Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:17-04-2016 01
Executado por Tais (administrador) em TAIS-PC (17-04-2016 15:55:18)
Executando a partir de C:\Users\Tais\Desktop
Perfis Carregados: Tais (Perfis Disponíveis: Tais)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(LG Electronics Inc.) C:\Program Files\LG Software\LG OSD\HotKey.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Tais\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Tais\AppData\Local\Akamai\netsession_win.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11725928 2010-12-23] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2085160 2010-09-14] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [KeybdUtility] => C:\Program Files\LG Software\LG OSD\HotKey.exe [3558400 2011-01-10] (LG Electronics Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1065080 2016-03-03] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [716224 2016-03-23] (Autodesk, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2333449891-3923601794-2774323526-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [288048 2015-09-27] (BitTorrent, Inc.)
HKU\S-1-5-21-2333449891-3923601794-2774323526-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Tais\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2333449891-3923601794-2774323526-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-2333449891-3923601794-2774323526-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2333449891-3923601794-2774323526-1000\...\MountPoints2: {6fa2b132-f5a8-11e5-97f9-00e0914acf6d} - F:\LG_PC_Programs.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 200.131.80.29 208.67.220.220
Tcpip\..\Interfaces\{CFDDC5CE-CA32-4D35-87DF-87DAF8C057FE}: [DhcpNameServer] 200.131.80.29 208.67.220.220
Tcpip\..\Interfaces\{FB12AB23-53FE-416D-B0E7-809E83C74E96}: [DhcpNameServer] 189.7.152.36 189.7.152.31 201.6.4.116
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2016-02-26] (Qihu 360 Software Co., Ltd.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2016-02-26] (Qihu 360 Software Co., Ltd.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Tais\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Tais\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Tais\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Tais\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Tais\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Tais\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-27]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1231376 2016-03-23] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2015-09-27] (Macrovision Europe Ltd.) [Arquivo não assinado]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [908408 2016-02-26] (QIHU 360 SOFTWARE CO. LIMITED)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [997568 2014-06-29] (@ByELDI) [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137808 2016-02-26] (360.cn)
S3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2016-02-26] (360.cn)
S3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [77904 2016-02-26] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2016-02-26] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-07-09] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [370768 2016-02-26] (360.cn)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [181328 2016-02-26] (360.cn)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-17 15:46 - 2016-04-17 15:49 - 00033760 _____ C:\Users\Tais\Desktop\Addition.txt
2016-04-17 15:45 - 2016-04-17 15:55 - 00013282 _____ C:\Users\Tais\Desktop\FRST.txt
2016-04-17 15:45 - 2016-04-17 15:55 - 00000000 ____D C:\FRST
2016-04-17 15:43 - 2016-04-17 15:44 - 02375680 _____ (Farbar) C:\Users\Tais\Desktop\FRST64.exe
2016-04-17 15:43 - 2016-04-17 15:43 - 01726464 _____ (Farbar) C:\Users\Tais\Downloads\FRST.exe
2016-04-17 04:37 - 2016-04-17 04:37 - 00001531 _____ C:\Users\Public\Desktop\Aplicativo da área de trabalho Autodesk.lnk
2016-04-17 04:28 - 2016-04-17 04:28 - 00002003 _____ C:\Users\Public\Desktop\A360 Desktop.lnk
2016-04-17 04:08 - 2016-04-17 04:08 - 00002075 _____ C:\Users\Public\Desktop\Autodesk ReCap 360.lnk
2016-04-17 03:43 - 2016-04-17 04:37 - 00000000 ____D C:\Program Files (x86)\Autodesk
2016-04-17 03:43 - 2016-04-17 03:43 - 00002100 _____ C:\Users\Public\Desktop\AutoCAD 2017 - Português - Brasil (Brazilian Portuguese).lnk
2016-04-17 03:42 - 2016-04-17 03:42 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-04-17 03:34 - 2016-04-17 04:27 - 00000000 ____D C:\Program Files\Autodesk
2016-04-17 03:34 - 2016-04-17 03:41 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-04-17 00:24 - 2016-04-17 04:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-04-17 00:07 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-04-17 00:07 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-04-17 00:07 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-04-17 00:07 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-04-17 00:07 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-04-17 00:07 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-04-17 00:07 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-04-17 00:07 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-04-17 00:07 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-04-17 00:07 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-04-17 00:07 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-04-17 00:07 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-04-17 00:06 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-04-17 00:06 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-04-17 00:02 - 2016-04-17 00:05 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-04-17 00:02 - 2016-04-17 00:05 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-16 23:31 - 2016-04-16 23:32 - 00000000 ____D C:\Autodesk
2016-04-16 23:30 - 2016-04-16 23:31 - 18685488 _____ C:\Users\Tais\Downloads\AutoCAD_2017_Brazilian_Portuguese_Win_32_64bit_wi_pt-BR_Setup.exe
2016-04-16 23:29 - 2016-04-16 23:29 - 00338360 _____ (Autodesk Inc.) C:\Users\Tais\Downloads\AutoCAD_2017_Brazilian_Portuguese_Win_32_64bit_wi_pt-BR_Setup_webinstall.exe
2016-04-16 23:15 - 2016-04-16 23:22 - 69999448 _____ (Microsoft Corporation) C:\Users\Tais\Downloads\NDP452-KB2901907-x86-x64-AllOS-ENU.exe
2016-04-16 23:07 - 2016-04-16 23:13 - 50449456 _____ (Microsoft Corporation) C:\Users\Tais\Downloads\dotNetFx40_Full_x86_x64.exe
2016-04-16 23:03 - 2016-04-17 04:37 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk
2016-04-16 23:03 - 2016-04-17 04:37 - 00000000 ____D C:\Users\Tais\AppData\Roaming\Autodesk
2016-04-16 23:03 - 2016-04-17 04:37 - 00000000 ____D C:\ProgramData\Autodesk
2016-04-16 18:02 - 2016-04-16 18:02 - 00003156 _____ C:\Windows\System32\Tasks\{DF9F88DA-7067-4755-93CD-5BBED3F6B1F0}
2016-04-16 17:42 - 2016-04-17 04:37 - 00000000 ____D C:\Users\Tais\AppData\Local\Autodesk
2016-04-16 17:39 - 2016-04-16 17:42 - 00000000 ____D C:\Users\Tais\AppData\Local\Akamai
2016-04-16 17:39 - 2016-04-16 17:39 - 00000000 ____D C:\Users\Todos os Usuários\Applications
2016-04-16 17:39 - 2016-04-16 17:39 - 00000000 ____D C:\ProgramData\Applications
2016-04-16 17:37 - 2016-04-16 17:39 - 10697112 _____ (Autodesk, Inc.) C:\Users\Tais\Downloads\AutodeskDownloadManagerSetup.exe
2016-04-15 02:22 - 2016-04-15 02:22 - 00292155 _____ C:\Users\Tais\Downloads\Materiais-e-métodos-v1.pdf
2016-04-15 02:22 - 2016-04-15 02:22 - 00292155 _____ C:\Users\Tais\Downloads\Materiais-e-métodos-v1 (1).pdf
2016-04-14 11:41 - 2016-04-14 11:41 - 00117233 _____ C:\Users\Tais\Downloads\material-e-metodos.pdf
2016-04-13 13:36 - 2016-04-13 13:36 - 00178862 _____ C:\Users\Tais\Downloads\Carta de orientador_Tais Landim.pdf
2016-04-11 03:52 - 2016-04-11 03:52 - 08231120 _____ C:\Users\Tais\Downloads\Seminário-Café-Suelen.pptx
2016-04-05 12:52 - 2016-04-05 12:52 - 00257530 _____ C:\Users\Tais\Desktop\Scan.pdf
2016-04-02 19:27 - 2016-04-02 19:28 - 00000000 ____D C:\Users\Todos os Usuários\HP
2016-04-02 19:27 - 2016-04-02 19:28 - 00000000 ____D C:\ProgramData\HP
2016-04-02 19:27 - 2016-04-02 19:27 - 00002236 _____ C:\Users\Public\Desktop\HP Deskjet 2050 J510 series.lnk
2016-04-02 19:27 - 2016-04-02 19:27 - 00001231 _____ C:\Users\Public\Desktop\HP Deskjet 2050 J510 series Scan.lnk
2016-04-02 19:27 - 2016-04-02 19:27 - 00001194 _____ C:\Users\Public\Desktop\Compre suprimentos - HP Deskjet 2050 J510 series.lnk
2016-04-02 19:27 - 2016-04-02 19:27 - 00000000 ____D C:\Users\Tais\AppData\Roaming\HpUpdate
2016-04-02 19:27 - 2016-04-02 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-04-02 19:27 - 2016-04-02 19:27 - 00000000 ____D C:\Program Files (x86)\HP
2016-04-02 19:26 - 2016-04-02 19:26 - 00000000 ____D C:\Program Files\HP
2016-04-02 19:25 - 2016-04-02 19:30 - 00000000 ____D C:\Users\Tais\AppData\Local\HP
2016-04-02 19:20 - 2016-04-02 19:20 - 00000000 ____D C:\Users\Tais\AppData\Local\ElevatedDiagnostics
2016-03-31 15:48 - 2016-04-08 22:30 - 00000000 ____D C:\Users\Tais\Desktop\Seminario cafe
2016-03-29 13:04 - 2016-03-29 13:04 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2016-03-18 17:04 - 2016-04-08 22:29 - 00000000 ____D C:\Users\Tais\Desktop\Intercambio
2016-03-16 18:20 - 2016-02-26 07:56 - 00077904 _____ (360.cn) C:\Windows\SysWOW64\Drivers\360AvFlt.sys
2016-03-02 19:31 - 2016-03-02 19:31 - 01542109 _____ C:\Users\Tais\Desktop\NORMAS_TCC_ENGENHARIA_AGRONOMIA.pdf
2016-02-19 07:34 - 2016-02-19 07:34 - 02692304 _____ (Autodesk, Inc.) C:\Windows\system32\styleman.cpl
2016-02-19 07:33 - 2016-02-19 07:33 - 02692304 _____ (Autodesk, Inc.) C:\Windows\system32\plotman.cpl
2016-02-19 07:32 - 2016-02-19 07:32 - 00024784 _____ (Autodesk, Inc.) C:\Windows\system32\AcSignExtRes.dll
2016-02-07 01:58 - 2016-02-07 01:58 - 00440800 _____ (Autodesk, Inc.) C:\Windows\system32\AcSignOpt.exe
2016-02-07 01:58 - 2016-02-07 01:58 - 00053216 _____ (Autodesk, Inc.) C:\Windows\system32\AcSignIcon.dll
2016-02-07 01:58 - 2016-02-07 01:58 - 00040928 _____ (Autodesk, Inc.) C:\Windows\system32\AcSignExt.dll
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-17 15:50 - 2015-09-27 18:29 - 00000000 ____D C:\Users\Tais\AppData\LocalLow\360WD
2016-04-17 15:49 - 2015-09-27 15:35 - 00000000 ____D C:\Users\Tais\AppData\Roaming\uTorrent
2016-04-17 15:44 - 2009-07-29 13:08 - 02827690 _____ C:\Windows\system32\prfh0416.dat
2016-04-17 15:44 - 2009-07-29 13:08 - 02178138 _____ C:\Windows\system32\prfc0416.dat
2016-04-17 15:44 - 2009-07-14 02:13 - 00006210 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-17 15:44 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-17 15:44 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-17 15:39 - 2015-09-27 13:55 - 00000000 ____D C:\Program Files\KMSpico
2016-04-17 15:38 - 2015-09-27 10:12 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-17 15:38 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-17 13:13 - 2015-09-27 10:12 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-17 04:39 - 2015-09-27 13:51 - 00143552 _____ C:\Users\Tais\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-17 04:39 - 2009-07-14 01:45 - 00515464 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-17 03:39 - 2009-07-14 02:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-04-16 23:59 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-04-16 19:38 - 2015-09-28 10:39 - 00000000 _RSHD C:\360SANDBOX
2016-04-14 11:42 - 2015-09-27 10:19 - 00000000 ____D C:\Users\Tais\AppData\Roaming\360safe
2016-04-12 12:16 - 2015-09-27 10:13 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-12 12:16 - 2015-09-27 10:13 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-02 19:27 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-03-18 16:46 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
Alguns arquivos em TEMP:
====================
C:\Users\Tais\AppData\Local\Temp\AcDeltree.exe
C:\Users\Tais\AppData\Local\Temp\DLMGuardian.exe
C:\Users\Tais\AppData\Local\Temp\ose00000.exe
C:\Users\Tais\AppData\Local\Temp\ose00002.exe
C:\Users\Tais\AppData\Local\Temp\utt5518.tmp.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
==================== BCD ================================
Gerenciador de Inicializa‡Æo do Windows
--------------------
identificador {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale pt-BR
inherit {globalsettings}
default {current}
resumeobject {62636190-653e-11e5-97e8-9e2ff7658fc0}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Carregador de Inicializa‡Æo do Windows
-------------------
identificador {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale pt-BR
inherit {bootloadersettings}
recoverysequence {62636192-653e-11e5-97e8-9e2ff7658fc0}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {62636190-653e-11e5-97e8-9e2ff7658fc0}
nx OptIn
Carregador de Inicializa‡Æo do Windows
-------------------
identificador {62636192-653e-11e5-97e8-9e2ff7658fc0}
device ramdisk=[C:]\Recovery\62636192-653e-11e5-97e8-9e2ff7658fc0\Winre.wim,{62636193-653e-11e5-97e8-9e2ff7658fc0}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\62636192-653e-11e5-97e8-9e2ff7658fc0\Winre.wim,{62636193-653e-11e5-97e8-9e2ff7658fc0}
systemroot \windows
nx OptIn
winpe Yes
Continuar da Hiberna‡Æo
---------------------
identificador {62636190-653e-11e5-97e8-9e2ff7658fc0}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale pt-BR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Testador de Mem¢ria do Windows
---------------------
identificador {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagn¢stico de Mem¢ria do Windows
locale pt-BR
inherit {globalsettings}
badmemoryaccess Yes
Configura‡äes de EMS
------------
identificador {emssettings}
bootems Yes
Configura‡äes do Depurador
-----------------
identificador {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Defeitos de RAM
-----------
identificador {badmemory}
Configura‡äes Globais
---------------
identificador {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Configura‡äes do Carregador de Inicializa‡Æo
--------------------
identificador {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Configura‡äes do Hypervisor
-------------------
identificador {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Configura‡äes do Carregador de Retorno
----------------------
identificador {resumeloadersettings}
inherit {globalsettings}
Op‡äes de dispositivo
--------------
identificador {62636193-653e-11e5-97e8-9e2ff7658fc0}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\62636192-653e-11e5-97e8-9e2ff7658fc0\boot.sdi
LastRegBack: 2016-04-09 17:53
==================== Fim de FRST.txt ============================
Executado por Tais (administrador) em TAIS-PC (17-04-2016 15:55:18)
Executando a partir de C:\Users\Tais\Desktop
Perfis Carregados: Tais (Perfis Disponíveis: Tais)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(LG Electronics Inc.) C:\Program Files\LG Software\LG OSD\HotKey.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Tais\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Tais\AppData\Local\Akamai\netsession_win.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11725928 2010-12-23] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2085160 2010-09-14] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [KeybdUtility] => C:\Program Files\LG Software\LG OSD\HotKey.exe [3558400 2011-01-10] (LG Electronics Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1065080 2016-03-03] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [716224 2016-03-23] (Autodesk, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2333449891-3923601794-2774323526-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [288048 2015-09-27] (BitTorrent, Inc.)
HKU\S-1-5-21-2333449891-3923601794-2774323526-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Tais\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2333449891-3923601794-2774323526-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-2333449891-3923601794-2774323526-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2333449891-3923601794-2774323526-1000\...\MountPoints2: {6fa2b132-f5a8-11e5-97f9-00e0914acf6d} - F:\LG_PC_Programs.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 200.131.80.29 208.67.220.220
Tcpip\..\Interfaces\{CFDDC5CE-CA32-4D35-87DF-87DAF8C057FE}: [DhcpNameServer] 200.131.80.29 208.67.220.220
Tcpip\..\Interfaces\{FB12AB23-53FE-416D-B0E7-809E83C74E96}: [DhcpNameServer] 189.7.152.36 189.7.152.31 201.6.4.116
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2016-02-26] (Qihu 360 Software Co., Ltd.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2016-02-26] (Qihu 360 Software Co., Ltd.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Tais\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Tais\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Tais\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Tais\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Tais\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Tais\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-27]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1231376 2016-03-23] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2015-09-27] (Macrovision Europe Ltd.) [Arquivo não assinado]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [908408 2016-02-26] (QIHU 360 SOFTWARE CO. LIMITED)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [997568 2014-06-29] (@ByELDI) [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137808 2016-02-26] (360.cn)
S3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2016-02-26] (360.cn)
S3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [77904 2016-02-26] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2016-02-26] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-07-09] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [370768 2016-02-26] (360.cn)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [181328 2016-02-26] (360.cn)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-17 15:46 - 2016-04-17 15:49 - 00033760 _____ C:\Users\Tais\Desktop\Addition.txt
2016-04-17 15:45 - 2016-04-17 15:55 - 00013282 _____ C:\Users\Tais\Desktop\FRST.txt
2016-04-17 15:45 - 2016-04-17 15:55 - 00000000 ____D C:\FRST
2016-04-17 15:43 - 2016-04-17 15:44 - 02375680 _____ (Farbar) C:\Users\Tais\Desktop\FRST64.exe
2016-04-17 15:43 - 2016-04-17 15:43 - 01726464 _____ (Farbar) C:\Users\Tais\Downloads\FRST.exe
2016-04-17 04:37 - 2016-04-17 04:37 - 00001531 _____ C:\Users\Public\Desktop\Aplicativo da área de trabalho Autodesk.lnk
2016-04-17 04:28 - 2016-04-17 04:28 - 00002003 _____ C:\Users\Public\Desktop\A360 Desktop.lnk
2016-04-17 04:08 - 2016-04-17 04:08 - 00002075 _____ C:\Users\Public\Desktop\Autodesk ReCap 360.lnk
2016-04-17 03:43 - 2016-04-17 04:37 - 00000000 ____D C:\Program Files (x86)\Autodesk
2016-04-17 03:43 - 2016-04-17 03:43 - 00002100 _____ C:\Users\Public\Desktop\AutoCAD 2017 - Português - Brasil (Brazilian Portuguese).lnk
2016-04-17 03:42 - 2016-04-17 03:42 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-04-17 03:34 - 2016-04-17 04:27 - 00000000 ____D C:\Program Files\Autodesk
2016-04-17 03:34 - 2016-04-17 03:41 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-04-17 00:24 - 2016-04-17 04:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-04-17 00:07 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-04-17 00:07 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-04-17 00:07 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-04-17 00:07 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-04-17 00:07 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-04-17 00:07 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-04-17 00:07 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-04-17 00:07 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-04-17 00:07 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-04-17 00:07 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-04-17 00:07 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-04-17 00:07 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-04-17 00:07 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-04-17 00:06 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-04-17 00:06 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-04-17 00:02 - 2016-04-17 00:05 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-04-17 00:02 - 2016-04-17 00:05 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-16 23:31 - 2016-04-16 23:32 - 00000000 ____D C:\Autodesk
2016-04-16 23:30 - 2016-04-16 23:31 - 18685488 _____ C:\Users\Tais\Downloads\AutoCAD_2017_Brazilian_Portuguese_Win_32_64bit_wi_pt-BR_Setup.exe
2016-04-16 23:29 - 2016-04-16 23:29 - 00338360 _____ (Autodesk Inc.) C:\Users\Tais\Downloads\AutoCAD_2017_Brazilian_Portuguese_Win_32_64bit_wi_pt-BR_Setup_webinstall.exe
2016-04-16 23:15 - 2016-04-16 23:22 - 69999448 _____ (Microsoft Corporation) C:\Users\Tais\Downloads\NDP452-KB2901907-x86-x64-AllOS-ENU.exe
2016-04-16 23:07 - 2016-04-16 23:13 - 50449456 _____ (Microsoft Corporation) C:\Users\Tais\Downloads\dotNetFx40_Full_x86_x64.exe
2016-04-16 23:03 - 2016-04-17 04:37 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk
2016-04-16 23:03 - 2016-04-17 04:37 - 00000000 ____D C:\Users\Tais\AppData\Roaming\Autodesk
2016-04-16 23:03 - 2016-04-17 04:37 - 00000000 ____D C:\ProgramData\Autodesk
2016-04-16 18:02 - 2016-04-16 18:02 - 00003156 _____ C:\Windows\System32\Tasks\{DF9F88DA-7067-4755-93CD-5BBED3F6B1F0}
2016-04-16 17:42 - 2016-04-17 04:37 - 00000000 ____D C:\Users\Tais\AppData\Local\Autodesk
2016-04-16 17:39 - 2016-04-16 17:42 - 00000000 ____D C:\Users\Tais\AppData\Local\Akamai
2016-04-16 17:39 - 2016-04-16 17:39 - 00000000 ____D C:\Users\Todos os Usuários\Applications
2016-04-16 17:39 - 2016-04-16 17:39 - 00000000 ____D C:\ProgramData\Applications
2016-04-16 17:37 - 2016-04-16 17:39 - 10697112 _____ (Autodesk, Inc.) C:\Users\Tais\Downloads\AutodeskDownloadManagerSetup.exe
2016-04-15 02:22 - 2016-04-15 02:22 - 00292155 _____ C:\Users\Tais\Downloads\Materiais-e-métodos-v1.pdf
2016-04-15 02:22 - 2016-04-15 02:22 - 00292155 _____ C:\Users\Tais\Downloads\Materiais-e-métodos-v1 (1).pdf
2016-04-14 11:41 - 2016-04-14 11:41 - 00117233 _____ C:\Users\Tais\Downloads\material-e-metodos.pdf
2016-04-13 13:36 - 2016-04-13 13:36 - 00178862 _____ C:\Users\Tais\Downloads\Carta de orientador_Tais Landim.pdf
2016-04-11 03:52 - 2016-04-11 03:52 - 08231120 _____ C:\Users\Tais\Downloads\Seminário-Café-Suelen.pptx
2016-04-05 12:52 - 2016-04-05 12:52 - 00257530 _____ C:\Users\Tais\Desktop\Scan.pdf
2016-04-02 19:27 - 2016-04-02 19:28 - 00000000 ____D C:\Users\Todos os Usuários\HP
2016-04-02 19:27 - 2016-04-02 19:28 - 00000000 ____D C:\ProgramData\HP
2016-04-02 19:27 - 2016-04-02 19:27 - 00002236 _____ C:\Users\Public\Desktop\HP Deskjet 2050 J510 series.lnk
2016-04-02 19:27 - 2016-04-02 19:27 - 00001231 _____ C:\Users\Public\Desktop\HP Deskjet 2050 J510 series Scan.lnk
2016-04-02 19:27 - 2016-04-02 19:27 - 00001194 _____ C:\Users\Public\Desktop\Compre suprimentos - HP Deskjet 2050 J510 series.lnk
2016-04-02 19:27 - 2016-04-02 19:27 - 00000000 ____D C:\Users\Tais\AppData\Roaming\HpUpdate
2016-04-02 19:27 - 2016-04-02 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-04-02 19:27 - 2016-04-02 19:27 - 00000000 ____D C:\Program Files (x86)\HP
2016-04-02 19:26 - 2016-04-02 19:26 - 00000000 ____D C:\Program Files\HP
2016-04-02 19:25 - 2016-04-02 19:30 - 00000000 ____D C:\Users\Tais\AppData\Local\HP
2016-04-02 19:20 - 2016-04-02 19:20 - 00000000 ____D C:\Users\Tais\AppData\Local\ElevatedDiagnostics
2016-03-31 15:48 - 2016-04-08 22:30 - 00000000 ____D C:\Users\Tais\Desktop\Seminario cafe
2016-03-29 13:04 - 2016-03-29 13:04 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2016-03-18 17:04 - 2016-04-08 22:29 - 00000000 ____D C:\Users\Tais\Desktop\Intercambio
2016-03-16 18:20 - 2016-02-26 07:56 - 00077904 _____ (360.cn) C:\Windows\SysWOW64\Drivers\360AvFlt.sys
2016-03-02 19:31 - 2016-03-02 19:31 - 01542109 _____ C:\Users\Tais\Desktop\NORMAS_TCC_ENGENHARIA_AGRONOMIA.pdf
2016-02-19 07:34 - 2016-02-19 07:34 - 02692304 _____ (Autodesk, Inc.) C:\Windows\system32\styleman.cpl
2016-02-19 07:33 - 2016-02-19 07:33 - 02692304 _____ (Autodesk, Inc.) C:\Windows\system32\plotman.cpl
2016-02-19 07:32 - 2016-02-19 07:32 - 00024784 _____ (Autodesk, Inc.) C:\Windows\system32\AcSignExtRes.dll
2016-02-07 01:58 - 2016-02-07 01:58 - 00440800 _____ (Autodesk, Inc.) C:\Windows\system32\AcSignOpt.exe
2016-02-07 01:58 - 2016-02-07 01:58 - 00053216 _____ (Autodesk, Inc.) C:\Windows\system32\AcSignIcon.dll
2016-02-07 01:58 - 2016-02-07 01:58 - 00040928 _____ (Autodesk, Inc.) C:\Windows\system32\AcSignExt.dll
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-04-17 15:50 - 2015-09-27 18:29 - 00000000 ____D C:\Users\Tais\AppData\LocalLow\360WD
2016-04-17 15:49 - 2015-09-27 15:35 - 00000000 ____D C:\Users\Tais\AppData\Roaming\uTorrent
2016-04-17 15:44 - 2009-07-29 13:08 - 02827690 _____ C:\Windows\system32\prfh0416.dat
2016-04-17 15:44 - 2009-07-29 13:08 - 02178138 _____ C:\Windows\system32\prfc0416.dat
2016-04-17 15:44 - 2009-07-14 02:13 - 00006210 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-17 15:44 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-17 15:44 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-17 15:39 - 2015-09-27 13:55 - 00000000 ____D C:\Program Files\KMSpico
2016-04-17 15:38 - 2015-09-27 10:12 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-17 15:38 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-17 13:13 - 2015-09-27 10:12 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-17 04:39 - 2015-09-27 13:51 - 00143552 _____ C:\Users\Tais\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-17 04:39 - 2009-07-14 01:45 - 00515464 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-17 03:39 - 2009-07-14 02:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-04-16 23:59 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-04-16 19:38 - 2015-09-28 10:39 - 00000000 _RSHD C:\360SANDBOX
2016-04-14 11:42 - 2015-09-27 10:19 - 00000000 ____D C:\Users\Tais\AppData\Roaming\360safe
2016-04-12 12:16 - 2015-09-27 10:13 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-12 12:16 - 2015-09-27 10:13 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-02 19:27 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-03-18 16:46 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
Alguns arquivos em TEMP:
====================
C:\Users\Tais\AppData\Local\Temp\AcDeltree.exe
C:\Users\Tais\AppData\Local\Temp\DLMGuardian.exe
C:\Users\Tais\AppData\Local\Temp\ose00000.exe
C:\Users\Tais\AppData\Local\Temp\ose00002.exe
C:\Users\Tais\AppData\Local\Temp\utt5518.tmp.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
==================== BCD ================================
Gerenciador de Inicializa‡Æo do Windows
--------------------
identificador {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale pt-BR
inherit {globalsettings}
default {current}
resumeobject {62636190-653e-11e5-97e8-9e2ff7658fc0}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Carregador de Inicializa‡Æo do Windows
-------------------
identificador {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale pt-BR
inherit {bootloadersettings}
recoverysequence {62636192-653e-11e5-97e8-9e2ff7658fc0}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {62636190-653e-11e5-97e8-9e2ff7658fc0}
nx OptIn
Carregador de Inicializa‡Æo do Windows
-------------------
identificador {62636192-653e-11e5-97e8-9e2ff7658fc0}
device ramdisk=[C:]\Recovery\62636192-653e-11e5-97e8-9e2ff7658fc0\Winre.wim,{62636193-653e-11e5-97e8-9e2ff7658fc0}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\62636192-653e-11e5-97e8-9e2ff7658fc0\Winre.wim,{62636193-653e-11e5-97e8-9e2ff7658fc0}
systemroot \windows
nx OptIn
winpe Yes
Continuar da Hiberna‡Æo
---------------------
identificador {62636190-653e-11e5-97e8-9e2ff7658fc0}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale pt-BR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Testador de Mem¢ria do Windows
---------------------
identificador {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagn¢stico de Mem¢ria do Windows
locale pt-BR
inherit {globalsettings}
badmemoryaccess Yes
Configura‡äes de EMS
------------
identificador {emssettings}
bootems Yes
Configura‡äes do Depurador
-----------------
identificador {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Defeitos de RAM
-----------
identificador {badmemory}
Configura‡äes Globais
---------------
identificador {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Configura‡äes do Carregador de Inicializa‡Æo
--------------------
identificador {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Configura‡äes do Hypervisor
-------------------
identificador {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Configura‡äes do Carregador de Retorno
----------------------
identificador {resumeloadersettings}
inherit {globalsettings}
Op‡äes de dispositivo
--------------
identificador {62636193-653e-11e5-97e8-9e2ff7658fc0}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\62636192-653e-11e5-97e8-9e2ff7658fc0\boot.sdi
LastRegBack: 2016-04-09 17:53
==================== Fim de FRST.txt ============================