cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:01-05-2016
Executado por jhenn (administrador) em JHENNIFER (02-05-2016 11:55:04)
Executando a partir de C:\Users\jhenn\Downloads
Perfis Carregados: jhenn & (Perfis Disponíveis: jhenn)
Platform: Windows 10 Home (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Spotify Ltd) C:\Users\jhenn\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\jhenn\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\jhenn\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\jhenn\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKU\S-1-5-21-59299062-2782585606-1792219284-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-04-20] (SUPERAntiSpyware)
HKU\S-1-5-21-59299062-2782585606-1792219284-1001\...\Run: [Spotify Web Helper] => C:\Users\jhenn\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-28] (Spotify Ltd)
HKU\S-1-5-21-59299062-2782585606-1792219284-1001\...\Run: [Spotify] => C:\Users\jhenn\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-04-28] (Spotify Ltd)
HKU\S-1-5-21-59299062-2782585606-1792219284-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-04-20] (SUPERAntiSpyware)
HKU\S-1-5-21-59299062-2782585606-1792219284-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\jhenn\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-28] (Spotify Ltd)
HKU\S-1-5-21-59299062-2782585606-1792219284-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\jhenn\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-04-28] (Spotify Ltd)
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.189.88.67 200.189.88.58
Tcpip\..\Interfaces\{6cd747ff-7df8-482a-9344-941c4c2722e7}: [DhcpNameServer] 200.189.88.67 200.189.88.58

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\jhenn\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\jhenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-28]
CHR Extension: (Google Docs) - C:\Users\jhenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-28]
CHR Extension: (Google Drive) - C:\Users\jhenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-28]
CHR Extension: (YouTube) - C:\Users\jhenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-28]
CHR Extension: (Planilhas do Google) - C:\Users\jhenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-28]
CHR Extension: (Documentos Google off-line) - C:\Users\jhenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-28]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\jhenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-28]
CHR Extension: (Gmail) - C:\Users\jhenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-28]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia)
S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-04-28] () [Arquivo não assinado]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 CySmb; C:\Windows\System32\drivers\cysmb.sys [10752 2016-04-27] (Cypress Semiconductor, Inc.)
S1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [0 2016-04-29] () <==== ATENÇÃO (zero byte Arquivo/Pasta)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-12-08] (GAS Tecnologia)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-02] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [194624 2016-02-10] (Intel Corporation)
R3 NETJME; C:\Windows\System32\drivers\NETJME.sys [137728 2015-07-10] (JMicron Technology Corp.)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3891416 2015-01-24] (Realtek Semiconductor Corporation )
R3 rtwlane_13; C:\Windows\System32\drivers\rtwlane_13.sys [3749888 2015-07-10] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-12-08] (GAS Tecnologia LTDA)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-02 11:55 - 2016-05-02 11:55 - 00012251 _____ C:\Users\jhenn\Downloads\FRST.txt
2016-05-02 11:54 - 2016-05-02 11:55 - 00000000 ____D C:\FRST
2016-05-02 11:52 - 2016-05-02 11:54 - 02377216 _____ (Farbar) C:\Users\jhenn\Downloads\FRST64.exe
2016-05-02 11:16 - 2016-05-02 11:16 - 00016148 _____ C:\WINDOWS\system32\JHENNIFER_jhenn_HistoryPrediction.bin
2016-05-02 10:59 - 2016-05-02 10:59 - 00192872 _____ C:\WINDOWS\ntbtlog.txt
2016-04-30 01:25 - 2016-04-30 01:25 - 00016148 _____ C:\WINDOWS\system32\LIMA_jhenn_HistoryPrediction.bin
2016-04-29 20:09 - 2016-04-29 20:09 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-29 19:35 - 2016-04-29 21:50 - 00005256 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for LIMA-jhenn Lima.Jhennifer
2016-04-29 19:33 - 2016-04-29 19:33 - 00000000 _____ C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2016-04-29 19:12 - 2016-04-29 19:29 - 00005286 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for JHENNIFER-jhenn Jhennifer.Jhennifer
2016-04-29 19:03 - 2016-04-29 19:03 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-KEHDSIE_jhenn_HistoryPrediction.bin
2016-04-29 16:55 - 2016-05-02 11:02 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-04-29 16:55 - 2016-04-29 16:56 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-04-29 16:55 - 2016-04-29 16:55 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
2016-04-29 16:52 - 2016-04-29 22:52 - 00004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{24B26E73-009F-4E46-B2DA-CD5BBB1C740A}
2016-04-29 16:11 - 2016-04-29 16:20 - 00049420 _____ C:\Users\jhenn\Desktop\Apresentação1.pptx
2016-04-29 16:06 - 2016-04-29 16:06 - 00148310 _____ C:\Users\jhenn\Desktop\COMPETENCIAS COMPORTAMENTAIS (1).pdf
2016-04-29 15:01 - 2016-04-29 15:01 - 00096605 _____ C:\Users\jhenn\Downloads\almoxarifado.pdf
2016-04-29 14:07 - 2016-04-29 14:07 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-04-29 14:02 - 2016-04-29 14:02 - 00149599 _____ C:\Users\jhenn\Desktop\COMPETENCIAS COMPORTAMENTAIS.pdf
2016-04-29 13:21 - 2016-04-29 13:33 - 00910269 _____ C:\Users\jhenn\Desktop\Coaching Empresarial.xmind
2016-04-29 12:27 - 2016-04-29 13:36 - 00000000 ____D C:\Users\jhenn\Desktop\COACHING
2016-04-29 12:18 - 2016-04-29 12:18 - 00001058 _____ C:\Users\jhenn\Desktop\XMind 7 (Update 1).lnk
2016-04-29 12:18 - 2016-04-29 12:18 - 00000000 ____D C:\Users\jhenn\.oracle_jre_usage
2016-04-29 12:16 - 2016-04-29 12:20 - 00000000 ____D C:\Program Files (x86)\XMind
2016-04-29 10:55 - 2016-04-29 11:24 - 148861426 _____ (XMind Ltd. ) C:\Users\jhenn\Downloads\xmind-7-update1-windows.exe
2016-04-29 02:07 - 2016-04-29 02:07 - 00007109 _____ C:\Users\jhenn\Desktop\relacionamento interpessoal.txt
2016-04-29 01:12 - 2016-04-29 01:12 - 00000000 ____D C:\Users\jhenn\OneDrive\Documentos\Modelos Personalizados do Office
2016-04-28 23:00 - 2016-05-02 11:12 - 00000000 ____D C:\Users\jhenn\AppData\Local\Spotify
2016-04-28 23:00 - 2016-04-28 23:00 - 00001850 _____ C:\Users\jhenn\Desktop\Spotify.lnk
2016-04-28 23:00 - 2016-04-28 23:00 - 00001836 _____ C:\Users\jhenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-04-28 23:00 - 2016-04-28 23:00 - 00000000 ____D C:\Users\jhenn\AppData\Local\CEF
2016-04-28 18:01 - 2016-04-28 18:06 - 00000000 ____D C:\Users\jhenn\OneDrive\Documentos\FACULDADE SALESIANA DOM BOSCO
2016-04-28 17:52 - 2016-04-28 17:53 - 00000000 ____D C:\Users\jhenn\OneDrive\Documentos\TRABALHOS SOLICITADOS
2016-04-28 17:50 - 2016-03-30 17:25 - 00000120 ____R C:\Users\jhenn\OneDrive\Documentos\Bloco de anotações de Jhennifer.url
2016-04-28 17:49 - 2016-04-29 09:42 - 00005302 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-KEHDSIE-jhenn DESKTOP-KEHDSIE
2016-04-28 13:49 - 2016-04-28 13:49 - 00001814 _____ C:\Users\jhenn\Desktop\Word 2013.lnk
2016-04-28 13:45 - 2016-04-28 13:46 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-04-28 13:40 - 2016-04-28 13:46 - 00000000 ____D C:\Program Files\KMSpico
2016-04-28 13:40 - 2016-04-28 13:40 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe
2016-04-28 13:40 - 2016-04-28 13:40 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll
2016-04-28 13:19 - 2016-04-28 13:20 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-04-28 13:19 - 2016-04-28 13:19 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-04-28 13:19 - 2016-04-28 13:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-28 13:18 - 2016-04-29 11:12 - 00000000 ____D C:\Users\jhenn\AppData\Local\Microsoft Help
2016-04-28 13:18 - 2016-04-29 10:37 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-04-28 13:18 - 2016-04-28 13:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-04-28 13:18 - 2016-04-28 13:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-04-28 13:17 - 2016-04-28 13:17 - 00000000 ____D C:\Program Files\Microsoft Office
2016-04-28 13:16 - 2016-04-28 13:16 - 00000000 __RHD C:\MSOCache
2016-04-28 13:12 - 2016-04-28 13:12 - 626878757 _____ C:\Users\jhenn\Downloads\Office 2013 + Ativador.rar
2016-04-28 12:30 - 2016-04-28 12:30 - 00026112 _____ C:\WINDOWS\KMS-R@1n.exe
2016-04-28 12:30 - 2016-04-28 12:30 - 00005120 _____ C:\WINDOWS\KMS-R@1nHook.exe
2016-04-28 12:30 - 2016-04-28 12:30 - 00004096 _____ C:\WINDOWS\KMS-R@1nHook.dll
2016-04-28 12:30 - 2016-04-28 12:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\R@1n-KMS
2016-04-28 12:30 - 2016-04-28 12:30 - 00000000 ____D C:\Users\jhenn\AppData\Local\mpress
2016-04-28 12:17 - 2016-04-29 19:05 - 00000000 ____D C:\SUPERDelete
2016-04-28 12:07 - 2016-04-28 12:07 - 00000000 ____D C:\Users\jhenn\AppData\Roaming\WinRAR
2016-04-28 11:57 - 2016-05-02 11:57 - 00000542 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 1fb9ae4e-727b-4788-8319-feee2e2e135a.job
2016-04-28 11:57 - 2016-04-29 02:00 - 00000542 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 27ddafec-ed49-4367-adba-5cd88a5482e4.job
2016-04-28 11:57 - 2016-04-28 11:57 - 00003782 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 27ddafec-ed49-4367-adba-5cd88a5482e4
2016-04-28 11:57 - 2016-04-28 11:57 - 00003700 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 1fb9ae4e-727b-4788-8319-feee2e2e135a
2016-04-28 11:57 - 2016-04-28 11:57 - 00000000 ____D C:\Users\jhenn\AppData\Roaming\SUPERAntiSpyware.com
2016-04-28 11:56 - 2016-04-28 11:56 - 00000000 ____D C:\Users\Todos os Usuários\SUPERAntiSpyware.com
2016-04-28 11:30 - 2016-04-28 11:55 - 25650024 _____ (SUPERAntiSpyware) C:\Users\jhenn\Downloads\SUPERAntiSpyware.exe
2016-04-28 11:00 - 2016-05-02 11:42 - 00000000 ____D C:\Users\jhenn\AppData\Roaming\Spotify
2016-04-28 10:54 - 2016-04-28 11:00 - 00350936 _____ (Spotify Ltd) C:\Users\jhenn\Downloads\SpotifySetup.exe
2016-04-28 05:18 - 2016-04-29 19:05 - 00000000 ____D C:\WINDOWS\JMCR_DIR
2016-04-28 05:18 - 2016-04-28 05:18 - 00000131 _____ C:\WINDOWS\xUninstall.bat
2016-04-28 05:18 - 2016-04-28 05:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-28 05:18 - 2008-05-14 04:54 - 00109568 _____ (JMicron Technology Corporation) C:\WINDOWS\system32\JmCrIcon.dll
2016-04-28 05:13 - 2016-04-28 05:13 - 00000000 ____D C:\Users\Todos os Usuários\USOShared
2016-04-28 05:12 - 2016-05-02 11:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de Aplicativos
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Usuário Padrão
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de Aplicativos
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Todos os Usuários
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Default\Modelos
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Default\Meus Documentos
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Default\Dados de Aplicativos
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Default\Configurações Locais
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Default\Ambiente de Rede
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Users\Default\Ambiente de Impressão
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Documents and Settings
2016-04-28 05:12 - 2016-04-28 05:12 - 00000000 _SHDL C:\Arquivos de Programas
2016-04-28 05:07 - 2016-04-28 05:07 - 00000000 ____D C:\Intel
2016-04-28 05:04 - 2016-04-29 19:06 - 00348792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-28 05:04 - 2016-04-28 05:04 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-04-28 04:43 - 2016-05-02 11:43 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-28 04:42 - 2016-04-28 10:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-28 04:42 - 2016-04-28 04:42 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2016-04-28 04:42 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-04-28 04:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-28 04:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-04-28 04:38 - 2016-04-28 05:18 - 00000000 ____D C:\swsetup
2016-04-28 04:38 - 2016-04-28 04:38 - 00000000 ____D C:\WINDOWS\SysWOW64\SDA
2016-04-28 04:25 - 2016-03-12 17:43 - 43123559 _____ C:\Users\jhenn\OneDrive\Documentos\SpyHunter PRO 4.17.6.4336.rar
2016-04-28 04:10 - 2016-04-28 04:41 - 22908888 _____ (Malwarebytes ) C:\Users\jhenn\Downloads\mbam-setup-2.2.0.1024 (1).exe
2016-04-28 04:09 - 2016-04-28 04:09 - 00000000 ____D C:\Users\jhenn\AppData\Local\NetworkTiles
2016-04-28 03:49 - 2016-04-28 03:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-04-28 03:38 - 2015-01-24 12:57 - 03891416 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys
2016-04-28 03:21 - 2016-04-28 03:22 - 00000000 ____D C:\Users\jhenn\AppData\Roaming\gplyra
2016-04-28 03:16 - 2016-05-02 11:21 - 00001098 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-28 03:16 - 2016-05-02 11:10 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-28 03:16 - 2016-04-28 04:24 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-28 03:16 - 2016-04-28 03:16 - 00004156 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-28 03:16 - 2016-04-28 03:16 - 00003924 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-28 03:16 - 2016-04-22 03:57 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-28 03:15 - 2016-04-28 14:30 - 00000000 ____D C:\Users\jhenn\AppData\Local\Google
2016-04-28 03:11 - 2016-04-28 03:15 - 00987728 _____ (Google Inc.) C:\Users\jhenn\Downloads\ChromeSetup.exe
2016-04-28 02:52 - 2016-04-28 02:52 - 00000000 ____D C:\Users\jhenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-28 02:52 - 2016-04-28 02:52 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-04-28 02:47 - 2016-04-28 02:41 - 00001006 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-04-28 02:42 - 2016-04-28 02:42 - 00000000 ____D C:\Users\jhenn\AppData\Roaming\Macromedia
2016-04-28 02:40 - 2016-04-28 02:42 - 00000000 ____D C:\Users\jhenn\AppData\Roaming\DriverPack Notifier
2016-04-28 02:33 - 2016-04-28 02:38 - 00000000 ____D C:\Users\jhenn\AppData\Roaming\DRPSu
2016-04-28 02:25 - 2016-04-28 04:46 - 00000000 ____D C:\Users\jhenn\AppData\Local\MicrosoftEdge
2016-04-28 02:22 - 2016-04-29 02:08 - 00000000 ___RD C:\Users\jhenn\OneDrive
2016-04-28 02:22 - 2016-04-28 02:23 - 00002369 _____ C:\Users\jhenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-28 02:21 - 2016-04-28 02:21 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-04-28 02:20 - 2016-04-28 02:22 - 00000000 ____D C:\Users\jhenn\AppData\Local\Comms
2016-04-28 02:20 - 2016-04-28 02:20 - 00000000 ____D C:\Users\jhenn\AppData\Local\Publishers
2016-04-28 02:18 - 2016-04-29 20:05 - 01720508 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-28 02:18 - 2016-04-29 16:59 - 00000000 ____D C:\Users\jhenn\AppData\Local\VirtualStore
2016-04-28 02:18 - 2016-04-29 09:49 - 00000000 ____D C:\Users\jhenn\AppData\Local\Packages
2016-04-28 02:18 - 2016-04-28 02:18 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-KEHDSIE_defaultuser0_HistoryPrediction.bin
2016-04-28 02:18 - 2016-04-28 02:18 - 00000000 ____D C:\Users\jhenn\AppData\Roaming\Adobe
2016-04-28 02:18 - 2016-04-28 02:18 - 00000000 ____D C:\Users\jhenn\AppData\Local\TileDataLayer
2016-04-28 02:17 - 2016-04-29 19:08 - 00000000 ____D C:\Users\jhenn
2016-04-28 02:17 - 2016-04-28 02:17 - 00000020 ___SH C:\Users\jhenn\ntuser.ini
2016-04-28 02:17 - 2016-04-28 02:17 - 00000000 _SHDL C:\Users\jhenn\Modelos
2016-04-28 02:17 - 2016-04-28 02:17 - 00000000 _SHDL C:\Users\jhenn\Meus Documentos
2016-04-28 02:17 - 2016-04-28 02:17 - 00000000 _SHDL C:\Users\jhenn\Menu Iniciar
2016-04-28 02:17 - 2016-04-28 02:17 - 00000000 _SHDL C:\Users\jhenn\Dados de Aplicativos
2016-04-28 02:17 - 2016-04-28 02:17 - 00000000 _SHDL C:\Users\jhenn\Configurações Locais
2016-04-28 02:17 - 2016-04-28 02:17 - 00000000 _SHDL C:\Users\jhenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-04-28 02:17 - 2016-04-28 02:17 - 00000000 _SHDL C:\Users\jhenn\AppData\Local\Histórico
2016-04-28 02:17 - 2016-04-28 02:17 - 00000000 _SHDL C:\Users\jhenn\AppData\Local\Dados de Aplicativos
2016-04-28 02:17 - 2016-04-28 02:17 - 00000000 _SHDL C:\Users\jhenn\Ambiente de Rede
2016-04-28 02:17 - 2016-04-28 02:17 - 00000000 _SHDL C:\Users\jhenn\Ambiente de Impressão
2016-04-28 02:15 - 2015-07-10 06:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-04-27 23:22 - 2016-04-28 02:15 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-27 23:22 - 2016-04-27 23:22 - 00008192 __RSH C:\BOOTSECT.BAK
2016-04-27 23:22 - 2016-04-27 23:22 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-04-27 23:22 - 2016-04-27 23:22 - 00000000 ____D C:\Windows.old
2016-04-27 23:22 - 2015-07-10 07:00 - 00395268 __RSH C:\bootmgr
2016-04-27 23:22 - 2015-07-10 07:00 - 00000001 ___SH C:\BOOTNXT
2016-04-27 23:21 - 2016-04-27 23:21 - 00000000 ____D C:\WINDOWS\Setup
2016-04-27 23:21 - 2016-04-27 23:21 - 00000000 ____D C:\WINDOWS\OCR
2016-04-27 23:21 - 2016-04-27 23:21 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-04-27 23:20 - 2016-04-29 20:05 - 00745200 _____ C:\WINDOWS\system32\prfh0416.dat
2016-04-27 23:20 - 2016-04-29 20:05 - 00145230 _____ C:\WINDOWS\system32\prfc0416.dat
2016-04-27 23:20 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-04-27 23:20 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-04-27 23:20 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-04-27 23:20 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-04-27 23:20 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-04-27 23:20 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-04-27 23:20 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-04-27 23:20 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-04-27 23:20 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-04-27 23:20 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-04-27 23:20 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\system32\0409
2016-04-27 23:20 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-04-27 23:20 - 2016-04-27 23:19 - 00328354 _____ C:\WINDOWS\system32\prfi0416.dat
2016-04-27 23:20 - 2016-04-27 23:19 - 00040752 _____ C:\WINDOWS\system32\prfd0416.dat
2016-04-27 23:16 - 2015-07-10 07:01 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-27 23:16 - 2015-07-10 07:01 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-27 23:14 - 2016-05-02 11:42 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-27 23:14 - 2016-05-02 11:40 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-27 23:14 - 2016-04-29 19:05 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-04-27 23:14 - 2016-04-29 19:05 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-04-27 23:14 - 2016-04-29 09:32 - 00000000 ____D C:\WINDOWS\appcompat
2016-04-27 23:14 - 2016-04-28 13:21 - 00000000 ____D C:\WINDOWS\ShellNew
2016-04-27 23:14 - 2016-04-28 13:20 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-04-27 23:14 - 2016-04-28 13:18 - 00000167 _____ C:\WINDOWS\win.ini
2016-04-27 23:14 - 2016-04-28 13:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-27 23:14 - 2016-04-28 05:13 - 00000000 ____D C:\Users\Todos os Usuários\USOPrivate
2016-04-27 23:14 - 2016-04-28 05:12 - 00000000 ____D C:\Program Files\Windows NT
2016-04-27 23:14 - 2016-04-28 05:09 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-04-27 23:14 - 2016-04-28 02:36 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-04-27 23:14 - 2016-04-28 02:19 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-04-27 23:14 - 2016-04-28 02:19 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-04-27 23:14 - 2016-04-28 02:18 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-04-27 23:14 - 2016-04-28 02:17 - 00000000 ____D C:\WINDOWS\rescache
2016-04-27 23:14 - 2016-04-28 02:15 - 00000000 ____D C:\WINDOWS\system32\spool
2016-04-27 23:14 - 2016-04-28 02:15 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-04-27 23:14 - 2016-04-27 23:22 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\system32\setup
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\system32\Com
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\IME
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\Help
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\Program Files\Windows Journal
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\Program Files\Windows Defender
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-04-27 23:14 - 2016-04-27 23:20 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-04-27 23:14 - 2016-04-27 23:15 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-04-27 23:14 - 2016-04-27 23:15 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-04-27 23:14 - 2016-04-27 23:15 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-04-27 23:14 - 2016-04-27 23:15 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-04-27 23:14 - 2016-04-27 23:15 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 __RSD C:\WINDOWS\Media
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\Web
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\Vss
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\tracing
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\TAPI
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SystemResources
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SystemApps
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\ras
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\IME
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\ias
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\System
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SKB
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\security
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\schemas
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\SchCache
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\Resources
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\Registration
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\Provisioning
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\PLA
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\Performance
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\InputMethod
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\Globalization
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\Cursors
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\Branding
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\addins
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\Users\Todos os Usuários\Comms
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\Program Files\Common Files\Services
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-04-27 23:14 - 2016-04-27 23:14 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-04-27 23:14 - 2016-04-27 23:11 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-04-27 23:14 - 2016-04-27 23:11 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-04-27 23:14 - 2016-04-27 23:11 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-04-27 23:14 - 2016-04-27 23:11 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-04-27 23:14 - 2016-04-27 23:11 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-04-27 23:14 - 2016-04-27 23:11 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-04-27 23:14 - 2016-04-27 23:11 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2016-04-27 23:14 - 2016-04-27 23:11 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2016-04-27 23:14 - 2016-04-27 23:11 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-04-27 23:14 - 2016-04-27 23:11 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2016-04-27 23:14 - 2016-04-27 23:11 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2016-04-27 23:14 - 2016-04-27 23:11 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2016-04-27 23:14 - 2016-04-27 23:11 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-04-27 23:14 - 2016-04-27 23:11 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-04-27 23:14 - 2016-04-27 23:11 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-04-27 23:14 - 2016-04-27 23:11 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2016-04-27 23:14 - 2016-04-27 23:11 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2016-04-27 23:14 - 2016-04-27 23:11 - 00000219 _____ C:\WINDOWS\system.ini
2016-04-27 23:13 - 2016-04-29 20:05 - 00000000 ____D C:\WINDOWS\INF
2016-04-27 23:06 - 2016-04-29 19:27 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-27 23:02 - 2016-04-29 19:31 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2016-04-27 23:02 - 2016-04-28 05:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-27 23:02 - 2016-04-27 23:20 - 00000000 ____D C:\WINDOWS\servicing
2016-04-27 23:02 - 2016-04-27 23:14 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-04-27 23:02 - 2015-07-10 05:11 - 00000164 _____ C:\WINDOWS\system32\config\FP
2016-04-27 20:36 - 2016-04-27 20:36 - 01795952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2016-04-27 20:36 - 2016-04-27 20:36 - 00010752 _____ (Cypress Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\cysmb.sys
2016-04-27 19:33 - 2016-04-27 23:02 - 00000000 ___HD C:\$SysReset
2016-04-22 01:10 - 2016-02-10 04:41 - 00194624 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2016-04-22 01:09 - 2016-04-22 01:09 - 13059896 _____ (Intel Corporation) C:\WINDOWS\system32\igd10umd64.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 13037568 _____ (Intel Corporation) C:\WINDOWS\system32\ig4icd64.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 12814752 _____ (Intel Corporation) C:\WINDOWS\system32\igdumd64.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 11352688 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10umd32.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 11223896 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumd32.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 10820096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig4icd32.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 09016320 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 05916080 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUI.exe
2016-04-22 01:09 - 2016-04-22 01:09 - 05384176 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2016-04-22 01:09 - 2016-04-22 01:09 - 03520000 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 03129856 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 01981696 _____ C:\WINDOWS\system32\iglhxa64.cpa
2016-04-22 01:09 - 2016-04-22 01:09 - 01067696 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00963452 _____ C:\WINDOWS\SysWOW64\igcodeckrng600.bin
2016-04-22 01:09 - 2016-04-22 01:09 - 00963452 _____ C:\WINDOWS\system32\igcodeckrng600.bin
2016-04-22 01:09 - 2016-04-22 01:09 - 00957472 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00584192 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00551424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00544552 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00539312 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00523184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2016-04-22 01:09 - 2016-04-22 01:09 - 00453552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2016-04-22 01:09 - 2016-04-22 01:09 - 00451584 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00449024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00448512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00448512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00448000 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00448000 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00447488 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00447488 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00447488 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00447488 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00447488 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00447488 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00447488 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00446976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00446976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00446976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00446464 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00446464 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00446464 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00446464 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00446464 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00445952 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00445952 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00444416 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00444416 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00440832 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00439808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00437248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00418816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00411056 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2016-04-22 01:09 - 2016-04-22 01:09 - 00393216 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpph.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00339456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00294912 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc
2016-04-22 01:09 - 2016-04-22 01:09 - 00290224 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2016-04-22 01:09 - 2016-04-22 01:09 - 00272928 _____ C:\WINDOWS\SysWOW64\igvpkrng600.bin
2016-04-22 01:09 - 2016-04-22 01:09 - 00272928 _____ C:\WINDOWS\system32\igvpkrng600.bin
2016-04-22 01:09 - 2016-04-22 01:09 - 00266152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2016-04-22 01:09 - 2016-04-22 01:09 - 00231312 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00223664 _____ C:\WINDOWS\system32\Gfxres.th-TH.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00210106 _____ C:\WINDOWS\system32\Gfxres.el-GR.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00197040 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2016-04-22 01:09 - 2016-04-22 01:09 - 00194880 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00194245 _____ C:\WINDOWS\system32\Gfxres.ru-RU.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00183808 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00183216 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2016-04-22 01:09 - 2016-04-22 01:09 - 00166170 _____ C:\WINDOWS\system32\Gfxres.ar-SA.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00163421 _____ C:\WINDOWS\system32\Gfxres.ja-JP.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00159008 _____ C:\WINDOWS\system32\Gfxres.he-IL.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00151040 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00149682 _____ C:\WINDOWS\system32\Gfxres.it-IT.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00148042 _____ C:\WINDOWS\system32\Gfxres.ko-KR.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00147393 _____ C:\WINDOWS\system32\Gfxres.de-DE.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00147288 _____ C:\WINDOWS\system32\Gfxres.es-ES.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00146004 _____ C:\WINDOWS\system32\Gfxres.ro-RO.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00145491 _____ C:\WINDOWS\system32\Gfxres.fr-FR.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00144645 _____ C:\WINDOWS\system32\Gfxres.tr-TR.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00144260 _____ C:\WINDOWS\system32\Gfxres.pt-BR.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00144020 _____ C:\WINDOWS\system32\Gfxres.nl-NL.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00143932 _____ C:\WINDOWS\system32\Gfxres.hu-HU.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00142882 _____ C:\WINDOWS\system32\Gfxres.sv-SE.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00142877 _____ C:\WINDOWS\system32\Gfxres.pt-PT.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00142717 _____ C:\WINDOWS\system32\Gfxres.pl-PL.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00142289 _____ C:\WINDOWS\system32\Gfxres.cs-CZ.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00142008 _____ C:\WINDOWS\system32\Gfxres.fi-FI.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00141838 _____ C:\WINDOWS\system32\Gfxres.sk-SK.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00141049 _____ C:\WINDOWS\system32\Gfxres.hr-HR.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00137889 _____ C:\WINDOWS\system32\Gfxres.sl-SI.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00137784 _____ C:\WINDOWS\system32\Gfxres.nb-NO.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00137141 _____ C:\WINDOWS\system32\Gfxres.da-DK.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00135680 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl
2016-04-22 01:09 - 2016-04-22 01:09 - 00132623 _____ C:\WINDOWS\system32\Gfxres.en-US.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00126300 _____ C:\WINDOWS\system32\Gfxres.zh-TW.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00124928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4229.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00124650 _____ C:\WINDOWS\system32\Gfxres.zh-CN.resources
2016-04-22 01:09 - 2016-04-22 01:09 - 00119296 _____ (Intel Corporation) C:\WINDOWS\system32\hccutils.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00110080 _____ C:\WINDOWS\system32\igdde64.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00090112 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00072704 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00059425 _____ C:\WINDOWS\system32\iglhxo64.vp
2016-04-22 01:09 - 2016-04-22 01:09 - 00059398 _____ C:\WINDOWS\system32\iglhxg64.vp
2016-04-22 01:09 - 2016-04-22 01:09 - 00059230 _____ C:\WINDOWS\system32\iglhxc64.vp
2016-04-22 01:09 - 2016-04-22 01:09 - 00059104 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2016-04-22 01:09 - 2016-04-22 01:09 - 00058796 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2016-04-22 01:09 - 2016-04-22 01:09 - 00058109 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2016-04-22 01:09 - 2016-04-22 01:09 - 00041288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00033792 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00018432 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll
2016-04-22 01:09 - 2016-04-22 01:09 - 00017082 _____ C:\WINDOWS\system32\iglhxs64.vp
2016-04-22 01:09 - 2016-04-22 01:09 - 00001074 _____ C:\WINDOWS\system32\iglhxa64.vp
2016-04-22 01:09 - 2016-04-22 01:09 - 00000268 _____ C:\WINDOWS\system32\GfxUI.exe.config

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)


Alguns com tamanho de zero byte arquivos/pastas:
==========================
C:\Windows\System32\Drivers\gbpddfac64.sys

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-04-28 05:04

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité