Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 21-08-2016 01
Executado por Fonte (administrador) em FONTE-PC (21-08-2016 16:29:14)
Executando a partir de C:\Users\Fonte\Desktop
Perfis Carregados: Fonte (Perfis Disponíveis: Fonte)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe
() C:\Windows\KMS-R@1n.exe
() C:\Windows\KMS-R@1nHook.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Windows\KMS-R@1nHook.exe
(Adobe Systems Incorporated) C:\Users\Fonte\AppData\Local\Adobe\OOBE\PDApp\core\PDapp.exe
(Adobe Systems Incorporated) C:\Users\Fonte\AppData\Local\Adobe\OOBE\PDApp\DECore\Setup.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) I:\Programas\Acer drives\atualizaçao win 7\vc_redist.x64.exe
(Microsoft Corporation) C:\Users\Fonte\AppData\Local\Temp\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}\.be\VC_redist.x64.exe
(Microsoft Corporation) C:\Windows\System32\wusa.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\RunOnce: [{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}] => C:\ProgramData\Package Cache\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}\VC_redist.x64.exe [543672 2016-08-21] (Microsoft Corporation)
HKU\S-1-5-21-188482273-1490220644-3337383199-1000\...\Run: [AdobeBridge] => [X]
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
IFEO\SppSvc.exe: [Debugger] KMS-R@1nHook.exe
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5208D560-9330-4950-A1ED-AB45895DA748}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-08-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-08-21] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-21] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-08-21] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-08-21] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-21] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-08-21] (Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-08-21] [não assinado]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-16] (Microsoft Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-08-21] () [Arquivo não assinado]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-21 16:29 - 2016-08-21 16:30 - 00009497 _____ C:\Users\Fonte\Desktop\FRST.txt
2016-08-21 16:28 - 2016-08-21 16:29 - 00000000 ____D C:\FRST
2016-08-21 16:27 - 2016-08-21 16:27 - 02396672 _____ (Farbar) C:\Users\Fonte\Desktop\FRST64.exe
2016-08-21 16:27 - 2016-08-21 16:27 - 00000000 ____D C:\Windows\system32\Macromed
2016-08-21 16:27 - 2016-08-21 16:27 - 00000000 ____D C:\Users\Todos os Usuários\ALM
2016-08-21 16:27 - 2016-08-21 16:27 - 00000000 ____D C:\Users\Fonte\AppData\Local\mpress
2016-08-21 16:27 - 2016-08-21 16:27 - 00000000 ____D C:\ProgramData\ALM
2016-08-21 16:24 - 2016-08-21 16:24 - 00000000 ____D C:\Users\Fonte\Adobe Flash Builder 4.6
2016-08-21 16:21 - 2016-08-21 16:21 - 00002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2016-08-21 16:21 - 2016-08-21 16:21 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2016-08-21 16:21 - 2016-08-21 16:21 - 00002037 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2016-08-21 16:21 - 2016-08-21 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2016-08-21 16:18 - 2016-08-21 16:18 - 00000000 ___HT C:\Windows\wusa.lock
2016-08-21 16:18 - 2016-08-21 16:18 - 00000000 ____D C:\030b8ab2bb846eb99bb63e03
2016-08-21 16:17 - 2016-08-21 16:17 - 00001108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
2016-08-21 14:04 - 2016-08-21 14:04 - 00000000 ____D C:\Program Files (x86)\My Company Name
2016-08-21 14:04 - 2011-11-03 03:01 - 00056208 ____N (Rovi Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys
2016-08-21 14:04 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2016-08-21 14:04 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2016-08-21 14:01 - 2016-08-21 16:18 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-08-21 14:01 - 2016-08-21 16:18 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-21 14:00 - 2016-08-21 14:00 - 00001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-08-21 14:00 - 2016-08-21 14:00 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\Macromedia
2016-08-21 14:00 - 2016-08-21 14:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-08-21 14:00 - 2016-08-21 14:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-08-21 13:59 - 2016-08-21 16:26 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-21 13:59 - 2016-08-21 13:59 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-08-21 13:58 - 2016-08-21 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2016-08-21 13:58 - 2016-08-21 16:29 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-08-21 13:58 - 2016-08-21 16:29 - 00000000 ____D C:\Program Files\Adobe
2016-08-21 13:55 - 2016-08-21 16:26 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-08-21 13:55 - 2016-08-21 16:26 - 00000000 ____D C:\ProgramData\Adobe
2016-08-21 13:55 - 2016-08-21 13:55 - 00000000 ____D C:\Users\Fonte\AppData\Roaming\Macromedia
2016-08-21 13:54 - 2016-08-21 16:29 - 00000000 ____D C:\Users\Fonte\AppData\Roaming\Adobe
2016-08-21 13:54 - 2016-08-21 13:54 - 00026112 _____ C:\Windows\KMS-R@1n.exe
2016-08-21 13:54 - 2016-08-21 13:54 - 00005120 _____ C:\Windows\KMS-R@1nHook.exe
2016-08-21 13:54 - 2016-08-21 13:54 - 00004096 _____ C:\Windows\KMS-R@1nHook.dll
2016-08-21 13:54 - 2016-08-21 13:54 - 00003585 _____ C:\Users\Public\Desktop\R@1n.txt
2016-08-21 13:54 - 2016-08-21 13:54 - 00000000 ____D C:\Windows\System32\Tasks\R@1n-KMS
2016-08-21 13:53 - 2016-08-21 14:00 - 00000000 ____D C:\Users\Fonte\AppData\Local\Adobe
2016-08-21 13:53 - 2016-08-21 13:53 - 00330049 __RSH C:\3MDTP
2016-08-21 13:52 - 2016-08-21 13:52 - 00110176 _____ C:\Users\Fonte\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-21 13:52 - 2016-08-21 13:52 - 00000000 ____D C:\Users\Fonte\AppData\Roaming\WinRAR
2016-08-21 11:45 - 2014-05-14 13:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-08-21 11:45 - 2014-05-14 13:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-08-21 11:45 - 2014-05-14 13:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-08-21 11:45 - 2014-05-14 13:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-08-21 11:43 - 2016-08-21 12:32 - 01595296 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-08-21 11:22 - 2016-08-21 11:22 - 00002135 _____ C:\Users\Fonte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-08-21 11:22 - 2016-08-21 11:22 - 00002117 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-08-21 11:22 - 2016-08-21 11:22 - 00002117 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-08-21 11:22 - 2016-08-21 11:22 - 00002117 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-08-21 11:22 - 2016-08-21 11:22 - 00000000 ___RD C:\Users\Fonte\OneDrive
2016-08-21 11:22 - 2016-08-21 11:22 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-08-21 11:21 - 2016-08-21 11:21 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-08-21 11:21 - 2016-08-21 11:21 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-21 11:20 - 2016-08-21 11:20 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-08-21 11:10 - 2016-08-21 11:21 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-08-21 11:10 - 2016-08-21 11:21 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-21 11:10 - 2016-08-21 11:10 - 00002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002363 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002349 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-08-21 11:10 - 2016-08-21 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2016-08-21 11:08 - 2016-08-21 11:08 - 21543568 _____ C:\WindowsMSYH.tt2
2016-08-21 11:08 - 2016-08-21 11:08 - 21302624 _____ C:\WindowsMSJH.tt2
2016-08-21 11:08 - 2016-08-21 11:08 - 14381616 _____ C:\WindowsMSYHBD.tt2
2016-08-21 11:08 - 2016-08-21 11:08 - 14343024 _____ C:\WindowsMSJHBD.tt2
2016-08-21 11:08 - 2016-08-21 11:08 - 00222632 _____ C:\WindowsMSUIGHUR.tt2
2016-08-21 11:08 - 2016-08-21 11:08 - 00094064 _____ C:\WindowsLEELAWAD.tt2
2016-08-21 11:08 - 2016-08-21 11:08 - 00093836 _____ C:\WindowsLEELAWDB.tt2
2016-08-21 11:07 - 2016-08-21 11:10 - 00000000 ____D C:\Program Files\Microsoft Office
2016-08-21 11:07 - 2016-08-21 11:07 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-08-21 11:03 - 2013-01-13 18:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-08-21 11:03 - 2013-01-13 17:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-08-21 11:03 - 2013-01-13 17:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-08-21 11:03 - 2013-01-13 17:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-08-21 11:03 - 2013-01-13 17:08 - 01504768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-08-21 11:03 - 2013-01-13 17:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-08-21 11:03 - 2013-01-13 16:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-08-21 11:03 - 2013-01-13 16:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-08-21 11:03 - 2013-01-13 16:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-08-21 11:03 - 2013-01-13 16:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-08-21 11:03 - 2013-01-13 16:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-08-21 11:03 - 2013-01-13 16:51 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-08-21 11:03 - 2013-01-13 16:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-08-21 11:03 - 2013-01-13 16:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-08-21 11:03 - 2013-01-13 16:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-08-21 11:03 - 2013-01-13 16:43 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-08-21 11:03 - 2013-01-13 16:38 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-08-21 11:03 - 2013-01-13 16:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-08-21 11:03 - 2013-01-13 16:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-08-21 11:03 - 2013-01-13 16:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-08-21 11:03 - 2013-01-13 16:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-08-21 11:03 - 2013-01-13 16:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-08-21 11:03 - 2013-01-13 16:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-08-21 11:03 - 2013-01-13 16:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-08-21 11:03 - 2013-01-13 16:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-08-21 11:03 - 2013-01-13 16:15 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-08-21 11:03 - 2013-01-13 16:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-08-21 11:03 - 2013-01-13 16:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-08-21 11:03 - 2013-01-13 15:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2016-08-21 11:03 - 2013-01-13 15:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-08-21 11:03 - 2013-01-13 15:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-08-21 11:03 - 2013-01-13 14:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-08-21 11:03 - 2013-01-13 14:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-08-21 11:03 - 2013-01-04 03:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-08-21 11:03 - 2013-01-04 03:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-08-21 10:51 - 2016-08-21 10:51 - 00000000 ____D C:\Users\Fonte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-21 10:51 - 2016-08-21 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-21 10:51 - 2016-08-21 10:51 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-08-21 10:35 - 2016-08-21 16:24 - 00000000 ____D C:\Users\Fonte
2016-08-21 10:35 - 2016-08-21 10:35 - 00001430 _____ C:\Users\Fonte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-08-21 10:35 - 2016-08-21 10:35 - 00001396 _____ C:\Users\Fonte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-08-21 10:35 - 2016-08-21 10:35 - 00000020 ___SH C:\Users\Fonte\ntuser.ini
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Usuário Padrão
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Todos os Usuários
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Modelos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Meus documentos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Menu Iniciar
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Documents\Minhas músicas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Documents\Minhas imagens
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Documents\Meus vídeos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Configurações locais
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\AppData\Local\Histórico
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\AppData\Local\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Ambiente de rede
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Ambiente de impressão
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Modelos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Meus documentos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Configurações locais
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\ProgramData\Modelos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\ProgramData\Favoritos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\ProgramData\Documentos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Arquivos de Programas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 ____D C:\Users\Fonte\AppData\Local\VirtualStore
2016-08-21 10:35 - 2010-11-21 06:47 - 00000000 ____D C:\Users\Fonte\AppData\Roaming\Media Center Programs
2016-08-21 10:30 - 2016-08-21 10:30 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-08-21 10:30 - 2016-08-21 10:30 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-08-21 10:29 - 2016-08-21 10:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-08-21 10:26 - 2016-08-21 10:35 - 00000000 ____D C:\Windows\Panther
2016-08-21 10:26 - 2016-08-21 10:26 - 00008192 __RSH C:\BOOTSECT.BAK
2016-08-21 10:26 - 2010-11-21 00:23 - 00383786 __RSH C:\bootmgr
2016-08-21 10:18 - 2016-08-21 10:18 - 00000000 ____D C:\Windows.old.000
2016-08-21 09:57 - 2016-08-21 09:57 - 00000000 ____D C:\Windows.old
2016-08-19 15:23 - 2016-08-19 15:23 - 00000000 ____D C:\easyworship.6.full.full.incl.serial-tsrh
2016-08-19 15:18 - 2016-08-19 15:23 - 00000000 ____D C:\EasyWorship2009
2016-08-19 12:26 - 2016-08-19 12:41 - 00000000 ____D C:\BACHUP PC FONTE
2016-08-19 12:26 - 2016-08-19 12:35 - 00000000 ____D C:\Pregação
2016-08-19 12:26 - 2016-08-19 12:32 - 00000000 ____D C:\musicas
2016-08-19 12:26 - 2016-08-19 12:27 - 00000000 ____D C:\Louvores pro midia
2016-08-19 12:26 - 2016-08-19 12:26 - 00000000 ____D C:\Pasta Jovens
2016-08-19 12:26 - 2016-08-19 12:26 - 00000000 ____D C:\Nova pasta
2016-08-19 12:26 - 2016-08-19 12:26 - 00000000 ____D C:\iefav1
2016-08-19 12:26 - 2016-08-19 12:26 - 00000000 ____D C:\Arquivos da LifeCam
2016-08-19 12:25 - 2016-08-19 12:25 - 00000000 ____D C:\2015
2016-08-19 12:25 - 2016-08-19 12:25 - 00000000 ____D C:\2014
2016-08-19 12:25 - 2016-08-19 12:25 - 00000000 ____D C:\2013
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-21 16:21 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-08-21 16:17 - 2009-07-14 01:45 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-21 16:17 - 2009-07-14 01:45 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-21 13:57 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-08-21 12:32 - 2010-11-21 06:37 - 00704310 _____ C:\Windows\system32\prfh0416.dat
2016-08-21 12:32 - 2010-11-21 06:37 - 00146616 _____ C:\Windows\system32\prfc0416.dat
2016-08-21 12:32 - 2009-07-14 02:13 - 01595296 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-21 11:06 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-21 10:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
2016-08-21 10:35 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Windows NT
2016-08-21 10:34 - 2009-07-14 01:45 - 00274824 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-21 10:30 - 2009-07-14 02:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-21 10:29 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-08-21 10:27 - 2010-11-21 06:47 - 00000000 ____D C:\Windows\CSC
2016-08-21 10:26 - 2009-07-14 02:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-08-21 10:27
==================== Fim de FRST.txt ============================
Executado por Fonte (administrador) em FONTE-PC (21-08-2016 16:29:14)
Executando a partir de C:\Users\Fonte\Desktop
Perfis Carregados: Fonte (Perfis Disponíveis: Fonte)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe
() C:\Windows\KMS-R@1n.exe
() C:\Windows\KMS-R@1nHook.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Windows\KMS-R@1nHook.exe
(Adobe Systems Incorporated) C:\Users\Fonte\AppData\Local\Adobe\OOBE\PDApp\core\PDapp.exe
(Adobe Systems Incorporated) C:\Users\Fonte\AppData\Local\Adobe\OOBE\PDApp\DECore\Setup.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) I:\Programas\Acer drives\atualizaçao win 7\vc_redist.x64.exe
(Microsoft Corporation) C:\Users\Fonte\AppData\Local\Temp\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}\.be\VC_redist.x64.exe
(Microsoft Corporation) C:\Windows\System32\wusa.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\RunOnce: [{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}] => C:\ProgramData\Package Cache\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}\VC_redist.x64.exe [543672 2016-08-21] (Microsoft Corporation)
HKU\S-1-5-21-188482273-1490220644-3337383199-1000\...\Run: [AdobeBridge] => [X]
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
IFEO\SppSvc.exe: [Debugger] KMS-R@1nHook.exe
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5208D560-9330-4950-A1ED-AB45895DA748}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-08-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-08-21] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-21] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-08-21] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-08-21] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-21] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-21] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-08-21] (Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-08-21] [não assinado]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-16] (Microsoft Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-08-21] () [Arquivo não assinado]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-21 16:29 - 2016-08-21 16:30 - 00009497 _____ C:\Users\Fonte\Desktop\FRST.txt
2016-08-21 16:28 - 2016-08-21 16:29 - 00000000 ____D C:\FRST
2016-08-21 16:27 - 2016-08-21 16:27 - 02396672 _____ (Farbar) C:\Users\Fonte\Desktop\FRST64.exe
2016-08-21 16:27 - 2016-08-21 16:27 - 00000000 ____D C:\Windows\system32\Macromed
2016-08-21 16:27 - 2016-08-21 16:27 - 00000000 ____D C:\Users\Todos os Usuários\ALM
2016-08-21 16:27 - 2016-08-21 16:27 - 00000000 ____D C:\Users\Fonte\AppData\Local\mpress
2016-08-21 16:27 - 2016-08-21 16:27 - 00000000 ____D C:\ProgramData\ALM
2016-08-21 16:24 - 2016-08-21 16:24 - 00000000 ____D C:\Users\Fonte\Adobe Flash Builder 4.6
2016-08-21 16:21 - 2016-08-21 16:21 - 00002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2016-08-21 16:21 - 2016-08-21 16:21 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2016-08-21 16:21 - 2016-08-21 16:21 - 00002037 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2016-08-21 16:21 - 2016-08-21 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2016-08-21 16:18 - 2016-08-21 16:18 - 00000000 ___HT C:\Windows\wusa.lock
2016-08-21 16:18 - 2016-08-21 16:18 - 00000000 ____D C:\030b8ab2bb846eb99bb63e03
2016-08-21 16:17 - 2016-08-21 16:17 - 00001108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
2016-08-21 14:04 - 2016-08-21 14:04 - 00000000 ____D C:\Program Files (x86)\My Company Name
2016-08-21 14:04 - 2011-11-03 03:01 - 00056208 ____N (Rovi Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys
2016-08-21 14:04 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2016-08-21 14:04 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2016-08-21 14:01 - 2016-08-21 16:18 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-08-21 14:01 - 2016-08-21 16:18 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-21 14:00 - 2016-08-21 14:00 - 00001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-08-21 14:00 - 2016-08-21 14:00 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\Macromedia
2016-08-21 14:00 - 2016-08-21 14:00 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-08-21 14:00 - 2016-08-21 14:00 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-08-21 13:59 - 2016-08-21 16:26 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-21 13:59 - 2016-08-21 13:59 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-08-21 13:58 - 2016-08-21 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2016-08-21 13:58 - 2016-08-21 16:29 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-08-21 13:58 - 2016-08-21 16:29 - 00000000 ____D C:\Program Files\Adobe
2016-08-21 13:55 - 2016-08-21 16:26 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-08-21 13:55 - 2016-08-21 16:26 - 00000000 ____D C:\ProgramData\Adobe
2016-08-21 13:55 - 2016-08-21 13:55 - 00000000 ____D C:\Users\Fonte\AppData\Roaming\Macromedia
2016-08-21 13:54 - 2016-08-21 16:29 - 00000000 ____D C:\Users\Fonte\AppData\Roaming\Adobe
2016-08-21 13:54 - 2016-08-21 13:54 - 00026112 _____ C:\Windows\KMS-R@1n.exe
2016-08-21 13:54 - 2016-08-21 13:54 - 00005120 _____ C:\Windows\KMS-R@1nHook.exe
2016-08-21 13:54 - 2016-08-21 13:54 - 00004096 _____ C:\Windows\KMS-R@1nHook.dll
2016-08-21 13:54 - 2016-08-21 13:54 - 00003585 _____ C:\Users\Public\Desktop\R@1n.txt
2016-08-21 13:54 - 2016-08-21 13:54 - 00000000 ____D C:\Windows\System32\Tasks\R@1n-KMS
2016-08-21 13:53 - 2016-08-21 14:00 - 00000000 ____D C:\Users\Fonte\AppData\Local\Adobe
2016-08-21 13:53 - 2016-08-21 13:53 - 00330049 __RSH C:\3MDTP
2016-08-21 13:52 - 2016-08-21 13:52 - 00110176 _____ C:\Users\Fonte\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-21 13:52 - 2016-08-21 13:52 - 00000000 ____D C:\Users\Fonte\AppData\Roaming\WinRAR
2016-08-21 11:45 - 2014-05-14 13:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-08-21 11:45 - 2014-05-14 13:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-08-21 11:45 - 2014-05-14 13:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-08-21 11:45 - 2014-05-14 13:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-08-21 11:43 - 2016-08-21 12:32 - 01595296 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-08-21 11:22 - 2016-08-21 11:22 - 00002135 _____ C:\Users\Fonte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-08-21 11:22 - 2016-08-21 11:22 - 00002117 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-08-21 11:22 - 2016-08-21 11:22 - 00002117 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-08-21 11:22 - 2016-08-21 11:22 - 00002117 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-08-21 11:22 - 2016-08-21 11:22 - 00000000 ___RD C:\Users\Fonte\OneDrive
2016-08-21 11:22 - 2016-08-21 11:22 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-08-21 11:21 - 2016-08-21 11:21 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-08-21 11:21 - 2016-08-21 11:21 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-21 11:20 - 2016-08-21 11:20 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-08-21 11:10 - 2016-08-21 11:21 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-08-21 11:10 - 2016-08-21 11:21 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-21 11:10 - 2016-08-21 11:10 - 00002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002363 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002349 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-08-21 11:10 - 2016-08-21 11:10 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-08-21 11:10 - 2016-08-21 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2016-08-21 11:08 - 2016-08-21 11:08 - 21543568 _____ C:\WindowsMSYH.tt2
2016-08-21 11:08 - 2016-08-21 11:08 - 21302624 _____ C:\WindowsMSJH.tt2
2016-08-21 11:08 - 2016-08-21 11:08 - 14381616 _____ C:\WindowsMSYHBD.tt2
2016-08-21 11:08 - 2016-08-21 11:08 - 14343024 _____ C:\WindowsMSJHBD.tt2
2016-08-21 11:08 - 2016-08-21 11:08 - 00222632 _____ C:\WindowsMSUIGHUR.tt2
2016-08-21 11:08 - 2016-08-21 11:08 - 00094064 _____ C:\WindowsLEELAWAD.tt2
2016-08-21 11:08 - 2016-08-21 11:08 - 00093836 _____ C:\WindowsLEELAWDB.tt2
2016-08-21 11:07 - 2016-08-21 11:10 - 00000000 ____D C:\Program Files\Microsoft Office
2016-08-21 11:07 - 2016-08-21 11:07 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-08-21 11:03 - 2013-01-13 18:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 18:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-08-21 11:03 - 2013-01-13 17:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-08-21 11:03 - 2013-01-13 17:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-08-21 11:03 - 2013-01-13 17:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-08-21 11:03 - 2013-01-13 17:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-08-21 11:03 - 2013-01-13 17:08 - 01504768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-08-21 11:03 - 2013-01-13 17:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-08-21 11:03 - 2013-01-13 16:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-08-21 11:03 - 2013-01-13 16:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-08-21 11:03 - 2013-01-13 16:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-08-21 11:03 - 2013-01-13 16:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-08-21 11:03 - 2013-01-13 16:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-08-21 11:03 - 2013-01-13 16:51 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-08-21 11:03 - 2013-01-13 16:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-08-21 11:03 - 2013-01-13 16:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-08-21 11:03 - 2013-01-13 16:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-08-21 11:03 - 2013-01-13 16:43 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-08-21 11:03 - 2013-01-13 16:38 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-08-21 11:03 - 2013-01-13 16:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-08-21 11:03 - 2013-01-13 16:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-08-21 11:03 - 2013-01-13 16:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-08-21 11:03 - 2013-01-13 16:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-08-21 11:03 - 2013-01-13 16:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-08-21 11:03 - 2013-01-13 16:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-08-21 11:03 - 2013-01-13 16:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-08-21 11:03 - 2013-01-13 16:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-08-21 11:03 - 2013-01-13 16:15 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-08-21 11:03 - 2013-01-13 16:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-08-21 11:03 - 2013-01-13 16:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-08-21 11:03 - 2013-01-13 15:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2016-08-21 11:03 - 2013-01-13 15:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-08-21 11:03 - 2013-01-13 15:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-08-21 11:03 - 2013-01-13 14:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-08-21 11:03 - 2013-01-13 14:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-08-21 11:03 - 2013-01-04 03:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-08-21 11:03 - 2013-01-04 03:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-08-21 10:51 - 2016-08-21 10:51 - 00000000 ____D C:\Users\Fonte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-21 10:51 - 2016-08-21 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-21 10:51 - 2016-08-21 10:51 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-08-21 10:35 - 2016-08-21 16:24 - 00000000 ____D C:\Users\Fonte
2016-08-21 10:35 - 2016-08-21 10:35 - 00001430 _____ C:\Users\Fonte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-08-21 10:35 - 2016-08-21 10:35 - 00001396 _____ C:\Users\Fonte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-08-21 10:35 - 2016-08-21 10:35 - 00000020 ___SH C:\Users\Fonte\ntuser.ini
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Usuário Padrão
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Todos os Usuários
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Modelos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Meus documentos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Menu Iniciar
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Documents\Minhas músicas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Documents\Minhas imagens
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Documents\Meus vídeos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Configurações locais
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\AppData\Local\Histórico
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\AppData\Local\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Ambiente de rede
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Fonte\Ambiente de impressão
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Modelos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Meus documentos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Configurações locais
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\ProgramData\Modelos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\ProgramData\Favoritos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\ProgramData\Documentos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 _SHDL C:\Arquivos de Programas
2016-08-21 10:35 - 2016-08-21 10:35 - 00000000 ____D C:\Users\Fonte\AppData\Local\VirtualStore
2016-08-21 10:35 - 2010-11-21 06:47 - 00000000 ____D C:\Users\Fonte\AppData\Roaming\Media Center Programs
2016-08-21 10:30 - 2016-08-21 10:30 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-08-21 10:30 - 2016-08-21 10:30 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-08-21 10:29 - 2016-08-21 10:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-08-21 10:26 - 2016-08-21 10:35 - 00000000 ____D C:\Windows\Panther
2016-08-21 10:26 - 2016-08-21 10:26 - 00008192 __RSH C:\BOOTSECT.BAK
2016-08-21 10:26 - 2010-11-21 00:23 - 00383786 __RSH C:\bootmgr
2016-08-21 10:18 - 2016-08-21 10:18 - 00000000 ____D C:\Windows.old.000
2016-08-21 09:57 - 2016-08-21 09:57 - 00000000 ____D C:\Windows.old
2016-08-19 15:23 - 2016-08-19 15:23 - 00000000 ____D C:\easyworship.6.full.full.incl.serial-tsrh
2016-08-19 15:18 - 2016-08-19 15:23 - 00000000 ____D C:\EasyWorship2009
2016-08-19 12:26 - 2016-08-19 12:41 - 00000000 ____D C:\BACHUP PC FONTE
2016-08-19 12:26 - 2016-08-19 12:35 - 00000000 ____D C:\Pregação
2016-08-19 12:26 - 2016-08-19 12:32 - 00000000 ____D C:\musicas
2016-08-19 12:26 - 2016-08-19 12:27 - 00000000 ____D C:\Louvores pro midia
2016-08-19 12:26 - 2016-08-19 12:26 - 00000000 ____D C:\Pasta Jovens
2016-08-19 12:26 - 2016-08-19 12:26 - 00000000 ____D C:\Nova pasta
2016-08-19 12:26 - 2016-08-19 12:26 - 00000000 ____D C:\iefav1
2016-08-19 12:26 - 2016-08-19 12:26 - 00000000 ____D C:\Arquivos da LifeCam
2016-08-19 12:25 - 2016-08-19 12:25 - 00000000 ____D C:\2015
2016-08-19 12:25 - 2016-08-19 12:25 - 00000000 ____D C:\2014
2016-08-19 12:25 - 2016-08-19 12:25 - 00000000 ____D C:\2013
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-21 16:21 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-08-21 16:17 - 2009-07-14 01:45 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-21 16:17 - 2009-07-14 01:45 - 00020640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-21 13:57 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-08-21 12:32 - 2010-11-21 06:37 - 00704310 _____ C:\Windows\system32\prfh0416.dat
2016-08-21 12:32 - 2010-11-21 06:37 - 00146616 _____ C:\Windows\system32\prfc0416.dat
2016-08-21 12:32 - 2009-07-14 02:13 - 01595296 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-21 11:06 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-21 10:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
2016-08-21 10:35 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Windows NT
2016-08-21 10:34 - 2009-07-14 01:45 - 00274824 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-21 10:30 - 2009-07-14 02:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-21 10:29 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-08-21 10:27 - 2010-11-21 06:47 - 00000000 ____D C:\Windows\CSC
2016-08-21 10:26 - 2009-07-14 02:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-08-21 10:27
==================== Fim de FRST.txt ============================