cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:05-03-2016 01
Executado por Samir (administrador) em SAMIR (27-03-2016 07:11:15)
Executando a partir de C:\Users\Samir\Downloads
Perfis Carregados: Samir (Perfis Disponíveis: Samir & visitante)
Platform: Windows 8.1 Single Language (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
() C:\Program Files (x86)\12828DFB-1459035301-DE11-B27E-00235A9DD9D3\knsmDA4A.tmpfs
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(skype.cog.cc) C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe
(Microsoft Corporation) C:\Users\Samir\AppData\Roaming\XBox\XBLive.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(%CFullName%) C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\CleanBrowser\app\bin\nw.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files (x86)\CleanBrowser\app\bin\nw.exe
(%CFullName%) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOHost.exe
() C:\Program Files (x86)\CleanBrowser\app\bin\nw.exe
() C:\Program Files (x86)\CleanBrowser\app\bin\nw.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [704344 2015-02-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510896 2014-01-14] (Realtek Semiconductor)
HKLM\...\Run: [Sound+] => "C:\Program Files\Sound+\Sound+.exe"
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM\...\RunOnce: [WINDOWS_SCREEN_MANAGER_UPDATER_1] => C:\Program Files\Windows Screen Manager\Windows screen manage updater.exe [16896 2016-03-26] (Wizzservices)
HKLM\...\Winlogon: [Userinit] wscript C:\WINDOWS\run.vbs,
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-09-04] (Banco Itaú Unibanco)
HKU\S-1-5-21-2830675187-2129402912-1900169697-1001\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-2830675187-2129402912-1900169697-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2036736 2016-03-23] ()
HKU\S-1-5-21-2830675187-2129402912-1900169697-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-02-29] (SUPERAntiSpyware)
HKU\S-1-5-21-2830675187-2129402912-1900169697-1001\...\MountPoints2: {3f958180-cf4e-11e5-825d-8cdcd49fae3a} - "F:\LGAutoRun.exe"
HKU\S-1-5-21-2830675187-2129402912-1900169697-1001\...\MountPoints2: {a44bde19-f285-11e5-826b-8cdcd49fae3a} - "F:\Startme.exe"
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1896696 2015-09-04] (Banco Itaú Unibanco)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-02-25]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Winsock: Catalog5 07 C:\ProgramData\System32\SafeGuard32.dll Nenhum Arquivo
Winsock: Catalog5-x64 07 C:\ProgramData\System32\SafeGuard64.dll [3587000 2016-03-26] ()
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{19B21847-0B0C-411D-9B2B-7287370FED9E}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{19B21847-0B0C-411D-9B2B-7287370FED9E}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6969D0D3-DB67-420C-ABD7-FC7B12F31BA1}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{6E9D21A5-B082-4734-A8F1-6B6AF745DCDB}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{F68F5030-E316-4E86-8E7B-079BFF522A2E}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{F9EA02B1-CCB6-48DA-9FF9-B9FA206B5D2A}: [NameServer] 104.197.191.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/3
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/3
HKU\S-1-5-21-2830675187-2129402912-1900169697-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2830675187-2129402912-1900169697-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/3
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-03] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2015-09-04] (Banco Itaú Unibanco)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-03] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-03-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-03-03] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Samir\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF NewTab: hxxp://www.yessearches.com/?ts=AHEpCH0nB3UqAE..&v=20160323&uid=3351AD37ACDD5FCE075FB0C848363F32&ptid=wak&mode=ffseng
FF DefaultSearchEngine: yessearches
FF DefaultSearchEngine.US: data:text/plain,browser.search.defaultenginename.US=yessearches
FF SelectedSearchEngine: yessearches
FF Homepage: hxxp://www.yessearches.com/?ts=AHEpCH0nB3UqAE..&v=20160323&uid=3351AD37ACDD5FCE075FB0C848363F32&ptid=wak&mode=ffseng
FF Keyword.URL: hxxp://www.yessearches.com/chrome.php?uid=3351AD37ACDD5FCE075FB0C848363F32&ptid=wak&ts=AHEpCH0nB3UqAE..&v=20160323&mode=ffexttoolbar&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-23] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-03] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-26] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-09] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Samir\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\DD1B66D4.xml [2016-03-26]
FF Extension: Adblock Plus - C:\Users\Samir\AppData\Roaming\Mozilla\Firefox\Profiles\r3u8wf98.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-22]
FF Extension: GsearchFinder - C:\Users\Samir\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi [2016-03-24]
FF Extension: Adblock Plus - C:\Users\Samir\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-22]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-22] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: HP SimplePass - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2016-02-11] [não assinado]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-02-12] [não assinado]

Chrome:
=======
CHR Profile: C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-26]
CHR Extension: (Google Docs) - C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-26]
CHR Extension: (Google Drive) - C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-26]
CHR Extension: (YouTube) - C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-26]
CHR Extension: (Planilhas do Google) - C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-26]
CHR Extension: (HP SimplePass) - C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default\Extensions\fidikogfgleiaefnjbmnjaplmgknppkg [2016-03-26]
CHR Extension: (Documentos Google off-line) - C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-27]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-26]
CHR Extension: (Gmail) - C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-26]
CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [87384 2015-02-05] (Alps Electric Co., Ltd.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia)
S2 ggbugreport; C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe [1610816 2016-03-24] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-03-03] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [293128 2016-02-05] (McAfee, Inc.)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe [1696712 2016-02-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-02-26] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [124928 2015-07-02] (Softex Inc.) [Arquivo não assinado]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SkypeUpdateEx; C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [167352 2016-03-21] (skype.cog.cc)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 Winsere; C:\Program Files (x86)\Winsere\Winsere\Winsere.exe [316984 2016-03-23] ()
R2 XBox; C:\Users\Samir\AppData\Roaming\XBox\XBLive.exe [5906904 2016-02-27] (Microsoft Corporation)
R2 giroqilezbt; C:\Program Files (x86)\12828DFB-1459035301-DE11-B27E-00235A9DD9D3\knsmDA4A.tmpfs [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3897856 2014-05-14] (Qualcomm Atheros Communications, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-08] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-12-08] (GAS Tecnologia)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-03] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-12-08] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-03-27 07:11 - 2016-03-27 07:11 - 00022294 _____ C:\Users\Samir\Downloads\FRST.txt
2016-03-27 07:09 - 2016-03-27 07:11 - 00000000 ____D C:\FRST
2016-03-27 07:08 - 2016-03-27 07:08 - 02374144 _____ (Farbar) C:\Users\Samir\Downloads\FRST64.exe
2016-03-27 07:08 - 2016-03-27 07:08 - 02374144 _____ (Farbar) C:\Users\Samir\Downloads\FRST64 (1).exe
2016-03-27 07:06 - 2016-03-27 07:06 - 01023624 _____ (Gal ) C:\Users\Samir\Downloads\FlashPlayerPro.exe
2016-03-27 07:04 - 2016-03-27 07:05 - 00000000 ____D C:\Program Files (x86)\CleanBrowser
2016-03-26 21:52 - 2016-03-26 21:53 - 00001744 _____ C:\Users\Samir\Desktop\Rkill.txt
2016-03-26 21:52 - 2016-03-26 21:52 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\Samir\Downloads\iExplore (1).exe
2016-03-26 21:52 - 2016-03-26 21:52 - 01107912 _____ (Bleeping Computer, LLC) C:\Users\Samir\Downloads\iExplore64.exe
2016-03-26 21:51 - 2016-03-26 21:51 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\Samir\Downloads\iExplore.exe
2016-03-26 21:36 - 2016-03-26 21:36 - 00002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-26 21:36 - 2016-03-26 21:36 - 00002244 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-26 21:36 - 2016-03-26 21:36 - 00000000 ____D C:\Users\Samir\AppData\Local\Google
2016-03-26 21:35 - 2016-03-27 07:04 - 00001074 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-26 21:35 - 2016-03-26 21:40 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-26 21:35 - 2016-03-26 21:36 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-26 21:35 - 2016-03-26 21:35 - 00004050 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-03-26 21:35 - 2016-03-26 21:35 - 00003814 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-03-26 21:34 - 2016-03-26 21:35 - 00987728 _____ (Google Inc.) C:\Users\Samir\Downloads\ChromeSetup.exe
2016-03-26 21:33 - 2016-03-26 21:33 - 00000000 ____D C:\Users\Samir\AppData\Roaming\SUPERAntiSpyware.com
2016-03-26 21:32 - 2016-03-26 21:33 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-26 21:32 - 2016-03-26 21:32 - 00001827 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-03-26 21:32 - 2016-03-26 21:32 - 00000000 ____D C:\Users\Todos os Usuários\SUPERAntiSpyware.com
2016-03-26 21:32 - 2016-03-26 21:32 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-03-26 21:32 - 2016-03-26 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-03-26 21:31 - 2016-03-26 21:32 - 25136648 _____ (SUPERAntiSpyware) C:\Users\Samir\Downloads\SUPERAntiSpyware.exe
2016-03-26 21:27 - 2016-03-26 21:32 - 00000000 ____D C:\Users\Todos os Usuários\System32
2016-03-26 21:27 - 2016-03-26 21:32 - 00000000 ____D C:\ProgramData\System32
2016-03-26 21:27 - 2016-03-26 21:27 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Samir\Downloads\SpyHunter-Installer.exe
2016-03-26 21:27 - 2016-03-26 21:27 - 00000000 ____D C:\Program Files (x86)\SkypeUpdateEx
2016-03-26 20:55 - 2016-03-26 20:55 - 00000000 ____D C:\Users\Samir\AppData\Local\Windows Live
2016-03-26 20:46 - 2016-03-26 21:18 - 00000000 ____D C:\Program Files (x86)\sunnyday
2016-03-26 20:46 - 2016-03-26 20:46 - 00000000 ____D C:\Program Files\Windows Screen Manager
2016-03-26 20:46 - 2016-03-26 20:46 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-03-26 20:45 - 2016-03-26 20:45 - 00000034 ___SH C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2016-03-26 20:45 - 2016-03-26 20:45 - 00000000 ____D C:\Users\Samir\AppData\Roaming\XBox
2016-03-26 20:44 - 2016-03-26 21:21 - 00000000 ____D C:\Program Files\Sound+
2016-03-26 20:35 - 2016-03-27 06:58 - 00000000 ____D C:\Program Files (x86)\12828DFB-1459035301-DE11-B27E-00235A9DD9D3
2016-03-26 20:33 - 2016-03-27 07:05 - 00000000 ____D C:\Users\Samir\AppData\Local\app
2016-03-26 20:31 - 2016-03-26 20:31 - 00002908 _____ C:\WINDOWS\System32\Tasks\osTip
2016-03-26 20:31 - 2016-03-26 20:31 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-03-26 20:31 - 2016-03-26 20:31 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-03-26 20:27 - 2016-03-26 21:21 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
2016-03-26 20:27 - 2016-03-26 20:27 - 00015064 _____ C:\WINDOWS\System32\Tasks\WinTaske
2016-03-26 20:27 - 2016-03-26 20:27 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-03-26 20:27 - 2016-03-26 20:27 - 00000000 ____D C:\Program Files (x86)\WinTaske
2016-03-26 20:27 - 2016-03-26 20:27 - 00000000 ____D C:\Program Files (x86)\Winsere
2016-03-26 20:26 - 2016-03-26 20:26 - 02570371 _____ C:\WINDOWS\chromebrowser.exe
2016-03-26 20:25 - 2016-03-26 20:48 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-03-26 20:25 - 2016-03-26 20:25 - 00000000 ____D C:\Users\Samir\AppData\Local\Microsoft Help
2016-03-26 20:06 - 2016-03-27 06:58 - 00003846 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-03-26 20:06 - 2016-03-26 20:06 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-03-26 19:57 - 2016-03-26 20:00 - 00000000 ____D C:\Users\Samir\Desktop\Office2013
2016-03-26 11:02 - 2016-03-26 11:02 - 00064762 _____ C:\Users\Samir\Downloads\The.Peanuts.Movie.2015.DVDSCR.rar
2016-03-26 10:54 - 2016-03-26 19:57 - 00000000 ____D C:\Users\Samir\AppData\LocalLow\uTorrent
2016-03-25 12:04 - 2016-03-25 12:15 - 00000000 ____D C:\Users\Samir\Desktop\musica
2016-03-25 11:06 - 2016-03-25 11:10 - 39069125 _____ C:\Users\Samir\Downloads\MÁRCIA_FELIPE_-_CD_VERÃO.mp3.part
2016-03-25 09:38 - 2016-03-25 09:42 - 00000000 ____D C:\Users\Samir\Documents\CyberLink
2016-03-25 09:38 - 2016-03-25 09:38 - 00000000 ____D C:\Users\Samir\AppData\Local\MediaShow
2016-03-23 20:16 - 2016-03-23 20:16 - 00018694 _____ C:\Users\Samir\Downloads\Star.Wars.Episode.VII.The.Fce.Awakens.BRRip.rar
2016-03-23 20:03 - 2016-03-26 21:41 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-23 20:03 - 2016-03-23 20:03 - 00003790 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-03-23 19:42 - 2016-03-23 19:42 - 00000000 ____D C:\Users\visitante\AppData\Roaming\Sun
2016-03-23 19:42 - 2016-03-23 19:42 - 00000000 ____D C:\Users\visitante\AppData\LocalLow\Sun
2016-03-23 19:42 - 2016-03-23 19:42 - 00000000 ____D C:\Users\visitante\.oracle_jre_usage
2016-03-23 11:54 - 2016-03-23 11:54 - 00000000 ____D C:\Users\visitante\AppData\Roaming\uTorrent
2016-03-23 11:53 - 2016-03-23 11:53 - 02094080 _____ (BitTorrent Inc.) C:\Users\visitante\Downloads\uTorrent.exe
2016-03-22 20:07 - 2016-03-22 20:08 - 01019064 _____ ( ) C:\Users\Samir\Downloads\JavaSetup.exe
2016-03-22 09:27 - 2016-03-25 09:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-17 20:27 - 2016-03-17 20:27 - 00000000 ____D C:\Users\Samir\AppData\Roaming\MPC-HC
2016-03-17 20:15 - 2016-03-17 20:15 - 00001723 _____ C:\Users\Public\Desktop\MPC-HC x64.lnk
2016-03-17 20:15 - 2016-03-17 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2016-03-17 20:15 - 2016-03-17 20:15 - 00000000 ____D C:\Program Files\MPC-HC
2016-03-17 19:56 - 2016-03-17 20:14 - 13395440 _____ (MPC-HC Team ) C:\Users\Samir\Downloads\MPC-HC.1.7.10.x64.exe
2016-03-12 16:28 - 2016-03-12 16:28 - 00029808 _____ C:\Users\Samir\Desktop\03525851537-IRPF-2016-2015-origi-imagem-recibo.pdf
2016-03-12 16:20 - 2016-03-12 16:20 - 00001743 _____ C:\Users\Samir\Desktop\IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk
2016-03-12 16:20 - 2016-03-12 16:20 - 00000000 ____D C:\Users\Samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2016
2016-03-12 10:07 - 2016-03-12 10:40 - 25941544 _____ (Receita Federal do Brasil) C:\Users\Samir\Downloads\IRPF2016Win32v1.1.exe
2016-03-12 10:07 - 2016-03-12 10:15 - 06191735 _____ (Serpro - Serviço Federal de Processamento de Dados) C:\Users\Samir\Downloads\Receitanet-1.07(2).exe
2016-03-12 09:59 - 2016-03-12 16:26 - 00000000 ____D C:\Users\Samir\.receitanet
2016-03-12 09:55 - 2016-03-12 09:55 - 00003140 _____ C:\Users\Samir\Desktop\03525851537-IRPF-A-2015-2014-ORIGI.DBK
2016-03-12 09:35 - 2016-03-12 16:20 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2016-03-12 09:35 - 2016-03-12 09:35 - 00002212 _____ C:\Users\Public\Desktop\Receitanet 1.07 .lnk
2016-03-12 09:34 - 2016-03-12 16:20 - 00000000 ____D C:\Arquivos de Programas RFB
2016-03-12 09:34 - 2016-03-12 09:34 - 00000176 _____ C:\WINDOWS\REC-NET.INI
2016-03-12 09:34 - 2016-03-12 09:34 - 00000000 ____D C:\Users\Samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2015
2016-03-12 09:34 - 2016-03-12 09:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
2016-03-12 09:34 - 2016-03-12 09:34 - 00000000 ____D C:\Program Files (x86)\Programas RFB
2016-03-12 09:31 - 2016-03-12 09:32 - 24453672 _____ (Receita Federal do Brasil) C:\Users\Samir\Downloads\IRPF2015win32v1.3.exe
2016-03-12 09:31 - 2016-03-12 09:31 - 06191735 _____ (Serpro - Serviço Federal de Processamento de Dados) C:\Users\Samir\Downloads\Receitanet-1.07(1).exe
2016-03-12 01:56 - 2015-12-30 18:53 - 02017624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-12 01:55 - 2016-02-20 12:45 - 01373184 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-03-12 01:55 - 2016-02-20 12:45 - 01168896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-12 01:55 - 2016-02-20 12:45 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-12 01:55 - 2016-02-20 12:45 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-12 01:55 - 2016-02-20 12:45 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-12 01:55 - 2016-02-20 12:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-03-12 01:55 - 2016-02-08 18:05 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-12 01:55 - 2016-02-08 17:39 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-03-12 01:55 - 2016-02-08 17:34 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-12 01:55 - 2016-02-08 17:29 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-03-12 01:55 - 2016-02-08 17:28 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-03-12 01:55 - 2016-02-08 17:10 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-12 01:55 - 2016-02-08 17:07 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-03-12 01:55 - 2016-02-08 17:05 - 25816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-12 01:55 - 2016-02-08 17:03 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-03-12 01:55 - 2016-02-08 17:02 - 13012480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-12 01:55 - 2016-02-08 17:02 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-03-12 01:55 - 2016-02-08 17:01 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-03-12 01:55 - 2016-02-08 16:43 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-12 01:55 - 2016-02-08 16:39 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-12 01:55 - 2016-02-08 16:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-03-12 01:55 - 2016-02-08 15:27 - 02887680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-12 01:55 - 2016-02-08 15:26 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-03-12 01:55 - 2016-02-08 15:16 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-12 01:55 - 2016-02-08 15:14 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-03-12 01:55 - 2016-02-08 15:13 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-03-12 01:55 - 2016-02-08 14:51 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-03-12 01:55 - 2016-02-08 14:42 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-03-12 01:55 - 2016-02-08 14:37 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-03-12 01:55 - 2016-02-08 14:34 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-03-12 01:55 - 2016-02-08 14:33 - 14613504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-12 01:55 - 2016-02-08 14:33 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-03-12 01:55 - 2016-02-08 14:19 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-12 01:55 - 2016-02-08 14:15 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-03-12 01:55 - 2016-02-08 14:07 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-12 01:55 - 2016-02-08 13:55 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-03-12 01:55 - 2016-02-05 16:06 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-03-12 01:55 - 2016-01-06 15:25 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-03-12 01:55 - 2015-11-09 20:36 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-03-12 01:55 - 2015-11-08 18:16 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-03-12 01:55 - 2015-11-08 18:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-03-12 01:54 - 2016-02-12 16:14 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-03-12 01:54 - 2016-02-12 12:14 - 03708416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-12 01:54 - 2016-02-12 11:55 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-03-12 01:54 - 2016-02-12 11:54 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-03-12 01:54 - 2016-02-12 11:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-03-12 01:54 - 2016-02-12 11:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-03-12 01:54 - 2016-02-12 11:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-03-12 01:54 - 2016-02-12 11:51 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-03-12 01:54 - 2016-02-12 11:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-03-12 01:54 - 2016-02-12 11:48 - 02244096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-03-12 01:54 - 2016-02-12 11:47 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-03-12 01:54 - 2016-02-12 11:46 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-03-12 01:54 - 2016-02-11 11:21 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-03-12 01:54 - 2016-02-11 11:21 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-03-12 01:54 - 2016-02-11 11:20 - 00875720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-03-12 01:54 - 2016-02-11 11:20 - 00536776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-03-12 01:54 - 2016-02-06 15:08 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-12 01:54 - 2016-02-06 13:58 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-03-12 01:54 - 2016-02-06 13:32 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-03-12 01:54 - 2016-02-05 16:07 - 00292696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
2016-03-12 01:54 - 2016-02-05 16:07 - 00243032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2016-03-12 01:54 - 2016-02-05 12:03 - 15432704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-12 01:54 - 2016-02-05 12:00 - 13318144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-12 01:54 - 2016-02-05 11:59 - 07784960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-12 01:54 - 2016-02-05 11:55 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-12 01:54 - 2016-02-05 11:48 - 07075840 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-03-12 01:54 - 2016-02-05 11:47 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-03-12 01:54 - 2016-02-04 15:18 - 04174336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-03-12 01:54 - 2016-02-04 15:18 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-12 01:54 - 2016-02-04 15:12 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-12 01:54 - 2016-02-04 14:44 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-12 01:54 - 2016-02-04 14:39 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-12 01:54 - 2016-02-04 14:24 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-12 01:54 - 2016-02-04 14:02 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-12 01:54 - 2016-02-03 17:37 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-12 01:54 - 2016-02-03 17:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-12 01:54 - 2016-02-03 12:09 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-12 01:54 - 2016-02-03 12:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-12 01:54 - 2016-02-03 12:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-12 01:54 - 2016-01-31 16:16 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-12 01:54 - 2016-01-24 15:19 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-03-12 01:54 - 2016-01-24 15:19 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-03-12 01:54 - 2016-01-24 15:19 - 00331608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-03-12 01:54 - 2016-01-24 08:57 - 01335296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-03-12 01:54 - 2016-01-24 08:45 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-03-12 01:54 - 2016-01-10 13:41 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-03-12 01:54 - 2016-01-10 13:31 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-03-12 01:54 - 2016-01-08 22:49 - 00218448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-03-12 01:54 - 2016-01-08 22:49 - 00192120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-03-12 01:54 - 2016-01-08 22:38 - 00091992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2016-03-12 01:54 - 2016-01-06 20:46 - 00148752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-03-12 01:54 - 2016-01-06 20:45 - 00177712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-03-12 01:54 - 2016-01-06 13:47 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-03-12 01:54 - 2016-01-05 12:00 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-03-12 01:54 - 2015-12-30 17:49 - 00470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2016-03-12 01:54 - 2015-12-20 11:57 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-12 01:54 - 2015-12-20 11:56 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2016-03-12 01:54 - 2015-12-20 11:43 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-12 01:54 - 2015-11-19 11:33 - 00994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2016-03-12 01:54 - 2015-11-19 11:26 - 00922432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2016-03-12 01:53 - 2016-01-15 13:56 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-03-12 01:53 - 2016-01-15 13:45 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-03-12 01:03 - 2016-03-12 04:02 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-04 08:40 - 2016-03-04 08:40 - 00000000 ____D C:\Users\visitante\AppData\Local\GWX
2016-03-03 20:38 - 2016-03-23 20:16 - 00000000 ____D C:\Users\Samir\Desktop\Filmes
2016-03-03 20:31 - 2016-03-03 20:31 - 00000000 ____D C:\Users\Samir\AppData\Roaming\Sun
2016-03-03 20:31 - 2016-03-03 20:31 - 00000000 ____D C:\Users\Samir\AppData\LocalLow\Sun
2016-03-03 20:31 - 2016-03-03 20:31 - 00000000 ____D C:\Users\Samir\.oracle_jre_usage
2016-03-03 20:31 - 2016-03-03 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-03 20:31 - 2016-03-03 20:30 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-03-03 20:30 - 2016-03-12 00:27 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-03-03 20:30 - 2016-03-12 00:27 - 00000000 ____D C:\ProgramData\Oracle
2016-03-03 20:30 - 2016-03-03 20:30 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-03 20:28 - 2016-03-03 20:28 - 00000000 ____D C:\Users\Samir\AppData\LocalLow\Oracle
2016-03-03 20:27 - 2016-03-03 20:27 - 00002690 _____ C:\Users\Samir\Desktop\µTorrent.lnk
2016-03-03 20:23 - 2016-03-03 20:23 - 02094080 _____ (BitTorrent Inc.) C:\Users\Samir\Downloads\uTorrent(1).exe
2016-03-03 20:21 - 2016-03-12 12:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-03 20:21 - 2016-03-04 09:12 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-03-03 20:21 - 2016-03-03 20:21 - 00002034 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-03-03 20:20 - 2016-03-04 08:52 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-03-03 20:20 - 2016-03-04 08:52 - 00000000 ____D C:\ProgramData\Adobe
2016-03-03 20:20 - 2016-03-03 20:20 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-03-03 20:17 - 2016-03-03 20:17 - 00000000 ____D C:\Users\visitante\AppData\Local\Adobe
2016-03-03 20:16 - 2016-03-03 20:16 - 01193696 _____ (Adobe Systems Incorporated) C:\Users\visitante\Downloads\readerdc_br_d_install.exe
2016-03-01 10:50 - 2016-03-01 10:50 - 00001058 _____ C:\WINDOWS\run.vbs
2016-02-29 22:17 - 2016-02-29 22:17 - 00002214 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2016-02-29 22:05 - 2016-03-12 03:50 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-29 22:05 - 2016-03-12 03:46 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-29 22:00 - 2014-04-15 20:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2016-02-29 22:00 - 2014-04-15 20:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2016-02-29 21:20 - 2016-03-12 01:03 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-02-29 19:42 - 2016-02-29 19:43 - 00735328 _____ (Oracle Corporation) C:\Users\Samir\Downloads\jxpiinstall.exe
2016-02-29 18:40 - 2016-02-29 18:41 - 26228720 _____ (Receita Federal do Brasil) C:\Users\Samir\Downloads\IRPF2016Win32v1.0.exe
2016-02-29 18:40 - 2016-02-29 18:41 - 06191735 _____ (Serpro - Serviço Federal de Processamento de Dados) C:\Users\Samir\Downloads\Receitanet-1.07.exe

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-03-27 07:05 - 2016-02-09 14:03 - 00000000 ____D C:\Users\Samir\Documents\Youcam
2016-03-27 07:04 - 2016-02-09 14:05 - 00000000 ____D C:\Users\Samir\OneDrive
2016-03-27 07:02 - 2014-05-14 01:12 - 00805574 _____ C:\WINDOWS\system32\prfh0416.dat
2016-03-27 07:02 - 2014-05-14 01:12 - 00170926 _____ C:\WINDOWS\system32\prfc0416.dat
2016-03-27 07:02 - 2014-03-18 06:53 - 01935892 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-27 07:02 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Inf
2016-03-26 21:54 - 2016-02-11 11:25 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-03-26 21:54 - 2013-08-22 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-26 21:53 - 2013-08-22 10:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-26 21:44 - 2016-02-09 14:10 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2830675187-2129402912-1900169697-1001
2016-03-26 21:21 - 2013-08-22 11:44 - 00346800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-26 20:54 - 2016-02-11 20:42 - 00001856 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-26 20:54 - 2016-02-11 20:42 - 00001844 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-26 20:54 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-26 20:46 - 2016-02-15 20:15 - 00000000 ____D C:\Users\Samir\AppData\Roaming\uTorrent
2016-03-26 20:46 - 2014-03-18 06:38 - 00000000 ____D C:\WINDOWS\ShellNew
2016-03-26 20:46 - 2013-08-22 10:25 - 00000124 _____ C:\WINDOWS\win.ini
2016-03-26 20:45 - 2014-11-26 23:37 - 00000000 ____D C:\Users\Todos os Usuários\Intel
2016-03-26 20:45 - 2014-11-26 23:37 - 00000000 ____D C:\ProgramData\Intel
2016-03-26 20:41 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-26 20:08 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-26 20:07 - 2013-08-22 12:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-26 20:05 - 2016-02-09 13:56 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-03-26 20:05 - 2016-02-09 13:56 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-03-26 19:19 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-26 15:35 - 2016-02-09 14:00 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D08885BE-50AC-4409-826E-A98D190C94C7}
2016-03-25 10:52 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-03-25 09:38 - 2016-02-12 18:44 - 00000000 ____D C:\Users\Samir\AppData\Roaming\CyberLink
2016-03-25 09:38 - 2016-02-12 18:43 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2016-03-25 09:38 - 2016-02-09 14:03 - 00000000 ____D C:\Users\Samir\AppData\Local\CyberLink
2016-03-25 09:38 - 2014-11-26 23:48 - 00000000 ____D C:\Users\Todos os Usuários\CyberLink
2016-03-25 09:38 - 2014-11-26 23:48 - 00000000 ____D C:\ProgramData\CyberLink
2016-03-25 09:35 - 2016-02-09 13:56 - 00000000 ____D C:\Users\Samir
2016-03-25 09:34 - 2016-02-25 10:29 - 00000000 ____D C:\Users\visitante
2016-03-25 09:32 - 2016-02-11 20:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-24 01:10 - 2016-02-25 10:37 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2830675187-2129402912-1900169697-1004
2016-03-24 01:02 - 2016-02-25 10:29 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{20A7135A-2887-42DC-8210-794D90B05DB1}
2016-03-24 00:31 - 2016-02-25 10:36 - 00000000 ____D C:\Users\visitante\Documents\Youcam
2016-03-23 23:08 - 2016-02-17 21:18 - 00000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForSamir.job
2016-03-23 18:54 - 2016-02-12 19:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2016-03-22 23:53 - 2016-02-11 11:25 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-03-22 23:53 - 2016-02-11 11:25 - 00000000 ____D C:\ProgramData\GbPlugin
2016-03-22 14:05 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\rescache
2016-03-20 10:59 - 2013-08-22 10:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-16 18:51 - 2016-02-09 14:06 - 00000000 ____D C:\Users\Samir\AppData\Local\Hewlett-Packard
2016-03-16 18:39 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\AppCompat
2016-03-12 11:20 - 2014-04-02 07:25 - 00000000 ____D C:\WINDOWS\Panther
2016-03-12 11:16 - 2016-02-13 15:51 - 00000000 ___HD C:\$WINDOWS.~BT
2016-03-12 09:35 - 2016-02-09 13:59 - 00000000 ____D C:\Users\Samir\AppData\Local\VirtualStore
2016-03-12 09:25 - 2014-05-13 21:05 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2016-03-12 09:25 - 2014-05-13 20:51 - 00000000 ____D C:\Users\Todos os Usuários\Hewlett-Packard
2016-03-12 09:25 - 2014-05-13 20:51 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-03-12 01:03 - 2013-08-22 12:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-03-12 01:03 - 2013-08-22 12:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-03-12 01:03 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\WinStore
2016-03-12 01:03 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-03-12 01:03 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-03-12 01:03 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-03-12 01:03 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-03-12 00:36 - 2016-02-09 14:09 - 00000000 __SHD C:\Users\Samir\AppData\LocalLow\EmieUserList
2016-03-12 00:36 - 2016-02-09 14:08 - 00000000 __SHD C:\Users\Samir\AppData\LocalLow\EmieSiteList
2016-03-12 00:36 - 2016-02-09 14:08 - 00000000 __SHD C:\Users\Samir\AppData\Local\EmieUserList
2016-03-12 00:36 - 2016-02-09 14:08 - 00000000 __SHD C:\Users\Samir\AppData\Local\EmieSiteList
2016-03-08 04:00 - 2013-08-22 12:38 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 04:00 - 2013-08-22 12:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-03 20:17 - 2016-02-15 19:42 - 00000000 ____D C:\Users\Samir\AppData\Local\Adobe
2016-02-29 22:17 - 2014-05-13 21:06 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-02-29 22:17 - 2014-05-13 20:51 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-29 22:17 - 2014-05-13 20:47 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-02-29 22:09 - 2014-03-31 22:07 - 00000000 ____D C:\SWSetup
2016-02-29 21:25 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2016-02-29 21:25 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\FileManager
2016-02-29 21:25 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\Camera
2016-02-29 21:24 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-02-29 21:24 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-02-29 21:24 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-02-29 21:24 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-02-29 21:24 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-02-29 21:24 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-02-29 21:24 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-02-29 21:24 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-02-29 21:24 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\servicing
2016-02-29 21:23 - 2013-08-22 12:36 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-02-29 21:23 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-02-29 21:23 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-02-29 21:23 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\setup
2016-02-29 21:23 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-02-29 21:23 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\Com
2016-02-29 21:23 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\IME
2016-02-29 21:23 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-02-29 21:23 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-02-29 21:23 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-02-29 21:21 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-02-29 21:21 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-02-29 21:20 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-02-29 21:20 - 2013-08-22 12:36 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-02-29 21:20 - 2013-08-22 12:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-29 21:20 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-02-27 17:37 - 2013-08-22 12:36 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-02-27 17:37 - 2013-08-22 12:36 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-02-27 17:13 - 2016-02-25 10:37 - 00000000 ____D C:\Users\visitante\AppData\Local\Mozilla
2016-02-27 17:06 - 2016-02-25 10:29 - 00000000 ____D C:\Users\visitante\AppData\Local\Packages

Alguns arquivos em TEMP:
====================
C:\Users\Samir\AppData\Local\Temp\aplicativoitau.exe
C:\Users\Samir\AppData\Local\Temp\CodecFixDivx.exe
C:\Users\Samir\AppData\Local\Temp\COMAP.EXE
C:\Users\Samir\AppData\Local\Temp\dxdiag.exe
C:\Users\Samir\AppData\Local\Temp\Extract.exe
C:\Users\Samir\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\Samir\AppData\Local\Temp\ITJL5YU4S1.exe
C:\Users\Samir\AppData\Local\Temp\MediaPlayer__3137_il148421.exe
C:\Users\Samir\AppData\Local\Temp\mesox.exe
C:\Users\Samir\AppData\Local\Temp\msconfig.exe
C:\Users\Samir\AppData\Local\Temp\QXQD3M6YU3.exe
C:\Users\Samir\AppData\Local\Temp\SP66894.exe
C:\Users\Samir\AppData\Local\Temp\SP68999.exe
C:\Users\Samir\AppData\Local\Temp\SP70781.exe
C:\Users\Samir\AppData\Local\Temp\SP70822.exe
C:\Users\Samir\AppData\Local\Temp\SP71156.exe
C:\Users\Samir\AppData\Local\Temp\SP71729.exe
C:\Users\Samir\AppData\Local\Temp\SP71829.exe
C:\Users\Samir\AppData\Local\Temp\SP71875.exe
C:\Users\Samir\AppData\Local\Temp\SP72853.exe
C:\Users\Samir\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Samir\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\Samir\AppData\Local\Temp\VX1QEYGG7C.exe
C:\Users\Samir\AppData\Local\Temp\ZTIPIEETVS.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-03-26 13:21

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité