Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 24.10.2018
Executado por Fernanda (administrador) em FERNANDA-PC (28-10-2018 10:22:43)
Executando a partir de C:\Users\Fernanda\Desktop\eu
Perfis Carregados: Fernanda (Perfis Disponíveis: Fernanda)
Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AOMEI Tech Co., Ltd.) C:\Program Files\AOMEI Backupper\ABService.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_TATIRWE.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE
(Scopus Soluções em TI Ltda) C:\Program Files\scpbrad\scpbradserv.exe
(Scopus Soluções em TI Ltda) C:\Program Files\scpbrad\scpbradguard.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Kakao) C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\Run: [uTorrent] => C:\Users\Fernanda\AppData\Roaming\uTorrent\uTorrent.exe [1991608 2018-10-06] (BitTorrent Inc.)
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3952696 2018-09-28] (Tonec Inc.)
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIRWE.EXE [380400 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\Policies\Explorer: [NoAutoUpdate] 1
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\MountPoints2: {9c7e934d-c99f-11e8-bb3b-089e01a252be} - åŽä¸ºæ‰‹æœºåŠ©æ‰‹å®‰è£…å‘导.exe
GroupPolicy: Restrição ? <==== ATENÇÃO
GroupPolicy\User: Restrição ? <==== ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{01CFDC68-A2F0-4304-A5A0-0C4B107ACB6F}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2018-06-19] (Internet Download Manager, Tonec Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
FireFox:
========
FF HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Fernanda\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Fernanda\AppData\Roaming\IDM\idmmzcc5 [2018-10-06] [Legacy] [não assinado]
FF HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @adobe.com/AuthorwarePlayer -> C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll [2004-07-02] (Macromedia, Inc.)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-13] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-06] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default [2018-10-28]
CHR Extension: (Apresentações) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-06]
CHR Extension: (Documentos) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-06]
CHR Extension: (Google Drive) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-06]
CHR Extension: (YouTube) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-06]
CHR Extension: (Tampermonkey) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-10-06]
CHR Extension: (Planilhas) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-06]
CHR Extension: (Documentos Google off-line) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-06]
CHR Extension: (IDM Integration Module) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-10-20]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-06]
CHR Extension: (Gmail) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-06]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2018-09-28]
CHR HKU\S-1-5-21-4017141070-1095090218-117845746-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 Backupper Service; C:\Program Files\AOMEI Backupper\ABService.exe [29912 2015-03-19] (AOMEI Tech Co., Ltd.) [Arquivo não assinado]
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE [143424 2013-04-15] (SEIKO EPSON CORPORATION)
R2 scpbradserv; C:\Program Files\scpbrad\scpbradserv.exe [1995232 2017-03-28] (Scopus Soluções em TI Ltda)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [220776 2016-05-06] (Synaptics Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [26424 2015-02-26] () [Arquivo não assinado]
R3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [85312 2013-05-27] (Advanced Micro Devices, INC.)
R3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [179936 2016-01-14] (Advanced Micro Devices, INC.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [71880 2014-09-23] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [36040 2014-09-23] (Advanced Micro Devices)
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [129720 2015-02-26] () [Arquivo não assinado]
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [14392 2015-02-26] () [Arquivo não assinado]
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus.sys [32512 2016-09-01] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [32768 2016-09-01] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [37376 2016-09-01] (LG Electronics Inc.)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [3237888 2013-11-01] (Qualcomm Atheros Communications, Inc.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2015-03-05] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2016-11-24] ()
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [38152 2016-02-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-10-28 10:22 - 2018-10-28 10:22 - 000000000 ____D C:\FRST
2018-10-28 10:12 - 2018-10-28 10:13 - 000102400 _____ C:\Users\Fernanda\Documents\Package_List.pkg
2018-10-28 10:10 - 2018-10-28 10:13 - 000000000 ____D C:\Users\Fernanda\Documents\bin
2018-10-28 10:10 - 2018-10-28 01:20 - 041451882 _____ C:\Users\Fernanda\Documents\PKG_Linker_V2.0_Installer.exe
2018-10-28 10:10 - 2018-04-01 12:50 - 002981888 _____ (pink1) C:\Users\Fernanda\Documents\PKG Linker V2.0.exe
2018-10-28 10:10 - 2018-03-29 16:01 - 000000972 _____ C:\Users\Fernanda\Documents\PKG Linker V2.0.exe.config
2018-10-28 10:10 - 2018-03-28 14:47 - 000000000 ____D C:\Users\Fernanda\Documents\unsigned
2018-10-28 05:48 - 2018-10-28 10:12 - 000000000 ____D C:\PKG Linker
2018-10-28 05:35 - 2018-06-07 09:21 - 000022720 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-10-28 05:33 - 2016-08-10 11:07 - 000084816 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2018-10-28 05:22 - 2018-10-20 23:49 - 1970742112 _____ C:\Users\Fernanda\Documents\000000-NPUB31617_00-1GAME00000000000.pkg
2018-10-28 05:21 - 2018-10-28 05:47 - 000119408 _____ C:\Package_List.pkg
2018-10-28 05:12 - 2018-03-28 14:47 - 000000000 ____D C:\unsigned
2018-10-28 05:11 - 2018-10-28 05:47 - 000000000 ____D C:\bin
2018-10-28 05:11 - 2018-10-28 01:20 - 041451882 _____ C:\PKG_Linker_V2.0_Installer.exe
2018-10-28 05:11 - 2018-04-01 12:50 - 002981888 ____N (pink1) C:\PKG Linker V2.0.exe
2018-10-28 05:11 - 2018-03-29 16:01 - 000000972 _____ C:\PKG Linker V2.0.exe.config
2018-10-28 03:50 - 2018-10-28 04:02 - 000000000 ____D C:\Users\Fernanda\Desktop\GAMEZ
2018-10-28 03:02 - 2018-10-28 04:38 - 000000000 ____D C:\Users\Fernanda\Desktop\codbo2
2018-10-28 01:52 - 2018-10-28 03:26 - 000000000 ____D C:\Users\Fernanda\Desktop\GAMES
2018-10-27 15:01 - 2018-09-03 11:22 - 003214336 _____ C:\Windows\system32\pwNative.exe
2018-10-27 15:01 - 2016-11-24 15:29 - 000013064 _____ C:\Windows\system32\pwdspio.sys
2018-10-27 15:01 - 2015-03-05 11:15 - 000017160 _____ C:\Windows\system32\pwdrvio.sys
2018-10-27 15:00 - 2018-10-27 15:01 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 10
2018-10-27 15:00 - 2018-10-27 15:00 - 000001140 _____ C:\Users\Public\Desktop\MiniTool Partition Wizard.lnk
2018-10-27 15:00 - 2018-10-27 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 10
2018-10-27 00:49 - 2018-10-27 00:49 - 000000000 ____D C:\Users\Todos os Usuários\Symobi
2018-10-27 00:49 - 2018-10-27 00:49 - 000000000 ____D C:\ProgramData\Symobi
2018-10-27 00:47 - 2018-10-28 00:50 - 000000000 ____D C:\Users\Fernanda\Desktop\c l o n e
2018-10-27 00:47 - 2018-10-27 00:47 - 000001064 _____ C:\Users\Public\Desktop\HDClone.lnk
2018-10-27 00:47 - 2018-10-27 00:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDClone 8 Free Edition
2018-10-27 00:45 - 2018-10-27 00:47 - 000000000 ____D C:\Program Files\HDClone 8 Free Edition
2018-10-26 23:47 - 2018-10-26 23:49 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\Apple Computer
2018-10-26 23:47 - 2018-10-26 23:47 - 000000000 ____D C:\Users\Fernanda\AppData\Local\Apple Computer
2018-10-26 23:46 - 2018-10-26 23:46 - 000001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-10-26 23:46 - 2018-10-26 23:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-10-26 23:46 - 2012-10-03 16:14 - 000026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2018-10-26 23:44 - 2018-10-26 23:46 - 000000000 ____D C:\Users\Todos os Usuários\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2018-10-26 23:44 - 2018-10-26 23:46 - 000000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2018-10-26 23:44 - 2018-10-26 23:46 - 000000000 ____D C:\Program Files\iTunes
2018-10-26 23:44 - 2018-10-26 23:44 - 000000000 ____D C:\Users\Todos os Usuários\Apple Computer
2018-10-26 23:44 - 2018-10-26 23:44 - 000000000 ____D C:\ProgramData\Apple Computer
2018-10-26 23:44 - 2018-10-26 23:44 - 000000000 ____D C:\Program Files\iPod
2018-10-26 23:41 - 2018-10-26 23:41 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-10-26 23:41 - 2018-10-26 23:41 - 000000000 ____D C:\Users\Fernanda\AppData\Local\Apple
2018-10-26 23:41 - 2018-10-26 23:41 - 000000000 ____D C:\Program Files\Apple Software Update
2018-10-26 23:40 - 2018-10-26 23:44 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-10-26 23:40 - 2018-10-26 23:41 - 000000000 ____D C:\Users\Todos os Usuários\Apple
2018-10-26 23:40 - 2018-10-26 23:41 - 000000000 ____D C:\ProgramData\Apple
2018-10-26 23:40 - 2018-10-26 23:40 - 000000000 ____D C:\Program Files\Bonjour
2018-10-25 21:05 - 2018-10-25 21:05 - 000000052 _____ C:\Windows\system32\lgAxconfig.ini
2018-10-25 21:04 - 2018-10-25 21:05 - 000000000 ____D C:\Users\Todos os Usuários\LGMOBILEAX
2018-10-25 21:04 - 2018-10-25 21:05 - 000000000 ____D C:\ProgramData\LGMOBILEAX
2018-10-25 20:55 - 2018-10-25 20:55 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2018-10-25 20:55 - 2018-10-25 20:55 - 000000000 ____D C:\Program Files\LG Electronics
2018-10-25 20:55 - 2016-09-01 14:54 - 000037376 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem.sys
2018-10-25 20:55 - 2016-09-01 14:54 - 000032768 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag.sys
2018-10-25 20:55 - 2016-09-01 14:54 - 000032512 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetbus.sys
2018-10-24 20:25 - 2018-10-24 20:25 - 000208480 _____ C:\Windows\Minidump\102418-21793-01.dmp
2018-10-23 19:25 - 2018-10-23 19:25 - 000001116 _____ C:\Users\Public\Desktop\PotPlayer.lnk
2018-10-23 19:02 - 2018-10-23 19:02 - 000000000 ___SD C:\Users\Fernanda\AppData\LocalLow\Temp
2018-10-22 03:24 - 2018-10-22 03:24 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\PotPlayerMini
2018-10-22 03:12 - 2018-10-22 03:12 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\Daum
2018-10-22 03:10 - 2018-10-22 03:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2018-10-21 17:52 - 2018-10-21 17:52 - 000000000 ____D C:\Windows\system32\BestPractices
2018-10-21 17:52 - 2018-10-21 17:52 - 000000000 ____D C:\Users\Fernanda\AppData\Local\Mama's_Little_Bakery
2018-10-21 17:52 - 2018-10-21 17:52 - 000000000 ____D C:\inetpub
2018-10-21 17:45 - 2018-10-21 17:45 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\J-Runner
2018-10-21 17:16 - 2018-10-25 20:57 - 000004608 _____ C:\Users\Fernanda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-10-21 12:16 - 2018-10-21 12:16 - 000001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-10-21 12:16 - 2018-10-21 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-10-21 12:15 - 2018-10-21 12:15 - 000000000 ____D C:\Program Files\VideoLAN
2018-10-21 11:42 - 2009-11-25 11:47 - 001130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2018-10-21 11:42 - 2009-11-25 11:47 - 000297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2018-10-21 11:42 - 2009-11-25 11:47 - 000295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2018-10-21 11:42 - 2009-11-25 11:47 - 000099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2018-10-21 11:42 - 2009-11-25 11:47 - 000049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2018-10-20 19:31 - 2018-10-20 19:32 - 000102400 _____ C:\Users\Fernanda\Documents\000000-NPUB31617_00-3LIC000000000000.pkg
2018-10-20 19:30 - 2018-10-20 19:32 - 022004880 _____ C:\Users\Fernanda\Documents\000000-NPUB31617_00-2PATCH0000000000.pkg
2018-10-20 18:59 - 2018-10-20 18:59 - 000000132 _____ C:\Users\Fernanda\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-10-20 18:45 - 2018-10-20 18:45 - 000000000 ____D C:\Users\Fernanda\AppData\LocalLow\Adobe
2018-10-20 18:23 - 2018-10-20 18:23 - 000001165 _____ C:\Users\Fernanda\Desktop\Adobe Photoshop CS6.lnk
2018-10-20 18:23 - 2018-10-20 18:23 - 000000000 ____D C:\Users\Todos os Usuários\regid.1986-12.com.adobe
2018-10-20 18:23 - 2018-10-20 18:23 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-10-20 18:22 - 2018-10-20 18:22 - 000001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2018-10-20 18:21 - 2018-10-20 18:21 - 000001477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2018-10-20 18:21 - 2018-10-20 18:21 - 000001311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2018-10-20 18:19 - 2018-10-20 18:19 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\Macromedia
2018-10-20 18:18 - 2018-10-20 19:22 - 000000000 ____D C:\Users\Fernanda\AppData\Local\Adobe
2018-10-19 09:51 - 2018-10-28 10:22 - 000000000 ____D C:\Users\Fernanda\Desktop\eu
2018-10-19 09:27 - 2018-10-28 09:27 - 000000919 _____ C:\Windows\Tasks\EPSON L395 Series Update {31966F8C-DA62-4199-9A38-DA29215419A3}.job
2018-10-19 09:27 - 2018-10-19 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-10-19 09:27 - 2018-10-19 09:27 - 000000000 ____D C:\Program Files\Common Files\EPSON
2018-10-19 09:26 - 2018-10-19 09:26 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01011.Wdf
2018-10-19 09:26 - 2015-12-09 04:08 - 000144896 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_TLMBRWE.DLL
2018-10-19 09:26 - 2011-03-15 03:03 - 000081408 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_TD4BRWE.DLL
2018-10-19 09:25 - 2018-10-19 09:27 - 000000000 ____D C:\Users\Todos os Usuários\EPSON
2018-10-19 09:25 - 2018-10-19 09:27 - 000000000 ____D C:\ProgramData\EPSON
2018-10-07 04:00 - 2018-10-20 18:31 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\Adobe
2018-10-07 03:04 - 2018-10-07 03:04 - 000000468 __RSH C:\Users\Todos os Usuários\ntuser.pol
2018-10-07 03:04 - 2018-10-07 03:04 - 000000468 __RSH C:\ProgramData\ntuser.pol
2018-10-07 00:03 - 2018-10-07 00:03 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xb1usb_01011.Wdf
2018-10-06 22:57 - 2018-10-23 23:39 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\Foxit Software
2018-10-06 22:57 - 2018-10-06 22:57 - 000000000 ____D C:\Users\Public\Foxit Software
2018-10-06 22:51 - 2018-10-28 10:07 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\DMCache
2018-10-06 22:51 - 2018-10-21 09:47 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\IDM
2018-10-06 22:51 - 2018-10-06 22:51 - 000000979 _____ C:\Users\Fernanda\Desktop\Internet Download Manager.lnk
2018-10-06 22:51 - 2018-10-06 22:51 - 000000000 ____D C:\Users\Todos os Usuários\IDM
2018-10-06 22:51 - 2018-10-06 22:51 - 000000000 ____D C:\Users\Fernanda\Downloads\Video
2018-10-06 22:51 - 2018-10-06 22:51 - 000000000 ____D C:\Users\Fernanda\Downloads\Compressed
2018-10-06 22:51 - 2018-10-06 22:51 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-10-06 22:51 - 2018-10-06 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-10-06 22:51 - 2018-10-06 22:51 - 000000000 ____D C:\ProgramData\IDM
2018-10-06 22:51 - 2018-10-06 22:51 - 000000000 ____D C:\Program Files\Internet Download Manager
2018-10-06 17:40 - 2018-10-06 19:35 - 2000360709 _____ C:\Users\Fernanda\Downloads\Spider-Man 3.7z
2018-10-06 17:40 - 2018-10-06 17:40 - 000021001 _____ C:\Users\Fernanda\Downloads\Silent Hill - Shattered Memories (USA) (En,Fr,Es).torrent
2018-10-06 17:39 - 2018-10-06 17:40 - 000048647 _____ C:\Users\Fernanda\Downloads\Silent Hill Origins (USA) (En,Fr,De,Es,It).torrent
2018-10-06 16:38 - 2018-10-07 23:37 - 000000000 ____D C:\coisas
2018-10-06 16:38 - 2018-10-06 16:38 - 000143814 _____ C:\Users\Fernanda\Downloads\Metal Gear Solid 3 Subsistence (2006).torrent
2018-10-06 16:28 - 2018-10-28 10:10 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\uTorrent
2018-10-06 16:28 - 2018-10-06 16:28 - 000000857 _____ C:\Users\Fernanda\Desktop\µTorrent.lnk
2018-10-06 16:28 - 2018-10-06 16:28 - 000000837 _____ C:\Users\Fernanda\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2018-10-06 16:26 - 2018-10-06 16:27 - 002993992 _____ (BitTorrent Inc.) C:\Users\Fernanda\Downloads\uTorrent.exe
2018-09-28 06:31 - 2018-03-01 11:36 - 000149688 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-10-28 10:13 - 2016-08-06 11:50 - 001754706 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-28 10:13 - 2009-08-04 23:58 - 000753086 _____ C:\Windows\system32\prfh0416.dat
2018-10-28 10:13 - 2009-08-04 23:58 - 000162048 _____ C:\Windows\system32\prfc0416.dat
2018-10-28 10:13 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2018-10-28 10:08 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-28 09:57 - 2009-07-14 01:34 - 000009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-28 09:57 - 2009-07-14 01:34 - 000009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-28 05:27 - 2018-08-06 13:30 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache
2018-10-28 05:27 - 2018-08-06 13:30 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-28 03:01 - 2018-03-20 16:00 - 000000000 ____D C:\Users\Fernanda\Desktop\CFW2OFW V11
2018-10-24 20:25 - 2016-10-01 18:40 - 152202973 _____ C:\Windows\MEMORY.DMP
2018-10-24 20:25 - 2016-10-01 18:40 - 000000000 ____D C:\Windows\Minidump
2018-10-24 19:41 - 2016-09-24 12:07 - 000000000 ____D C:\Program Files\Snes.net
2018-10-23 23:36 - 2016-08-06 15:43 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-10-23 23:36 - 2016-08-06 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-10-22 03:17 - 2016-08-04 20:50 - 000000000 ____D C:\Users\Fernanda
2018-10-22 01:30 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\rescache
2018-10-21 17:52 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\inetsrv
2018-10-21 12:57 - 2009-07-14 01:33 - 003747552 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-21 12:45 - 2016-08-06 11:57 - 000086192 _____ C:\Users\Fernanda\AppData\Local\GDIPFONTCACHEV1.DAT
2018-10-20 18:24 - 2016-08-06 13:19 - 000000000 ____D C:\Program Files\Adobe
2018-10-20 18:23 - 2016-08-06 13:20 - 000000000 ____D C:\Users\Todos os Usuários\Adobe
2018-10-20 18:23 - 2016-08-06 13:20 - 000000000 ____D C:\ProgramData\Adobe
2018-10-20 18:22 - 2016-08-06 13:19 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-10-19 09:22 - 2016-09-01 12:29 - 000000000 ____D C:\Users\Fernanda\AppData\Local\ElevatedDiagnostics
2018-10-06 16:40 - 2016-08-06 15:58 - 000001888 __RSH C:\Users\Fernanda\ntuser.pol
2018-10-06 16:39 - 2018-08-06 13:39 - 000000000 ____D C:\Program Files\uTorrent
2018-10-06 16:04 - 2009-07-13 23:37 - 000000000 __RHD C:\Users\Public\Libraries
2018-10-06 13:12 - 2016-08-06 11:59 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-06 13:12 - 2016-08-06 11:59 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Arquivos na raiz de alguns diretórios =======
2018-10-20 18:59 - 2018-10-20 18:59 - 000000132 _____ () C:\Users\Fernanda\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-10-21 17:16 - 2018-10-25 20:57 - 000004608 _____ () C:\Users\Fernanda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Alguns arquivos em TEMP:
====================
2016-08-06 15:22 - 2016-08-06 15:22 - 000307400 _____ (ESET) C:\Users\Fernanda\AppData\Local\Temp\InstHelper.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll
[2009-07-13 20:24] - [2009-07-13 22:16] - 000811520 _____ (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2018-10-21 13:51
==================== Fim de FRST.txt ============================
Executado por Fernanda (administrador) em FERNANDA-PC (28-10-2018 10:22:43)
Executando a partir de C:\Users\Fernanda\Desktop\eu
Perfis Carregados: Fernanda (Perfis Disponíveis: Fernanda)
Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AOMEI Tech Co., Ltd.) C:\Program Files\AOMEI Backupper\ABService.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_TATIRWE.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE
(Scopus Soluções em TI Ltda) C:\Program Files\scpbrad\scpbradserv.exe
(Scopus Soluções em TI Ltda) C:\Program Files\scpbrad\scpbradguard.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Kakao) C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\Run: [uTorrent] => C:\Users\Fernanda\AppData\Roaming\uTorrent\uTorrent.exe [1991608 2018-10-06] (BitTorrent Inc.)
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3952696 2018-09-28] (Tonec Inc.)
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIRWE.EXE [380400 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\Policies\Explorer: [NoAutoUpdate] 1
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\MountPoints2: {9c7e934d-c99f-11e8-bb3b-089e01a252be} - åŽä¸ºæ‰‹æœºåŠ©æ‰‹å®‰è£…å‘导.exe
GroupPolicy: Restrição ? <==== ATENÇÃO
GroupPolicy\User: Restrição ? <==== ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{01CFDC68-A2F0-4304-A5A0-0C4B107ACB6F}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKU\S-1-5-21-4017141070-1095090218-117845746-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2018-06-19] (Internet Download Manager, Tonec Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
FireFox:
========
FF HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Fernanda\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Fernanda\AppData\Roaming\IDM\idmmzcc5 [2018-10-06] [Legacy] [não assinado]
FF HKU\S-1-5-21-4017141070-1095090218-117845746-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @adobe.com/AuthorwarePlayer -> C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll [2004-07-02] (Macromedia, Inc.)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-13] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-06] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default [2018-10-28]
CHR Extension: (Apresentações) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-06]
CHR Extension: (Documentos) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-06]
CHR Extension: (Google Drive) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-06]
CHR Extension: (YouTube) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-06]
CHR Extension: (Tampermonkey) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-10-06]
CHR Extension: (Planilhas) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-06]
CHR Extension: (Documentos Google off-line) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-06]
CHR Extension: (IDM Integration Module) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-10-20]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-06]
CHR Extension: (Gmail) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\Fernanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-06]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2018-09-28]
CHR HKU\S-1-5-21-4017141070-1095090218-117845746-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 Backupper Service; C:\Program Files\AOMEI Backupper\ABService.exe [29912 2015-03-19] (AOMEI Tech Co., Ltd.) [Arquivo não assinado]
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE [143424 2013-04-15] (SEIKO EPSON CORPORATION)
R2 scpbradserv; C:\Program Files\scpbrad\scpbradserv.exe [1995232 2017-03-28] (Scopus Soluções em TI Ltda)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [220776 2016-05-06] (Synaptics Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [26424 2015-02-26] () [Arquivo não assinado]
R3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [85312 2013-05-27] (Advanced Micro Devices, INC.)
R3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [179936 2016-01-14] (Advanced Micro Devices, INC.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [71880 2014-09-23] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [36040 2014-09-23] (Advanced Micro Devices)
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [129720 2015-02-26] () [Arquivo não assinado]
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [14392 2015-02-26] () [Arquivo não assinado]
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus.sys [32512 2016-09-01] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [32768 2016-09-01] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [37376 2016-09-01] (LG Electronics Inc.)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [3237888 2013-11-01] (Qualcomm Atheros Communications, Inc.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2015-03-05] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2016-11-24] ()
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [38152 2016-02-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-10-28 10:22 - 2018-10-28 10:22 - 000000000 ____D C:\FRST
2018-10-28 10:12 - 2018-10-28 10:13 - 000102400 _____ C:\Users\Fernanda\Documents\Package_List.pkg
2018-10-28 10:10 - 2018-10-28 10:13 - 000000000 ____D C:\Users\Fernanda\Documents\bin
2018-10-28 10:10 - 2018-10-28 01:20 - 041451882 _____ C:\Users\Fernanda\Documents\PKG_Linker_V2.0_Installer.exe
2018-10-28 10:10 - 2018-04-01 12:50 - 002981888 _____ (pink1) C:\Users\Fernanda\Documents\PKG Linker V2.0.exe
2018-10-28 10:10 - 2018-03-29 16:01 - 000000972 _____ C:\Users\Fernanda\Documents\PKG Linker V2.0.exe.config
2018-10-28 10:10 - 2018-03-28 14:47 - 000000000 ____D C:\Users\Fernanda\Documents\unsigned
2018-10-28 05:48 - 2018-10-28 10:12 - 000000000 ____D C:\PKG Linker
2018-10-28 05:35 - 2018-06-07 09:21 - 000022720 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-10-28 05:33 - 2016-08-10 11:07 - 000084816 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2018-10-28 05:22 - 2018-10-20 23:49 - 1970742112 _____ C:\Users\Fernanda\Documents\000000-NPUB31617_00-1GAME00000000000.pkg
2018-10-28 05:21 - 2018-10-28 05:47 - 000119408 _____ C:\Package_List.pkg
2018-10-28 05:12 - 2018-03-28 14:47 - 000000000 ____D C:\unsigned
2018-10-28 05:11 - 2018-10-28 05:47 - 000000000 ____D C:\bin
2018-10-28 05:11 - 2018-10-28 01:20 - 041451882 _____ C:\PKG_Linker_V2.0_Installer.exe
2018-10-28 05:11 - 2018-04-01 12:50 - 002981888 ____N (pink1) C:\PKG Linker V2.0.exe
2018-10-28 05:11 - 2018-03-29 16:01 - 000000972 _____ C:\PKG Linker V2.0.exe.config
2018-10-28 03:50 - 2018-10-28 04:02 - 000000000 ____D C:\Users\Fernanda\Desktop\GAMEZ
2018-10-28 03:02 - 2018-10-28 04:38 - 000000000 ____D C:\Users\Fernanda\Desktop\codbo2
2018-10-28 01:52 - 2018-10-28 03:26 - 000000000 ____D C:\Users\Fernanda\Desktop\GAMES
2018-10-27 15:01 - 2018-09-03 11:22 - 003214336 _____ C:\Windows\system32\pwNative.exe
2018-10-27 15:01 - 2016-11-24 15:29 - 000013064 _____ C:\Windows\system32\pwdspio.sys
2018-10-27 15:01 - 2015-03-05 11:15 - 000017160 _____ C:\Windows\system32\pwdrvio.sys
2018-10-27 15:00 - 2018-10-27 15:01 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 10
2018-10-27 15:00 - 2018-10-27 15:00 - 000001140 _____ C:\Users\Public\Desktop\MiniTool Partition Wizard.lnk
2018-10-27 15:00 - 2018-10-27 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 10
2018-10-27 00:49 - 2018-10-27 00:49 - 000000000 ____D C:\Users\Todos os Usuários\Symobi
2018-10-27 00:49 - 2018-10-27 00:49 - 000000000 ____D C:\ProgramData\Symobi
2018-10-27 00:47 - 2018-10-28 00:50 - 000000000 ____D C:\Users\Fernanda\Desktop\c l o n e
2018-10-27 00:47 - 2018-10-27 00:47 - 000001064 _____ C:\Users\Public\Desktop\HDClone.lnk
2018-10-27 00:47 - 2018-10-27 00:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDClone 8 Free Edition
2018-10-27 00:45 - 2018-10-27 00:47 - 000000000 ____D C:\Program Files\HDClone 8 Free Edition
2018-10-26 23:47 - 2018-10-26 23:49 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\Apple Computer
2018-10-26 23:47 - 2018-10-26 23:47 - 000000000 ____D C:\Users\Fernanda\AppData\Local\Apple Computer
2018-10-26 23:46 - 2018-10-26 23:46 - 000001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-10-26 23:46 - 2018-10-26 23:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-10-26 23:46 - 2012-10-03 16:14 - 000026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2018-10-26 23:44 - 2018-10-26 23:46 - 000000000 ____D C:\Users\Todos os Usuários\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2018-10-26 23:44 - 2018-10-26 23:46 - 000000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2018-10-26 23:44 - 2018-10-26 23:46 - 000000000 ____D C:\Program Files\iTunes
2018-10-26 23:44 - 2018-10-26 23:44 - 000000000 ____D C:\Users\Todos os Usuários\Apple Computer
2018-10-26 23:44 - 2018-10-26 23:44 - 000000000 ____D C:\ProgramData\Apple Computer
2018-10-26 23:44 - 2018-10-26 23:44 - 000000000 ____D C:\Program Files\iPod
2018-10-26 23:41 - 2018-10-26 23:41 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-10-26 23:41 - 2018-10-26 23:41 - 000000000 ____D C:\Users\Fernanda\AppData\Local\Apple
2018-10-26 23:41 - 2018-10-26 23:41 - 000000000 ____D C:\Program Files\Apple Software Update
2018-10-26 23:40 - 2018-10-26 23:44 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-10-26 23:40 - 2018-10-26 23:41 - 000000000 ____D C:\Users\Todos os Usuários\Apple
2018-10-26 23:40 - 2018-10-26 23:41 - 000000000 ____D C:\ProgramData\Apple
2018-10-26 23:40 - 2018-10-26 23:40 - 000000000 ____D C:\Program Files\Bonjour
2018-10-25 21:05 - 2018-10-25 21:05 - 000000052 _____ C:\Windows\system32\lgAxconfig.ini
2018-10-25 21:04 - 2018-10-25 21:05 - 000000000 ____D C:\Users\Todos os Usuários\LGMOBILEAX
2018-10-25 21:04 - 2018-10-25 21:05 - 000000000 ____D C:\ProgramData\LGMOBILEAX
2018-10-25 20:55 - 2018-10-25 20:55 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2018-10-25 20:55 - 2018-10-25 20:55 - 000000000 ____D C:\Program Files\LG Electronics
2018-10-25 20:55 - 2016-09-01 14:54 - 000037376 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem.sys
2018-10-25 20:55 - 2016-09-01 14:54 - 000032768 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag.sys
2018-10-25 20:55 - 2016-09-01 14:54 - 000032512 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetbus.sys
2018-10-24 20:25 - 2018-10-24 20:25 - 000208480 _____ C:\Windows\Minidump\102418-21793-01.dmp
2018-10-23 19:25 - 2018-10-23 19:25 - 000001116 _____ C:\Users\Public\Desktop\PotPlayer.lnk
2018-10-23 19:02 - 2018-10-23 19:02 - 000000000 ___SD C:\Users\Fernanda\AppData\LocalLow\Temp
2018-10-22 03:24 - 2018-10-22 03:24 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\PotPlayerMini
2018-10-22 03:12 - 2018-10-22 03:12 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\Daum
2018-10-22 03:10 - 2018-10-22 03:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2018-10-21 17:52 - 2018-10-21 17:52 - 000000000 ____D C:\Windows\system32\BestPractices
2018-10-21 17:52 - 2018-10-21 17:52 - 000000000 ____D C:\Users\Fernanda\AppData\Local\Mama's_Little_Bakery
2018-10-21 17:52 - 2018-10-21 17:52 - 000000000 ____D C:\inetpub
2018-10-21 17:45 - 2018-10-21 17:45 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\J-Runner
2018-10-21 17:16 - 2018-10-25 20:57 - 000004608 _____ C:\Users\Fernanda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-10-21 12:16 - 2018-10-21 12:16 - 000001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-10-21 12:16 - 2018-10-21 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-10-21 12:15 - 2018-10-21 12:15 - 000000000 ____D C:\Program Files\VideoLAN
2018-10-21 11:42 - 2009-11-25 11:47 - 001130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2018-10-21 11:42 - 2009-11-25 11:47 - 000297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2018-10-21 11:42 - 2009-11-25 11:47 - 000295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2018-10-21 11:42 - 2009-11-25 11:47 - 000099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2018-10-21 11:42 - 2009-11-25 11:47 - 000049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2018-10-20 19:31 - 2018-10-20 19:32 - 000102400 _____ C:\Users\Fernanda\Documents\000000-NPUB31617_00-3LIC000000000000.pkg
2018-10-20 19:30 - 2018-10-20 19:32 - 022004880 _____ C:\Users\Fernanda\Documents\000000-NPUB31617_00-2PATCH0000000000.pkg
2018-10-20 18:59 - 2018-10-20 18:59 - 000000132 _____ C:\Users\Fernanda\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-10-20 18:45 - 2018-10-20 18:45 - 000000000 ____D C:\Users\Fernanda\AppData\LocalLow\Adobe
2018-10-20 18:23 - 2018-10-20 18:23 - 000001165 _____ C:\Users\Fernanda\Desktop\Adobe Photoshop CS6.lnk
2018-10-20 18:23 - 2018-10-20 18:23 - 000000000 ____D C:\Users\Todos os Usuários\regid.1986-12.com.adobe
2018-10-20 18:23 - 2018-10-20 18:23 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-10-20 18:22 - 2018-10-20 18:22 - 000001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2018-10-20 18:21 - 2018-10-20 18:21 - 000001477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2018-10-20 18:21 - 2018-10-20 18:21 - 000001311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2018-10-20 18:19 - 2018-10-20 18:19 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\Macromedia
2018-10-20 18:18 - 2018-10-20 19:22 - 000000000 ____D C:\Users\Fernanda\AppData\Local\Adobe
2018-10-19 09:51 - 2018-10-28 10:22 - 000000000 ____D C:\Users\Fernanda\Desktop\eu
2018-10-19 09:27 - 2018-10-28 09:27 - 000000919 _____ C:\Windows\Tasks\EPSON L395 Series Update {31966F8C-DA62-4199-9A38-DA29215419A3}.job
2018-10-19 09:27 - 2018-10-19 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-10-19 09:27 - 2018-10-19 09:27 - 000000000 ____D C:\Program Files\Common Files\EPSON
2018-10-19 09:26 - 2018-10-19 09:26 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01011.Wdf
2018-10-19 09:26 - 2015-12-09 04:08 - 000144896 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_TLMBRWE.DLL
2018-10-19 09:26 - 2011-03-15 03:03 - 000081408 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_TD4BRWE.DLL
2018-10-19 09:25 - 2018-10-19 09:27 - 000000000 ____D C:\Users\Todos os Usuários\EPSON
2018-10-19 09:25 - 2018-10-19 09:27 - 000000000 ____D C:\ProgramData\EPSON
2018-10-07 04:00 - 2018-10-20 18:31 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\Adobe
2018-10-07 03:04 - 2018-10-07 03:04 - 000000468 __RSH C:\Users\Todos os Usuários\ntuser.pol
2018-10-07 03:04 - 2018-10-07 03:04 - 000000468 __RSH C:\ProgramData\ntuser.pol
2018-10-07 00:03 - 2018-10-07 00:03 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xb1usb_01011.Wdf
2018-10-06 22:57 - 2018-10-23 23:39 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\Foxit Software
2018-10-06 22:57 - 2018-10-06 22:57 - 000000000 ____D C:\Users\Public\Foxit Software
2018-10-06 22:51 - 2018-10-28 10:07 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\DMCache
2018-10-06 22:51 - 2018-10-21 09:47 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\IDM
2018-10-06 22:51 - 2018-10-06 22:51 - 000000979 _____ C:\Users\Fernanda\Desktop\Internet Download Manager.lnk
2018-10-06 22:51 - 2018-10-06 22:51 - 000000000 ____D C:\Users\Todos os Usuários\IDM
2018-10-06 22:51 - 2018-10-06 22:51 - 000000000 ____D C:\Users\Fernanda\Downloads\Video
2018-10-06 22:51 - 2018-10-06 22:51 - 000000000 ____D C:\Users\Fernanda\Downloads\Compressed
2018-10-06 22:51 - 2018-10-06 22:51 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-10-06 22:51 - 2018-10-06 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-10-06 22:51 - 2018-10-06 22:51 - 000000000 ____D C:\ProgramData\IDM
2018-10-06 22:51 - 2018-10-06 22:51 - 000000000 ____D C:\Program Files\Internet Download Manager
2018-10-06 17:40 - 2018-10-06 19:35 - 2000360709 _____ C:\Users\Fernanda\Downloads\Spider-Man 3.7z
2018-10-06 17:40 - 2018-10-06 17:40 - 000021001 _____ C:\Users\Fernanda\Downloads\Silent Hill - Shattered Memories (USA) (En,Fr,Es).torrent
2018-10-06 17:39 - 2018-10-06 17:40 - 000048647 _____ C:\Users\Fernanda\Downloads\Silent Hill Origins (USA) (En,Fr,De,Es,It).torrent
2018-10-06 16:38 - 2018-10-07 23:37 - 000000000 ____D C:\coisas
2018-10-06 16:38 - 2018-10-06 16:38 - 000143814 _____ C:\Users\Fernanda\Downloads\Metal Gear Solid 3 Subsistence (2006).torrent
2018-10-06 16:28 - 2018-10-28 10:10 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\uTorrent
2018-10-06 16:28 - 2018-10-06 16:28 - 000000857 _____ C:\Users\Fernanda\Desktop\µTorrent.lnk
2018-10-06 16:28 - 2018-10-06 16:28 - 000000837 _____ C:\Users\Fernanda\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2018-10-06 16:26 - 2018-10-06 16:27 - 002993992 _____ (BitTorrent Inc.) C:\Users\Fernanda\Downloads\uTorrent.exe
2018-09-28 06:31 - 2018-03-01 11:36 - 000149688 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-10-28 10:13 - 2016-08-06 11:50 - 001754706 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-28 10:13 - 2009-08-04 23:58 - 000753086 _____ C:\Windows\system32\prfh0416.dat
2018-10-28 10:13 - 2009-08-04 23:58 - 000162048 _____ C:\Windows\system32\prfc0416.dat
2018-10-28 10:13 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2018-10-28 10:08 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-28 09:57 - 2009-07-14 01:34 - 000009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-28 09:57 - 2009-07-14 01:34 - 000009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-28 05:27 - 2018-08-06 13:30 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache
2018-10-28 05:27 - 2018-08-06 13:30 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-28 03:01 - 2018-03-20 16:00 - 000000000 ____D C:\Users\Fernanda\Desktop\CFW2OFW V11
2018-10-24 20:25 - 2016-10-01 18:40 - 152202973 _____ C:\Windows\MEMORY.DMP
2018-10-24 20:25 - 2016-10-01 18:40 - 000000000 ____D C:\Windows\Minidump
2018-10-24 19:41 - 2016-09-24 12:07 - 000000000 ____D C:\Program Files\Snes.net
2018-10-23 23:36 - 2016-08-06 15:43 - 000000000 ____D C:\Users\Fernanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-10-23 23:36 - 2016-08-06 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-10-22 03:17 - 2016-08-04 20:50 - 000000000 ____D C:\Users\Fernanda
2018-10-22 01:30 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\rescache
2018-10-21 17:52 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\inetsrv
2018-10-21 12:57 - 2009-07-14 01:33 - 003747552 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-21 12:45 - 2016-08-06 11:57 - 000086192 _____ C:\Users\Fernanda\AppData\Local\GDIPFONTCACHEV1.DAT
2018-10-20 18:24 - 2016-08-06 13:19 - 000000000 ____D C:\Program Files\Adobe
2018-10-20 18:23 - 2016-08-06 13:20 - 000000000 ____D C:\Users\Todos os Usuários\Adobe
2018-10-20 18:23 - 2016-08-06 13:20 - 000000000 ____D C:\ProgramData\Adobe
2018-10-20 18:22 - 2016-08-06 13:19 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-10-19 09:22 - 2016-09-01 12:29 - 000000000 ____D C:\Users\Fernanda\AppData\Local\ElevatedDiagnostics
2018-10-06 16:40 - 2016-08-06 15:58 - 000001888 __RSH C:\Users\Fernanda\ntuser.pol
2018-10-06 16:39 - 2018-08-06 13:39 - 000000000 ____D C:\Program Files\uTorrent
2018-10-06 16:04 - 2009-07-13 23:37 - 000000000 __RHD C:\Users\Public\Libraries
2018-10-06 13:12 - 2016-08-06 11:59 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-06 13:12 - 2016-08-06 11:59 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Arquivos na raiz de alguns diretórios =======
2018-10-20 18:59 - 2018-10-20 18:59 - 000000132 _____ () C:\Users\Fernanda\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-10-21 17:16 - 2018-10-25 20:57 - 000004608 _____ () C:\Users\Fernanda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Alguns arquivos em TEMP:
====================
2016-08-06 15:22 - 2016-08-06 15:22 - 000307400 _____ (ESET) C:\Users\Fernanda\AppData\Local\Temp\InstHelper.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll
[2009-07-13 20:24] - [2009-07-13 22:16] - 000811520 _____ (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2018-10-21 13:51
==================== Fim de FRST.txt ============================