Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:12-06-2016 01
Executado por Ricardo (administrador) em RICARDO-NOTE (12-06-2016 23:58:30)
Executando a partir de C:\Users\Ricardo\Desktop
Perfis Carregados: Ricardo (Perfis Disponíveis: Ricardo)
Platform: Windows 10 Home Single Language Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(RealVNC Ltd.) C:\Program Files (x86)\RealVNC\VNC4\winvnc4.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Pokki) C:\Users\Ricardo\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(%CFullName%) C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Pokki) C:\Users\Ricardo\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\Ricardo\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\Ricardo\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.20961.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.20961.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2016-05-20] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-04-01] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-421144188-1053493234-3588074340-1001\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1728952 2015-06-22] (CyberLink Corp.)
HKU\S-1-5-21-421144188-1053493234-3588074340-1001\...\Run: [uTorrent] => C:\Users\Ricardo\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-13] (BitTorrent Inc.)
HKU\S-1-5-21-421144188-1053493234-3588074340-1001\...\RunOnce: [Uninstall C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ricardo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-04-01] (AVAST Software)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{222002e1-ce0b-4ca4-a526-aa83c8368b62}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPCON14/3
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/3
HKU\S-1-5-21-421144188-1053493234-3588074340-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPCON14/3
HKU\S-1-5-21-421144188-1053493234-3588074340-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/3
HKU\S-1-5-21-421144188-1053493234-3588074340-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/HPCON14/3
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-01] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-01] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-22] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2016-06-04] ()
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Sem Nome - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-17] [não assinado]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Sem Nome - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-17] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: HP SimplePass - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2016-03-02] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Chrome:
=======
CHR Profile: C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-01]
CHR Extension: (Forge of Empires) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\anaphblkfplenhkephgneolhnmjminjg [2016-04-18]
CHR Extension: (Google Docs) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-01]
CHR Extension: (Google Drive) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-01]
CHR Extension: (Rapport) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-03-14]
CHR Extension: (YouTube) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-01]
CHR Extension: (Google Search) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-01]
CHR Extension: (Planilhas do Google) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-01]
CHR Extension: (HP SimplePass) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fidikogfgleiaefnjbmnjaplmgknppkg [2016-03-02]
CHR Extension: (Documentos Google off-line) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Avast Online Security) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-08]
CHR Extension: (Visitantes para Facebook) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihjbpjahiibmjdlcgodcnmpelpmilamk [2016-05-12]
CHR Extension: (Facebook Flat) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadbillinepbjlgenaliokdhejdmmlgp [2016-05-12]
CHR Extension: (Skype) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-12]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-01]
CHR Profile: C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Apresentações) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-12]
CHR Extension: (Google Docs) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-12]
CHR Extension: (Google Drive) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-12]
CHR Extension: (Rapport) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-05-12]
CHR Extension: (YouTube) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-12]
CHR Extension: (HP SimplePass) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fidikogfgleiaefnjbmnjaplmgknppkg [2016-06-03]
CHR Extension: (Documentos Google off-line) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-12]
CHR Extension: (Avast Online Security) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-12]
CHR Extension: (Skype) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-26]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-12]
CHR Extension: (Gmail) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-12]
CHR HKU\S-1-5-21-421144188-1053493234-3588074340-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [104824 2015-08-07] (Alps Electric Co., Ltd.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-04-01] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-06-04] (WildTangent) [Arquivo não assinado]
S3 GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [210288 2016-06-04] (WildTangent, Inc.) [Arquivo não assinado]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [150256 2015-07-31] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-10-28] ()
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [124928 2015-07-02] (Softex Inc.) [Arquivo não assinado]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2383344 2016-05-30] (IBM Corp.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2016-05-20] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WinVNC4; C:\Program Files (x86)\RealVNC\VNC4\WinVNC4.exe [439632 2008-10-15] (RealVNC Ltd.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-10-28] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-04-01] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-04-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-04-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-04-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-04-01] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-04-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-04-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-04-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-04-01] (AVAST Software)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-08] (CyberLink)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [259312 2015-07-31] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184096 2015-06-29] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3509512 2015-11-05] (Intel Corporation)
R1 RapportCerberus_1609041; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609041.sys [1157864 2016-06-09] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [544360 2016-05-30] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [215560 2016-05-30] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [470056 2016-05-30] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [525992 2016-05-30] (IBM Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2016-05-20] (Realtek )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-06-12 23:58 - 2016-06-12 23:59 - 00025676 _____ C:\Users\Ricardo\Desktop\FRST.txt
2016-06-12 23:58 - 2016-06-12 23:58 - 00000000 ____D C:\FRST
2016-06-12 23:54 - 2016-06-12 23:58 - 02385408 _____ (Farbar) C:\Users\Ricardo\Desktop\FRST64.exe
2016-06-12 20:41 - 2016-06-12 20:41 - 00209566 _____ C:\Users\Ricardo\Downloads\WhatsApp-Image-20160612 (4).jpe
2016-06-12 20:41 - 2016-06-12 20:41 - 00172509 _____ C:\Users\Ricardo\Downloads\WhatsApp-Image-20160612 (1).jpe
2016-06-12 20:41 - 2016-06-12 20:41 - 00165112 _____ C:\Users\Ricardo\Downloads\WhatsApp-Image-20160612 (3).jpe
2016-06-12 20:41 - 2016-06-12 20:41 - 00105316 _____ C:\Users\Ricardo\Downloads\WhatsApp-Image-20160612 (2).jpe
2016-06-12 20:41 - 2016-06-12 20:41 - 00044287 _____ C:\Users\Ricardo\Downloads\WhatsApp-Image-20160612.jpe
2016-06-12 15:43 - 2016-06-12 15:43 - 00106304 _____ () C:\Users\Ricardo\Downloads\FacebookGamesArcadeSetup.exe
2016-06-12 11:21 - 2016-06-12 11:21 - 00001109 _____ C:\WINDOWS\SysWOW64\nativelog.txt
2016-06-12 08:28 - 2016-06-12 08:30 - 01581839 _____ C:\Users\Ricardo\Desktop\Lição 11.pptx
2016-06-11 19:36 - 2016-06-11 19:37 - 00000000 ____D C:\Users\Ricardo\Desktop\Nova pasta (2)
2016-06-11 13:45 - 2016-06-11 14:00 - 00000000 ____D C:\Users\Ricardo\AppData\Roaming\.minecraft
2016-06-11 13:45 - 2016-06-11 13:45 - 00000000 ____D C:\Users\Ricardo\AppData\Roaming\java
2016-06-11 13:43 - 2016-06-11 14:51 - 00001474 _____ C:\Users\Ricardo\Downloads\nativelog.txt
2016-06-11 13:43 - 2016-06-11 13:45 - 00000000 ____D C:\Users\Ricardo\Downloads\game
2016-06-11 13:43 - 2016-06-11 13:43 - 01247112 _____ (Mojang) C:\Users\Ricardo\Downloads\Minecraft.exe
2016-06-11 13:43 - 2016-06-11 13:43 - 00000000 ____D C:\Users\Ricardo\Downloads\runtime
2016-06-11 13:42 - 2016-06-11 13:42 - 02314240 _____ C:\Users\Ricardo\Downloads\MinecraftInstaller.msi
2016-06-05 12:15 - 2016-06-05 12:15 - 00000000 ____D C:\WINDOWS\LastGood
2016-06-04 18:51 - 2016-06-04 19:04 - 01726709 _____ C:\Users\Ricardo\Desktop\CULTO.pptx
2016-06-04 18:51 - 2016-06-04 18:51 - 00000165 ____H C:\Users\Ricardo\Desktop\~$CULTO.pptx
2016-06-04 18:27 - 2016-06-04 20:34 - 00116039 _____ C:\Users\Ricardo\Desktop\NO CAMINHO DO MILAGRE.pptx
2016-06-04 18:27 - 2016-06-04 18:27 - 00000165 ____H C:\Users\Ricardo\Desktop\~$NO CAMINHO DO MILAGRE.pptx
2016-06-03 17:16 - 2016-06-03 17:16 - 634993850 _____ C:\WINDOWS\MEMORY.DMP
2016-06-03 17:16 - 2016-06-03 17:16 - 00211788 _____ C:\WINDOWS\Minidump\060316-20359-01.dmp
2016-06-03 17:16 - 2016-06-03 17:16 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-02 11:13 - 2016-06-02 11:13 - 00003905 _____ C:\Users\Ricardo\Desktop\images.jpe
2016-06-02 11:03 - 2016-06-12 17:02 - 00003266 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForRicardo
2016-06-02 11:02 - 2016-06-12 17:02 - 00000366 _____ C:\WINDOWS\Tasks\HPCeeScheduleForRicardo.job
2016-05-29 08:58 - 2016-05-29 08:58 - 00000165 ____H C:\Users\Ricardo\Desktop\~$lbjlio9-conflitosfamiliares-160424150342.pptx
2016-05-28 23:50 - 2016-05-28 23:53 - 01535744 _____ C:\Users\Ricardo\Desktop\lbjlio9-conflitosfamiliares-160424150342.pptx
2016-05-28 02:36 - 2016-05-28 02:37 - 17142165 _____ C:\Users\Ricardo\Downloads\EU VIREI GAY PARÓDIA Jorge Mateus - Sosseguei.mp4
2016-05-26 12:49 - 2016-05-26 12:51 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-05-23 23:27 - 2016-05-23 23:27 - 00000000 ___RD C:\Users\Ricardo\3D Objects
2016-05-22 22:39 - 2016-05-22 22:39 - 00089352 _____ C:\Users\Ricardo\Downloads\WhatsApp-Image-20160522.jpe
2016-05-22 12:12 - 2016-05-22 12:12 - 00215127 _____ C:\Users\Ricardo\Downloads\WhatsApp-Image-20160515 (2).jpe
2016-05-22 12:12 - 2016-05-22 12:12 - 00176655 _____ C:\Users\Ricardo\Downloads\WhatsApp-Image-20160515 (1).jpe
2016-05-22 12:12 - 2016-05-22 12:12 - 00173348 _____ C:\Users\Ricardo\Downloads\WhatsApp-Image-20160515 (3).jpe
2016-05-22 12:12 - 2016-05-22 12:12 - 00170832 _____ C:\Users\Ricardo\Downloads\WhatsApp-Image-20160515.jpe
2016-05-22 12:12 - 2016-05-22 12:12 - 00165070 _____ C:\Users\Ricardo\Downloads\WhatsApp-Image-20160515 (4).jpe
2016-05-20 19:30 - 2016-05-20 19:29 - 00886528 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2016-05-20 19:30 - 2016-05-20 19:29 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-05-20 19:26 - 2016-05-20 19:24 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-05-20 19:26 - 2016-05-20 19:24 - 35222128 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-05-20 19:26 - 2016-05-20 19:24 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-05-20 19:26 - 2016-05-20 19:24 - 02702552 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-05-20 19:26 - 2016-05-20 19:24 - 01749208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-05-20 19:26 - 2016-05-20 19:24 - 01413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-05-20 19:26 - 2016-05-20 19:24 - 01310936 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-05-20 19:26 - 2016-05-20 19:24 - 01104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-05-20 19:26 - 2016-05-20 19:24 - 00943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-05-20 19:26 - 2016-05-20 19:24 - 00734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-05-20 19:26 - 2016-05-20 19:24 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-05-20 19:26 - 2016-05-20 19:24 - 00454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-05-20 19:26 - 2016-05-20 19:24 - 00369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-05-20 19:26 - 2016-05-20 19:24 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-05-20 19:26 - 2016-05-20 19:24 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-05-20 19:26 - 2016-05-20 19:24 - 00250536 _____ (TODO: ) C:\WINDOWS\system32\slprp64.dll
2016-05-20 19:26 - 2016-05-20 19:23 - 01576976 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-05-18 21:14 - 2016-05-18 21:02 - 02825944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-05-18 20:13 - 2016-05-18 20:14 - 00000798 _____ C:\Users\Ricardo\Desktop\ckfiles.txt
2016-05-18 20:01 - 2016-05-18 20:02 - 00468480 _____ () C:\Users\Ricardo\Desktop\CKScanner.exe
2016-05-18 19:41 - 2016-05-18 19:41 - 00000000 ____D C:\Users\Todos os Usuários\Intel.sav
2016-05-18 19:41 - 2016-05-18 19:41 - 00000000 ____D C:\ProgramData\Intel.sav
2016-05-17 21:40 - 2016-05-17 21:40 - 00132349 _____ C:\Users\Ricardo\Downloads\WhatsApp-Image-20160517.jpe
2016-05-17 21:40 - 2016-05-17 21:40 - 00108124 _____ C:\Users\Ricardo\Downloads\WhatsApp-Image-20160517 (1).jpe
2016-05-17 21:08 - 2016-05-17 21:08 - 00020115 _____ C:\ZA-Scan.txt
2016-05-17 21:02 - 2016-05-17 21:02 - 00000000 ____D C:\zoek_backup
2016-05-17 20:59 - 2016-05-17 21:02 - 01370112 _____ C:\Users\Ricardo\Desktop\ZA-Scan.exe
2016-05-17 20:54 - 2016-06-09 13:15 - 00002277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-17 20:54 - 2016-06-09 13:15 - 00002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-17 20:51 - 2016-06-12 23:07 - 00001102 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-17 20:51 - 2016-06-12 22:07 - 00001098 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-17 20:51 - 2016-05-17 21:02 - 00004160 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-17 20:51 - 2016-05-17 21:02 - 00003928 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-17 20:49 - 2016-05-17 20:50 - 00987728 _____ (Google Inc.) C:\Users\Ricardo\Downloads\ChromeSetup.exe
2016-05-15 21:26 - 2016-05-15 21:26 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-05-15 01:05 - 2016-05-15 01:12 - 00233758 _____ C:\Users\Ricardo\Desktop\LIÇÃO 7 - O PAPEL DA ESPOSA.pptx
2016-05-15 01:04 - 2016-05-15 01:12 - 00214062 _____ C:\Users\Ricardo\Desktop\LIÇÃO 6 - O PAPEL DO MARIDO.pptx
2016-05-14 19:21 - 2016-05-22 09:12 - 00000000 ____D C:\Users\Ricardo\Desktop\Nova pasta
2016-05-14 18:42 - 2016-05-14 18:47 - 52626998 _____ C:\Users\Ricardo\Downloads\C.e.Q-Q.E.Q.A.Pb tudodownloadsgospel.net.rar
2016-05-13 23:49 - 2016-05-13 23:49 - 00000000 ____D C:\Program Files\CCleaner
2016-05-13 21:40 - 2016-05-13 21:40 - 00000000 ____D C:\Program Files\Realtek
2016-05-13 21:40 - 2016-05-13 21:40 - 00000000 ____D C:\Program Files\Apoint2K
2016-05-13 21:39 - 2016-05-18 19:39 - 00000000 ____D C:\Program Files\Intel
2016-05-13 21:32 - 2016-05-13 21:33 - 00000000 ____D C:\Windows.old
2016-05-13 21:21 - 2016-05-13 21:54 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-05-13 21:21 - 2016-05-13 21:21 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-05-13 21:21 - 2016-05-13 21:21 - 00000000 ____D C:\Program Files\MSBuild
2016-05-13 21:21 - 2016-05-13 21:21 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-05-13 21:21 - 2016-05-13 21:21 - 00000000 ____D C:\inetpub
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-06-12 22:11 - 2016-05-13 21:42 - 02014294 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-12 22:11 - 2016-02-13 14:31 - 00854394 _____ C:\WINDOWS\system32\prfh0416.dat
2016-06-12 22:11 - 2016-02-13 14:31 - 00183788 _____ C:\WINDOWS\system32\prfc0416.dat
2016-06-12 22:11 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-12 22:10 - 2016-03-01 15:38 - 00000000 ____D C:\Users\Ricardo\AppData\Local\SweetLabs App Platform
2016-06-12 22:09 - 2016-03-01 16:00 - 00000000 ____D C:\Users\Ricardo\Documents\Youcam
2016-06-12 22:06 - 2016-03-01 15:39 - 00000000 __SHD C:\Users\Ricardo\IntelGraphicsProfiles
2016-06-12 22:05 - 2016-05-13 21:40 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-12 22:04 - 2016-02-13 14:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-12 21:05 - 2016-03-01 16:11 - 00004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C8486B06-C2A1-47F9-8200-4BCBCC570EB2}
2016-06-12 15:21 - 2016-03-08 10:10 - 00000000 ____D C:\Users\Ricardo\AppData\Local\ElevatedDiagnostics
2016-06-12 13:32 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-12 11:21 - 2016-03-01 15:39 - 00000000 ____D C:\Users\Ricardo\AppData\Local\VirtualStore
2016-06-12 11:20 - 2016-04-01 16:46 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-06-12 11:19 - 2016-05-13 21:43 - 00000000 ____D C:\Users\Ricardo
2016-06-11 12:53 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-09 00:06 - 2016-03-14 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proteção de Terminal Trusteer
2016-06-05 12:15 - 2015-05-07 12:15 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-06-04 10:50 - 2015-05-07 12:28 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-06-03 15:32 - 2016-03-01 16:47 - 00000000 ____D C:\nQuestor
2016-05-30 17:04 - 2016-03-14 20:55 - 00470056 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKE64.sys
2016-05-30 17:04 - 2016-03-14 20:55 - 00215560 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportHades64.sys
2016-05-27 18:02 - 2016-03-02 15:11 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-23 18:16 - 2016-05-13 22:42 - 00002425 _____ C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-23 18:16 - 2016-03-02 14:53 - 00000000 ___RD C:\Users\Ricardo\OneDrive
2016-05-20 22:11 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-20 21:39 - 2016-05-13 21:40 - 00005691 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2016-05-20 19:30 - 2015-05-07 12:14 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-05-20 19:29 - 2014-03-31 22:07 - 00000000 ____D C:\SWSetup
2016-05-20 19:28 - 2015-05-07 12:15 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-05-20 19:27 - 2016-05-13 21:40 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-05-20 19:24 - 2016-03-02 14:41 - 04514008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-05-20 19:24 - 2016-03-02 14:41 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-05-20 19:24 - 2016-03-02 14:41 - 02930904 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-05-20 19:24 - 2016-03-02 14:41 - 00184688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-05-18 19:59 - 2016-04-08 16:38 - 00000000 ____D C:\Users\Ricardo\AppData\Roaming\uTorrent
2016-05-18 19:53 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-18 19:43 - 2015-05-07 12:13 - 00000000 ____D C:\Users\Todos os Usuários\Intel
2016-05-18 19:43 - 2015-05-07 12:13 - 00000000 ____D C:\ProgramData\Intel
2016-05-18 19:42 - 2016-04-01 17:08 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-05-18 19:42 - 2016-02-13 14:55 - 00000000 ____D C:\Users\Administrador
2016-05-18 19:42 - 2013-08-22 10:36 - 00000000 ____D C:\Users\Default.migrated
2016-05-18 19:41 - 2016-04-01 17:08 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-05-18 19:41 - 2015-05-07 12:10 - 00000000 ____D C:\Program Files (x86)\Intel
2016-05-18 19:08 - 2015-05-07 12:20 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-05-18 19:08 - 2015-05-07 12:20 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-17 22:20 - 2016-03-14 10:36 - 00000000 ____D C:\Users\Ricardo\Documents\_PORTAL NO ALEGRETE
2016-05-17 20:31 - 2016-03-04 16:18 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-17 20:16 - 2016-03-04 16:17 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-17 19:44 - 2016-03-01 16:53 - 00000000 ___RD C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Questor
2016-05-17 19:44 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-05-17 19:44 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-05-17 19:44 - 2015-10-30 03:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-05-17 19:44 - 2015-10-30 03:28 - 00000000 ____D C:\WINDOWS\servicing
2016-05-17 19:44 - 2014-05-13 19:29 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2016-05-17 19:43 - 2016-03-31 20:49 - 00000000 ____D C:\Users\Ricardo\AppData\Roaming\WildTangent
2016-05-17 19:43 - 2016-03-01 16:53 - 00000000 ___RD C:\Users\Ricardo\Desktop\Questor
2016-05-17 19:42 - 2015-05-07 12:28 - 00000000 ____D C:\Users\Todos os Usuários\WildTangent
2016-05-17 19:42 - 2015-05-07 12:28 - 00000000 ____D C:\ProgramData\WildTangent
2016-05-17 19:19 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\registration
2016-05-16 23:05 - 2016-03-01 16:11 - 00000000 ____D C:\Program Files (x86)\Google
2016-05-14 14:18 - 2016-03-01 15:39 - 00000000 ____D C:\Users\Ricardo\AppData\Local\Packages
2016-05-14 00:00 - 2016-05-13 21:36 - 00000000 ___DC C:\WINDOWS\Panther
2016-05-13 22:23 - 2015-05-07 12:10 - 00000000 ____D C:\Intel
2016-05-13 22:11 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files\Windows NT
2016-05-13 21:47 - 2014-05-13 19:16 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-05-13 21:31 - 2016-02-13 14:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-13 21:31 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-05-13 21:31 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-05-13 21:01 - 2016-02-13 15:51 - 00000000 ___HD C:\$WINDOWS.~BT
==================== Arquivos na raiz de alguns diretórios =======
2016-05-12 20:00 - 2016-05-12 20:00 - 0001309 _____ () C:\Users\Ricardo\AppData\Roaming\Bubble Dock.boostrap.log
2016-05-12 20:00 - 2016-05-12 20:00 - 0000097 _____ () C:\Users\Ricardo\AppData\Roaming\WindApp.boostrap.log
Alguns arquivos em TEMP:
====================
C:\Users\Ricardo\AppData\Local\Temp\{EEE98463-07EF-4AF2-8E93-FBA6D3E133E7}-51.0.2704.84_50.0.2661.102_chrome_updater.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-06-11 14:55
==================== Fim de FRST.txt ============================