cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 28-06-2016
Executado por Fabio (administrador) em FABIOBOOK (29-06-2016 03:35:07)
Executando a partir de C:\Users\Fabio\Downloads
Perfis Carregados: Fabio (Perfis Disponíveis: Fabio)
Platform: Windows 8.1 Pro (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avpui.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16384_none_fa1dc1539b4180d8\TiWorker.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804360 2016-04-21] (NVIDIA Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [911576 2013-10-30] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [1058864 2016-05-11] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [326856 2012-06-04] (IVT Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3230883523-2262136252-2319893966-1001\...\MountPoints2: {5ac63264-38a7-11e6-824b-806e6f6e6963} - "F:\setup.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [186136 2016-04-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164696 2016-04-21] (NVIDIA Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1896160 2015-09-22] (Banco Itaú Unibanco)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 201.6.2.174 201.6.2.69
Tcpip\..\Interfaces\{5EE9BAFD-E096-49F7-9426-15828A87883E}: [DhcpNameServer] 201.6.2.174 201.6.2.69

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-05] (AO Kaspersky Lab)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2015-09-22] (Banco Itaú Unibanco)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-12-05] (AO Kaspersky Lab)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-05] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-12-05] (AO Kaspersky Lab)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll [2012-06-04] (Skype Technologies)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-23] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Proteção Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox [2016-06-29]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR Profile: C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-23]
CHR Extension: (Flash Video Downloader) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-06-29]
CHR Extension: (Google Docs) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-23]
CHR Extension: (Google Drive) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-23]
CHR Extension: (YouTube) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-23]
CHR Extension: (Kaspersky Protection) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-06-29]
CHR Extension: (Planilhas do Google) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-23]
CHR Extension: (Documentos Google off-line) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-23]
CHR Extension: (Video Ad Blocker Plus) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\hegneaniplmfjcmohoclabblbahcbjoe [2016-06-29]
CHR Extension: (GBBD Guardião - Itaú 30 horas) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmpojlddncminmkddkpoegdjhojjipg [2016-06-23]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-23]
CHR Extension: (Gmail) - C:\Users\Fabio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-23]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKU\S-1-5-21-3230883523-2262136252-2319893966-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [194000 2015-12-05] (Kaspersky Lab ZAO)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1207520 2012-06-04] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [143968 2012-06-04] (IVT Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [740544 2015-10-31] (@ByELDI) [Arquivo não assinado]
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1058864 2016-05-11] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2015-08-17] (ASUS Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34880 2011-08-12] (Ralink Corporation.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23104 2011-08-12] (Ralink Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [51776 2012-04-02] (Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48320 2012-03-05] (Ralink Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-06-29] (GAS Tecnologia)
R0 gbpddreg; C:\Windows\System32\drivers\gbpddreg64.sys [29816 2016-06-29] (GAS Tecnologia)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-06-29] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-12-05] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [238000 2016-06-29] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [933808 2016-06-29] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [49240 2016-06-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-05] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-06-29] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [675424 2012-06-01] (Ralink Technology, Corp.)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-12-04] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-07-07] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-06-29] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34880 2011-08-12] (Ralink Corporation.)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-29 03:34 - 2016-06-29 03:34 - 00021324 _____ C:\Users\Fabio\Downloads\Addition.txt
2016-06-29 03:33 - 2016-06-29 03:35 - 00017928 _____ C:\Users\Fabio\Downloads\FRST.txt
2016-06-29 03:33 - 2016-06-29 03:35 - 00000000 ____D C:\FRST
2016-06-29 03:32 - 2016-06-29 03:32 - 02389504 _____ (Farbar) C:\Users\Fabio\Downloads\FRST64.exe
2016-06-29 03:30 - 2016-06-29 03:30 - 01005170 _____ C:\Users\Fabio\Downloads\Windows8.1-KB2999226-x64.msu
2016-06-29 03:28 - 2016-06-29 03:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2016-06-29 03:25 - 2016-06-29 03:25 - 00002886 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-06-29 03:25 - 2016-06-29 03:25 - 00002881 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-06-29 03:25 - 2016-06-29 03:25 - 00002833 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-06-29 03:25 - 2016-06-29 03:25 - 00002809 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-06-29 03:25 - 2016-06-29 03:25 - 00002807 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-06-29 03:25 - 2016-06-29 03:25 - 00002793 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-06-29 03:24 - 2016-06-29 03:25 - 00002953 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-06-29 03:24 - 2016-06-29 03:25 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2016-06-29 03:24 - 2016-06-29 03:24 - 00002943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-06-29 03:24 - 2016-06-29 03:24 - 00002841 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-06-29 03:23 - 2016-06-29 03:23 - 00000000 ____D C:\Windows\PCHEALTH
2016-06-29 03:23 - 2016-06-29 03:23 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-06-29 03:23 - 2016-06-29 03:23 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-06-29 03:23 - 2016-06-29 03:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-29 03:23 - 2016-06-29 03:23 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-06-29 03:20 - 2016-06-29 03:20 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-06-29 03:20 - 2016-06-29 03:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-06-29 03:19 - 2016-06-29 03:19 - 00000000 __RHD C:\MSOCache
2016-06-29 03:19 - 2016-06-29 03:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-29 03:00 - 2016-06-29 03:01 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-06-29 03:00 - 2016-06-29 03:00 - 00001024 _____ C:\.rnd
2016-06-29 03:00 - 2016-06-29 03:00 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2016-06-29 03:00 - 2016-06-29 03:00 - 00000000 ___HD C:\Program Files (x86)\Diebold
2016-06-29 03:00 - 2016-06-29 03:00 - 00000000 ____D C:\Program Files\Diebold
2016-06-29 03:00 - 2015-03-18 10:23 - 00103640 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys
2016-06-29 02:59 - 2016-06-29 02:59 - 00029816 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddreg64.sys
2016-06-29 02:59 - 2016-06-29 02:59 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2016-06-29 02:59 - 2016-06-29 02:59 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-06-29 02:59 - 2016-06-29 02:59 - 00000000 ____D C:\Users\Todos os Usuários\gbas
2016-06-29 02:59 - 2016-06-29 02:59 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
2016-06-29 02:59 - 2016-06-29 02:59 - 00000000 ____D C:\Users\Fabio\AppData\Local\CEF
2016-06-29 02:59 - 2016-06-29 02:59 - 00000000 ____D C:\ProgramData\GbPlugin
2016-06-29 02:59 - 2016-06-29 02:59 - 00000000 ____D C:\ProgramData\gbas
2016-06-29 02:59 - 2016-06-29 02:59 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2016-06-29 02:59 - 2016-06-29 02:59 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-06-29 02:58 - 2016-06-29 02:58 - 03564280 _____ (Banco Itaú) C:\Users\Fabio\Downloads\DiagnosticoItau.exe
2016-06-29 02:58 - 2016-06-29 02:58 - 00002179 _____ C:\Users\Fabio\Desktop\Itaú.lnk
2016-06-29 02:58 - 2016-06-29 02:58 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú
2016-06-29 02:58 - 2016-06-29 02:58 - 00000000 ____D C:\Users\Fabio\AppData\Local\Aplicativo Itau
2016-06-29 02:52 - 2016-06-29 02:52 - 00002277 _____ C:\Users\Fabio\Desktop\Google Chrome.lnk
2016-06-29 02:22 - 2016-06-29 02:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2016-06-29 02:17 - 2016-06-29 02:31 - 00000000 ____D C:\Users\Todos os Usuários\USBChargerPlus
2016-06-29 02:17 - 2016-06-29 02:31 - 00000000 ____D C:\ProgramData\USBChargerPlus
2016-06-29 02:16 - 2016-06-29 02:31 - 00000000 ____D C:\Users\Todos os Usuários\ASUS Smart Gesture
2016-06-29 02:16 - 2016-06-29 02:31 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-06-29 02:13 - 2016-06-29 02:13 - 00000000 ____D C:\Users\Public\Documents\Conexant
2016-06-29 02:13 - 2016-06-29 02:13 - 00000000 ____D C:\Users\Fabio\AppData\Local\Conexant
2016-06-29 02:12 - 2016-06-29 02:13 - 00000000 ____D C:\Program Files\CONEXANT
2016-06-29 02:12 - 2016-06-29 02:12 - 00002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2016-06-29 02:12 - 2013-10-03 10:01 - 00191902 _____ C:\Windows\system32\MA4Preset.mps
2016-06-29 02:11 - 2016-06-29 02:12 - 00000000 ____D C:\Users\Todos os Usuários\Conexant
2016-06-29 02:11 - 2016-06-29 02:12 - 00000000 ____D C:\ProgramData\Conexant
2016-06-29 02:11 - 2016-06-29 02:11 - 00003028 _____ C:\Windows\System32\Tasks\ASUS USB Charger Plus
2016-06-29 02:11 - 2016-06-29 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-06-29 02:11 - 2013-10-30 13:37 - 00046814 _____ C:\Windows\system32\Drivers\miceq.ini
2016-06-29 02:11 - 2013-10-25 11:38 - 00429568 _____ (Conexant Systems, Inc.) C:\Windows\system32\ASpkExt64.dll
2016-06-29 02:11 - 2013-10-23 13:40 - 02857688 _____ (Conexant Systems, Inc.) C:\Windows\system32\UCI64A49.dll
2016-06-29 02:11 - 2013-10-17 22:47 - 01387200 _____ (Conexant Systems Inc.) C:\Windows\system32\Drivers\CHDRT64.sys
2016-06-29 02:11 - 2013-10-17 02:34 - 00001390 _____ C:\Windows\system32\Drivers\orverbs.ini
2016-06-29 02:11 - 2013-10-03 07:15 - 00060287 _____ C:\Windows\system32\Drivers\softeq.ini
2016-06-29 02:11 - 2013-10-01 10:53 - 00002717 _____ C:\Windows\system32\Drivers\fxmisc.ini
2016-06-29 02:11 - 2013-09-03 03:16 - 00936640 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64BP06.dll
2016-06-29 02:11 - 2013-08-13 10:35 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2016-06-29 02:11 - 2013-07-22 09:39 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-06-29 02:11 - 2012-06-28 07:04 - 00050848 _____ (Conexant Systems Inc.) C:\Windows\system32\CxPageMaster64.dll
2016-06-29 02:11 - 2012-03-05 07:20 - 00032896 _____ (Conexant Systems, Inc.) C:\Windows\system32\CXHDMI64.dll
2016-06-29 02:11 - 2011-07-04 08:32 - 00100480 _____ (Conexant Systems, Inc.) C:\Windows\system32\FMPropPageExt64.dll
2016-06-29 02:11 - 2011-01-17 04:35 - 00030893 _____ C:\Windows\system32\Drivers\Mixer.ini
2016-06-29 02:11 - 2010-10-27 05:27 - 00001816 _____ C:\Windows\system32\Drivers\altmixer.ini
2016-06-29 02:10 - 2013-08-21 15:16 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2016-06-29 02:09 - 2016-06-29 02:11 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-06-29 02:09 - 2016-06-29 02:09 - 00003538 _____ C:\Windows\System32\Tasks\ASUS Smart Gesture Launcher
2016-06-29 02:09 - 2016-06-29 02:09 - 00000000 ____D C:\Program Files\DIFX
2016-06-29 01:59 - 2016-06-29 01:59 - 00022200 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2016-06-29 01:59 - 2016-06-29 01:59 - 00000000 ____D C:\Users\Fabio\AppData\Local\eSupport.com
2016-06-29 01:52 - 2016-06-29 02:31 - 00000000 ___RD C:\Users\Fabio\SkyDrive
2016-06-29 01:51 - 2016-06-29 01:51 - 00325768 _____ C:\Windows\Minidump\062916-20328-01.dmp
2016-06-29 01:48 - 2016-06-29 01:51 - 00000000 ____D C:\Windows\Minidump
2016-06-29 01:48 - 2016-06-29 01:50 - 416054829 _____ C:\Windows\MEMORY.DMP
2016-06-29 01:48 - 2016-06-29 01:48 - 00330528 _____ C:\Windows\Minidump\062916-21000-01.dmp
2016-06-29 01:47 - 2016-06-29 01:50 - 00020288 _____ C:\Windows\BS_DEF.sys
2016-06-29 01:47 - 2007-03-02 15:19 - 00172032 ____N C:\Windows\BS_DEF.DLL
2016-06-29 01:47 - 2007-01-18 17:15 - 00057344 ____N C:\Windows\BIOSINFO.DLL
2016-06-29 01:47 - 2006-11-01 11:52 - 00053248 ____N C:\Windows\ASUSBIOS.DLL
2016-06-29 01:30 - 2016-06-29 01:30 - 00000000 ____D C:\Users\Fabio\Documents\Bluetooth
2016-06-29 01:30 - 2016-06-29 01:30 - 00000000 ____D C:\Users\Fabio\AppData\Local\bluesoleil
2016-06-29 01:29 - 2016-06-29 02:31 - 00004268 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2016-06-29 01:29 - 2016-06-29 02:15 - 00000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2016-06-29 01:28 - 2016-06-29 01:28 - 00002241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Locais Bluetooth.lnk
2016-06-29 01:28 - 2016-06-29 01:28 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_BtL2caScoIf_01009.Wdf
2016-06-29 01:27 - 2016-06-29 01:28 - 00000032 _____ C:\Windows\0
2016-06-29 01:27 - 2016-06-29 01:27 - 00000000 ____D C:\Program Files (x86)\Ralink Corporation
2016-06-29 01:27 - 2016-06-29 01:27 - 00000000 _____ C:\Windows\system32\0
2016-06-29 01:16 - 2016-06-29 01:16 - 00000000 ____D C:\Program Files (x86)\FinalWire
2016-06-29 01:06 - 2013-10-23 08:29 - 00044936 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2016-06-29 00:56 - 2016-06-29 00:56 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\MPC-HC
2016-06-29 00:54 - 2016-06-29 00:54 - 00003570 _____ C:\Windows\System32\Tasks\klcp_update
2016-06-29 00:54 - 2016-06-29 00:54 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\Mozilla
2016-06-29 00:53 - 2016-06-29 00:53 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2016-06-29 00:53 - 2016-05-08 06:27 - 03613696 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2016-06-29 00:53 - 2016-05-08 06:19 - 03642880 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2016-06-29 00:53 - 2015-12-18 06:00 - 00755200 _____ C:\Windows\system32\xvidcore.dll
2016-06-29 00:53 - 2015-12-18 06:00 - 00674816 _____ C:\Windows\SysWOW64\xvidcore.dll
2016-06-29 00:53 - 2015-12-18 06:00 - 00309248 _____ C:\Windows\system32\xvidvfw.dll
2016-06-29 00:53 - 2015-12-18 06:00 - 00282112 _____ C:\Windows\SysWOW64\xvidvfw.dll
2016-06-29 00:53 - 2015-10-24 13:00 - 00112128 _____ C:\Windows\SysWOW64\ff_vfw.dll
2016-06-29 00:53 - 2012-07-21 07:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2016-06-29 00:53 - 2012-07-21 07:54 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2016-06-29 00:53 - 2011-12-07 14:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2016-06-29 00:53 - 2011-12-07 14:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2016-06-29 00:41 - 2016-06-29 01:07 - 00000000 ____D C:\Windows\SysWOW64\NV
2016-06-29 00:41 - 2016-06-29 01:07 - 00000000 ____D C:\Windows\system32\NV
2016-06-29 00:41 - 2016-06-29 00:41 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-06-29 00:41 - 2016-06-29 00:41 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-29 00:37 - 2016-06-29 00:37 - 00000000 ____D C:\Users\Fabio\AppData\Local\NVIDIA
2016-06-29 00:28 - 2016-06-29 00:28 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\WinRAR
2016-06-29 00:25 - 2016-06-29 00:28 - 00000000 ____D C:\Program Files\WinRAR
2016-06-29 00:25 - 2016-06-29 00:25 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-29 00:25 - 2016-06-29 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-29 00:21 - 2016-06-29 00:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-06-29 00:20 - 2016-02-15 04:26 - 06365632 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-06-29 00:20 - 2016-02-15 04:26 - 02991672 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-06-29 00:20 - 2016-02-15 04:26 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-06-29 00:20 - 2016-02-15 04:26 - 00947256 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-06-29 00:20 - 2016-02-15 04:26 - 00532024 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-06-29 00:20 - 2016-02-15 04:26 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-06-29 00:20 - 2016-02-15 04:26 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-06-29 00:20 - 2016-02-15 04:26 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-06-29 00:20 - 2016-02-11 12:14 - 06172297 _____ C:\Windows\system32\nvcoproc.bin
2016-06-29 00:19 - 2016-06-29 00:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-29 00:19 - 2016-06-29 00:21 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-06-29 00:19 - 2016-06-29 00:19 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
2016-06-29 00:19 - 2016-06-29 00:19 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-29 00:09 - 2016-06-29 02:10 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-29 00:09 - 2016-06-29 00:09 - 00000000 ____D C:\Program Files\Intel
2016-06-29 00:09 - 2016-06-29 00:09 - 00000000 ____D C:\Intel
2016-06-29 00:09 - 2013-10-01 13:02 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2016-06-29 00:09 - 2013-10-01 13:02 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2016-06-23 18:15 - 2016-06-29 03:25 - 00000000 ____D C:\Users\Todos os Usuários\Kaspersky Lab
2016-06-23 18:15 - 2016-06-29 03:25 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-06-23 18:15 - 2016-06-23 18:15 - 00002141 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2016-06-23 18:15 - 2016-06-23 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2016-06-23 18:15 - 2016-06-23 18:15 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-06-23 18:15 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2016-06-23 18:14 - 2016-06-29 01:23 - 00933808 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-06-23 18:14 - 2015-12-05 08:11 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2016-06-23 15:48 - 2016-06-23 15:48 - 00002289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-23 15:39 - 2016-06-29 02:50 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-23 15:39 - 2016-06-29 02:31 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-23 15:39 - 2016-06-29 01:15 - 00000000 ____D C:\Users\Fabio\AppData\Local\Google
2016-06-23 15:39 - 2016-06-23 16:45 - 00004068 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-23 15:39 - 2016-06-23 16:45 - 00003832 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-06-23 15:39 - 2016-06-23 15:48 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-22 20:08 - 2016-06-22 20:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-06-22 17:21 - 2016-06-29 02:31 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2016-06-22 17:21 - 2016-06-23 14:25 - 00000000 ____D C:\Windows\AutoKMS
2016-06-22 17:20 - 2016-06-22 17:20 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Toolkit
2016-06-22 17:20 - 2016-06-22 17:20 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2016-06-22 16:55 - 2016-06-29 03:28 - 00003364 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2016-06-22 16:55 - 2016-06-29 03:28 - 00000000 ____D C:\Program Files\KMSpico
2016-06-22 16:55 - 2016-06-22 16:55 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2016-06-22 16:55 - 2016-06-22 16:55 - 00003584 _____ C:\Windows\SECOH-QAD.dll
2016-06-22 16:55 - 2010-12-05 23:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2016-06-22 16:51 - 2016-06-22 16:51 - 00000662 _____ C:\Users\Fabio\Desktop\Universo HF.lnk
2016-06-22 16:48 - 2016-06-29 03:25 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-06-22 16:48 - 2016-06-29 03:23 - 00000000 ____D C:\Program Files\Microsoft Office
2016-06-22 16:48 - 2016-06-22 16:48 - 00000000 ____D C:\Users\Fabio\AppData\Local\Microsoft Help
2016-06-22 16:20 - 2013-10-14 13:31 - 00001310 _____ C:\Windows\SPP-restore.bat
2016-06-22 16:03 - 2016-06-22 16:03 - 00000456 _____ C:\Users\Fabio\Desktop\Meu computador.lnk
2016-06-22 16:00 - 2016-06-29 03:30 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3230883523-2262136252-2319893966-1001
2016-06-22 15:58 - 2016-06-29 03:25 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7754ACE9-0762-4CBA-B510-985A0F8CF2C6}
2016-06-22 15:57 - 2016-06-29 01:52 - 00000000 ___RD C:\Users\Fabio\SkyDrive.old
2016-06-22 15:54 - 2016-06-22 15:54 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-22 15:53 - 2016-06-29 03:34 - 00000000 ____D C:\Users\Fabio\AppData\Local\Packages
2016-06-22 15:53 - 2016-06-22 15:55 - 00000000 ____D C:\Users\Fabio\AppData\Local\PackageStaging
2016-06-22 15:53 - 2016-06-22 15:53 - 00000000 ____D C:\Users\Fabio\AppData\Roaming\Adobe
2016-06-22 15:53 - 2016-06-22 15:53 - 00000000 ____D C:\Users\Fabio\AppData\Local\VirtualStore
2016-06-22 15:52 - 2016-06-29 01:52 - 00000000 ____D C:\Users\Fabio
2016-06-22 15:52 - 2016-06-22 15:52 - 00000020 ___SH C:\Users\Fabio\ntuser.ini
2016-06-22 15:52 - 2016-06-22 15:52 - 00000000 _SHDL C:\Users\Fabio\Modelos
2016-06-22 15:52 - 2016-06-22 15:52 - 00000000 _SHDL C:\Users\Fabio\Meus Documentos
2016-06-22 15:52 - 2016-06-22 15:52 - 00000000 _SHDL C:\Users\Fabio\Menu Iniciar
2016-06-22 15:52 - 2016-06-22 15:52 - 00000000 _SHDL C:\Users\Fabio\Documents\Minhas Músicas
2016-06-22 15:52 - 2016-06-22 15:52 - 00000000 _SHDL C:\Users\Fabio\Documents\Minhas Imagens
2016-06-22 15:52 - 2016-06-22 15:52 - 00000000 _SHDL C:\Users\Fabio\Documents\Meus Vídeos
2016-06-22 15:52 - 2016-06-22 15:52 - 00000000 _SHDL C:\Users\Fabio\Dados de Aplicativos
2016-06-22 15:52 - 2016-06-22 15:52 - 00000000 _SHDL C:\Users\Fabio\Configurações Locais
2016-06-22 15:52 - 2016-06-22 15:52 - 00000000 _SHDL C:\Users\Fabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-22 15:52 - 2016-06-22 15:52 - 00000000 _SHDL C:\Users\Fabio\AppData\Local\Histórico
2016-06-22 15:52 - 2016-06-22 15:52 - 00000000 _SHDL C:\Users\Fabio\AppData\Local\Dados de Aplicativos
2016-06-22 15:52 - 2016-06-22 15:52 - 00000000 _SHDL C:\Users\Fabio\Ambiente de Rede
2016-06-22 15:52 - 2016-06-22 15:52 - 00000000 _SHDL C:\Users\Fabio\Ambiente de Impressão
2016-06-22 15:49 - 2016-06-29 02:20 - 01707228 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-22 15:46 - 2016-06-22 15:46 - 00000000 ____D C:\Windows\CSC
2016-06-22 15:46 - 2013-08-22 02:17 - 02407936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Músicas
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Imagens
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus Vídeos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de Aplicativos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Usuário Padrão
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de Aplicativos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Todos os Usuários
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Public\Documents\Minhas Músicas
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Public\Documents\Minhas Imagens
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Public\Documents\Meus Vídeos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default\Modelos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default\Meus Documentos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Músicas
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Imagens
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default\Documents\Meus Vídeos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default\Dados de Aplicativos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default\Configurações Locais
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default\Ambiente de Rede
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default\Ambiente de Impressão
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Músicas
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Imagens
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default User\Documents\Meus Vídeos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de Aplicativos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\ProgramData\Modelos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\ProgramData\Documentos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\ProgramData\Dados de Aplicativos
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-06-22 15:33 - 2016-06-22 15:33 - 00000000 _SHDL C:\Arquivos de Programas
2016-06-22 15:29 - 2016-06-22 15:53 - 00000000 ____D C:\Windows\Panther

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-29 03:33 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-29 03:24 - 2013-08-22 19:59 - 00000000 ____D C:\Windows\ShellNew
2016-06-29 03:24 - 2013-08-22 12:36 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-06-29 03:24 - 2013-08-22 12:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-29 03:24 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-29 03:21 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\System
2016-06-29 03:21 - 2013-08-22 10:25 - 00000167 _____ C:\Windows\win.ini
2016-06-29 02:43 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-29 02:22 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf
2016-06-29 02:20 - 2013-08-22 19:58 - 00738078 _____ C:\Windows\system32\prfh0416.dat
2016-06-29 02:20 - 2013-08-22 19:58 - 00150714 _____ C:\Windows\system32\prfc0416.dat
2016-06-29 02:15 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-29 02:15 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-29 02:15 - 2012-06-04 09:35 - 00000763 _____ C:\Windows\SysWOW64\bscs.ini
2016-06-29 01:23 - 2015-12-05 08:11 - 00087984 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwfp.sys
2016-06-29 01:23 - 2015-06-11 19:35 - 00049240 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2016-06-29 01:23 - 2015-06-06 08:51 - 00077728 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kldisk.sys
2016-06-29 01:17 - 2015-12-05 08:11 - 00238000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-06-29 01:06 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-29 01:02 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\rescache
2016-06-29 00:40 - 2013-08-22 11:44 - 00468768 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-29 00:20 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\Help
2016-06-23 18:15 - 2013-08-22 12:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-06-23 18:15 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-06-22 15:53 - 2013-08-22 12:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-06-22 15:53 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\WinStore
2016-06-22 15:53 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\FileManager
2016-06-22 15:53 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\Camera
2016-06-22 15:33 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Windows NT
2016-06-22 15:29 - 2013-08-22 12:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template

Alguns arquivos em TEMP:
====================
C:\Users\Fabio\AppData\Local\Temp\aplicativoitau.exe
C:\Users\Fabio\AppData\Local\Temp\ose00000.exe
C:\Users\Fabio\AppData\Local\Temp\ose00001.exe
C:\Users\Fabio\AppData\Local\Temp\ose00002.exe
C:\Users\Fabio\AppData\Local\Temp\ose00003.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-06-22 15:30

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité