Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-01-2017
Ran by DoAsnoPC (administrator) on DESKTOP-90OM0O5 (12-01-2017 08:28:27)
Running from C:\Users\DoAsnoPC\Downloads
Loaded Profiles: DoAsnoPC (Available Profiles: DoAsnoPC)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(MDL Forum, mod by Ratiborus) C:\ProgramData\KMSAuto\bin\KMSSS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\DoAsnoPC\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\DoAsnoPC\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\DoAsnoPC\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\DoAsnoPC\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\DoAsnoPC\AppData\Roaming\Spotify\Spotify.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
() C:\Windows\KMS-R@1nHook.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [927280 2016-11-11] (GAS Tecnologia LTDA)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-11-20] (Microsoft Corporation)
Winlogon\Notify\ GbPluginBb: C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-11-11] (Banco do Brasil)
Winlogon\Notify\ GbPluginBes: C:\Program Files (x86)\GbPlugin\gbiehBes.dll [2016-09-02] (Banco do Estado de Sergipe - BANESE)
HKU\S-1-5-21-274241934-1915277421-3324831707-1001\...\Run: [Spotify Web Helper] => C:\Users\DoAsnoPC\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-26] (Spotify Ltd)
HKU\S-1-5-21-274241934-1915277421-3324831707-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [1694344 2016-12-13] (BlueStack Systems, Inc.)
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nHook.exe
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399027} - C:\Program Files (x86)\GbPlugin\gbiehbes.dll [1909984 2016-09-02] (Banco do Estado de Sergipe - BANESE)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1947872 2016-11-11] (Banco do Brasil)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{b86b617f-a7a1-49db-9b5e-74945ba9b103}: [DhcpNameServer] 192.168.25.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-274241934-1915277421-3324831707-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-04] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-04] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-03] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-11-11] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540027} -> C:\Program Files (x86)\GbPlugin\gbiehbes.dll [2016-09-02] (Banco do Estado de Sergipe - BANESE)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-03] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-274241934-1915277421-3324831707-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\DoAsnoPC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-10-26] (Unity Technologies ApS)
Chrome:
=======
CHR Profile: C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default [2017-01-12]
CHR Extension: (Google Slides) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-22]
CHR Extension: (Google Docs) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-22]
CHR Extension: (Google Drive) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-22]
CHR Extension: (YouTube) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-22]
CHR Extension: (Google Sheets) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-22]
CHR Extension: (Google Docs Offline) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-24]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-10-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-22]
CHR Extension: (Gmail) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR HKU\S-1-5-21-274241934-1915277421-3324831707-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-12-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-12-13] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [511512 2016-12-13] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3698888 2016-12-04] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [631520 2016-09-02] (GAS Tecnologia)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [329280 2016-02-19] (Intel Corporation)
S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-10-22] () [File not signed]
R2 KMSEmulator; C:\ProgramData\KMSAuto\bin\KMSSS.exe [301056 2015-07-24] (MDL Forum, mod by Ratiborus) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-11-20] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [256120 2016-02-01] (Synaptics Incorporated)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [927280 2016-11-11] (GAS Tecnologia LTDA)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-12-13] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-11-08] (Bluestack System Inc. )
R1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2017-01-12] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2016-09-02] (GAS Tecnologia)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2016-09-02] (GAS Tecnologia LTDA)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [28376 2017-01-12] (GAS Tecnologia)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [47176 2016-11-11] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [25184 2016-11-11] (GAS Tecnologia)
R3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [25184 2016-11-11] (GAS Tecnologia)
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-12 08:28 - 2017-01-12 08:30 - 00014766 _____ C:\Users\DoAsnoPC\Downloads\FRST.txt
2017-01-12 08:28 - 2017-01-12 08:28 - 00000000 ____D C:\FRST
2017-01-12 08:27 - 2017-01-12 08:28 - 02419200 _____ (Farbar) C:\Users\DoAsnoPC\Downloads\FRST64.exe
2017-01-12 08:27 - 2017-01-12 08:27 - 01761280 _____ (Farbar) C:\Users\DoAsnoPC\Downloads\FRST.exe
2017-01-11 16:37 - 2017-01-11 16:42 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Local\Troubleshooter
2017-01-11 16:37 - 2017-01-11 16:37 - 00000000 ____D C:\Users\DoAsnoPC\.android
2017-01-11 16:33 - 2017-01-11 16:33 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Local\Macromedia
2017-01-11 16:31 - 2017-01-11 16:31 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Roaming\Mozilla
2017-01-11 16:30 - 2016-11-23 10:37 - 00000570 _____ C:\Users\DoAsnoPC\AppData\Local\TroubleshooterConfig.json
2017-01-11 16:29 - 2017-01-11 16:30 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2017-01-11 16:29 - 2017-01-11 16:29 - 00001644 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2017-01-11 16:29 - 2017-01-11 16:29 - 00001644 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2017-01-11 16:28 - 2017-01-11 16:28 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Local\Bluestacks
2017-01-11 16:26 - 2017-01-11 16:29 - 00000000 ____D C:\Program Files (x86)\Bluestacks
2017-01-11 16:26 - 2016-12-13 14:27 - 00000000 ____D C:\ProgramData\Bluestacks
2017-01-11 16:23 - 2017-01-11 16:26 - 331190024 _____ (BlueStack Systems Inc.) C:\Users\DoAsnoPC\Downloads\BlueStacks2_native_c220567f61452e2cb6c7296f52cd88d6.exe
2017-01-10 07:39 - 2017-01-10 07:39 - 00180346 _____ C:\Users\DoAsnoPC\Documents\Books List Y4.pdf
2017-01-10 07:38 - 2017-01-10 07:38 - 00213106 _____ C:\Users\DoAsnoPC\Documents\Books List Y5.pdf
2017-01-10 07:37 - 2017-01-10 07:37 - 00069757 _____ C:\Users\DoAsnoPC\Documents\Books List Y6.pdf
2017-01-10 07:37 - 2017-01-10 07:37 - 00062423 _____ C:\Users\DoAsnoPC\Documents\Books List Y8.pdf
2017-01-10 07:36 - 2017-01-10 07:36 - 00081398 _____ C:\Users\DoAsnoPC\Documents\Books List Y7.pdf
2017-01-06 20:18 - 2017-01-06 20:18 - 00025738 _____ C:\Users\DoAsnoPC\Desktop\extrato-segunda-via-publica-visualizacao.pdf
2016-12-30 11:19 - 2016-11-11 14:41 - 00047176 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddntf.sys
2016-12-30 11:19 - 2016-11-11 14:41 - 00025184 ____N (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddprm.sys
2016-12-30 11:19 - 2016-11-11 14:41 - 00010345 _____ C:\WINDOWS\system32\Drivers\wsddntf.cat
2016-12-30 11:19 - 2016-11-11 14:41 - 00002708 _____ C:\WINDOWS\system32\Drivers\wsddntf.inf
2016-12-22 14:21 - 2016-12-22 14:22 - 00163704 _____ C:\Users\DoAsnoPC\Downloads\WhatsApp Image 2016-12-22 at 2.21.04 PM.jpeg
2016-12-21 12:17 - 2016-12-21 12:23 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 10 Complete 720p.BRrip.Sujaidr
2016-12-20 16:50 - 2016-12-20 17:39 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 9 Complete 720p.BRrip.sujaidr
2016-12-19 16:04 - 2016-12-19 16:55 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 8 Complete 720p.BRrip.mrlss.sujaidr
2016-12-19 15:09 - 2016-12-19 15:14 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 7 Complete.720p.BRrip.mrlss.sujaidr
2016-12-19 13:12 - 2016-12-19 14:30 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 6 Complete 720p.BRrip.mrlss.sujaidr
2016-12-19 11:37 - 2016-12-19 12:14 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 5 Complete 720p.BRrip.mrlss.sujaidr
2016-12-17 09:41 - 2016-12-17 09:41 - 00003296 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-17 09:30 - 2016-12-17 09:31 - 00417372 _____ C:\WINDOWS\Minidump\121716-60625-01.dmp
2016-12-15 09:38 - 2016-12-15 09:38 - 01518466 _____ C:\Users\DoAsnoPC\Downloads\Year 9 Class Schedule 2017.docx
2016-12-15 09:38 - 2016-12-15 09:38 - 01518456 _____ C:\Users\DoAsnoPC\Downloads\Year 7 Class Schedule 2017.docx
2016-12-15 09:38 - 2016-12-15 09:38 - 01518210 _____ C:\Users\DoAsnoPC\Downloads\Year 6 Class Schedule 2017.docx
2016-12-15 09:38 - 2016-12-15 09:38 - 01518135 _____ C:\Users\DoAsnoPC\Downloads\Year 8 Class Schedule 2017.docx
2016-12-14 17:23 - 2016-12-09 07:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-14 17:23 - 2016-12-09 07:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-14 17:23 - 2016-12-09 06:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-14 17:23 - 2016-12-09 06:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-14 17:23 - 2016-12-09 06:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-14 17:23 - 2016-12-09 06:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-14 17:23 - 2016-12-09 06:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-14 17:23 - 2016-12-09 06:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-14 17:23 - 2016-12-09 06:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-14 17:23 - 2016-12-09 06:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-14 17:23 - 2016-12-09 06:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-14 17:22 - 2016-12-09 07:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-14 17:22 - 2016-12-09 07:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-14 17:22 - 2016-12-09 07:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-14 17:22 - 2016-12-09 06:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-14 17:22 - 2016-12-09 06:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-14 17:22 - 2016-12-09 06:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-14 17:22 - 2016-12-09 06:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-14 17:22 - 2016-12-09 06:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-14 17:22 - 2016-12-09 06:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-14 17:22 - 2016-12-09 06:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-14 17:22 - 2016-12-09 06:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-14 17:22 - 2016-12-09 06:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-14 17:22 - 2016-12-09 06:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-14 17:22 - 2016-12-09 06:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-14 17:22 - 2016-12-09 06:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-14 17:22 - 2016-12-09 06:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-14 17:22 - 2016-12-09 06:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-14 17:22 - 2016-12-09 06:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-14 17:22 - 2016-12-09 06:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-14 17:22 - 2016-12-09 06:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-14 17:22 - 2016-12-09 06:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-14 17:22 - 2016-12-09 06:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-14 17:22 - 2016-12-09 06:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-14 17:22 - 2016-12-09 06:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-14 17:22 - 2016-12-09 06:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-14 17:22 - 2016-12-09 06:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-14 17:22 - 2016-12-09 06:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-14 17:22 - 2016-12-09 06:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-14 17:22 - 2016-12-09 06:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-14 17:22 - 2016-12-09 05:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-14 17:14 - 2016-12-09 07:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-14 17:14 - 2016-12-09 07:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-14 17:14 - 2016-12-09 07:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-14 17:14 - 2016-12-09 06:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-14 17:14 - 2016-12-09 06:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-14 17:14 - 2016-12-09 06:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-14 17:13 - 2016-12-09 07:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-14 17:13 - 2016-12-09 07:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-14 17:13 - 2016-12-09 07:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-14 17:13 - 2016-12-09 07:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-14 17:13 - 2016-12-09 07:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-14 17:13 - 2016-12-09 07:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-14 17:13 - 2016-12-09 07:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-14 17:13 - 2016-12-09 07:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-14 17:13 - 2016-12-09 06:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-14 17:13 - 2016-12-09 06:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-14 17:13 - 2016-12-09 06:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-14 17:13 - 2016-12-09 06:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-14 17:13 - 2016-12-09 06:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-14 17:13 - 2016-12-09 06:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-14 17:13 - 2016-12-09 06:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-14 17:13 - 2016-12-09 06:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-14 17:13 - 2016-12-09 06:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-14 17:13 - 2016-12-09 06:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-14 17:13 - 2016-12-09 06:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-14 17:13 - 2016-12-09 06:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-14 17:13 - 2016-12-09 06:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-14 17:13 - 2016-12-09 06:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-14 17:13 - 2016-12-09 06:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-14 17:13 - 2016-12-09 06:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-14 17:13 - 2016-12-09 06:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-14 17:13 - 2016-12-09 06:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-14 17:13 - 2016-12-09 06:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-14 17:13 - 2016-12-09 06:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-14 17:13 - 2016-12-09 06:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-14 17:13 - 2016-12-09 06:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-14 17:13 - 2016-12-09 06:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-14 17:13 - 2016-12-09 06:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-14 17:13 - 2016-12-09 06:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-14 17:12 - 2016-12-09 07:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-14 17:12 - 2016-12-09 07:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-14 17:12 - 2016-12-09 07:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-14 17:12 - 2016-12-09 07:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-14 17:12 - 2016-12-09 07:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-14 17:12 - 2016-12-09 07:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-14 17:12 - 2016-12-09 07:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-14 17:12 - 2016-12-09 07:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 17:12 - 2016-12-09 07:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-14 17:12 - 2016-12-09 07:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-14 17:12 - 2016-12-09 07:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-14 17:12 - 2016-12-09 07:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-14 17:12 - 2016-12-09 07:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-14 17:12 - 2016-12-09 07:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-14 17:12 - 2016-12-09 07:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-14 17:12 - 2016-12-09 07:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-14 17:12 - 2016-12-09 07:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-14 17:12 - 2016-12-09 06:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-14 17:12 - 2016-12-09 06:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-14 17:12 - 2016-12-09 06:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-14 17:12 - 2016-12-09 06:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-14 17:12 - 2016-12-09 06:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-14 17:12 - 2016-12-09 06:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-14 17:12 - 2016-12-09 06:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-14 17:12 - 2016-12-09 06:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-14 17:12 - 2016-12-09 06:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-14 17:12 - 2016-12-09 06:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-14 17:12 - 2016-12-09 06:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-14 17:12 - 2016-12-09 06:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-14 17:11 - 2016-12-09 07:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-14 17:11 - 2016-12-09 07:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-14 17:11 - 2016-12-09 07:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-14 17:11 - 2016-12-09 07:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-14 14:14 - 2016-12-14 14:14 - 00000000 __SHD C:\found.003
2016-12-14 13:58 - 2016-12-14 13:58 - 00372724 _____ C:\WINDOWS\Minidump\121416-41437-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-12 08:27 - 2016-10-27 15:32 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Local\Spotify
2017-01-12 08:27 - 2016-10-27 15:30 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Roaming\Spotify
2017-01-12 08:16 - 2016-11-03 21:02 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2017-01-12 08:16 - 2016-10-22 15:00 - 00000000 __SHD C:\Users\DoAsnoPC\IntelGraphicsProfiles
2017-01-12 08:15 - 2016-11-19 23:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-12 08:15 - 2016-11-03 21:08 - 00028376 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2017-01-12 08:15 - 2016-11-03 21:02 - 00000000 ____D C:\ProgramData\GbPlugin
2017-01-12 08:15 - 2016-11-03 21:02 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2017-01-12 08:15 - 2016-07-16 03:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-12 08:03 - 2016-11-19 23:26 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-11 17:40 - 2016-07-16 08:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 16:37 - 2016-11-19 23:38 - 00000000 ____D C:\Users\DoAsnoPC
2017-01-11 16:29 - 2016-07-16 08:47 - 00000000 __RHD C:\Users\Public\Libraries
2017-01-11 15:47 - 2016-07-16 08:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-11 15:47 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-10 17:00 - 2016-11-19 23:51 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-10 08:22 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-04 11:47 - 2016-10-22 12:27 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Local\Packages
2017-01-04 09:18 - 2016-10-31 13:40 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Roaming\uTorrent
2017-01-04 09:17 - 2016-07-16 08:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-30 10:58 - 2016-07-16 08:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-30 10:57 - 2016-07-16 03:04 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-30 10:55 - 2016-10-22 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-19 15:24 - 2016-11-19 23:37 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{b794f0c9-4b5d-11e6-80e4-e41d2d719790}.TMContainer00000000000000000001.regtrans-ms
2016-12-17 14:50 - 2016-11-06 12:42 - 00002115 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-12-17 14:50 - 2016-11-06 12:42 - 00002113 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-12-17 14:50 - 2016-11-06 12:42 - 00002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-12-17 14:50 - 2016-10-22 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-12-17 14:43 - 2016-11-19 23:51 - 00003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 14:43 - 2016-11-19 23:51 - 00003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 14:43 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-17 12:51 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-17 09:41 - 2016-11-19 23:38 - 00000000 ___RD C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-17 09:41 - 2016-10-22 12:31 - 00002372 _____ C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-17 09:36 - 2016-11-19 23:26 - 00338592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-17 09:35 - 2016-11-19 23:26 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{b794f0cf-4b5d-11e6-80e4-e41d2d719790}.TMContainer00000000000000000001.regtrans-ms
2016-12-17 09:35 - 2016-11-19 23:26 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{b794f0cf-4b5d-11e6-80e4-e41d2d719790}.TM.blf
2016-12-17 09:34 - 2016-07-16 08:47 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-17 09:34 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\SysWOW64
2016-12-17 09:34 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\System32
2016-12-17 09:30 - 2016-12-06 14:29 - 00000000 ____D C:\WINDOWS\Minidump
2016-12-17 09:30 - 2016-12-06 14:28 - 515192537 _____ C:\WINDOWS\MEMORY.DMP
2016-12-15 07:44 - 2016-10-22 16:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-15 07:39 - 2016-10-22 16:49 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-15 07:39 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\debug
2016-12-15 07:30 - 2016-10-22 13:45 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 16:05 - 2016-11-19 23:38 - 00524288 ___SH C:\Users\DoAsnoPC\NTUSER.DAT{a6b7c04e-aec8-11e6-b9a0-e5bbc836cc39}.TMContainer00000000000000000002.regtrans-ms
2016-12-14 16:05 - 2016-11-19 23:38 - 00524288 ___SH C:\Users\DoAsnoPC\NTUSER.DAT{a6b7c04e-aec8-11e6-b9a0-e5bbc836cc39}.TMContainer00000000000000000001.regtrans-ms
2016-12-14 16:05 - 2016-11-19 23:38 - 00065536 ___SH C:\Users\DoAsnoPC\NTUSER.DAT{a6b7c04e-aec8-11e6-b9a0-e5bbc836cc39}.TM.blf
2016-12-14 14:20 - 2016-10-22 12:23 - 00944346 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-14 14:20 - 2016-07-16 08:49 - 00766862 _____ C:\WINDOWS\system32\perfh009.dat
2016-12-14 14:20 - 2016-07-16 08:49 - 00169300 _____ C:\WINDOWS\system32\perfc009.dat
2016-12-14 14:16 - 2016-11-20 00:03 - 00000174 ___SH C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-14 14:16 - 2016-10-22 12:28 - 00000402 ___SH C:\Users\DoAsnoPC\Documents\desktop.ini
2016-12-14 14:16 - 2016-10-22 12:28 - 00000282 ___SH C:\Users\DoAsnoPC\Downloads\desktop.ini
2016-12-14 14:16 - 2016-10-22 12:28 - 00000282 ___SH C:\Users\DoAsnoPC\Desktop\desktop.ini
2016-12-14 14:16 - 2016-10-22 12:28 - 00000174 ___SH C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-14 14:16 - 2016-10-22 12:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-14 14:16 - 2016-10-22 12:28 - 00000000 ___RD C:\Users\DoAsnoPC\Searches
2016-12-14 14:16 - 2016-10-22 12:28 - 00000000 ___RD C:\Users\DoAsnoPC\Contacts
2016-12-14 14:16 - 2016-10-22 12:28 - 00000000 ___RD C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-14 14:16 - 2016-10-22 12:28 - 00000000 ___RD C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Videos
2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Saved Games
2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Pictures
2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Music
2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Links
2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Favorites
2016-12-14 14:16 - 2016-07-16 03:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT
2016-12-14 14:10 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\config\TxR
2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\wbem
2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-14 14:09 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-14 14:09 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-14 14:09 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-14 14:08 - 2016-07-16 08:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-14 14:08 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\WDI
2016-12-14 14:08 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-14 14:08 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-14 14:08 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-14 14:08 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-13 08:35 - 2016-11-19 23:32 - 00015487 _____ C:\WINDOWS\setupact.log
==================== Files in the root of some directories =======
2017-01-11 16:30 - 2016-11-23 10:37 - 0000570 _____ () C:\Users\DoAsnoPC\AppData\Local\TroubleshooterConfig.json
2016-11-19 23:32 - 2016-11-19 23:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-11 08:43
==================== End of FRST.txt ============================
Ran by DoAsnoPC (administrator) on DESKTOP-90OM0O5 (12-01-2017 08:28:27)
Running from C:\Users\DoAsnoPC\Downloads
Loaded Profiles: DoAsnoPC (Available Profiles: DoAsnoPC)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(MDL Forum, mod by Ratiborus) C:\ProgramData\KMSAuto\bin\KMSSS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\DoAsnoPC\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\DoAsnoPC\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\DoAsnoPC\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\DoAsnoPC\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\DoAsnoPC\AppData\Roaming\Spotify\Spotify.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
() C:\Windows\KMS-R@1nHook.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [927280 2016-11-11] (GAS Tecnologia LTDA)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-11-20] (Microsoft Corporation)
Winlogon\Notify\ GbPluginBb: C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-11-11] (Banco do Brasil)
Winlogon\Notify\ GbPluginBes: C:\Program Files (x86)\GbPlugin\gbiehBes.dll [2016-09-02] (Banco do Estado de Sergipe - BANESE)
HKU\S-1-5-21-274241934-1915277421-3324831707-1001\...\Run: [Spotify Web Helper] => C:\Users\DoAsnoPC\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-26] (Spotify Ltd)
HKU\S-1-5-21-274241934-1915277421-3324831707-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [1694344 2016-12-13] (BlueStack Systems, Inc.)
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nHook.exe
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399027} - C:\Program Files (x86)\GbPlugin\gbiehbes.dll [1909984 2016-09-02] (Banco do Estado de Sergipe - BANESE)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1947872 2016-11-11] (Banco do Brasil)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{b86b617f-a7a1-49db-9b5e-74945ba9b103}: [DhcpNameServer] 192.168.25.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-274241934-1915277421-3324831707-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-04] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-04] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-03] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-11-11] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540027} -> C:\Program Files (x86)\GbPlugin\gbiehbes.dll [2016-09-02] (Banco do Estado de Sergipe - BANESE)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-03] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-274241934-1915277421-3324831707-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\DoAsnoPC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-10-26] (Unity Technologies ApS)
Chrome:
=======
CHR Profile: C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default [2017-01-12]
CHR Extension: (Google Slides) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-22]
CHR Extension: (Google Docs) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-22]
CHR Extension: (Google Drive) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-22]
CHR Extension: (YouTube) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-22]
CHR Extension: (Google Sheets) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-22]
CHR Extension: (Google Docs Offline) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-24]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-10-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-22]
CHR Extension: (Gmail) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\DoAsnoPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR HKU\S-1-5-21-274241934-1915277421-3324831707-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-12-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-12-13] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [511512 2016-12-13] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3698888 2016-12-04] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [631520 2016-09-02] (GAS Tecnologia)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [329280 2016-02-19] (Intel Corporation)
S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-10-22] () [File not signed]
R2 KMSEmulator; C:\ProgramData\KMSAuto\bin\KMSSS.exe [301056 2015-07-24] (MDL Forum, mod by Ratiborus) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-11-20] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [256120 2016-02-01] (Synaptics Incorporated)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [927280 2016-11-11] (GAS Tecnologia LTDA)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-12-13] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-11-08] (Bluestack System Inc. )
R1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2017-01-12] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2016-09-02] (GAS Tecnologia)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2016-09-02] (GAS Tecnologia LTDA)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [28376 2017-01-12] (GAS Tecnologia)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [47176 2016-11-11] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [25184 2016-11-11] (GAS Tecnologia)
R3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [25184 2016-11-11] (GAS Tecnologia)
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-12 08:28 - 2017-01-12 08:30 - 00014766 _____ C:\Users\DoAsnoPC\Downloads\FRST.txt
2017-01-12 08:28 - 2017-01-12 08:28 - 00000000 ____D C:\FRST
2017-01-12 08:27 - 2017-01-12 08:28 - 02419200 _____ (Farbar) C:\Users\DoAsnoPC\Downloads\FRST64.exe
2017-01-12 08:27 - 2017-01-12 08:27 - 01761280 _____ (Farbar) C:\Users\DoAsnoPC\Downloads\FRST.exe
2017-01-11 16:37 - 2017-01-11 16:42 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Local\Troubleshooter
2017-01-11 16:37 - 2017-01-11 16:37 - 00000000 ____D C:\Users\DoAsnoPC\.android
2017-01-11 16:33 - 2017-01-11 16:33 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Local\Macromedia
2017-01-11 16:31 - 2017-01-11 16:31 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Roaming\Mozilla
2017-01-11 16:30 - 2016-11-23 10:37 - 00000570 _____ C:\Users\DoAsnoPC\AppData\Local\TroubleshooterConfig.json
2017-01-11 16:29 - 2017-01-11 16:30 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2017-01-11 16:29 - 2017-01-11 16:29 - 00001644 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2017-01-11 16:29 - 2017-01-11 16:29 - 00001644 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2017-01-11 16:28 - 2017-01-11 16:28 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Local\Bluestacks
2017-01-11 16:26 - 2017-01-11 16:29 - 00000000 ____D C:\Program Files (x86)\Bluestacks
2017-01-11 16:26 - 2016-12-13 14:27 - 00000000 ____D C:\ProgramData\Bluestacks
2017-01-11 16:23 - 2017-01-11 16:26 - 331190024 _____ (BlueStack Systems Inc.) C:\Users\DoAsnoPC\Downloads\BlueStacks2_native_c220567f61452e2cb6c7296f52cd88d6.exe
2017-01-10 07:39 - 2017-01-10 07:39 - 00180346 _____ C:\Users\DoAsnoPC\Documents\Books List Y4.pdf
2017-01-10 07:38 - 2017-01-10 07:38 - 00213106 _____ C:\Users\DoAsnoPC\Documents\Books List Y5.pdf
2017-01-10 07:37 - 2017-01-10 07:37 - 00069757 _____ C:\Users\DoAsnoPC\Documents\Books List Y6.pdf
2017-01-10 07:37 - 2017-01-10 07:37 - 00062423 _____ C:\Users\DoAsnoPC\Documents\Books List Y8.pdf
2017-01-10 07:36 - 2017-01-10 07:36 - 00081398 _____ C:\Users\DoAsnoPC\Documents\Books List Y7.pdf
2017-01-06 20:18 - 2017-01-06 20:18 - 00025738 _____ C:\Users\DoAsnoPC\Desktop\extrato-segunda-via-publica-visualizacao.pdf
2016-12-30 11:19 - 2016-11-11 14:41 - 00047176 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddntf.sys
2016-12-30 11:19 - 2016-11-11 14:41 - 00025184 ____N (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddprm.sys
2016-12-30 11:19 - 2016-11-11 14:41 - 00010345 _____ C:\WINDOWS\system32\Drivers\wsddntf.cat
2016-12-30 11:19 - 2016-11-11 14:41 - 00002708 _____ C:\WINDOWS\system32\Drivers\wsddntf.inf
2016-12-22 14:21 - 2016-12-22 14:22 - 00163704 _____ C:\Users\DoAsnoPC\Downloads\WhatsApp Image 2016-12-22 at 2.21.04 PM.jpeg
2016-12-21 12:17 - 2016-12-21 12:23 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 10 Complete 720p.BRrip.Sujaidr
2016-12-20 16:50 - 2016-12-20 17:39 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 9 Complete 720p.BRrip.sujaidr
2016-12-19 16:04 - 2016-12-19 16:55 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 8 Complete 720p.BRrip.mrlss.sujaidr
2016-12-19 15:09 - 2016-12-19 15:14 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 7 Complete.720p.BRrip.mrlss.sujaidr
2016-12-19 13:12 - 2016-12-19 14:30 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 6 Complete 720p.BRrip.mrlss.sujaidr
2016-12-19 11:37 - 2016-12-19 12:14 - 00000000 ____D C:\Users\DoAsnoPC\Downloads\Friends Season 5 Complete 720p.BRrip.mrlss.sujaidr
2016-12-17 09:41 - 2016-12-17 09:41 - 00003296 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-17 09:30 - 2016-12-17 09:31 - 00417372 _____ C:\WINDOWS\Minidump\121716-60625-01.dmp
2016-12-15 09:38 - 2016-12-15 09:38 - 01518466 _____ C:\Users\DoAsnoPC\Downloads\Year 9 Class Schedule 2017.docx
2016-12-15 09:38 - 2016-12-15 09:38 - 01518456 _____ C:\Users\DoAsnoPC\Downloads\Year 7 Class Schedule 2017.docx
2016-12-15 09:38 - 2016-12-15 09:38 - 01518210 _____ C:\Users\DoAsnoPC\Downloads\Year 6 Class Schedule 2017.docx
2016-12-15 09:38 - 2016-12-15 09:38 - 01518135 _____ C:\Users\DoAsnoPC\Downloads\Year 8 Class Schedule 2017.docx
2016-12-14 17:23 - 2016-12-09 07:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-14 17:23 - 2016-12-09 07:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-14 17:23 - 2016-12-09 06:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-14 17:23 - 2016-12-09 06:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-14 17:23 - 2016-12-09 06:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-14 17:23 - 2016-12-09 06:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-14 17:23 - 2016-12-09 06:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-14 17:23 - 2016-12-09 06:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-14 17:23 - 2016-12-09 06:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-14 17:23 - 2016-12-09 06:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-14 17:23 - 2016-12-09 06:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-14 17:22 - 2016-12-09 07:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-14 17:22 - 2016-12-09 07:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-14 17:22 - 2016-12-09 07:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-14 17:22 - 2016-12-09 06:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-14 17:22 - 2016-12-09 06:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-14 17:22 - 2016-12-09 06:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-14 17:22 - 2016-12-09 06:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-14 17:22 - 2016-12-09 06:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-14 17:22 - 2016-12-09 06:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-14 17:22 - 2016-12-09 06:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-14 17:22 - 2016-12-09 06:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-14 17:22 - 2016-12-09 06:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-14 17:22 - 2016-12-09 06:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-14 17:22 - 2016-12-09 06:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-14 17:22 - 2016-12-09 06:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-14 17:22 - 2016-12-09 06:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-14 17:22 - 2016-12-09 06:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-14 17:22 - 2016-12-09 06:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-14 17:22 - 2016-12-09 06:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-14 17:22 - 2016-12-09 06:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-14 17:22 - 2016-12-09 06:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-14 17:22 - 2016-12-09 06:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-14 17:22 - 2016-12-09 06:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-14 17:22 - 2016-12-09 06:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-14 17:22 - 2016-12-09 06:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-14 17:22 - 2016-12-09 06:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-14 17:22 - 2016-12-09 06:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-14 17:22 - 2016-12-09 06:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-14 17:22 - 2016-12-09 06:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-14 17:22 - 2016-12-09 05:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-14 17:14 - 2016-12-09 07:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-14 17:14 - 2016-12-09 07:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-14 17:14 - 2016-12-09 07:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-14 17:14 - 2016-12-09 06:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-14 17:14 - 2016-12-09 06:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-14 17:14 - 2016-12-09 06:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-14 17:13 - 2016-12-09 07:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-14 17:13 - 2016-12-09 07:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-14 17:13 - 2016-12-09 07:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-14 17:13 - 2016-12-09 07:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-14 17:13 - 2016-12-09 07:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-14 17:13 - 2016-12-09 07:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-14 17:13 - 2016-12-09 07:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-14 17:13 - 2016-12-09 07:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-14 17:13 - 2016-12-09 06:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-14 17:13 - 2016-12-09 06:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-14 17:13 - 2016-12-09 06:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-14 17:13 - 2016-12-09 06:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-14 17:13 - 2016-12-09 06:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-14 17:13 - 2016-12-09 06:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-14 17:13 - 2016-12-09 06:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-14 17:13 - 2016-12-09 06:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-14 17:13 - 2016-12-09 06:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-14 17:13 - 2016-12-09 06:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-14 17:13 - 2016-12-09 06:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-14 17:13 - 2016-12-09 06:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-14 17:13 - 2016-12-09 06:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-14 17:13 - 2016-12-09 06:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-14 17:13 - 2016-12-09 06:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-14 17:13 - 2016-12-09 06:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-14 17:13 - 2016-12-09 06:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-14 17:13 - 2016-12-09 06:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-14 17:13 - 2016-12-09 06:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-14 17:13 - 2016-12-09 06:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-14 17:13 - 2016-12-09 06:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-14 17:13 - 2016-12-09 06:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-14 17:13 - 2016-12-09 06:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-14 17:13 - 2016-12-09 06:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-14 17:13 - 2016-12-09 06:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-14 17:12 - 2016-12-09 07:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-14 17:12 - 2016-12-09 07:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-14 17:12 - 2016-12-09 07:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-14 17:12 - 2016-12-09 07:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-14 17:12 - 2016-12-09 07:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-14 17:12 - 2016-12-09 07:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-14 17:12 - 2016-12-09 07:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-14 17:12 - 2016-12-09 07:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 17:12 - 2016-12-09 07:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-14 17:12 - 2016-12-09 07:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-14 17:12 - 2016-12-09 07:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-14 17:12 - 2016-12-09 07:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-14 17:12 - 2016-12-09 07:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-14 17:12 - 2016-12-09 07:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-14 17:12 - 2016-12-09 07:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-14 17:12 - 2016-12-09 07:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-14 17:12 - 2016-12-09 07:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-14 17:12 - 2016-12-09 06:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-14 17:12 - 2016-12-09 06:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-14 17:12 - 2016-12-09 06:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-14 17:12 - 2016-12-09 06:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-14 17:12 - 2016-12-09 06:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-14 17:12 - 2016-12-09 06:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-14 17:12 - 2016-12-09 06:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-14 17:12 - 2016-12-09 06:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-14 17:12 - 2016-12-09 06:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-14 17:12 - 2016-12-09 06:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-14 17:12 - 2016-12-09 06:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-14 17:12 - 2016-12-09 06:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-14 17:11 - 2016-12-09 07:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-14 17:11 - 2016-12-09 07:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-14 17:11 - 2016-12-09 07:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-14 17:11 - 2016-12-09 07:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-14 14:14 - 2016-12-14 14:14 - 00000000 __SHD C:\found.003
2016-12-14 13:58 - 2016-12-14 13:58 - 00372724 _____ C:\WINDOWS\Minidump\121416-41437-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-12 08:27 - 2016-10-27 15:32 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Local\Spotify
2017-01-12 08:27 - 2016-10-27 15:30 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Roaming\Spotify
2017-01-12 08:16 - 2016-11-03 21:02 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2017-01-12 08:16 - 2016-10-22 15:00 - 00000000 __SHD C:\Users\DoAsnoPC\IntelGraphicsProfiles
2017-01-12 08:15 - 2016-11-19 23:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-12 08:15 - 2016-11-03 21:08 - 00028376 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2017-01-12 08:15 - 2016-11-03 21:02 - 00000000 ____D C:\ProgramData\GbPlugin
2017-01-12 08:15 - 2016-11-03 21:02 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2017-01-12 08:15 - 2016-07-16 03:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-12 08:03 - 2016-11-19 23:26 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-11 17:40 - 2016-07-16 08:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 16:37 - 2016-11-19 23:38 - 00000000 ____D C:\Users\DoAsnoPC
2017-01-11 16:29 - 2016-07-16 08:47 - 00000000 __RHD C:\Users\Public\Libraries
2017-01-11 15:47 - 2016-07-16 08:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-11 15:47 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-10 17:00 - 2016-11-19 23:51 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-10 08:22 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-04 11:47 - 2016-10-22 12:27 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Local\Packages
2017-01-04 09:18 - 2016-10-31 13:40 - 00000000 ____D C:\Users\DoAsnoPC\AppData\Roaming\uTorrent
2017-01-04 09:17 - 2016-07-16 08:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-30 10:58 - 2016-07-16 08:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-30 10:57 - 2016-07-16 03:04 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-30 10:55 - 2016-10-22 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-19 15:24 - 2016-11-19 23:37 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{b794f0c9-4b5d-11e6-80e4-e41d2d719790}.TMContainer00000000000000000001.regtrans-ms
2016-12-17 14:50 - 2016-11-06 12:42 - 00002115 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-12-17 14:50 - 2016-11-06 12:42 - 00002113 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-12-17 14:50 - 2016-11-06 12:42 - 00002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-12-17 14:50 - 2016-10-22 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-12-17 14:43 - 2016-11-19 23:51 - 00003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 14:43 - 2016-11-19 23:51 - 00003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 14:43 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-17 12:51 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-17 09:41 - 2016-11-19 23:38 - 00000000 ___RD C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-17 09:41 - 2016-10-22 12:31 - 00002372 _____ C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-17 09:36 - 2016-11-19 23:26 - 00338592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-17 09:35 - 2016-11-19 23:26 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{b794f0cf-4b5d-11e6-80e4-e41d2d719790}.TMContainer00000000000000000001.regtrans-ms
2016-12-17 09:35 - 2016-11-19 23:26 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{b794f0cf-4b5d-11e6-80e4-e41d2d719790}.TM.blf
2016-12-17 09:34 - 2016-07-16 08:47 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-17 09:34 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-17 09:34 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\SysWOW64
2016-12-17 09:34 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\System32
2016-12-17 09:30 - 2016-12-06 14:29 - 00000000 ____D C:\WINDOWS\Minidump
2016-12-17 09:30 - 2016-12-06 14:28 - 515192537 _____ C:\WINDOWS\MEMORY.DMP
2016-12-15 07:44 - 2016-10-22 16:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-15 07:39 - 2016-10-22 16:49 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-15 07:39 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\debug
2016-12-15 07:30 - 2016-10-22 13:45 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 16:05 - 2016-11-19 23:38 - 00524288 ___SH C:\Users\DoAsnoPC\NTUSER.DAT{a6b7c04e-aec8-11e6-b9a0-e5bbc836cc39}.TMContainer00000000000000000002.regtrans-ms
2016-12-14 16:05 - 2016-11-19 23:38 - 00524288 ___SH C:\Users\DoAsnoPC\NTUSER.DAT{a6b7c04e-aec8-11e6-b9a0-e5bbc836cc39}.TMContainer00000000000000000001.regtrans-ms
2016-12-14 16:05 - 2016-11-19 23:38 - 00065536 ___SH C:\Users\DoAsnoPC\NTUSER.DAT{a6b7c04e-aec8-11e6-b9a0-e5bbc836cc39}.TM.blf
2016-12-14 14:20 - 2016-10-22 12:23 - 00944346 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-14 14:20 - 2016-07-16 08:49 - 00766862 _____ C:\WINDOWS\system32\perfh009.dat
2016-12-14 14:20 - 2016-07-16 08:49 - 00169300 _____ C:\WINDOWS\system32\perfc009.dat
2016-12-14 14:16 - 2016-11-20 00:03 - 00000174 ___SH C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-14 14:16 - 2016-10-22 12:28 - 00000402 ___SH C:\Users\DoAsnoPC\Documents\desktop.ini
2016-12-14 14:16 - 2016-10-22 12:28 - 00000282 ___SH C:\Users\DoAsnoPC\Downloads\desktop.ini
2016-12-14 14:16 - 2016-10-22 12:28 - 00000282 ___SH C:\Users\DoAsnoPC\Desktop\desktop.ini
2016-12-14 14:16 - 2016-10-22 12:28 - 00000174 ___SH C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-14 14:16 - 2016-10-22 12:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-14 14:16 - 2016-10-22 12:28 - 00000000 ___RD C:\Users\DoAsnoPC\Searches
2016-12-14 14:16 - 2016-10-22 12:28 - 00000000 ___RD C:\Users\DoAsnoPC\Contacts
2016-12-14 14:16 - 2016-10-22 12:28 - 00000000 ___RD C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-14 14:16 - 2016-10-22 12:28 - 00000000 ___RD C:\Users\DoAsnoPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Videos
2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Saved Games
2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Pictures
2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Music
2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Links
2016-12-14 14:16 - 2016-10-22 12:27 - 00000000 ___RD C:\Users\DoAsnoPC\Favorites
2016-12-14 14:16 - 2016-07-16 03:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT
2016-12-14 14:10 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\config\TxR
2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\wbem
2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2016-12-14 14:09 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-14 14:09 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-14 14:09 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-14 14:09 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-14 14:08 - 2016-07-16 08:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-14 14:08 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\WDI
2016-12-14 14:08 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-14 14:08 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-14 14:08 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-14 14:08 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-13 08:35 - 2016-11-19 23:32 - 00015487 _____ C:\WINDOWS\setupact.log
==================== Files in the root of some directories =======
2017-01-11 16:30 - 2016-11-23 10:37 - 0000570 _____ () C:\Users\DoAsnoPC\AppData\Local\TroubleshooterConfig.json
2016-11-19 23:32 - 2016-11-19 23:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-11 08:43
==================== End of FRST.txt ============================