Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 26-10-2017
Executado por ADM (administrador) em DESKTOP-D1M8SBP (29-10-2017 01:32:05)
Executando a partir de C:\Users\ADM\Downloads
Perfis Carregados: ADM (Perfis Disponíveis: ADM)
Platform: Windows 10 Home Versão 1607 14393.1715 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFSrvWsc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Network\Dsq\browser\syshostctl.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe
(Spotify Ltd) C:\Users\ADM\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\ADM\AppData\Roaming\Spotify\Spotify.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Spotify Ltd) C:\Users\ADM\AppData\Roaming\Spotify\Spotify.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Spotify Ltd) C:\Users\ADM\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [339464 2016-02-10] (Autodesk, Inc.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5890848 2016-04-26] (IObit)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKLM-x32\...\RunOnce: [Soceci] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\PROGRA~2\COMMON~1\Gimak\Pabababupeg.dat"
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\...\Run: [Spotify Web Helper] => C:\Users\ADM\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-06] (Spotify Ltd)
HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\...\Run: [Spotify] => C:\Users\ADM\AppData\Roaming\Spotify\Spotify.exe [15866480 2017-08-06] (Spotify Ltd)
HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\ADM\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\...\Run: [Chromium] => "c:\users\adm\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\...\Run: [GoogleChromeAutoLaunch_BD6F5F0141373AA48698CC67439F8E14] => "C:\Users\ADM\AppData\Local\chromium\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\...\Policies\Explorer: []
ShellExecuteHooks: Sem Nome - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - C:\Windows\C_KE763.dat [1954304 2017-08-15] (Micrasaft Carparation) <==== ATENÇÃO
GroupPolicy: Restrição - Chrome <==== ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyEnable: [S-1-5-21-3844838876-2706751832-4108921743-1001] => Proxy está habilitado.
ProxyServer: [S-1-5-21-3844838876-2706751832-4108921743-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
Winsock: Catalog5-x64 01 C:\ProgramData\Windows\System32\Mswapi64.dll [3302400 2017-07-18] ()
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.16.0.2 8.8.8.8
Tcpip\..\Interfaces\{87aa8b32-d410-4c65-a5cf-a93e5cc18035}: [DhcpNameServer] 172.16.0.2 8.8.8.8
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-21] (Microsoft Corporation)
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com.br/search?q=Mesa+auxiliar+para+instrumental&source=univ&tbm=shop&tbo=u&sa=X&ved=0ahUKEwisxt-hx-PWAhWFg5AKHT4TAR8QsxgIJw","hxxp://www.lojadeautoclaves.com.br/produto/701493/mesa-auxiliar---biotron/campanha_id/7?gclid=EAIaIQobChMI3e3J4czj1gIVHoezCh3E7wHDEAkYAyABEgJdJ_D_BwE","hxxps://www.google.com.br/shopping/product/17844653495812275370?q=Mesa+auxiliar+para+instrumental&sa=X&ved=0ahUKEwjNgsThzOPWAhXBjJAKHSC3D8EQ8gIIggEwAQ","hxxps://fpb.blackboard.com/webapps/blackboard/content/listContent.jsp?course_id=_265155_1&content_id=_5382039_1&mode=reset","hxxps://fpb.blackboard.com/bbcswebdav/pid-5654678-dt-content-rid-21170905_1/courses/201720.79771.10/SOMASUS%20-%20VOL.1.pdf","hxxps://fpb.blackboard.com/bbcswebdav/pid-5656868-dt-content-rid-21173528_1/courses/201720.79771.10/MANUAL%20ESTRUTURA%20F%C3%8DSICA%20UBS.pdf"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default [2017-10-29]
CHR Extension: (Apresentações) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Kindle Cloud Reader) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\adldnnhmpcmipijphdbchbfdmnafnjia [2017-10-12]
CHR Extension: (Documentos) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-23]
CHR Extension: (YouTube) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-23]
CHR Extension: (Adblocker for Youtube™) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmhomipkklckpomafalojobppmmidlgl [2017-08-19]
CHR Extension: (Planilhas) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Documentos Google off-line) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-23]
CHR Extension: (Search Manager) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-10-24]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-23]
CHR Extension: (Search Manager) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2017-10-24]
CHR Extension: (Gmail) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-23]
CHR Extension: (Chrome Media Router) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-23]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bncccjepkagemgfhbeknoggaadchfcfb] -
CHR HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S2 85b44ed97572ede11baa8b5c8f45a9cc; C:\Program Files\85b44ed97572ede11baa8b5c8f45a9cc\430474e36830d505c74021beee242485.exe [547840 2017-09-07] () [Arquivo não assinado] <==== ATENÇÃO
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1580320 2016-04-22] (IObit)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-04-21] (IObit)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-08-08] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 bf5c7a7c609086a5c4ea1790e2694504; C:\WINDOWS\system32\drivers\bf5c7a7c609086a5c4ea1790e2694504.sys [77208 2017-09-07] (P8SZEQ) <==== ATENÇÃO
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22208 2016-03-31] (IObit)
R1 Lace514; C:\WINDOWS\System32\drivers\Lace_wpf_x64.sys [71960 2017-08-17] (Driver Lace514)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-03-31] (IObit.com)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2016-07-16] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 tpfilter; C:\WINDOWS\System32\drivers\tpfilter.sys [25928 2015-10-30] (TP Microelectronic)
R2 UbarCalloutDriver; C:\Program Files\UBar\UbarDriver.sys [14920 2017-08-19] () <==== ATENÇÃO
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 wfcre; C:\WINDOWS\System32\drivers\wfcre.sys [124288 2017-07-04] ()
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-10-29 01:32 - 2017-10-29 01:33 - 000015907 _____ C:\Users\ADM\Downloads\FRST.txt
2017-10-29 01:31 - 2017-10-29 01:31 - 000000000 ____D C:\Users\ADM\Downloads\FRST-OlderVersion
2017-10-29 01:30 - 2017-10-29 01:32 - 000000000 ____D C:\FRST
2017-10-29 01:30 - 2017-10-29 01:31 - 002403328 _____ (Farbar) C:\Users\ADM\Downloads\FRST64.exe
2017-10-29 01:03 - 2017-10-29 01:04 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-10-29 01:03 - 2017-10-29 01:03 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-10-29 01:03 - 2017-10-29 01:03 - 000001068 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-10-29 01:03 - 2017-10-29 01:03 - 000000000 ____D C:\Users\ADM\AppData\Roaming\TeamViewer
2017-10-29 00:56 - 2017-10-29 00:57 - 015756368 _____ (TeamViewer GmbH) C:\Users\ADM\Downloads\TeamViewer_Setup.exe
2017-10-29 00:07 - 2017-10-29 00:31 - 000000000 ____D C:\Users\ADM\Desktop\Mércia 2017
2017-10-28 19:35 - 2017-10-28 19:35 - 000003476 _____ C:\WINDOWS\System32\Tasks\8ae5cc56823748a6a6772783661f5a3d
2017-10-27 13:02 - 2017-10-27 13:02 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3844838876-2706751832-4108921743-1001
2017-10-27 13:01 - 2017-10-27 13:02 - 000002367 _____ C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-27 11:04 - 2017-10-27 11:04 - 000328077 _____ C:\Users\ADM\Downloads\Template FPB.dwg
2017-10-26 13:59 - 2017-10-26 13:59 - 002796156 _____ C:\Users\ADM\Downloads\Un 2 cad(1) NOVO (1).dwg
2017-10-26 13:59 - 2017-10-26 13:59 - 000000216 ____H C:\Users\ADM\Downloads\Un 2 cad(1) NOVO (1).dwl2
2017-10-26 13:59 - 2017-10-26 13:59 - 000000066 ____H C:\Users\ADM\Downloads\Un 2 cad(1) NOVO (1).dwl
2017-10-26 13:06 - 2017-10-26 13:10 - 002795869 _____ C:\Users\ADM\Downloads\Un 2 cad(1) NOVO (1).bak
2017-10-26 02:27 - 2017-10-26 11:24 - 000000216 ____H C:\Users\ADM\Desktop\folhas abnt.dwl2
2017-10-26 02:27 - 2017-10-26 11:24 - 000000066 ____H C:\Users\ADM\Desktop\folhas abnt.dwl
2017-10-26 01:16 - 2017-10-26 01:16 - 000000216 ____H C:\Users\ADM\Desktop\Drawing1.dwl2
2017-10-26 01:16 - 2017-10-26 01:16 - 000000066 ____H C:\Users\ADM\Desktop\Drawing1.dwl
2017-10-25 15:11 - 2017-10-25 15:11 - 001036412 _____ C:\Users\ADM\Downloads\7. MÉRCIA MACHADO (1).pdf
2017-10-25 15:08 - 2017-10-25 15:09 - 000063241 _____ C:\Users\ADM\Downloads\HistoricoEscolar_2017.10.25-15.8.57.pdf
2017-10-25 00:08 - 2017-10-25 00:08 - 000000044 _____ C:\Users\ADM\AppData\Roaming\WB.CFG
2017-10-24 23:19 - 2017-10-24 23:23 - 000000000 ____D C:\Users\ADM\AppData\Local\Adobe
2017-10-24 23:19 - 2017-10-24 23:19 - 006655008 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2017-10-24 23:10 - 2017-10-24 23:10 - 000002330 _____ C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2017-10-24 23:09 - 2017-10-24 23:10 - 000000000 ____D C:\Users\ADM\AppData\Local\chromium
2017-10-24 23:08 - 2017-10-24 23:32 - 000000282 _____ C:\WINDOWS\Tasks\{5192992B-B06E-833F-0D3A-0E75E0B9CBF9}.job
2017-10-24 23:08 - 2017-10-24 23:08 - 000002822 _____ C:\WINDOWS\System32\Tasks\{5192992B-B06E-833F-0D3A-0E75E0B9CBF9}
2017-10-24 23:07 - 2017-10-28 20:07 - 000000000 ____D C:\Users\Todos os Usuários\{963A5359-1C78-D99F-9ABE-47DD00FCCC13}
2017-10-24 23:07 - 2017-10-28 20:07 - 000000000 ____D C:\ProgramData\{963A5359-1C78-D99F-9ABE-47DD00FCCC13}
2017-10-24 23:07 - 2017-10-24 23:32 - 000001022 _____ C:\WINDOWS\Tasks\Yahoo! Powered riced.job
2017-10-24 23:07 - 2017-10-24 23:07 - 000004096 _____ C:\WINDOWS\System32\Tasks\Yahoo! Powered riced
2017-10-24 23:07 - 2017-10-24 23:07 - 000001591 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2017-10-24 23:06 - 2017-10-24 23:06 - 001242312 _____ (Microsoft Corporation) C:\Users\ADM\Downloads\Baixaki_windows-movie-maker [1].exe
2017-10-24 23:04 - 2017-10-24 23:09 - 001521649 _____ (Tidofinep ) C:\Users\ADM\Downloads\Windows Movie Maker_2074983685.exe
2017-10-24 23:04 - 2017-10-24 23:05 - 002117560 _____ ( ) C:\Users\ADM\Downloads\Baixaki_windows-movie-maker.exe
2017-10-24 10:22 - 2017-10-24 10:22 - 003554695 _____ C:\Users\ADM\Downloads\ubs.pdf
2017-10-24 10:22 - 2017-10-24 10:22 - 001036412 _____ C:\Users\ADM\Downloads\7. MÉRCIA MACHADO.pdf
2017-10-24 10:20 - 2017-10-24 10:20 - 000000000 ____D C:\Users\ADM\AppData\Roaming\Mozilla
2017-10-24 10:20 - 2017-10-24 10:20 - 000000000 ____D C:\Users\ADM\AppData\Local\Mozilla
2017-10-24 01:55 - 2017-10-24 01:56 - 000000000 ____D C:\Users\Todos os Usuários\Movavi Video Editor 12
2017-10-24 01:55 - 2017-10-24 01:56 - 000000000 ____D C:\ProgramData\Movavi Video Editor 12
2017-10-24 01:55 - 2017-10-24 01:55 - 000005051 _____ C:\Users\Todos os Usuários\czchsjpj.srw
2017-10-24 01:55 - 2017-10-24 01:55 - 000005051 _____ C:\ProgramData\czchsjpj.srw
2017-10-24 01:39 - 2017-10-24 01:40 - 000000000 ____D C:\Users\ADM\Downloads\Nova pasta (2)
2017-10-24 01:36 - 2017-10-24 01:37 - 053798478 _____ C:\Users\ADM\Downloads\MVEditor.12.1.0.rar
2017-10-24 01:10 - 2017-10-24 01:11 - 017111976 _____ (APOWERSOFT LIMITED ) C:\Users\ADM\Downloads\screen-recorder-pro.exe
2017-10-24 01:06 - 2017-10-24 01:12 - 000000000 ____D C:\Users\ADM\Documents\Apowersoft
2017-10-24 01:05 - 2017-10-24 01:11 - 000000000 ____D C:\Users\ADM\AppData\Roaming\Apowersoft
2017-10-24 01:04 - 2017-10-28 21:36 - 000000000 ____D C:\Users\ADM\AppData\Local\Apowersoft
2017-10-24 01:03 - 2017-10-24 01:04 - 001721368 _____ (Apowersoft Ltd. ) C:\Users\ADM\Downloads\apowersoft-online-launcher.exe
2017-10-24 00:16 - 2017-10-24 00:16 - 000000000 ____D C:\Users\ADM\AppData\Local\TechSmith
2017-10-24 00:00 - 2017-10-24 00:00 - 000000000 ____D C:\Users\ADM\AppData\Roaming\TechSmith
2017-10-23 23:59 - 2017-10-24 00:41 - 000000000 ____D C:\Users\ADM\Documents\Camtasia Studio
2017-10-23 23:51 - 2017-10-23 23:51 - 000000408 _____ C:\Users\ADM\AppData\Roaming\CamShapes.ini
2017-10-23 23:51 - 2017-10-23 23:51 - 000000408 _____ C:\Users\ADM\AppData\Roaming\CamLayout.ini
2017-10-23 23:51 - 2017-10-23 23:51 - 000000046 _____ C:\Users\ADM\AppData\Roaming\Camdata.ini
2017-10-23 23:44 - 2017-10-24 02:24 - 000000000 ____D C:\Users\Todos os Usuários\TechSmith
2017-10-23 23:44 - 2017-10-24 02:24 - 000000000 ____D C:\ProgramData\TechSmith
2017-10-23 23:24 - 2017-10-23 23:37 - 285144256 _____ (TechSmith Corporation) C:\Users\ADM\Downloads\camtasia-studio.exe
2017-10-23 15:53 - 2017-10-23 23:32 - 000004509 _____ C:\Users\ADM\AppData\Roaming\CamStudio.cfg
2017-10-23 15:44 - 2017-10-23 15:45 - 011438475 _____ (CamStudio Open Source ) C:\Users\ADM\Downloads\CamStudio_Setup_2-7_r316.exe
2017-10-23 12:47 - 2017-10-23 12:48 - 000000000 ____D C:\Users\ADM\AppData\Local\Movavi
2017-10-23 12:47 - 2017-10-23 12:47 - 000000000 ____D C:\Users\ADM\AppData\Local\VideoEditor
2017-10-23 12:43 - 2017-10-23 12:43 - 000004147 _____ C:\Users\Todos os Usuários\ubnmeoaw.nlb
2017-10-23 12:43 - 2017-10-23 12:43 - 000004147 _____ C:\ProgramData\ubnmeoaw.nlb
2017-10-23 12:43 - 2017-10-23 12:43 - 000000016 _____ C:\Users\Todos os Usuários\mntemp
2017-10-23 12:43 - 2017-10-23 12:43 - 000000016 _____ C:\ProgramData\mntemp
2017-10-23 12:43 - 2017-10-23 12:43 - 000000000 ____D C:\Users\Todos os Usuários\Movavi Video Editor 14
2017-10-23 12:43 - 2017-10-23 12:43 - 000000000 ____D C:\ProgramData\Movavi Video Editor 14
2017-10-23 12:29 - 2017-10-23 12:42 - 056867184 _____ (Movavi) C:\Users\ADM\Downloads\MovaviVideoEditorSetupC.exe
2017-10-22 11:55 - 2017-10-12 19:27 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-22 11:55 - 2017-10-12 19:27 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-19 14:05 - 2017-10-19 14:19 - 000000000 ____D C:\Users\ADM\Documents\TX_Cozinha
2017-10-19 14:04 - 2017-10-19 14:19 - 032157620 _____ C:\Users\ADM\Documents\Cozinha.xml
2017-10-19 14:02 - 2017-10-19 14:02 - 000002143 _____ C:\Users\ADM\Desktop\Kerkythea 2008.lnk
2017-10-19 14:02 - 2017-10-19 14:02 - 000000000 ____D C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kerkythea Rendering System
2017-10-19 14:02 - 2017-10-19 14:02 - 000000000 ____D C:\Program Files (x86)\Kerkythea Rendering System
2017-10-19 14:00 - 2017-10-19 14:01 - 003171747 _____ C:\Users\ADM\Downloads\Kerkythea2008.exe
2017-10-19 13:55 - 2017-10-19 13:55 - 000054807 _____ C:\Users\ADM\Downloads\SU2KT3_19.rbz
2017-10-19 13:26 - 2017-10-19 13:26 - 000000000 _____ C:\Users\ADM\Downloads\6.jpg.crdownload
2017-10-18 13:23 - 2017-10-18 15:27 - 000000000 ____D C:\Users\ADM\Downloads\paisagismo
2017-10-14 11:35 - 2017-10-14 11:35 - 002442024 _____ C:\Users\ADM\Downloads\Planta Baixa.pdf
2017-10-13 11:20 - 2017-10-13 11:20 - 004371994 _____ C:\Users\ADM\Downloads\AULA 05 - INÍCIO DO PROJETO.pdf
2017-10-13 11:17 - 2017-10-13 11:17 - 003541313 _____ C:\Users\ADM\Downloads\1 - ESFERA.skp
2017-10-12 13:25 - 2017-10-12 13:25 - 001159168 _____ C:\Users\ADM\Downloads\Planter_Bench_14146.rfa
2017-10-12 13:20 - 2017-10-12 13:20 - 000438272 _____ C:\Users\ADM\Downloads\OFFECCT_Green_Divider_room_divider_15998.rfa
2017-10-12 13:19 - 2017-10-12 13:20 - 003362816 _____ C:\Users\ADM\Downloads\Bagunas_Flower_8141.rfa
2017-10-12 13:10 - 2017-10-12 13:11 - 000651264 _____ C:\Users\ADM\Downloads\Painel_de_jardim_com_flores_18676.rfa
2017-10-12 13:05 - 2017-10-12 13:05 - 000577536 _____ C:\Users\ADM\Downloads\Vertical_Garden_Wall_9342 (1).rfa
2017-10-12 13:02 - 2017-10-12 13:02 - 001855488 _____ C:\Users\ADM\Downloads\Planta_1_13431.rfa
2017-10-12 13:00 - 2017-10-12 13:01 - 006471680 _____ C:\Users\ADM\Downloads\Plant_8_13799.rfa
2017-10-12 13:00 - 2017-10-12 13:00 - 000339968 _____ C:\Users\ADM\Downloads\CACTUS_SABAL_PLANT_16499.rfa
2017-10-12 12:58 - 2017-10-12 12:59 - 000958464 _____ C:\Users\ADM\Downloads\PLANTA_PLANT_13433.rfa
2017-10-12 12:58 - 2017-10-12 12:58 - 001347584 _____ C:\Users\ADM\Downloads\Plant_2_13435.rfa
2017-10-12 12:58 - 2017-10-12 12:58 - 000966656 _____ C:\Users\ADM\Downloads\PLANT_PLANTA_13432.rfa
2017-10-12 12:56 - 2017-10-12 12:57 - 000217088 _____ C:\Users\ADM\Downloads\PLANT_TROPICAL_9319.rfa
2017-10-12 12:56 - 2017-10-12 12:56 - 001126400 _____ C:\Users\ADM\Downloads\Potted_Plant_8815.rfa
2017-10-12 12:56 - 2017-10-12 12:56 - 000368640 _____ C:\Users\ADM\Downloads\Indoor_Pot_with_Plant_Options_11066.rfa
2017-10-12 12:55 - 2017-10-12 12:55 - 000323584 _____ C:\Users\ADM\Downloads\Kids_Area_8110.rfa
2017-10-12 12:54 - 2017-10-12 12:55 - 003485696 _____ C:\Users\ADM\Downloads\Hosta_17114.rvt
2017-10-12 12:53 - 2017-10-12 12:54 - 000839680 _____ C:\Users\ADM\Downloads\3d_flower_indooroutdoor_8176.rfa
2017-10-11 13:04 - 2017-10-26 23:49 - 000000000 ____D C:\Users\Todos os Usuários\RevitInterProcess
2017-10-11 13:04 - 2017-10-26 23:49 - 000000000 ____D C:\ProgramData\RevitInterProcess
2017-10-11 12:53 - 2017-10-11 12:53 - 000001039 _____ C:\Users\Public\Desktop\Dynamo 0.9.1.lnk
2017-10-11 12:52 - 2017-10-11 12:53 - 000000000 ____D C:\Program Files\Dynamo 0.9
2017-10-11 12:52 - 2017-10-11 12:52 - 000000000 ____D C:\Users\Todos os Usuários\Dynamo
2017-10-11 12:52 - 2017-10-11 12:52 - 000000000 ____D C:\Users\ADM\AppData\Roaming\Dynamo
2017-10-11 12:52 - 2017-10-11 12:52 - 000000000 ____D C:\ProgramData\Dynamo
2017-10-11 12:46 - 2017-10-11 12:46 - 000000185 _____ C:\WINDOWS\ODBCINST.INI
2017-10-11 12:46 - 2017-10-11 12:46 - 000000152 _____ C:\WINDOWS\ODBC.INI
2017-10-11 12:45 - 2017-10-11 12:45 - 000002050 _____ C:\Users\Public\Desktop\Revit 2017.lnk
2017-10-09 13:02 - 2017-10-09 13:02 - 000377992 _____ (Autodesk Inc.) C:\Users\ADM\Downloads\Revit_2018_G1_Win_64bit_wi_pt-BR_Setup_webinstall (1).exe
2017-10-08 19:40 - 2017-10-08 19:40 - 000000000 ___HD C:\OneDriveTemp
2017-10-08 18:57 - 2017-10-14 13:15 - 000000000 ____D C:\Users\ADM\Downloads\projeto institucional
2017-10-06 13:35 - 2017-10-06 13:35 - 001302528 _____ C:\Users\ADM\Downloads\SOMASUS - VOL.1.pdf
2017-10-06 12:59 - 2017-10-06 12:59 - 000131072 _____ C:\Users\ADM\Downloads\MANUAL ESTRUTURA FÍSICA UBS.pdf
2017-10-06 12:36 - 2017-10-28 22:55 - 000000000 ____D C:\Program Files\rempl
2017-10-06 12:26 - 2017-10-06 12:26 - 000461256 _____ C:\Users\ADM\Downloads\2035-9208-1-PB.pdf
2017-10-04 13:07 - 2017-10-04 13:07 - 000000000 _____ C:\Users\ADM\Downloads\jardins2.jpg.crdownload
2017-10-04 11:32 - 2017-10-04 11:32 - 000233472 _____ C:\Users\ADM\Downloads\Trellis_6151.rfa
2017-10-04 11:30 - 2017-10-04 11:30 - 000577536 _____ C:\Users\ADM\Downloads\Vertical_Garden_Wall_9342.rfa
2017-10-04 11:30 - 2017-10-04 11:30 - 000303104 _____ C:\Users\ADM\Downloads\Garden_Lamp_1_15396.rfa
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-10-29 00:30 - 2017-06-05 14:01 - 000000000 ____D C:\Users\ADM\AppData\Roaming\Spotify
2017-10-29 00:27 - 2016-05-23 16:33 - 000000000 ___RD C:\Users\ADM\OneDrive
2017-10-29 00:21 - 2016-09-27 04:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-29 00:17 - 2016-07-16 03:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-10-29 00:16 - 2016-09-27 04:23 - 000000000 ____D C:\Users\ADM
2017-10-29 00:15 - 2016-07-16 08:45 - 000000000 ____D C:\WINDOWS\INF
2017-10-29 00:15 - 2016-06-02 22:56 - 000000000 ____D C:\Program Files (x86)\Intel
2017-10-29 00:11 - 2016-05-30 20:20 - 000000000 ____D C:\Users\Todos os Usuários\IObit
2017-10-29 00:11 - 2016-05-30 20:20 - 000000000 ____D C:\ProgramData\IObit
2017-10-28 23:56 - 2017-01-28 11:13 - 000004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{32667D10-FCCE-4C35-8EDD-3DF3FA6C8F6C}
2017-10-28 23:36 - 2016-07-16 08:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-28 22:57 - 2016-09-27 04:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-28 20:16 - 2016-11-03 11:51 - 000005284 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-D1M8SBP-ADM DESKTOP-D1M8SBP
2017-10-28 19:50 - 2016-06-02 23:25 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-28 19:50 - 2016-06-02 23:25 - 000002290 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-10-28 19:35 - 2017-08-19 16:00 - 000031481 _____ C:\WINDOWS\8ae5cc56823748a6a6772783661f5a3d.ps1
2017-10-28 19:34 - 2017-08-19 15:59 - 000003300 _____ C:\WINDOWS\System32\Tasks\85b44ed97572ede11baa8b5c8f45a9cc
2017-10-26 23:56 - 2016-06-01 21:51 - 000127384 _____ C:\Users\ADM\AppData\Local\GDIPFONTCACHEV1.DAT
2017-10-26 12:01 - 2016-05-30 20:28 - 000000000 ____D C:\Users\Todos os Usuários\ProductData
2017-10-26 12:01 - 2016-05-30 20:28 - 000000000 ____D C:\ProgramData\ProductData
2017-10-26 11:50 - 2016-11-23 23:14 - 000000000 ____D C:\Users\ADM\Documents\Blocos Cad
2017-10-25 13:16 - 2016-06-07 13:23 - 000013312 ____H C:\Users\ADM\Desktop\photothumb.db
2017-10-24 22:59 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-24 11:00 - 2016-05-23 16:30 - 000000000 ____D C:\Users\ADM\AppData\Local\Packages
2017-10-24 02:24 - 2016-07-16 08:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-23 23:53 - 2016-09-27 04:15 - 000432672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-23 14:17 - 2017-09-09 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\SSL
2017-10-20 12:21 - 2016-08-29 11:50 - 000000000 ____D C:\Users\ADM\Documents\Musicas
2017-10-19 13:31 - 2016-06-14 13:32 - 000260096 ____H C:\Users\ADM\Downloads\photothumb.db
2017-10-19 10:31 - 2016-05-30 20:17 - 000000000 ____D C:\Users\Todos os Usuários\KMSAutoS
2017-10-19 10:31 - 2016-05-30 20:17 - 000000000 ____D C:\ProgramData\KMSAutoS
2017-10-18 15:29 - 2016-06-03 13:41 - 000000000 ____D C:\Users\ADM\AppData\Roaming\PhotoScape
2017-10-18 11:23 - 2016-06-01 20:35 - 000000000 ____D C:\Program Files\Autodesk
2017-10-18 11:23 - 2016-05-30 20:40 - 000000000 ____D C:\Users\Todos os Usuários\Autodesk
2017-10-18 11:23 - 2016-05-30 20:40 - 000000000 ____D C:\ProgramData\Autodesk
2017-10-11 16:25 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-11 13:17 - 2016-06-01 21:43 - 000000000 ____D C:\Users\ADM\AppData\Local\Autodesk
2017-10-11 12:54 - 2016-07-24 15:21 - 000000000 ____D C:\Users\Public\Documents\Autodesk
2017-10-11 12:53 - 2016-06-01 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-10-11 12:43 - 2016-06-01 20:36 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2017-10-11 10:22 - 2016-05-30 20:31 - 000000000 ____D C:\Autodesk
2017-10-11 09:22 - 2017-09-23 15:25 - 013079792 _____ C:\Users\ADM\Downloads\Revit_2018_G1_Win_64bit_wi_pt-BR_Setup.exe
==================== Arquivos na raiz de alguns diretórios =======
2017-10-23 23:51 - 2017-10-23 23:51 - 000000046 _____ () C:\Users\ADM\AppData\Roaming\Camdata.ini
2017-10-23 23:51 - 2017-10-23 23:51 - 000000408 _____ () C:\Users\ADM\AppData\Roaming\CamLayout.ini
2017-10-23 23:51 - 2017-10-23 23:51 - 000000408 _____ () C:\Users\ADM\AppData\Roaming\CamShapes.ini
2017-10-23 15:53 - 2017-10-23 23:32 - 000004509 _____ () C:\Users\ADM\AppData\Roaming\CamStudio.cfg
2017-10-25 00:08 - 2017-10-25 00:08 - 000000044 _____ () C:\Users\ADM\AppData\Roaming\WB.CFG
2017-08-19 16:18 - 2017-08-19 16:18 - 000140800 _____ () C:\Users\ADM\AppData\Local\installer.dat
2017-02-01 13:26 - 2017-02-01 13:26 - 000000000 _____ () C:\Users\ADM\AppData\Local\{E7A1349A-30F7-4561-B549-15EEEFF28B73}
2017-10-24 01:55 - 2017-10-24 01:55 - 000005051 _____ () C:\ProgramData\czchsjpj.srw
2016-07-24 13:32 - 2016-07-24 13:32 - 000000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2017-10-23 12:43 - 2017-10-23 12:43 - 000000016 _____ () C:\ProgramData\mntemp
2017-10-23 12:43 - 2017-10-23 12:43 - 000004147 _____ () C:\ProgramData\ubnmeoaw.nlb
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{5192992B-B06E-833F-0D3A-0E75E0B9CBF9}.job
Alguns arquivos em TEMP:
====================
2017-10-08 19:24 - 2016-01-26 08:03 - 000021952 _____ (Autodesk, Inc.) C:\Users\ADM\AppData\Local\Temp\AcDeltree.exe
2017-10-24 23:17 - 2017-10-24 23:17 - 001055936 _____ (Adobe) C:\Users\ADM\AppData\Local\Temp\flashplayer_setup.exe
2017-10-18 11:23 - 2017-10-18 11:23 - 002398688 _____ (Flexera Software LLC) C:\Users\ADM\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-10-27 16:15
==================== Fim de FRST.txt ============================
Executado por ADM (administrador) em DESKTOP-D1M8SBP (29-10-2017 01:32:05)
Executando a partir de C:\Users\ADM\Downloads
Perfis Carregados: ADM (Perfis Disponíveis: ADM)
Platform: Windows 10 Home Versão 1607 14393.1715 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFSrvWsc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Network\Dsq\browser\syshostctl.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe
(Spotify Ltd) C:\Users\ADM\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\ADM\AppData\Roaming\Spotify\Spotify.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Spotify Ltd) C:\Users\ADM\AppData\Roaming\Spotify\Spotify.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Spotify Ltd) C:\Users\ADM\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [339464 2016-02-10] (Autodesk, Inc.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5890848 2016-04-26] (IObit)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKLM-x32\...\RunOnce: [Soceci] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\PROGRA~2\COMMON~1\Gimak\Pabababupeg.dat"
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\...\Run: [Spotify Web Helper] => C:\Users\ADM\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-06] (Spotify Ltd)
HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\...\Run: [Spotify] => C:\Users\ADM\AppData\Roaming\Spotify\Spotify.exe [15866480 2017-08-06] (Spotify Ltd)
HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\ADM\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\...\Run: [Chromium] => "c:\users\adm\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\...\Run: [GoogleChromeAutoLaunch_BD6F5F0141373AA48698CC67439F8E14] => "C:\Users\ADM\AppData\Local\chromium\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\...\Policies\Explorer: []
ShellExecuteHooks: Sem Nome - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - C:\Windows\C_KE763.dat [1954304 2017-08-15] (Micrasaft Carparation) <==== ATENÇÃO
GroupPolicy: Restrição - Chrome <==== ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyEnable: [S-1-5-21-3844838876-2706751832-4108921743-1001] => Proxy está habilitado.
ProxyServer: [S-1-5-21-3844838876-2706751832-4108921743-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
Winsock: Catalog5-x64 01 C:\ProgramData\Windows\System32\Mswapi64.dll [3302400 2017-07-18] ()
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.16.0.2 8.8.8.8
Tcpip\..\Interfaces\{87aa8b32-d410-4c65-a5cf-a93e5cc18035}: [DhcpNameServer] 172.16.0.2 8.8.8.8
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-21] (Microsoft Corporation)
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com.br/search?q=Mesa+auxiliar+para+instrumental&source=univ&tbm=shop&tbo=u&sa=X&ved=0ahUKEwisxt-hx-PWAhWFg5AKHT4TAR8QsxgIJw","hxxp://www.lojadeautoclaves.com.br/produto/701493/mesa-auxiliar---biotron/campanha_id/7?gclid=EAIaIQobChMI3e3J4czj1gIVHoezCh3E7wHDEAkYAyABEgJdJ_D_BwE","hxxps://www.google.com.br/shopping/product/17844653495812275370?q=Mesa+auxiliar+para+instrumental&sa=X&ved=0ahUKEwjNgsThzOPWAhXBjJAKHSC3D8EQ8gIIggEwAQ","hxxps://fpb.blackboard.com/webapps/blackboard/content/listContent.jsp?course_id=_265155_1&content_id=_5382039_1&mode=reset","hxxps://fpb.blackboard.com/bbcswebdav/pid-5654678-dt-content-rid-21170905_1/courses/201720.79771.10/SOMASUS%20-%20VOL.1.pdf","hxxps://fpb.blackboard.com/bbcswebdav/pid-5656868-dt-content-rid-21173528_1/courses/201720.79771.10/MANUAL%20ESTRUTURA%20F%C3%8DSICA%20UBS.pdf"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default [2017-10-29]
CHR Extension: (Apresentações) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Kindle Cloud Reader) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\adldnnhmpcmipijphdbchbfdmnafnjia [2017-10-12]
CHR Extension: (Documentos) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-23]
CHR Extension: (YouTube) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-23]
CHR Extension: (Adblocker for Youtube™) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmhomipkklckpomafalojobppmmidlgl [2017-08-19]
CHR Extension: (Planilhas) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Documentos Google off-line) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-23]
CHR Extension: (Search Manager) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-10-24]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-23]
CHR Extension: (Search Manager) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2017-10-24]
CHR Extension: (Gmail) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-23]
CHR Extension: (Chrome Media Router) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-23]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bncccjepkagemgfhbeknoggaadchfcfb] -
CHR HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3844838876-2706751832-4108921743-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S2 85b44ed97572ede11baa8b5c8f45a9cc; C:\Program Files\85b44ed97572ede11baa8b5c8f45a9cc\430474e36830d505c74021beee242485.exe [547840 2017-09-07] () [Arquivo não assinado] <==== ATENÇÃO
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1580320 2016-04-22] (IObit)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-04-21] (IObit)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-08-08] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 bf5c7a7c609086a5c4ea1790e2694504; C:\WINDOWS\system32\drivers\bf5c7a7c609086a5c4ea1790e2694504.sys [77208 2017-09-07] (P8SZEQ) <==== ATENÇÃO
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22208 2016-03-31] (IObit)
R1 Lace514; C:\WINDOWS\System32\drivers\Lace_wpf_x64.sys [71960 2017-08-17] (Driver Lace514)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-03-31] (IObit.com)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2016-07-16] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 tpfilter; C:\WINDOWS\System32\drivers\tpfilter.sys [25928 2015-10-30] (TP Microelectronic)
R2 UbarCalloutDriver; C:\Program Files\UBar\UbarDriver.sys [14920 2017-08-19] () <==== ATENÇÃO
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 wfcre; C:\WINDOWS\System32\drivers\wfcre.sys [124288 2017-07-04] ()
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-10-29 01:32 - 2017-10-29 01:33 - 000015907 _____ C:\Users\ADM\Downloads\FRST.txt
2017-10-29 01:31 - 2017-10-29 01:31 - 000000000 ____D C:\Users\ADM\Downloads\FRST-OlderVersion
2017-10-29 01:30 - 2017-10-29 01:32 - 000000000 ____D C:\FRST
2017-10-29 01:30 - 2017-10-29 01:31 - 002403328 _____ (Farbar) C:\Users\ADM\Downloads\FRST64.exe
2017-10-29 01:03 - 2017-10-29 01:04 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-10-29 01:03 - 2017-10-29 01:03 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-10-29 01:03 - 2017-10-29 01:03 - 000001068 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-10-29 01:03 - 2017-10-29 01:03 - 000000000 ____D C:\Users\ADM\AppData\Roaming\TeamViewer
2017-10-29 00:56 - 2017-10-29 00:57 - 015756368 _____ (TeamViewer GmbH) C:\Users\ADM\Downloads\TeamViewer_Setup.exe
2017-10-29 00:07 - 2017-10-29 00:31 - 000000000 ____D C:\Users\ADM\Desktop\Mércia 2017
2017-10-28 19:35 - 2017-10-28 19:35 - 000003476 _____ C:\WINDOWS\System32\Tasks\8ae5cc56823748a6a6772783661f5a3d
2017-10-27 13:02 - 2017-10-27 13:02 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3844838876-2706751832-4108921743-1001
2017-10-27 13:01 - 2017-10-27 13:02 - 000002367 _____ C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-27 11:04 - 2017-10-27 11:04 - 000328077 _____ C:\Users\ADM\Downloads\Template FPB.dwg
2017-10-26 13:59 - 2017-10-26 13:59 - 002796156 _____ C:\Users\ADM\Downloads\Un 2 cad(1) NOVO (1).dwg
2017-10-26 13:59 - 2017-10-26 13:59 - 000000216 ____H C:\Users\ADM\Downloads\Un 2 cad(1) NOVO (1).dwl2
2017-10-26 13:59 - 2017-10-26 13:59 - 000000066 ____H C:\Users\ADM\Downloads\Un 2 cad(1) NOVO (1).dwl
2017-10-26 13:06 - 2017-10-26 13:10 - 002795869 _____ C:\Users\ADM\Downloads\Un 2 cad(1) NOVO (1).bak
2017-10-26 02:27 - 2017-10-26 11:24 - 000000216 ____H C:\Users\ADM\Desktop\folhas abnt.dwl2
2017-10-26 02:27 - 2017-10-26 11:24 - 000000066 ____H C:\Users\ADM\Desktop\folhas abnt.dwl
2017-10-26 01:16 - 2017-10-26 01:16 - 000000216 ____H C:\Users\ADM\Desktop\Drawing1.dwl2
2017-10-26 01:16 - 2017-10-26 01:16 - 000000066 ____H C:\Users\ADM\Desktop\Drawing1.dwl
2017-10-25 15:11 - 2017-10-25 15:11 - 001036412 _____ C:\Users\ADM\Downloads\7. MÉRCIA MACHADO (1).pdf
2017-10-25 15:08 - 2017-10-25 15:09 - 000063241 _____ C:\Users\ADM\Downloads\HistoricoEscolar_2017.10.25-15.8.57.pdf
2017-10-25 00:08 - 2017-10-25 00:08 - 000000044 _____ C:\Users\ADM\AppData\Roaming\WB.CFG
2017-10-24 23:19 - 2017-10-24 23:23 - 000000000 ____D C:\Users\ADM\AppData\Local\Adobe
2017-10-24 23:19 - 2017-10-24 23:19 - 006655008 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2017-10-24 23:10 - 2017-10-24 23:10 - 000002330 _____ C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2017-10-24 23:09 - 2017-10-24 23:10 - 000000000 ____D C:\Users\ADM\AppData\Local\chromium
2017-10-24 23:08 - 2017-10-24 23:32 - 000000282 _____ C:\WINDOWS\Tasks\{5192992B-B06E-833F-0D3A-0E75E0B9CBF9}.job
2017-10-24 23:08 - 2017-10-24 23:08 - 000002822 _____ C:\WINDOWS\System32\Tasks\{5192992B-B06E-833F-0D3A-0E75E0B9CBF9}
2017-10-24 23:07 - 2017-10-28 20:07 - 000000000 ____D C:\Users\Todos os Usuários\{963A5359-1C78-D99F-9ABE-47DD00FCCC13}
2017-10-24 23:07 - 2017-10-28 20:07 - 000000000 ____D C:\ProgramData\{963A5359-1C78-D99F-9ABE-47DD00FCCC13}
2017-10-24 23:07 - 2017-10-24 23:32 - 000001022 _____ C:\WINDOWS\Tasks\Yahoo! Powered riced.job
2017-10-24 23:07 - 2017-10-24 23:07 - 000004096 _____ C:\WINDOWS\System32\Tasks\Yahoo! Powered riced
2017-10-24 23:07 - 2017-10-24 23:07 - 000001591 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2017-10-24 23:06 - 2017-10-24 23:06 - 001242312 _____ (Microsoft Corporation) C:\Users\ADM\Downloads\Baixaki_windows-movie-maker [1].exe
2017-10-24 23:04 - 2017-10-24 23:09 - 001521649 _____ (Tidofinep ) C:\Users\ADM\Downloads\Windows Movie Maker_2074983685.exe
2017-10-24 23:04 - 2017-10-24 23:05 - 002117560 _____ ( ) C:\Users\ADM\Downloads\Baixaki_windows-movie-maker.exe
2017-10-24 10:22 - 2017-10-24 10:22 - 003554695 _____ C:\Users\ADM\Downloads\ubs.pdf
2017-10-24 10:22 - 2017-10-24 10:22 - 001036412 _____ C:\Users\ADM\Downloads\7. MÉRCIA MACHADO.pdf
2017-10-24 10:20 - 2017-10-24 10:20 - 000000000 ____D C:\Users\ADM\AppData\Roaming\Mozilla
2017-10-24 10:20 - 2017-10-24 10:20 - 000000000 ____D C:\Users\ADM\AppData\Local\Mozilla
2017-10-24 01:55 - 2017-10-24 01:56 - 000000000 ____D C:\Users\Todos os Usuários\Movavi Video Editor 12
2017-10-24 01:55 - 2017-10-24 01:56 - 000000000 ____D C:\ProgramData\Movavi Video Editor 12
2017-10-24 01:55 - 2017-10-24 01:55 - 000005051 _____ C:\Users\Todos os Usuários\czchsjpj.srw
2017-10-24 01:55 - 2017-10-24 01:55 - 000005051 _____ C:\ProgramData\czchsjpj.srw
2017-10-24 01:39 - 2017-10-24 01:40 - 000000000 ____D C:\Users\ADM\Downloads\Nova pasta (2)
2017-10-24 01:36 - 2017-10-24 01:37 - 053798478 _____ C:\Users\ADM\Downloads\MVEditor.12.1.0.rar
2017-10-24 01:10 - 2017-10-24 01:11 - 017111976 _____ (APOWERSOFT LIMITED ) C:\Users\ADM\Downloads\screen-recorder-pro.exe
2017-10-24 01:06 - 2017-10-24 01:12 - 000000000 ____D C:\Users\ADM\Documents\Apowersoft
2017-10-24 01:05 - 2017-10-24 01:11 - 000000000 ____D C:\Users\ADM\AppData\Roaming\Apowersoft
2017-10-24 01:04 - 2017-10-28 21:36 - 000000000 ____D C:\Users\ADM\AppData\Local\Apowersoft
2017-10-24 01:03 - 2017-10-24 01:04 - 001721368 _____ (Apowersoft Ltd. ) C:\Users\ADM\Downloads\apowersoft-online-launcher.exe
2017-10-24 00:16 - 2017-10-24 00:16 - 000000000 ____D C:\Users\ADM\AppData\Local\TechSmith
2017-10-24 00:00 - 2017-10-24 00:00 - 000000000 ____D C:\Users\ADM\AppData\Roaming\TechSmith
2017-10-23 23:59 - 2017-10-24 00:41 - 000000000 ____D C:\Users\ADM\Documents\Camtasia Studio
2017-10-23 23:51 - 2017-10-23 23:51 - 000000408 _____ C:\Users\ADM\AppData\Roaming\CamShapes.ini
2017-10-23 23:51 - 2017-10-23 23:51 - 000000408 _____ C:\Users\ADM\AppData\Roaming\CamLayout.ini
2017-10-23 23:51 - 2017-10-23 23:51 - 000000046 _____ C:\Users\ADM\AppData\Roaming\Camdata.ini
2017-10-23 23:44 - 2017-10-24 02:24 - 000000000 ____D C:\Users\Todos os Usuários\TechSmith
2017-10-23 23:44 - 2017-10-24 02:24 - 000000000 ____D C:\ProgramData\TechSmith
2017-10-23 23:24 - 2017-10-23 23:37 - 285144256 _____ (TechSmith Corporation) C:\Users\ADM\Downloads\camtasia-studio.exe
2017-10-23 15:53 - 2017-10-23 23:32 - 000004509 _____ C:\Users\ADM\AppData\Roaming\CamStudio.cfg
2017-10-23 15:44 - 2017-10-23 15:45 - 011438475 _____ (CamStudio Open Source ) C:\Users\ADM\Downloads\CamStudio_Setup_2-7_r316.exe
2017-10-23 12:47 - 2017-10-23 12:48 - 000000000 ____D C:\Users\ADM\AppData\Local\Movavi
2017-10-23 12:47 - 2017-10-23 12:47 - 000000000 ____D C:\Users\ADM\AppData\Local\VideoEditor
2017-10-23 12:43 - 2017-10-23 12:43 - 000004147 _____ C:\Users\Todos os Usuários\ubnmeoaw.nlb
2017-10-23 12:43 - 2017-10-23 12:43 - 000004147 _____ C:\ProgramData\ubnmeoaw.nlb
2017-10-23 12:43 - 2017-10-23 12:43 - 000000016 _____ C:\Users\Todos os Usuários\mntemp
2017-10-23 12:43 - 2017-10-23 12:43 - 000000016 _____ C:\ProgramData\mntemp
2017-10-23 12:43 - 2017-10-23 12:43 - 000000000 ____D C:\Users\Todos os Usuários\Movavi Video Editor 14
2017-10-23 12:43 - 2017-10-23 12:43 - 000000000 ____D C:\ProgramData\Movavi Video Editor 14
2017-10-23 12:29 - 2017-10-23 12:42 - 056867184 _____ (Movavi) C:\Users\ADM\Downloads\MovaviVideoEditorSetupC.exe
2017-10-22 11:55 - 2017-10-12 19:27 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-22 11:55 - 2017-10-12 19:27 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-19 14:05 - 2017-10-19 14:19 - 000000000 ____D C:\Users\ADM\Documents\TX_Cozinha
2017-10-19 14:04 - 2017-10-19 14:19 - 032157620 _____ C:\Users\ADM\Documents\Cozinha.xml
2017-10-19 14:02 - 2017-10-19 14:02 - 000002143 _____ C:\Users\ADM\Desktop\Kerkythea 2008.lnk
2017-10-19 14:02 - 2017-10-19 14:02 - 000000000 ____D C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kerkythea Rendering System
2017-10-19 14:02 - 2017-10-19 14:02 - 000000000 ____D C:\Program Files (x86)\Kerkythea Rendering System
2017-10-19 14:00 - 2017-10-19 14:01 - 003171747 _____ C:\Users\ADM\Downloads\Kerkythea2008.exe
2017-10-19 13:55 - 2017-10-19 13:55 - 000054807 _____ C:\Users\ADM\Downloads\SU2KT3_19.rbz
2017-10-19 13:26 - 2017-10-19 13:26 - 000000000 _____ C:\Users\ADM\Downloads\6.jpg.crdownload
2017-10-18 13:23 - 2017-10-18 15:27 - 000000000 ____D C:\Users\ADM\Downloads\paisagismo
2017-10-14 11:35 - 2017-10-14 11:35 - 002442024 _____ C:\Users\ADM\Downloads\Planta Baixa.pdf
2017-10-13 11:20 - 2017-10-13 11:20 - 004371994 _____ C:\Users\ADM\Downloads\AULA 05 - INÍCIO DO PROJETO.pdf
2017-10-13 11:17 - 2017-10-13 11:17 - 003541313 _____ C:\Users\ADM\Downloads\1 - ESFERA.skp
2017-10-12 13:25 - 2017-10-12 13:25 - 001159168 _____ C:\Users\ADM\Downloads\Planter_Bench_14146.rfa
2017-10-12 13:20 - 2017-10-12 13:20 - 000438272 _____ C:\Users\ADM\Downloads\OFFECCT_Green_Divider_room_divider_15998.rfa
2017-10-12 13:19 - 2017-10-12 13:20 - 003362816 _____ C:\Users\ADM\Downloads\Bagunas_Flower_8141.rfa
2017-10-12 13:10 - 2017-10-12 13:11 - 000651264 _____ C:\Users\ADM\Downloads\Painel_de_jardim_com_flores_18676.rfa
2017-10-12 13:05 - 2017-10-12 13:05 - 000577536 _____ C:\Users\ADM\Downloads\Vertical_Garden_Wall_9342 (1).rfa
2017-10-12 13:02 - 2017-10-12 13:02 - 001855488 _____ C:\Users\ADM\Downloads\Planta_1_13431.rfa
2017-10-12 13:00 - 2017-10-12 13:01 - 006471680 _____ C:\Users\ADM\Downloads\Plant_8_13799.rfa
2017-10-12 13:00 - 2017-10-12 13:00 - 000339968 _____ C:\Users\ADM\Downloads\CACTUS_SABAL_PLANT_16499.rfa
2017-10-12 12:58 - 2017-10-12 12:59 - 000958464 _____ C:\Users\ADM\Downloads\PLANTA_PLANT_13433.rfa
2017-10-12 12:58 - 2017-10-12 12:58 - 001347584 _____ C:\Users\ADM\Downloads\Plant_2_13435.rfa
2017-10-12 12:58 - 2017-10-12 12:58 - 000966656 _____ C:\Users\ADM\Downloads\PLANT_PLANTA_13432.rfa
2017-10-12 12:56 - 2017-10-12 12:57 - 000217088 _____ C:\Users\ADM\Downloads\PLANT_TROPICAL_9319.rfa
2017-10-12 12:56 - 2017-10-12 12:56 - 001126400 _____ C:\Users\ADM\Downloads\Potted_Plant_8815.rfa
2017-10-12 12:56 - 2017-10-12 12:56 - 000368640 _____ C:\Users\ADM\Downloads\Indoor_Pot_with_Plant_Options_11066.rfa
2017-10-12 12:55 - 2017-10-12 12:55 - 000323584 _____ C:\Users\ADM\Downloads\Kids_Area_8110.rfa
2017-10-12 12:54 - 2017-10-12 12:55 - 003485696 _____ C:\Users\ADM\Downloads\Hosta_17114.rvt
2017-10-12 12:53 - 2017-10-12 12:54 - 000839680 _____ C:\Users\ADM\Downloads\3d_flower_indooroutdoor_8176.rfa
2017-10-11 13:04 - 2017-10-26 23:49 - 000000000 ____D C:\Users\Todos os Usuários\RevitInterProcess
2017-10-11 13:04 - 2017-10-26 23:49 - 000000000 ____D C:\ProgramData\RevitInterProcess
2017-10-11 12:53 - 2017-10-11 12:53 - 000001039 _____ C:\Users\Public\Desktop\Dynamo 0.9.1.lnk
2017-10-11 12:52 - 2017-10-11 12:53 - 000000000 ____D C:\Program Files\Dynamo 0.9
2017-10-11 12:52 - 2017-10-11 12:52 - 000000000 ____D C:\Users\Todos os Usuários\Dynamo
2017-10-11 12:52 - 2017-10-11 12:52 - 000000000 ____D C:\Users\ADM\AppData\Roaming\Dynamo
2017-10-11 12:52 - 2017-10-11 12:52 - 000000000 ____D C:\ProgramData\Dynamo
2017-10-11 12:46 - 2017-10-11 12:46 - 000000185 _____ C:\WINDOWS\ODBCINST.INI
2017-10-11 12:46 - 2017-10-11 12:46 - 000000152 _____ C:\WINDOWS\ODBC.INI
2017-10-11 12:45 - 2017-10-11 12:45 - 000002050 _____ C:\Users\Public\Desktop\Revit 2017.lnk
2017-10-09 13:02 - 2017-10-09 13:02 - 000377992 _____ (Autodesk Inc.) C:\Users\ADM\Downloads\Revit_2018_G1_Win_64bit_wi_pt-BR_Setup_webinstall (1).exe
2017-10-08 19:40 - 2017-10-08 19:40 - 000000000 ___HD C:\OneDriveTemp
2017-10-08 18:57 - 2017-10-14 13:15 - 000000000 ____D C:\Users\ADM\Downloads\projeto institucional
2017-10-06 13:35 - 2017-10-06 13:35 - 001302528 _____ C:\Users\ADM\Downloads\SOMASUS - VOL.1.pdf
2017-10-06 12:59 - 2017-10-06 12:59 - 000131072 _____ C:\Users\ADM\Downloads\MANUAL ESTRUTURA FÍSICA UBS.pdf
2017-10-06 12:36 - 2017-10-28 22:55 - 000000000 ____D C:\Program Files\rempl
2017-10-06 12:26 - 2017-10-06 12:26 - 000461256 _____ C:\Users\ADM\Downloads\2035-9208-1-PB.pdf
2017-10-04 13:07 - 2017-10-04 13:07 - 000000000 _____ C:\Users\ADM\Downloads\jardins2.jpg.crdownload
2017-10-04 11:32 - 2017-10-04 11:32 - 000233472 _____ C:\Users\ADM\Downloads\Trellis_6151.rfa
2017-10-04 11:30 - 2017-10-04 11:30 - 000577536 _____ C:\Users\ADM\Downloads\Vertical_Garden_Wall_9342.rfa
2017-10-04 11:30 - 2017-10-04 11:30 - 000303104 _____ C:\Users\ADM\Downloads\Garden_Lamp_1_15396.rfa
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-10-29 00:30 - 2017-06-05 14:01 - 000000000 ____D C:\Users\ADM\AppData\Roaming\Spotify
2017-10-29 00:27 - 2016-05-23 16:33 - 000000000 ___RD C:\Users\ADM\OneDrive
2017-10-29 00:21 - 2016-09-27 04:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-29 00:17 - 2016-07-16 03:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-10-29 00:16 - 2016-09-27 04:23 - 000000000 ____D C:\Users\ADM
2017-10-29 00:15 - 2016-07-16 08:45 - 000000000 ____D C:\WINDOWS\INF
2017-10-29 00:15 - 2016-06-02 22:56 - 000000000 ____D C:\Program Files (x86)\Intel
2017-10-29 00:11 - 2016-05-30 20:20 - 000000000 ____D C:\Users\Todos os Usuários\IObit
2017-10-29 00:11 - 2016-05-30 20:20 - 000000000 ____D C:\ProgramData\IObit
2017-10-28 23:56 - 2017-01-28 11:13 - 000004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{32667D10-FCCE-4C35-8EDD-3DF3FA6C8F6C}
2017-10-28 23:36 - 2016-07-16 08:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-28 22:57 - 2016-09-27 04:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-28 20:16 - 2016-11-03 11:51 - 000005284 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-D1M8SBP-ADM DESKTOP-D1M8SBP
2017-10-28 19:50 - 2016-06-02 23:25 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-28 19:50 - 2016-06-02 23:25 - 000002290 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-10-28 19:35 - 2017-08-19 16:00 - 000031481 _____ C:\WINDOWS\8ae5cc56823748a6a6772783661f5a3d.ps1
2017-10-28 19:34 - 2017-08-19 15:59 - 000003300 _____ C:\WINDOWS\System32\Tasks\85b44ed97572ede11baa8b5c8f45a9cc
2017-10-26 23:56 - 2016-06-01 21:51 - 000127384 _____ C:\Users\ADM\AppData\Local\GDIPFONTCACHEV1.DAT
2017-10-26 12:01 - 2016-05-30 20:28 - 000000000 ____D C:\Users\Todos os Usuários\ProductData
2017-10-26 12:01 - 2016-05-30 20:28 - 000000000 ____D C:\ProgramData\ProductData
2017-10-26 11:50 - 2016-11-23 23:14 - 000000000 ____D C:\Users\ADM\Documents\Blocos Cad
2017-10-25 13:16 - 2016-06-07 13:23 - 000013312 ____H C:\Users\ADM\Desktop\photothumb.db
2017-10-24 22:59 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-24 11:00 - 2016-05-23 16:30 - 000000000 ____D C:\Users\ADM\AppData\Local\Packages
2017-10-24 02:24 - 2016-07-16 08:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-23 23:53 - 2016-09-27 04:15 - 000432672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-23 14:17 - 2017-09-09 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\SSL
2017-10-20 12:21 - 2016-08-29 11:50 - 000000000 ____D C:\Users\ADM\Documents\Musicas
2017-10-19 13:31 - 2016-06-14 13:32 - 000260096 ____H C:\Users\ADM\Downloads\photothumb.db
2017-10-19 10:31 - 2016-05-30 20:17 - 000000000 ____D C:\Users\Todos os Usuários\KMSAutoS
2017-10-19 10:31 - 2016-05-30 20:17 - 000000000 ____D C:\ProgramData\KMSAutoS
2017-10-18 15:29 - 2016-06-03 13:41 - 000000000 ____D C:\Users\ADM\AppData\Roaming\PhotoScape
2017-10-18 11:23 - 2016-06-01 20:35 - 000000000 ____D C:\Program Files\Autodesk
2017-10-18 11:23 - 2016-05-30 20:40 - 000000000 ____D C:\Users\Todos os Usuários\Autodesk
2017-10-18 11:23 - 2016-05-30 20:40 - 000000000 ____D C:\ProgramData\Autodesk
2017-10-11 16:25 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-11 13:17 - 2016-06-01 21:43 - 000000000 ____D C:\Users\ADM\AppData\Local\Autodesk
2017-10-11 12:54 - 2016-07-24 15:21 - 000000000 ____D C:\Users\Public\Documents\Autodesk
2017-10-11 12:53 - 2016-06-01 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-10-11 12:43 - 2016-06-01 20:36 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2017-10-11 10:22 - 2016-05-30 20:31 - 000000000 ____D C:\Autodesk
2017-10-11 09:22 - 2017-09-23 15:25 - 013079792 _____ C:\Users\ADM\Downloads\Revit_2018_G1_Win_64bit_wi_pt-BR_Setup.exe
==================== Arquivos na raiz de alguns diretórios =======
2017-10-23 23:51 - 2017-10-23 23:51 - 000000046 _____ () C:\Users\ADM\AppData\Roaming\Camdata.ini
2017-10-23 23:51 - 2017-10-23 23:51 - 000000408 _____ () C:\Users\ADM\AppData\Roaming\CamLayout.ini
2017-10-23 23:51 - 2017-10-23 23:51 - 000000408 _____ () C:\Users\ADM\AppData\Roaming\CamShapes.ini
2017-10-23 15:53 - 2017-10-23 23:32 - 000004509 _____ () C:\Users\ADM\AppData\Roaming\CamStudio.cfg
2017-10-25 00:08 - 2017-10-25 00:08 - 000000044 _____ () C:\Users\ADM\AppData\Roaming\WB.CFG
2017-08-19 16:18 - 2017-08-19 16:18 - 000140800 _____ () C:\Users\ADM\AppData\Local\installer.dat
2017-02-01 13:26 - 2017-02-01 13:26 - 000000000 _____ () C:\Users\ADM\AppData\Local\{E7A1349A-30F7-4561-B549-15EEEFF28B73}
2017-10-24 01:55 - 2017-10-24 01:55 - 000005051 _____ () C:\ProgramData\czchsjpj.srw
2016-07-24 13:32 - 2016-07-24 13:32 - 000000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2017-10-23 12:43 - 2017-10-23 12:43 - 000000016 _____ () C:\ProgramData\mntemp
2017-10-23 12:43 - 2017-10-23 12:43 - 000004147 _____ () C:\ProgramData\ubnmeoaw.nlb
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{5192992B-B06E-833F-0D3A-0E75E0B9CBF9}.job
Alguns arquivos em TEMP:
====================
2017-10-08 19:24 - 2016-01-26 08:03 - 000021952 _____ (Autodesk, Inc.) C:\Users\ADM\AppData\Local\Temp\AcDeltree.exe
2017-10-24 23:17 - 2017-10-24 23:17 - 001055936 _____ (Adobe) C:\Users\ADM\AppData\Local\Temp\flashplayer_setup.exe
2017-10-18 11:23 - 2017-10-18 11:23 - 002398688 _____ (Flexera Software LLC) C:\Users\ADM\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-10-27 16:15
==================== Fim de FRST.txt ============================