Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 11.11.2018
Executado por CAE Estagiario 2 (administrador) em TERMINAL_54 (13-11-2018 08:47:15)
Executando a partir de C:\Users\CAE Estagiario 2\Desktop
Perfis Carregados: CAE Estagiario 2 (Perfis Disponíveis: CAE Estagiario 2)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINYE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATILUE.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\AutoCAD 2018\acad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINYE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\...\Run: [EPLTarget\P0000000000000004] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATILUE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10148352 2017-12-28] (FreeDownloadManager.org)
Startup: C:\Users\CAE Estagiario 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk [2018-07-27]
ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\CAE Estagiario 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de tela e Iniciador do OneNote 2007.lnk [2018-09-05]
ShortcutTarget: Recorte de tela e Iniciador do OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F4A468AB-19B1-4B18-A678-DA5517D6FDA3}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Sem Nome -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Nenhum Arquivo
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-08-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-23] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-07-31] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-23] (Oracle Corporation)
BHO-x32: Sem Nome -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Nenhum Arquivo
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-30] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-21] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: nyq0cejw.default
FF ProfilePath: C:\Users\CAE Estagiario 2\AppData\Roaming\Mozilla\Firefox\Profiles\nyq0cejw.default [2018-11-09]
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-04-16] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2018-11-09]
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default [2018-11-13]
CHR Extension: (Apresentações) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Documentos) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Google Drive) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-21]
CHR Extension: (YouTube) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-21]
CHR Extension: (Adblock Plus) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-11-09]
CHR Extension: (Planilhas) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Documentos Google off-line) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-28]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-16]
CHR Extension: (Gmail) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-21]
CHR Extension: (Chrome Media Router) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-09]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853984 2018-08-09] (Microsoft Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4665168 2015-09-24] (SafeNet Inc.)
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2896896 2017-09-29] (Microsoft Corporation) [Arquivo não assinado]
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [739520 2015-09-27] (@ByELDI) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1068376 2017-10-20] (GAS Tecnologia LTDA)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [77912 2015-09-24] (SafeNet Inc.)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [81368 2015-09-24] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [322560 2015-09-24] (SafeNet Inc.)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [350552 2015-09-24] (SafeNet Inc.)
R1 WMDrive; C:\Windows\SysWOW64\drivers\WMDrive.sys [92536 2017-06-05] (WinMount International Inc)
S1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [28376 2018-08-20] (GAS Tecnologia)
R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [47064 2018-02-23] (GAS Tecnologia)
S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [44624 2017-11-29] (GAS Tecnologia)
R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [43560 2018-01-09] (GAS Tecnologia)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-11-13 08:47 - 2018-11-13 08:47 - 000014132 _____ C:\Users\CAE Estagiario 2\Desktop\FRST.txt
2018-11-13 08:46 - 2018-11-13 08:47 - 000000000 ____D C:\FRST
2018-11-13 08:45 - 2018-11-13 08:45 - 002415616 _____ (Farbar) C:\Users\CAE Estagiario 2\Desktop\FRST64.exe
2018-11-09 08:52 - 2018-11-09 08:52 - 000000000 ____D C:\Windows\SysWOW64\x64
2018-11-09 08:52 - 2009-09-23 19:30 - 001002008 _____ (Intel Corporation) C:\Windows\SysWOW64\igxpun.exe
2018-11-09 08:47 - 2018-11-09 08:50 - 000000000 ____D C:\Windows\system32\MRT
2018-11-09 08:47 - 2018-11-09 08:47 - 136745976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-11-09 08:43 - 2018-10-15 19:48 - 000559880 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-11-09 08:29 - 2018-11-09 08:35 - 014572000 _____ (Microsoft Corporation) C:\Users\CAE Estagiario 2\Desktop\vc_redist.x64.exe
2018-11-09 08:29 - 2018-11-09 08:30 - 001034556 _____ C:\Users\CAE Estagiario 2\Desktop\Windows6.1-KB2999226-x64.msu
2018-11-09 08:24 - 2016-06-25 14:03 - 000304128 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2018-11-09 08:18 - 2018-09-26 16:24 - 004928565 _____ C:\Users\CAE Estagiario 2\Desktop\Lagoa dos Patos.dwg
2018-11-06 16:40 - 2018-10-01 12:26 - 000393456 _____ C:\Users\CAE Estagiario 2\Desktop\32 37 38 41 43 44 45 46 47.dwg
2018-11-01 15:18 - 2018-11-01 19:04 - 000033280 _____ C:\Users\CAE Estagiario 2\Desktop\NEGOÇADO.xlt
2018-11-01 12:11 - 2018-11-01 12:59 - 039238075 _____ C:\Users\CAE Estagiario 2\Desktop\FRANCISCO SA - GERAL.xlsx
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-11-13 08:38 - 2009-07-14 02:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-13 08:38 - 2009-07-14 02:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-13 08:29 - 2018-03-26 16:29 - 000000913 _____ C:\Windows\Tasks\EPSON L365 Series Update {3D22E60E-A62D-4CD5-94FE-B31DB6628F7A}.job
2018-11-09 12:01 - 2017-03-21 11:45 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache
2018-11-09 12:01 - 2017-03-21 11:45 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-09 10:53 - 2017-09-12 09:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-09 10:52 - 2009-07-14 03:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-09 10:39 - 2017-06-05 12:36 - 000784660 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-11-09 10:39 - 2009-07-14 15:55 - 000029408 _____ C:\Windows\system32\prfh0416.dat
2018-11-09 10:39 - 2009-07-14 15:55 - 000016298 _____ C:\Windows\system32\prfc0416.dat
2018-11-09 10:39 - 2009-07-14 01:20 - 000000000 ____D C:\Windows\inf
2018-11-09 10:38 - 2009-07-14 03:13 - 000784660 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-29 15:30 - 2017-03-21 11:33 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-23 13:29 - 2017-07-14 16:04 - 000000000 ____D C:\Users\CAE Estagiario 2\AppData\Local\ElevatedDiagnostics
2018-10-23 12:25 - 2017-03-21 11:31 - 000159968 _____ C:\Users\CAE Estagiario 2\AppData\Local\GDIPFONTCACHEV1.DAT
==================== Arquivos na raiz de alguns diretórios =======
2017-06-27 16:50 - 2017-06-27 18:05 - 000000132 _____ () C:\Users\CAE Estagiario 2\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2017-06-28 18:19 - 2017-06-28 18:37 - 000000132 _____ () C:\Users\CAE Estagiario 2\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
Alguns arquivos em TEMP:
====================
2017-03-21 11:36 - 2017-01-18 13:50 - 000066472 _____ (Autodesk, Inc.) C:\Users\CAE Estagiario 2\AppData\Local\Temp\AcDeltree.exe
2017-03-21 11:44 - 2017-06-20 16:55 - 000000000 ____D () C:\Users\CAE Estagiario 2\AppData\Local\Temp\avgnt.exe
2013-10-03 15:05 - 2013-10-03 15:05 - 000303104 _____ (Borland International) C:\Users\CAE Estagiario 2\AppData\Local\Temp\cw3230.dll
2017-10-23 09:09 - 2017-10-23 09:09 - 001856576 _____ (Oracle Corporation) C:\Users\CAE Estagiario 2\AppData\Local\Temp\jre-8u151-windows-au.exe
2013-10-02 15:36 - 2013-10-02 15:36 - 001062400 _____ () C:\Users\CAE Estagiario 2\AppData\Local\Temp\testarhasp4Hydros.exe
2017-08-17 17:27 - 2017-08-17 17:49 - 000000000 _____ () C:\Users\CAE Estagiario 2\AppData\Local\Temp\{39DEDB31-119C-4CB9-B841-9BEDBFB2355A}-60.0.3112.101_60.0.3112.90_chrome_updater.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2018-11-06 16:11
==================== Fim de FRST.txt ============================
Executado por CAE Estagiario 2 (administrador) em TERMINAL_54 (13-11-2018 08:47:15)
Executando a partir de C:\Users\CAE Estagiario 2\Desktop
Perfis Carregados: CAE Estagiario 2 (Perfis Disponíveis: CAE Estagiario 2)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINYE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATILUE.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\AutoCAD 2018\acad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINYE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\...\Run: [EPLTarget\P0000000000000004] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATILUE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10148352 2017-12-28] (FreeDownloadManager.org)
Startup: C:\Users\CAE Estagiario 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk [2018-07-27]
ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\CAE Estagiario 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de tela e Iniciador do OneNote 2007.lnk [2018-09-05]
ShortcutTarget: Recorte de tela e Iniciador do OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F4A468AB-19B1-4B18-A678-DA5517D6FDA3}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Sem Nome -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Nenhum Arquivo
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-08-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-23] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-07-31] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-23] (Oracle Corporation)
BHO-x32: Sem Nome -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Nenhum Arquivo
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-30] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-21] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: nyq0cejw.default
FF ProfilePath: C:\Users\CAE Estagiario 2\AppData\Roaming\Mozilla\Firefox\Profiles\nyq0cejw.default [2018-11-09]
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-04-16] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2018-11-09]
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default [2018-11-13]
CHR Extension: (Apresentações) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Documentos) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Google Drive) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-21]
CHR Extension: (YouTube) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-21]
CHR Extension: (Adblock Plus) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-11-09]
CHR Extension: (Planilhas) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Documentos Google off-line) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-28]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-16]
CHR Extension: (Gmail) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-21]
CHR Extension: (Chrome Media Router) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-09]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853984 2018-08-09] (Microsoft Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4665168 2015-09-24] (SafeNet Inc.)
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2896896 2017-09-29] (Microsoft Corporation) [Arquivo não assinado]
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [739520 2015-09-27] (@ByELDI) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1068376 2017-10-20] (GAS Tecnologia LTDA)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [77912 2015-09-24] (SafeNet Inc.)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [81368 2015-09-24] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [322560 2015-09-24] (SafeNet Inc.)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [350552 2015-09-24] (SafeNet Inc.)
R1 WMDrive; C:\Windows\SysWOW64\drivers\WMDrive.sys [92536 2017-06-05] (WinMount International Inc)
S1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [28376 2018-08-20] (GAS Tecnologia)
R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [47064 2018-02-23] (GAS Tecnologia)
S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [44624 2017-11-29] (GAS Tecnologia)
R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [43560 2018-01-09] (GAS Tecnologia)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-11-13 08:47 - 2018-11-13 08:47 - 000014132 _____ C:\Users\CAE Estagiario 2\Desktop\FRST.txt
2018-11-13 08:46 - 2018-11-13 08:47 - 000000000 ____D C:\FRST
2018-11-13 08:45 - 2018-11-13 08:45 - 002415616 _____ (Farbar) C:\Users\CAE Estagiario 2\Desktop\FRST64.exe
2018-11-09 08:52 - 2018-11-09 08:52 - 000000000 ____D C:\Windows\SysWOW64\x64
2018-11-09 08:52 - 2009-09-23 19:30 - 001002008 _____ (Intel Corporation) C:\Windows\SysWOW64\igxpun.exe
2018-11-09 08:47 - 2018-11-09 08:50 - 000000000 ____D C:\Windows\system32\MRT
2018-11-09 08:47 - 2018-11-09 08:47 - 136745976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-11-09 08:43 - 2018-10-15 19:48 - 000559880 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-11-09 08:29 - 2018-11-09 08:35 - 014572000 _____ (Microsoft Corporation) C:\Users\CAE Estagiario 2\Desktop\vc_redist.x64.exe
2018-11-09 08:29 - 2018-11-09 08:30 - 001034556 _____ C:\Users\CAE Estagiario 2\Desktop\Windows6.1-KB2999226-x64.msu
2018-11-09 08:24 - 2016-06-25 14:03 - 000304128 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2018-11-09 08:18 - 2018-09-26 16:24 - 004928565 _____ C:\Users\CAE Estagiario 2\Desktop\Lagoa dos Patos.dwg
2018-11-06 16:40 - 2018-10-01 12:26 - 000393456 _____ C:\Users\CAE Estagiario 2\Desktop\32 37 38 41 43 44 45 46 47.dwg
2018-11-01 15:18 - 2018-11-01 19:04 - 000033280 _____ C:\Users\CAE Estagiario 2\Desktop\NEGOÇADO.xlt
2018-11-01 12:11 - 2018-11-01 12:59 - 039238075 _____ C:\Users\CAE Estagiario 2\Desktop\FRANCISCO SA - GERAL.xlsx
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-11-13 08:38 - 2009-07-14 02:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-13 08:38 - 2009-07-14 02:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-13 08:29 - 2018-03-26 16:29 - 000000913 _____ C:\Windows\Tasks\EPSON L365 Series Update {3D22E60E-A62D-4CD5-94FE-B31DB6628F7A}.job
2018-11-09 12:01 - 2017-03-21 11:45 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache
2018-11-09 12:01 - 2017-03-21 11:45 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-09 10:53 - 2017-09-12 09:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-09 10:52 - 2009-07-14 03:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-09 10:39 - 2017-06-05 12:36 - 000784660 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-11-09 10:39 - 2009-07-14 15:55 - 000029408 _____ C:\Windows\system32\prfh0416.dat
2018-11-09 10:39 - 2009-07-14 15:55 - 000016298 _____ C:\Windows\system32\prfc0416.dat
2018-11-09 10:39 - 2009-07-14 01:20 - 000000000 ____D C:\Windows\inf
2018-11-09 10:38 - 2009-07-14 03:13 - 000784660 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-29 15:30 - 2017-03-21 11:33 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-23 13:29 - 2017-07-14 16:04 - 000000000 ____D C:\Users\CAE Estagiario 2\AppData\Local\ElevatedDiagnostics
2018-10-23 12:25 - 2017-03-21 11:31 - 000159968 _____ C:\Users\CAE Estagiario 2\AppData\Local\GDIPFONTCACHEV1.DAT
==================== Arquivos na raiz de alguns diretórios =======
2017-06-27 16:50 - 2017-06-27 18:05 - 000000132 _____ () C:\Users\CAE Estagiario 2\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2017-06-28 18:19 - 2017-06-28 18:37 - 000000132 _____ () C:\Users\CAE Estagiario 2\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
Alguns arquivos em TEMP:
====================
2017-03-21 11:36 - 2017-01-18 13:50 - 000066472 _____ (Autodesk, Inc.) C:\Users\CAE Estagiario 2\AppData\Local\Temp\AcDeltree.exe
2017-03-21 11:44 - 2017-06-20 16:55 - 000000000 ____D () C:\Users\CAE Estagiario 2\AppData\Local\Temp\avgnt.exe
2013-10-03 15:05 - 2013-10-03 15:05 - 000303104 _____ (Borland International) C:\Users\CAE Estagiario 2\AppData\Local\Temp\cw3230.dll
2017-10-23 09:09 - 2017-10-23 09:09 - 001856576 _____ (Oracle Corporation) C:\Users\CAE Estagiario 2\AppData\Local\Temp\jre-8u151-windows-au.exe
2013-10-02 15:36 - 2013-10-02 15:36 - 001062400 _____ () C:\Users\CAE Estagiario 2\AppData\Local\Temp\testarhasp4Hydros.exe
2017-08-17 17:27 - 2017-08-17 17:49 - 000000000 _____ () C:\Users\CAE Estagiario 2\AppData\Local\Temp\{39DEDB31-119C-4CB9-B841-9BEDBFB2355A}-60.0.3112.101_60.0.3112.90_chrome_updater.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2018-11-06 16:11
==================== Fim de FRST.txt ============================