Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:05-03-2016 01 Executado por Vinícius (administrador) em VVINICIUSSF (10-04-2016 02:02:42) Executando a partir de C:\Users\Vinícius\Desktop Perfis Carregados: Vinícius (Perfis Disponíveis: Vinícius) Platform: Windows 10 Home Single Language Versão 1511 (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Spotify Ltd) C:\Users\Vinícius\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8712960 2015-11-30] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-11-30] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-08-18] (Intel Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation) HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\badu\uc.exe [487514 2016-04-09] ( ) HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\Run: [Spotify Web Helper] => C:\Users\Vinícius\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-04-08] (Spotify Ltd) HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation) HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\Run: [Spotify] => C:\Users\Vinícius\AppData\Roaming\Spotify\Spotify.exe [6891120 2016-04-08] (Spotify Ltd) HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd) HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23260000 2016-02-24] (Google) HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\RunOnce: [Uninstall C:\Users\Vin�cius\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vinícius\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\RunOnce: [Uninstall C:\Users\Vin�cius\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vinícius\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\RunOnce: [Uninstall C:\Users\Vin�cius\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vinícius\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\MountPoints2: {201b7d29-b1c6-11e5-beaa-1c39470b85a7} - "D:\setup.exe" HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\...\MountPoints2: {cf761589-baf7-11e5-beaf-1c39470b85a7} - "E:\setup.exe" ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey IE RunOnce.lnk [2016-04-10] ShortcutTarget: Install SafeKey IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee) CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) ProxyEnable: [.DEFAULT] => Proxy está habilitado. ProxyServer: [.DEFAULT] => http=127.0.0.1:57471;https=127.0.0.1:57471 Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 189.7.144.37 189.7.144.15 Tcpip\..\Interfaces\{cdb22191-a01a-4e47-8589-26214b035322}: [DhcpNameServer] 189.7.144.37 189.7.144.15 Tcpip\..\Interfaces\{d217bd3e-a083-46b2-97c3-6f928499481c}: [DhcpNameServer] 189.7.144.37 189.7.144.15 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-10-13] (McAfee) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-26] (Oracle Corporation) BHO-x32: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-10-13] (McAfee) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-26] (Oracle Corporation) Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-10-13] (McAfee) Toolbar: HKLM-x32 - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-10-13] (McAfee) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-29] (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-29] (McAfee, Inc.) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-29] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-29] (McAfee, Inc.) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2016-03-03] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-03-03] (McAfee, Inc.) FireFox: ======== FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-03-03] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] () FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-26] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-26] (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-03-03] () FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-03-03] [não assinado] Chrome: ======= CHR HomePage: Default -> hxxps://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Profile: C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Apresentações) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-02] CHR Extension: (Google Docs) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-02] CHR Extension: (Google Drive) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02] CHR Extension: (YouTube) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-02] CHR Extension: (TopWay) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\calcdabkdhechkdkgcenbfjanfifoohm [2015-12-02] CHR Extension: (Google Search) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02] CHR Extension: (Planilhas do Google) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-02] CHR Extension: (SiteAdvisor) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-02-22] CHR Extension: (Documentos Google off-line) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (Skype) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-22] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Gmail) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-02] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-01-21] CHR HKU\S-1-5-21-2875663355-2338593923-3469501032-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [agbnjankikoaabjkmfbaceggjliabkbn] - C:\Program Files (x86)\SafeKey\lpchrome.crx [2015-10-13] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-01-21] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) S2 BugreportW; C:\Program Files (x86)\SpeedSearchesbnd\Bugreportauclt.exe [1623128 2016-04-09] () R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-08-18] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [361376 2015-11-28] (Intel Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [158952 2015-12-29] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-03-03] (McAfee, Inc.) R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe [1696712 2016-02-23] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [681680 2016-02-26] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.) R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] () S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3558840 2015-10-14] (INCA Internet Co., Ltd.) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-01-04] (Electronic Arts) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2015-11-30] (Realtek Semiconductor) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) S2 WinSvces; C:\Program Files (x86)\WinSvces\WinSvces\WinSvces.exe [314384 2016-04-09] () R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation) ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-06-03] (Advanced Micro Devices, Inc.) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.) R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-01-04] (Disc Soft Ltd) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.) S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [41080 2016-02-07] () S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-10] (Intel Corporation) S3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-10] (Intel Corporation) S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-10] (Intel Corporation) S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-10] (Intel Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [266512 2015-08-07] (Intel Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation) R2 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37448 2015-12-29] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.) R3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [7075568 2015-08-23] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [888064 2015-08-20] (Realtek ) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-12-03] (Realsil Semiconductor Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-04-10 02:02 - 2016-04-10 02:03 - 00026228 _____ C:\Users\Vinícius\Desktop\FRST.txt 2016-04-10 02:01 - 2016-04-10 02:02 - 00000000 ____D C:\FRST 2016-04-10 01:59 - 2016-04-10 01:59 - 00000000 ___HD C:\OneDriveTemp 2016-04-10 01:58 - 2016-04-10 01:58 - 02374144 _____ (Farbar) C:\Users\Vinícius\Desktop\FRST64.exe 2016-04-10 01:55 - 2016-04-10 01:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2016-04-10 01:13 - 2016-04-10 01:40 - 00000080 _____ C:\Users\Public\Desktop\McAfee LiveSafe - Internet Security.lnk 2016-04-09 23:49 - 2016-04-09 23:49 - 00000000 ____D C:\Program Files (x86)\badu 2016-04-09 23:16 - 2016-04-10 01:39 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol 2016-04-09 23:16 - 2016-04-10 01:39 - 00000286 __RSH C:\ProgramData\ntuser.pol 2016-04-09 23:16 - 2016-04-10 01:11 - 00000000 ____D C:\Program Files (x86)\SpeedSearchesbnd 2016-04-09 23:16 - 2016-04-09 23:16 - 00015108 _____ C:\WINDOWS\System32\Tasks\WinTsks 2016-04-09 23:16 - 2016-04-09 23:16 - 00000000 ____D C:\Program Files (x86)\WinTsks 2016-04-09 23:16 - 2016-04-09 23:16 - 00000000 ____D C:\Program Files (x86)\WinSvces 2016-04-09 23:16 - 2016-04-09 23:16 - 00000000 ____D C:\extensions 2016-04-09 22:55 - 2016-04-09 22:55 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse 2016-04-09 15:15 - 2016-04-09 15:15 - 00004208 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse 2016-04-09 00:05 - 2016-04-09 00:21 - 00000000 ____D C:\Users\Vinícius\Downloads\The Internship (2013) 2016-04-06 16:07 - 2016-04-10 01:59 - 00000000 ___RD C:\Users\Vinícius\Google Drive 2016-04-06 16:07 - 2016-04-10 01:40 - 00001803 _____ C:\Users\Vinícius\Desktop\Google Drive.lnk 2016-04-06 16:06 - 2016-04-10 01:40 - 00002111 _____ C:\Users\Public\Desktop\Google Slides.lnk 2016-04-06 16:06 - 2016-04-10 01:40 - 00002109 _____ C:\Users\Public\Desktop\Google Sheets.lnk 2016-04-06 16:06 - 2016-04-10 01:40 - 00002099 _____ C:\Users\Public\Desktop\Google Docs.lnk 2016-04-06 16:06 - 2016-04-06 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-04-06 16:05 - 2016-04-06 16:05 - 00987728 _____ (Google Inc.) C:\Users\Vinícius\Downloads\googledrivesync.exe 2016-03-30 22:33 - 2016-04-10 01:40 - 00001818 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-03-30 22:33 - 2016-03-30 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-03-30 22:33 - 2016-03-30 22:33 - 00000000 ____D C:\Program Files\iTunes 2016-03-30 22:33 - 2016-03-30 22:33 - 00000000 ____D C:\Program Files\iPod 2016-03-30 22:33 - 2016-03-30 22:33 - 00000000 ____D C:\Program Files (x86)\iTunes 2016-03-30 22:30 - 2016-03-30 22:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple 2016-03-30 22:30 - 2016-03-30 22:30 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2016-03-21 18:04 - 2016-03-21 18:04 - 00348971 _____ C:\Users\Vinícius\Downloads\Edital-BOLSAS-2016.pdf 2016-03-11 11:54 - 2016-03-11 11:54 - 00000000 ____D C:\Program Files\WinRAR 2016-03-11 11:53 - 2016-04-10 01:40 - 00001910 _____ C:\Users\Public\Desktop\QuickTime Player.lnk 2016-03-11 11:53 - 2016-03-11 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2016-03-11 11:53 - 2016-03-11 11:53 - 00000000 ____D C:\Program Files (x86)\QuickTime ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-04-10 01:59 - 2016-02-06 23:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-04-10 01:59 - 2015-12-08 08:31 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-04-10 01:59 - 2015-10-19 16:41 - 00000696 _____ C:\WINDOWS\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job 2016-04-10 01:59 - 2015-08-07 15:57 - 00000000 ___RD C:\Users\Vinícius\OneDrive 2016-04-10 01:59 - 2015-08-07 15:51 - 00000000 __SHD C:\Users\Vinícius\IntelGraphicsProfiles 2016-04-10 01:58 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-04-10 01:58 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-04-10 01:54 - 2015-10-30 16:12 - 00797728 _____ C:\WINDOWS\system32\prfh0416.dat 2016-04-10 01:54 - 2015-10-30 16:12 - 00155274 _____ C:\WINDOWS\system32\prfc0416.dat 2016-04-10 01:54 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF 2016-04-10 01:54 - 2015-10-12 23:05 - 01822696 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-04-10 01:45 - 2016-02-07 01:17 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-04-10 01:40 - 2016-03-02 14:41 - 00001295 _____ C:\Users\Vinícius\Desktop\TeamSpeak 3 Client.lnk 2016-04-10 01:40 - 2016-02-29 17:48 - 00002674 _____ C:\Users\Vinícius\Desktop\Word 2013.lnk 2016-04-10 01:40 - 2016-02-29 17:48 - 00002630 _____ C:\Users\Vinícius\Desktop\Excel 2013.lnk 2016-04-10 01:40 - 2016-02-13 20:22 - 00001053 _____ C:\Users\Vinícius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recursos Opcionais.lnk 2016-04-10 01:40 - 2016-02-13 20:17 - 00001287 _____ C:\Users\Vinícius\Desktop\NARUTO SHIPPUDEN Ultimate Ninja STORM 4.lnk 2016-04-10 01:40 - 2016-02-07 01:17 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-04-10 01:40 - 2016-01-16 21:04 - 00000912 _____ C:\Users\Public\Desktop\Pro Evolution Soccer 2016.lnk 2016-04-10 01:40 - 2016-01-14 16:45 - 00001274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk 2016-04-10 01:40 - 2016-01-14 16:45 - 00000976 _____ C:\Users\Public\Desktop\The Sims 4.lnk 2016-04-10 01:40 - 2016-01-10 10:11 - 00002133 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-04-10 01:40 - 2016-01-04 20:17 - 00001048 _____ C:\Users\Public\Desktop\Origin.lnk 2016-04-10 01:40 - 2016-01-04 18:14 - 00001854 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2016-04-10 01:40 - 2015-12-21 13:02 - 00000903 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-04-10 01:40 - 2015-12-21 12:20 - 00001323 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk 2016-04-10 01:40 - 2015-12-08 08:40 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-04-10 01:40 - 2015-12-05 14:03 - 00000881 _____ C:\Users\Vinícius\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2016-04-10 01:40 - 2015-12-02 20:16 - 00002190 _____ C:\Users\Vinícius\Desktop\Minecraft.lnk 2016-04-10 01:40 - 2015-12-02 17:45 - 00002151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-10 01:40 - 2015-11-28 23:31 - 00001066 _____ C:\Users\Vinícius\Desktop\Spotydl.lnk 2016-04-10 01:40 - 2015-11-28 11:18 - 00001579 _____ C:\Users\Public\Desktop\League of Legends.lnk 2016-04-10 01:40 - 2015-10-17 22:34 - 00001223 _____ C:\Users\Public\Desktop\Battle.net.lnk 2016-04-10 01:40 - 2015-10-16 09:40 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-04-10 01:40 - 2015-10-13 14:10 - 00001257 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk 2016-04-10 01:40 - 2015-10-13 11:22 - 00001032 _____ C:\Users\Public\Desktop\Steam.lnk 2016-04-10 01:40 - 2015-10-13 11:00 - 00001853 _____ C:\Users\Vinícius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-04-10 01:40 - 2015-10-13 10:57 - 00001139 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-04-10 01:40 - 2015-10-12 23:06 - 00002384 _____ C:\Users\Vinícius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-04-10 01:40 - 2015-08-07 18:36 - 00001867 _____ C:\Users\Vinícius\Desktop\Spotify.lnk 2016-04-10 01:40 - 2015-08-07 17:07 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk 2016-04-10 01:40 - 2015-08-07 16:45 - 00000901 _____ C:\Users\Vinícius\Desktop\µTorrent.lnk 2016-04-10 01:39 - 2015-08-07 15:45 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-04-10 01:38 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\InputMethod 2016-04-10 01:13 - 2015-11-17 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-04-10 00:30 - 2015-12-02 17:42 - 00004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1187E1B0-A8B8-4700-B51E-7B61CCEB544E} 2016-04-10 00:15 - 2015-10-13 11:00 - 00000000 ____D C:\Users\Vinícius\AppData\Local\Spotify 2016-04-09 23:50 - 2015-10-13 10:59 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\Spotify 2016-04-09 23:49 - 2015-11-29 17:22 - 00000000 ____D C:\Users\Todos os Usuários\Intel 2016-04-09 23:49 - 2015-11-29 17:22 - 00000000 ____D C:\ProgramData\Intel 2016-04-09 23:28 - 2015-10-13 11:22 - 00000000 ____D C:\Program Files (x86)\Steam 2016-04-09 23:28 - 2015-10-13 11:00 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\uTorrent 2016-04-09 22:28 - 2015-10-09 08:41 - 00000000 ____D C:\Users\Vinícius\Downloads\Eng. Petróleo 2016-04-09 22:27 - 2015-10-10 13:29 - 00000000 ____D C:\Users\Vinícius\Downloads\séries 2016-04-09 20:51 - 2015-10-13 10:59 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\vlc 2016-04-08 13:21 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-04-07 23:55 - 2015-10-30 03:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM 2016-04-06 17:34 - 2016-03-01 10:33 - 00005280 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for VVINICIUSSF-Vinícius VviniciusSF 2016-04-06 16:07 - 2015-12-08 08:36 - 00000000 ____D C:\Users\Vinícius 2016-04-06 16:06 - 2015-10-13 11:02 - 00000000 ____D C:\Users\Vinícius\AppData\Local\Google 2016-04-06 16:06 - 2015-10-13 11:02 - 00000000 ____D C:\Program Files (x86)\Google 2016-04-06 01:43 - 2015-10-13 11:26 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\Skype 2016-04-05 00:30 - 2015-10-13 12:18 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2016-04-05 00:29 - 2015-10-13 12:14 - 00000000 ____D C:\Program Files (x86)\McAfee 2016-03-30 22:33 - 2015-10-16 09:39 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-03-30 11:03 - 2015-10-12 23:03 - 00000000 ____D C:\Users\Vinícius\AppData\Local\Packages 2016-03-26 16:10 - 2015-11-17 21:17 - 00000000 ____D C:\Users\Todos os Usuários\Oracle 2016-03-26 16:10 - 2015-11-17 21:17 - 00000000 ____D C:\ProgramData\Oracle 2016-03-26 15:56 - 2015-11-17 21:17 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-03-26 15:56 - 2015-11-17 21:17 - 00000000 ____D C:\Users\Vinícius\.oracle_jre_usage 2016-03-26 15:56 - 2015-11-17 21:17 - 00000000 ____D C:\Program Files (x86)\Java 2016-03-23 15:11 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-03-18 13:49 - 2015-10-13 11:26 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-03-18 13:49 - 2015-10-13 11:25 - 00000000 ____D C:\Users\Todos os Usuários\Skype 2016-03-18 13:49 - 2015-10-13 11:25 - 00000000 ____D C:\ProgramData\Skype 2016-03-16 16:57 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache 2016-03-14 19:06 - 2015-08-07 19:03 - 00000000 ____D C:\Users\Vinícius\Documents\Relações Internacionais 2016-03-11 11:54 - 2015-10-13 10:58 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-03-11 11:54 - 2015-10-13 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR ==================== Arquivos na raiz de alguns diretórios ======= 2015-10-13 11:57 - 2015-10-13 11:57 - 32372200 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe 2016-02-11 14:49 - 2016-02-16 15:27 - 0007602 _____ () C:\Users\Vinícius\AppData\Local\Resmon.ResmonCfg 2015-12-08 08:32 - 2015-12-08 08:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Arquivos para serem movidos ou deletados: ==================== C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job Alguns arquivos em TEMP: ==================== C:\Users\Vinícius\AppData\Local\Temp\23333.exe C:\Users\Vinícius\AppData\Local\Temp\setup.dll ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\dnsapi.dll [2015-10-30 04:18] - [2015-10-30 04:18] - 0535088 ____A (Microsoft Corporation) FD74D692D1BA1F48BB24A1CB2E06FDBF C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-03-28 15:20 ==================== Fim de FRST.txt ============================