 - 2015-07-27 18:51 - 00085504 _____ (drms media group) C:\Windows\Installer.exe
2015-12-10 17:38 - 2015-12-10 17:39 - 00000000 ____D C:\FRST
2015-12-10 17:32 - 2015-12-10 17:32 - 00000996 _____ C:\Users\Public\Desktop\Yeaplayer.lnk
2015-12-10 17:32 - 2015-12-10 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yeaplayer
2015-12-10 17:32 - 2015-12-10 17:32 - 00000000 ____D C:\Program Files\Yeaplayer
2015-12-10 17:27 - 2015-12-10 17:27 - 00001129 _____ C:\AdwCleaner[C3].txt
2015-12-10 17:24 - 2015-12-10 17:24 - 00000976 _____ C:\AdwCleaner[S3].txt
2015-12-10 17:10 - 2015-12-10 17:10 - 00003127 _____ C:\AdwCleaner[C2].txt
2015-12-10 17:09 - 2015-12-10 17:09 - 00002882 _____ C:\AdwCleaner[S2].txt
2015-12-10 17:09 - 2015-12-10 17:09 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2015-12-10 15:56 - 2015-12-10 16:06 - 00000000 ____D C:\Users\Imoby7\AppData\Roaming\UpAuroraBrowser
2015-12-10 15:56 - 2015-12-10 16:06 - 00000000 ____D C:\Program Files\shopperz101220151409
2015-12-10 15:56 - 2015-12-10 15:56 - 00000000 ____D C:\Windows\system32\iudo
2015-12-10 14:39 - 2015-12-10 14:39 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-12-10 14:36 - 2015-12-10 14:36 - 00000000 ____D C:\Users\Imoby7\AppData\Roaming\Opera Software
2015-12-10 14:36 - 2015-12-10 14:36 - 00000000 ____D C:\Users\Imoby7\AppData\Local\Rest Builder
2015-12-10 14:36 - 2015-12-10 14:36 - 00000000 ____D C:\Users\Imoby7\AppData\Local\Opera Software
2015-12-10 14:35 - 2015-12-10 16:05 - 00000000 ____D C:\Program Files\Opera
2015-12-10 14:35 - 2015-12-10 15:57 - 00000000 ____D C:\Users\Todos os Usuários\Tmp0x0x
2015-12-10 14:35 - 2015-12-10 15:57 - 00000000 ____D C:\ProgramData\Tmp0x0x
2015-12-10 14:29 - 2015-12-10 14:29 - 00004672 _____ C:\Windows\system32\Elokzoflu.ini
2015-12-10 14:29 - 2015-12-10 14:29 - 00002384 _____ C:\Windows\system32\ElokzofluOff.ini
2015-12-10 14:29 - 2015-12-10 14:29 - 00000000 ____D C:\Users\Imoby7\AppData\Roaming\T-App
2015-12-10 14:28 - 2015-12-10 15:57 - 00000000 ____D C:\Users\Imoby7\AppData\Local\Tempfolder
2015-12-10 14:28 - 2015-12-10 14:28 - 00000000 ____D C:\Windows\system32\foe
2015-12-10 14:28 - 2015-12-10 14:28 - 00000000 ____D C:\Users\Imoby7\AppData\Roaming\LolqecRumtegb
2015-12-10 14:28 - 2015-12-10 14:28 - 00000000 ____D C:\Users\Imoby7\AppData\LocalLow\Company
2015-12-10 14:28 - 2015-12-10 14:28 - 00000000 ____D C:\uninst
2015-12-10 14:28 - 2015-12-10 12:40 - 00289104 _____ C:\Windows\system32\Elokzoflu.dll
2015-12-10 14:25 - 2015-12-10 14:24 - 00000860 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-12-10 14:24 - 2015-12-10 14:38 - 00000000 ____D C:\Program Files\659B521F-1449764692-DF91-5146-10C37BC4965D
2015-12-10 10:58 - 2015-12-10 10:58 - 00002653 _____ C:\Users\Imoby7\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-12-09 13:57 - 2015-12-10 17:28 - 00000000 ____D C:\Users\Imoby7\AppData\Local\Pushbullet
2015-12-09 13:57 - 2015-12-09 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pushbullet
2015-12-09 13:57 - 2015-12-09 13:57 - 00000000 ____D C:\Program Files\Pushbullet
2015-11-26 10:44 - 2015-11-26 10:44 - 00000307 _____ C:\Windows\system32\NetDvrV3.ini
2015-11-26 10:43 - 2015-12-10 14:37 - 00002873 _____ C:\Users\Imoby7\Desktop\ClientV3.lnk
2015-11-26 10:43 - 2015-12-10 14:37 - 00002853 _____ C:\Users\Imoby7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClientV3.lnk
2015-11-26 10:43 - 2015-11-26 10:43 - 00000000 ____D C:\Program Files\ClientV3
2015-11-26 10:40 - 2015-11-26 10:40 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2015-11-25 14:09 - 2015-11-25 14:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-11-21 09:58 - 2015-11-21 09:58 - 00031448 _____ (Basil) C:\Windows\system32\WinDivert32.sys
2015-11-21 09:58 - 2015-11-21 09:58 - 00031032 _____ (Basil) C:\Windows\system32\WinDivert.dll
2015-11-21 08:57 - 2015-12-10 17:28 - 00080728 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2015-11-21 08:57 - 2015-03-18 10:23 - 00079064 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys
2015-11-11 09:13 - 2015-12-10 14:37 - 00001833 _____ C:\Users\Public\Desktop\Apps.lnk
2015-11-11 09:13 - 2015-12-10 14:37 - 00001792 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-11-11 09:12 - 2015-11-11 09:18 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup
2015-11-11 09:12 - 2015-11-11 09:18 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-11-11 09:12 - 2015-11-11 09:12 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacks
2015-11-11 09:12 - 2015-11-11 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-11-11 09:12 - 2015-11-11 09:12 - 00000000 ____D C:\ProgramData\BlueStacks
2015-11-11 09:12 - 2015-11-11 09:12 - 00000000 ____D C:\Program Files\BlueStacks
2015-11-10 14:23 - 2015-12-10 14:37 - 00002733 _____ C:\Users\Imoby7\Desktop\µTorrent.lnk
2015-11-10 14:22 - 2015-12-10 11:26 - 00000000 ____D C:\Users\Imoby7\AppData\Roaming\uTorrent
2015-11-10 09:51 - 2015-11-10 09:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2015-12-10 17:54 - 2015-10-09 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2015-12-10 17:54 - 2015-09-30 10:04 - 00001129 _____ C:\Users\Imoby7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-10 17:52 - 2015-10-05 12:09 - 00001174 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-10 17:40 - 2009-07-14 02:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-10 17:39 - 2015-10-02 17:05 - 00000000 ____D C:\Temp
2015-12-10 17:39 - 2009-07-14 00:37 - 00000000 ____D C:\Windows
2015-12-10 17:37 - 2015-10-06 11:32 - 00001008 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-12-10 17:37 - 2009-07-14 02:34 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-10 17:37 - 2009-07-14 02:34 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-10 17:33 - 2011-04-12 02:47 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2015-12-10 17:33 - 2011-04-12 02:47 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2015-12-10 17:33 - 2010-11-20 19:01 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-10 17:33 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\inf
2015-12-10 17:30 - 2015-10-06 11:36 - 00000000 ___RD C:\Users\Imoby7\Dropbox
2015-12-10 17:30 - 2015-10-06 11:32 - 00000000 ____D C:\Users\Imoby7\AppData\Local\Dropbox
2015-12-10 17:30 - 2015-10-03 11:22 - 00000000 ____D C:\Users\Imoby7\AppData\Roaming\Ditto
2015-12-10 17:28 - 2015-10-09 15:44 - 00000000 ____D C:\Users\Imoby7\Documents\AirDroid
2015-12-10 17:28 - 2015-10-09 13:48 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-10 17:28 - 2015-10-06 11:32 - 00001004 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-12-10 17:28 - 2009-07-14 02:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-10 17:27 - 2015-10-01 11:16 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2015-12-10 17:27 - 2015-10-01 11:16 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-10 17:18 - 2015-10-29 08:49 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-10 17:16 - 2015-10-03 11:11 - 00000000 ____D C:\Program Files\FileAmigo 7
2015-12-10 17:07 - 2015-10-09 13:48 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-10 14:37 - 2015-10-13 11:39 - 00001020 _____ C:\Users\Imoby7\Desktop\Digitalizar para.lnk
2015-12-10 14:37 - 2015-10-09 15:44 - 00001858 _____ C:\Users\Public\Desktop\AirDroid.lnk
2015-12-10 14:37 - 2015-10-09 14:14 - 00001808 _____ C:\Users\Imoby7\Desktop\google earth.lnk
2015-12-10 14:37 - 2015-10-06 12:23 - 00000871 _____ C:\Users\Imoby7\Desktop\Ubatuba Riviera.lnk
2015-12-10 14:37 - 2015-10-06 12:22 - 00000850 _____ C:\Users\Imoby7\Desktop\Ubatuba Ximenes.lnk
2015-12-10 14:37 - 2015-10-06 12:08 - 00001440 _____ C:\Users\Imoby7\Desktop\SAAE Identificadores.lnk
2015-12-10 14:37 - 2015-10-06 12:07 - 00001250 _____ C:\Users\Imoby7\Desktop\CONTRATO DE LOCAÇÃO.lnk
2015-12-10 14:37 - 2015-10-06 12:07 - 00001175 _____ C:\Users\Imoby7\Desktop\Recibo de Aluguel.lnk
2015-12-10 14:37 - 2015-10-06 12:07 - 00000926 _____ C:\Users\Imoby7\Desktop\oneclick 1.9.7.exe - Atalho.lnk
2015-12-10 14:37 - 2015-10-05 14:03 - 00001016 _____ C:\Users\Imoby7\Desktop\TapinRadio.lnk
2015-12-10 14:37 - 2015-10-05 12:13 - 00000368 _____ C:\Users\Imoby7\Desktop\Skynet - Atalho.lnk
2015-12-10 14:37 - 2015-10-05 12:13 - 00000352 _____ C:\Users\Imoby7\Desktop\Velox - Atalho.lnk
2015-12-10 14:37 - 2015-10-05 12:10 - 00013365 _____ C:\Users\Imoby7\Desktop\Gerenciador de Tarefas.lnk
2015-12-10 14:37 - 2015-10-05 11:35 - 00001462 _____ C:\Users\Imoby7\Desktop\FileAmigo7.lnk
2015-12-10 14:36 - 2015-11-09 13:30 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-12-10 08:30 - 2015-10-05 15:00 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2015-12-10 08:30 - 2015-10-05 15:00 - 00000000 ____D C:\ProgramData\GbPlugin
2015-12-09 11:18 - 2015-10-05 13:51 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-09 11:18 - 2015-10-05 13:51 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-09 10:17 - 2015-10-03 11:14 - 00047031 _____ C:\Users\Imoby7\Documents\Aluguel.csv
2015-12-08 09:27 - 2015-10-08 15:41 - 00000000 ____D C:\Users\Imoby7\Documents\Meu Scanner
2015-12-07 17:01 - 2015-10-03 12:08 - 00000000 ____D C:\Users\Imoby7\TapinRadio
2015-11-21 08:47 - 2015-10-05 15:00 - 00000000 ____D C:\Program Files\GbPlugin
2015-11-20 09:01 - 2015-10-09 15:44 - 00000000 ____D C:\Program Files\AirDroid
2015-11-11 09:28 - 2011-04-12 02:56 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-11 09:13 - 2009-07-14 00:37 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-10 09:51 - 2015-10-06 11:32 - 00000000 ____D C:\Program Files\Dropbox

==================== Arquivos na raiz de alguns diretórios =======

2015-12-10 17:54 - 2015-12-09 14:55 - 1923584 _____ () C:\Users\Imoby7\AppData\Roaming\carssn.exe
2015-12-10 17:50 - 2015-12-10 08:39 - 1015808 _____ (d) C:\Users\Imoby7\AppData\Roaming\download.exe
2015-12-10 17:47 - 2015-11-16 08:01 - 1762304 _____ (TODO: <公司名>) C:\Users\Imoby7\AppData\Roaming\upgsvr.exe
2015-12-10 17:52 - 2015-11-14 21:06 - 2496403 _____ ( ) C:\Users\Imoby7\AppData\Roaming\yeaplayer_51447.exe
2015-12-10 18:00 - 2015-12-10 18:00 - 0000000 _____ () C:\Users\Imoby7\AppData\Local\{FB45A469-C6F2-45E8-B77F-1B042386C27A}
2015-12-10 17:48 - 2015-11-16 08:01 - 1762304 _____ (TODO: <公司名>) C:\ProgramData\upgsvr.exe

Arquivos para serem movidos ou deletados:
====================
C:\Users\Imoby7\AppData\Local\Temp\HomePage.exe
C:\Users\Imoby7\AppData\Local\Temp\LightGate.exe
C:\Users\Imoby7\AppData\Local\Temp\is-8A0UN.tmp\pyeaplayer_soft_partner.exe
C:\Users\Imoby7\AppData\Local\Temp\carssn.exe
C:\ProgramData\upgsvr.exe
C:\Users\Todos os Usuários\upgsvr.exe


Alguns arquivos em TEMP:
====================
C:\Users\Imoby7\AppData\Local\Temp\1%20navigaki.exe
C:\Users\Imoby7\AppData\Local\Temp\43889161971.dll
C:\Users\Imoby7\AppData\Local\Temp\44452361971.dll
C:\Users\Imoby7\AppData\Local\Temp\amisetup9081__16165.exe
C:\Users\Imoby7\AppData\Local\Temp\avg8D86.exe
C:\Users\Imoby7\AppData\Local\Temp\avg95B1.exe
C:\Users\Imoby7\AppData\Local\Temp\avg95E1.exe
C:\Users\Imoby7\AppData\Local\Temp\avg95F1.exe
C:\Users\Imoby7\AppData\Local\Temp\avg9612.exe
C:\Users\Imoby7\AppData\Local\Temp\avg9632.exe
C:\Users\Imoby7\AppData\Local\Temp\carssn.exe
C:\Users\Imoby7\AppData\Local\Temp\da3c3f44f7de8ef5.exe
C:\Users\Imoby7\AppData\Local\Temp\downloader_2.0.0.1_102br_45_20151208_1446_1449557202.exe
C:\Users\Imoby7\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3ecltk.dll
C:\Users\Imoby7\AppData\Local\Temp\fsd2857.exe
C:\Users\Imoby7\AppData\Local\Temp\fsd62FD.exe
C:\Users\Imoby7\AppData\Local\Temp\fsdDF4D.exe
C:\Users\Imoby7\AppData\Local\Temp\HomePage.exe
C:\Users\Imoby7\AppData\Local\Temp\LightGate.exe
C:\Users\Imoby7\AppData\Local\Temp\offer-12B30129-EEC7-432A-A003-82FE9F5EFDC7.exe
C:\Users\Imoby7\AppData\Local\Temp\PidGenX.dll
C:\Users\Imoby7\AppData\Local\Temp\Quarantine.exe
C:\Users\Imoby7\AppData\Local\Temp\smt_istartsurf.exe
C:\Users\Imoby7\AppData\Local\Temp\SpOrder.dll
C:\Users\Imoby7\AppData\Local\Temp\sqlite3.dll
C:\Users\Imoby7\AppData\Local\Temp\UninstallModule.exe
C:\Users\Imoby7\AppData\Local\Temp\upgsvr.exe
C:\Users\Imoby7\AppData\Local\Temp\YeaPlayer_br_IBD_Bundle.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll
[2015-08-07 15:37] - [2015-08-07 15:37] - 0270336 ____A (Microsoft Corporation) 63DE7FEE56B66E41F5D9AC5606570915

C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2015-12-10 09:25

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité