Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:09-06-2016 Executado por Jack Linzmaier (administrador) em JACKLINZMAIER (09-06-2016 13:03:35) Executando a partir de C:\Users\Jack Linzmaier\Downloads Perfis Carregados: Jack Linzmaier (Perfis Disponíveis: Jack Linzmaier) Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil) Internet Explorer Versão 9 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (BitTorrent Inc.) C:\Users\Jack Linzmaier\AppData\Roaming\uTorrent\uTorrent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor Corp.) C:\Users\Jack Linzmaier\AppData\Local\Temp\RtkBtMnt.exe (BitTorrent Inc.) C:\Users\Jack Linzmaier\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe (BitTorrent Inc.) C:\Users\Jack Linzmaier\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Synaptics Incorporated) C:\Users\Jack Linzmaier\AppData\Local\Temp\Rar$EXa0.627\Setup.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Users\Jack Linzmaier\AppData\Local\Temp\Rar$EXa0.627\WinWDF\x64\dpinst.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\wusa.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7940128 2016-05-29] (Realtek Semiconductor) HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2016-05-29] (Realtek Semiconductor Corp.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [904928 2015-11-04] (GAS Tecnologia LTDA) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated) Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-11-04] (Banco do Brasil) HKU\S-1-5-21-1878706719-1318909787-3785933683-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-1878706719-1318909787-3785933683-1003\...\Run: [uTorrent] => C:\Users\Jack Linzmaier\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-31] (BitTorrent Inc.) HKU\S-1-5-21-1878706719-1318909787-3785933683-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation) ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1945472 2015-11-04] (Banco do Brasil) CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{B3FC98D6-0D26-494F-8BAA-A75EA8EB1C13}: [DhcpNameServer] 192.168.1.46 189.45.195.38 Tcpip\..\Interfaces\{D8080937-2E47-47A3-9795-05B052478F18}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adwrldint_16_22¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtAzz0ByBzyyEyB0CtD0B0C0DyEtN0D0Tzu0StCyCtCtBtN1L2XzutAtFtBtCtFtCtFtCtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyCzy0F0ByBtB0C0CtGtA0AyEtBtGyB0BtD0AtGyE0C0AyEtGyDyDyE0EyCtC0A0E0Azzzz0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtByC0FtBtAzztCtGyC0AtDzztGyEtAzzyDtG0ByEyDyDtGzytC0EtD0BtA0BtBtC0E0CyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDtAtA%26cr%3D20383769%26a%3Dwncy_adwrldint_16_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adwrldint_16_22¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtAzz0ByBzyyEyB0CtD0B0C0DyEtN0D0Tzu0StCyCtCtBtN1L2XzutAtFtBtCtFtCtFtCtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyCzy0F0ByBtB0C0CtGtA0AyEtBtGyB0BtD0AtGyE0C0AyEtGyDyDyE0EyCtC0A0E0Azzzz0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtByC0FtBtAzztCtGyC0AtDzztGyEtAzzyDtG0ByEyDyDtGzytC0EtD0BtA0BtBtC0E0CyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDtAtA%26cr%3D20383769%26a%3Dwncy_adwrldint_16_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate HKU\S-1-5-21-1878706719-1318909787-3785933683-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adwrldint_16_22¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtAzz0ByBzyyEyB0CtD0B0C0DyEtN0D0Tzu0StCyCtCtBtN1L2XzutAtFtBtCtFtCtFtCtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyCzy0F0ByBtB0C0CtGtA0AyEtBtGyB0BtD0AtGyE0C0AyEtGyDyDyE0EyCtC0A0E0Azzzz0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtByC0FtBtAzztCtGyC0AtDzztGyEtAzzyDtG0ByEyDyDtGzytC0EtD0BtA0BtBtC0E0CyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDtAtA%26cr%3D20383769%26a%3Dwncy_adwrldint_16_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adwrldint_16_22¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtAzz0ByBzyyEyB0CtD0B0C0DyEtN0D0Tzu0StCyCtCtBtN1L2XzutAtFtBtCtFtCtFtCtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyCzy0F0ByBtB0C0CtGtA0AyEtBtGyB0BtD0AtGyE0C0AyEtGyDyDyE0EyCtC0A0E0Azzzz0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtByC0FtBtAzztCtGyC0AtDzztGyEtAzzyDtG0ByEyDyDtGzytC0EtD0BtA0BtBtC0E0CyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDtAtA%26cr%3D20383769%26a%3Dwncy_adwrldint_16_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adwrldint_16_22¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtAzz0ByBzyyEyB0CtD0B0C0DyEtN0D0Tzu0StCyCtCtBtN1L2XzutAtFtBtCtFtCtFtCtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyCzy0F0ByBtB0C0CtGtA0AyEtBtGyB0BtD0AtGyE0C0AyEtGyDyDyE0EyCtC0A0E0Azzzz0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtByC0FtBtAzztCtGyC0AtDzztGyEtAzzyDtG0ByEyDyDtGzytC0EtD0BtA0BtBtC0E0CyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDtAtA%26cr%3D20383769%26a%3Dwncy_adwrldint_16_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adwrldint_16_22¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtAzz0ByBzyyEyB0CtD0B0C0DyEtN0D0Tzu0StCyCtCtBtN1L2XzutAtFtBtCtFtCtFtCtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyCzy0F0ByBtB0C0CtGtA0AyEtBtGyB0BtD0AtGyE0C0AyEtGyDyDyE0EyCtC0A0E0Azzzz0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtByC0FtBtAzztCtGyC0AtDzztGyEtAzzyDtG0ByEyDyDtGzytC0EtD0BtA0BtBtC0E0CyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDtAtA%26cr%3D20383769%26a%3Dwncy_adwrldint_16_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adwrldint_16_22¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtAzz0ByBzyyEyB0CtD0B0C0DyEtN0D0Tzu0StCyCtCtBtN1L2XzutAtFtBtCtFtCtFtCtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyCzy0F0ByBtB0C0CtGtA0AyEtBtGyB0BtD0AtGyE0C0AyEtGyDyDyE0EyCtC0A0E0Azzzz0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtByC0FtBtAzztCtGyC0AtDzztGyEtAzzyDtG0ByEyDyDtGzytC0EtD0BtA0BtBtC0E0CyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDtAtA%26cr%3D20383769%26a%3Dwncy_adwrldint_16_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKU\S-1-5-21-1878706719-1318909787-3785933683-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adwrldint_16_22¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtAzz0ByBzyyEyB0CtD0B0C0DyEtN0D0Tzu0StCyCtCtBtN1L2XzutAtFtBtCtFtCtFtCtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyCzy0F0ByBtB0C0CtGtA0AyEtBtGyB0BtD0AtGyE0C0AyEtGyDyDyE0EyCtC0A0E0Azzzz0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtByC0FtBtAzztCtGyC0AtDzztGyEtAzzyDtG0ByEyDyDtGzytC0EtD0BtA0BtBtC0E0CyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDtAtA%26cr%3D20383769%26a%3Dwncy_adwrldint_16_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKU\S-1-5-21-1878706719-1318909787-3785933683-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adwrldint_16_22¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtAzz0ByBzyyEyB0CtD0B0C0DyEtN0D0Tzu0StCyCtCtBtN1L2XzutAtFtBtCtFtCtFtCtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyCzy0F0ByBtB0C0CtGtA0AyEtBtGyB0BtD0AtGyE0C0AyEtGyDyDyE0EyCtC0A0E0Azzzz0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtByC0FtBtAzztCtGyC0AtDzztGyEtAzzyDtG0ByEyDyDtGzytC0EtD0BtA0BtBtC0E0CyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDtAtA%26cr%3D20383769%26a%3Dwncy_adwrldint_16_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-30] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-05-15] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-15] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-05-30] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-31] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-05-15] (Microsoft Corporation) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-11-04] (Banco do Brasil) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-05-15] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-31] (Oracle Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-31] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-31] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-30] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-15] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-29] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.istartsurf.com/?type=hp&ts=1433210825&z=e72d385317e78216954ad81gezccac7oag2e9bbofc&from=smt&uid=HitachiXHTS543232L9A300_090204FB2400LEDBBVLAX","hxxp://www.istartsurf.com/?type=hppp&ts=1433210878&z=08a8647e65429212efbafd2gez6cac6o5g7ebb1mdq&from=smt&uid=HitachiXHTS543232L9A300_090204FB2400LEDBBVLAX" CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms} CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms} CHR Profile: C:\Users\Jack Linzmaier\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\Jack Linzmaier\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-29] CHR Extension: (YouTube) - C:\Users\Jack Linzmaier\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-29] CHR Extension: (Documentos Google off-line) - C:\Users\Jack Linzmaier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-29] CHR Extension: (Billabong Surf Theme) - C:\Users\Jack Linzmaier\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjghdbnnficankmjeocglncagiippoc [2016-05-29] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Jack Linzmaier\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-29] CHR Extension: (Economia de dados) - C:\Users\Jack Linzmaier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmgfdlgomnbgkofeojodiodmgpgmkac [2016-05-29] CHR Extension: (Gmail) - C:\Users\Jack Linzmaier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-29] CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1878706719-1318909787-3785933683-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911472 2016-05-15] (Microsoft Corporation) R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-11-04] (GAS Tecnologia) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2016-01-29] (NVIDIA Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2016-01-29] (NVIDIA Corporation) R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI) [Arquivo não assinado] R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [904928 2015-11-04] (GAS Tecnologia LTDA) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2016-05-29] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2007-12-20] (GAS Tecnologia) R0 gbpddreg; C:\Windows\System32\drivers\gbpddreg64.sys [29816 2016-06-09] (GAS Tecnologia) R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-22] (GAS Tecnologia) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2016-01-29] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2016-01-29] (NVIDIA Corporation) U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation) S3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-22] (GAS Tecnologia LTDA) R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-07-07] (Basil) S1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-06-08] (GAS Tecnologia) S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três Meses Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-06-09 13:03 - 2016-06-09 13:04 - 00020966 _____ C:\Users\Jack Linzmaier\Downloads\FRST.txt 2016-06-09 12:55 - 2016-06-09 13:03 - 00000000 ____D C:\FRST 2016-06-09 12:54 - 2016-06-09 12:54 - 02385408 _____ (Farbar) C:\Users\Jack Linzmaier\Downloads\FRST64.exe 2016-06-09 12:54 - 2016-06-09 12:54 - 00000000 ____D C:\1bc73d7e002451dc13197e17 2016-06-09 12:48 - 2013-10-17 23:46 - 00726768 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll 2016-06-09 12:48 - 2013-10-17 23:46 - 00550640 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys 2016-06-09 12:48 - 2013-10-17 23:46 - 00403696 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll 2016-06-09 12:48 - 2013-10-17 23:46 - 00252144 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll 2016-06-09 12:48 - 2013-10-17 23:46 - 00172272 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCom.dll 2016-06-09 12:45 - 2016-06-09 12:45 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\LocalLow\uTorrent 2016-06-09 12:06 - 2016-06-09 12:06 - 00000000 ____D C:\Windows\system32\appmgmt 2016-06-09 12:03 - 2016-06-09 12:27 - 132629203 _____ C:\Users\Jack Linzmaier\Downloads\Synaptics_v16_2_12_13_C_XP32_Vista32_Win7-32_XP64_Vista64_Win7-64_Signed_compal.zip 2016-06-09 11:29 - 2016-06-09 11:29 - 00291504 _____ C:\Windows\Minidump\060916-23540-01.dmp 2016-06-08 15:55 - 2016-06-08 15:55 - 00179058 _____ C:\Windows\ntbtlog.txt 2016-06-08 15:37 - 2016-06-08 15:37 - 00432280 _____ C:\Windows\Minidump\060816-25162-01.dmp 2016-06-08 15:35 - 2016-06-08 15:35 - 00000000 _____ C:\Windows\Minidump\060816-25240-01.dmp 2016-06-08 15:16 - 2016-06-08 15:16 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Roaming\Synaptics 2016-06-08 15:12 - 2016-06-08 15:12 - 00000000 ____D C:\Users\Todos os Usuários\Synaptics 2016-06-08 15:12 - 2016-06-08 15:12 - 00000000 ____D C:\ProgramData\Synaptics 2016-06-08 15:12 - 2016-06-08 15:12 - 00000000 ____D C:\Program Files (x86)\Synaptics 2016-06-08 15:12 - 2011-03-31 19:29 - 00066856 _____ C:\Windows\SysWOW64\SynTPEnhPS.dll 2016-06-08 12:51 - 2016-06-08 12:51 - 00508192 _____ C:\Windows\Minidump\060816-114317-01.dmp 2016-06-08 12:48 - 2016-06-08 12:48 - 00508360 _____ C:\Windows\Minidump\060816-24055-01.dmp 2016-06-08 12:46 - 2016-06-08 12:46 - 00504352 _____ C:\Windows\Minidump\060816-23680-01.dmp 2016-06-08 12:29 - 2016-06-08 12:33 - 56456488 _____ (Synaptics Incorporated) C:\Users\Jack Linzmaier\Downloads\Synaptics_v15_2_20_C_XP64_Vista64_Win7-64_Signed_Marketing_SGS94_UI-Scrybe.exe 2016-06-08 12:22 - 2016-06-08 12:22 - 00000000 ____D C:\0073374a5b2ca40fb8 2016-06-08 11:50 - 2016-06-09 12:54 - 00000000 ___HT C:\Windows\wusa.lock 2016-06-08 11:50 - 2016-06-08 11:51 - 00000000 ____D C:\5cfb01efe15b06fbdb0db5b0c1 2016-06-08 11:49 - 2016-06-08 11:49 - 00000000 ____D C:\Program Files\Synaptics 2016-06-08 11:48 - 2013-10-17 23:46 - 00422640 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo19.dll 2016-06-08 11:24 - 2016-06-08 11:36 - 123787854 _____ C:\Users\Jack Linzmaier\Downloads\Synaptics_v17_0_19_C_XP32_Vista32_Win7-32_XP64_Vista64_Win7-64_Acme_Inc.zip 2016-06-07 21:38 - 2016-06-07 21:38 - 00496744 _____ C:\Windows\Minidump\060716-25412-01.dmp 2016-06-07 16:29 - 2016-06-07 16:29 - 00480216 _____ C:\Windows\Minidump\060716-25443-01.dmp 2016-06-07 16:24 - 2016-06-09 11:29 - 366731113 _____ C:\Windows\MEMORY.DMP 2016-06-07 16:24 - 2016-06-09 11:29 - 00000000 ____D C:\Windows\Minidump 2016-06-07 16:24 - 2016-06-07 16:24 - 00855360 _____ C:\Windows\Minidump\060716-28579-01.dmp 2016-06-06 11:56 - 2016-06-08 12:42 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys 2016-06-06 11:56 - 2016-06-06 11:57 - 00001024 _____ C:\.rnd 2016-06-06 11:56 - 2016-06-06 11:56 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia 2016-06-06 11:56 - 2016-06-06 11:56 - 00000000 ___HD C:\Program Files (x86)\Diebold 2016-06-06 11:56 - 2016-06-06 11:56 - 00000000 ____D C:\Program Files\Diebold 2016-06-06 11:56 - 2015-03-18 11:23 - 00103640 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys 2016-06-06 11:54 - 2016-06-09 12:46 - 00029816 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddreg64.sys 2016-06-06 11:54 - 2016-06-08 12:48 - 00000000 ____D C:\Program Files (x86)\GbPlugin 2016-06-06 11:54 - 2016-06-07 16:24 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin 2016-06-06 11:54 - 2016-06-07 16:24 - 00000000 ____D C:\ProgramData\GbPlugin 2016-06-06 11:54 - 2016-06-06 11:54 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia 2016-06-06 11:54 - 2016-06-06 11:54 - 00000000 ____D C:\ProgramData\GAS Tecnologia 2016-06-06 11:54 - 2007-12-20 02:02 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys 2016-06-06 11:53 - 2016-06-06 11:53 - 02629680 _____ (Banco do Brasil SA) C:\Users\Jack Linzmaier\Downloads\DiagnosticoBB.exe 2016-06-01 17:33 - 2016-06-01 17:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2016-06-01 17:33 - 2016-06-01 17:33 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk 2016-06-01 17:32 - 2016-06-01 17:32 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-06-01 17:31 - 2016-06-01 17:33 - 00000000 ____D C:\Users\Todos os Usuários\Adobe 2016-06-01 17:31 - 2016-06-01 17:33 - 00000000 ____D C:\ProgramData\Adobe 2016-05-31 21:01 - 2016-05-31 21:01 - 00000024 _____ C:\Users\Jack Linzmaier\Desktop\Senha Univille.txt 2016-05-31 16:41 - 2016-05-31 16:41 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Roaming\Sun 2016-05-31 16:41 - 2016-05-31 16:41 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\LocalLow\Sun 2016-05-31 16:41 - 2016-05-31 16:41 - 00000000 ____D C:\Users\Jack Linzmaier\.oracle_jre_usage 2016-05-31 16:40 - 2016-05-31 16:40 - 00097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-05-31 16:40 - 2016-05-31 16:40 - 00000000 ____D C:\Users\Todos os Usuários\Oracle 2016-05-31 16:40 - 2016-05-31 16:40 - 00000000 ____D C:\ProgramData\Oracle 2016-05-31 16:40 - 2016-05-31 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-05-31 16:40 - 2016-05-31 16:40 - 00000000 ____D C:\Program Files (x86)\Java 2016-05-31 16:36 - 2016-05-31 16:36 - 00737856 _____ (Oracle Corporation) C:\Users\Jack Linzmaier\Downloads\chromeinstall-8u91.exe 2016-05-31 16:36 - 2016-05-31 16:36 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\LocalLow\Oracle 2016-05-31 16:35 - 2016-05-31 16:35 - 00002131 _____ C:\Users\Jack Linzmaier\Desktop\Minecraft.lnk 2016-05-31 16:35 - 2016-05-31 16:35 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft 2016-05-31 16:12 - 2016-05-31 16:22 - 00000000 ____D C:\Users\Jack Linzmaier\Downloads\Minecraft 1.8.4 by TeamExtremeMc.com 2016-05-31 16:10 - 2016-05-31 16:10 - 00000822 _____ C:\Users\Jack Linzmaier\Desktop\µTorrent.lnk 2016-05-31 16:10 - 2016-05-31 16:10 - 00000802 _____ C:\Users\Jack Linzmaier\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2016-05-31 16:10 - 2016-05-31 16:10 - 00000000 ____D C:\Users\Jack Linzmaier\Downloads\Minecraft 1.8.1 2016-05-31 16:09 - 2016-06-09 13:00 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Roaming\uTorrent 2016-05-31 15:48 - 2016-05-31 16:44 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Roaming\.minecraft 2016-05-31 15:48 - 2016-05-31 15:48 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Roaming\java 2016-05-31 15:47 - 2016-05-31 15:47 - 00000000 ____D C:\Users\Jack Linzmaier\Downloads\runtime 2016-05-31 15:42 - 2016-05-31 15:48 - 00000000 ____D C:\Users\Jack Linzmaier\Downloads\game 2016-05-31 15:15 - 2016-05-31 15:15 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol 2016-05-31 15:15 - 2016-05-31 15:15 - 00000372 __RSH C:\ProgramData\ntuser.pol 2016-05-31 15:14 - 2016-05-31 15:14 - 00000000 ____D C:\Users\Public\Documents\Guid 2016-05-31 14:57 - 2016-05-31 15:36 - 00000000 ____D C:\Program Files (x86)\SpeedFan 2016-05-31 14:57 - 2016-05-31 14:57 - 00000045 _____ C:\Windows\SysWOW64\initdebug.nfo 2016-05-31 14:31 - 2016-05-31 14:31 - 07884764 _____ C:\Users\Jack Linzmaier\Downloads\AuroraBorealis.themepack 2016-05-31 13:58 - 2016-05-31 13:58 - 00000000 ____D C:\Users\Jack Linzmaier\Documents\Modelos Personalizados do Office 2016-05-31 13:53 - 2016-05-31 13:53 - 00000000 ____D C:\Windows\SolidWorks 2016-05-31 13:20 - 2016-05-31 13:20 - 00000000 ____D C:\Users\Todos os Usuários\FLEXnet 2016-05-31 13:20 - 2016-05-31 13:20 - 00000000 ____D C:\Users\Todos os Usuários\DassaultSystemes 2016-05-31 13:20 - 2016-05-31 13:20 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Roaming\NVIDIA 2016-05-31 13:20 - 2016-05-31 13:20 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Roaming\EDrawings 2016-05-31 13:20 - 2016-05-31 13:20 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Roaming\DassaultSystemes 2016-05-31 13:20 - 2016-05-31 13:20 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Local\DassaultSystemes 2016-05-31 13:20 - 2016-05-31 13:20 - 00000000 ____D C:\ProgramData\FLEXnet 2016-05-31 13:20 - 2016-05-31 13:20 - 00000000 ____D C:\ProgramData\DassaultSystemes 2016-05-31 13:11 - 2016-05-31 13:11 - 00000000 ____D C:\Program Files\Bonjour 2016-05-31 13:11 - 2016-05-31 13:11 - 00000000 ____D C:\Program Files (x86)\Bonjour 2016-05-31 13:04 - 2016-05-31 14:04 - 00000000 ____D C:\Users\Jack Linzmaier\Documents\SolidWorks Downloads 2016-05-31 13:04 - 2016-05-31 13:04 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Roaming\SolidWorks 2016-05-31 13:01 - 2016-05-31 13:01 - 00003410 _____ C:\Windows\System32\Tasks\{093B540F-685F-4222-BDDF-A974568476FD} 2016-05-31 12:48 - 2016-05-31 12:48 - 00003382 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart 2016-05-31 12:48 - 2016-05-31 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico 2016-05-31 12:48 - 2016-05-31 12:48 - 00000000 ____D C:\Program Files\KMSpico 2016-05-31 12:48 - 2010-12-05 23:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll 2016-05-31 12:40 - 2016-05-31 12:41 - 00000000 ____D C:\Users\Todos os Usuários\KMSAuto 2016-05-31 12:40 - 2016-05-31 12:41 - 00000000 ____D C:\ProgramData\KMSAuto 2016-05-31 12:40 - 2013-08-22 05:40 - 00040664 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys 2016-05-31 12:39 - 2016-05-31 12:43 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Local\MSfree Inc 2016-05-31 12:37 - 2016-05-31 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2016-05-31 12:37 - 2016-05-31 12:37 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2016-05-31 12:37 - 2011-03-02 08:43 - 00175616 _____ C:\Windows\SysWOW64\unrar.dll 2016-05-31 12:04 - 2016-05-31 12:04 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA 2016-05-31 12:04 - 2016-05-31 12:04 - 00000000 ____D C:\ProgramData\NVIDIA 2016-05-31 11:51 - 2016-05-31 11:51 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Local\NVIDIA 2016-05-31 11:49 - 2016-05-31 11:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-05-31 11:49 - 2016-01-29 09:08 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2016-05-31 11:49 - 2016-01-29 09:08 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2016-05-31 11:49 - 2016-01-29 09:08 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2016-05-31 11:49 - 2016-01-29 09:08 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2016-05-31 11:48 - 2016-01-29 09:08 - 00082488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2016-05-31 11:48 - 2016-01-29 09:08 - 00067520 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2016-05-31 11:48 - 2016-01-29 07:49 - 06791736 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2016-05-31 11:48 - 2016-01-29 07:49 - 03529152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2016-05-31 11:48 - 2016-01-29 07:49 - 02558328 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2016-05-31 11:48 - 2016-01-29 07:49 - 00932728 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2016-05-31 11:48 - 2016-01-29 07:49 - 00384888 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2016-05-31 11:48 - 2016-01-29 07:49 - 00062512 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2016-05-31 11:48 - 2016-01-28 13:29 - 06150607 _____ C:\Windows\system32\nvcoproc.bin 2016-05-31 11:41 - 2016-01-29 09:08 - 31523896 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 24207296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 23000000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 18634264 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 17559240 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 16128576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 15302712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 14497568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 13916600 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 13828032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 12911160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2016-05-31 11:41 - 2016-01-29 09:08 - 11272240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 11209376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 04252608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 03996216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 03210784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 02825016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 01908272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434195.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 01557552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434195.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 00952256 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 00915392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 00911928 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 00878648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2016-05-31 11:41 - 2016-01-29 09:08 - 00074016 _____ (NVIDIA Corporation) C:\Windows\system32\nvapo64v.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2016-05-31 11:41 - 2016-01-29 09:08 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2016-05-31 11:41 - 2016-01-29 09:08 - 00026157 _____ C:\Windows\system32\nvinfo.pb 2016-05-31 10:20 - 2012-07-26 00:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2016-05-31 10:20 - 2012-07-26 00:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2016-05-31 10:20 - 2012-07-26 00:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2016-05-31 10:20 - 2012-07-26 00:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2016-05-31 10:20 - 2012-07-26 00:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll 2016-05-31 10:20 - 2012-07-25 23:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2016-05-31 10:20 - 2012-07-25 23:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2016-05-31 10:20 - 2012-06-02 11:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2016-05-31 10:04 - 2014-06-30 19:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2016-05-31 10:04 - 2014-06-30 19:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2016-05-31 10:04 - 2014-06-06 03:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2016-05-31 10:04 - 2014-06-06 03:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2016-05-31 10:04 - 2014-03-09 18:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2016-05-31 10:04 - 2014-03-09 18:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2016-05-31 10:04 - 2014-03-09 18:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2016-05-31 10:04 - 2014-03-09 18:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2016-05-30 22:47 - 2016-05-30 22:47 - 00262144 ____H C:\Windows\DUMP6f7a.DMP 2016-05-30 22:46 - 2016-05-30 22:46 - 00262144 ____H C:\Windows\DUMP1280.DMP 2016-05-30 22:45 - 2016-05-30 22:45 - 00262144 ____H C:\Windows\DUMPb8bb.DMP 2016-05-30 22:44 - 2016-05-30 22:44 - 00262144 ____H C:\Windows\DUMPc9d8.DMP 2016-05-30 22:43 - 2016-05-30 22:43 - 00262144 ____H C:\Windows\DUMPaadc.DMP 2016-05-30 22:42 - 2016-05-30 22:42 - 00262144 ____H C:\Windows\DUMP1c62.DMP 2016-05-30 22:31 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2016-05-30 22:31 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2016-05-30 22:31 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2016-05-30 22:31 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2016-05-30 22:31 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2016-05-30 22:31 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2016-05-30 22:17 - 2007-12-20 00:34 - 01654398 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-05-30 10:47 - 2016-05-30 10:47 - 00000000 ____D C:\d212f71eded651d7d58a65 2016-05-30 10:46 - 2016-05-30 10:46 - 00000000 ____D C:\dc5547a97c54ce5b05a3f4ff7b 2016-05-30 10:11 - 2016-05-30 10:11 - 00000000 ____D C:\5153887e65183af870dd 2016-05-30 09:58 - 2015-05-29 10:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2016-05-30 09:57 - 2015-05-29 10:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\system\api-ms-win-crt-runtime-l1-1-0.dll 2016-05-29 23:39 - 2016-05-31 12:05 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation 2016-05-29 23:39 - 2016-05-31 12:05 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-05-29 23:39 - 2016-05-31 11:49 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-05-29 23:39 - 2016-05-29 23:39 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2016-05-29 23:36 - 2016-05-31 11:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-05-29 23:13 - 2016-05-29 23:13 - 00000000 ____D C:\swsetup 2016-05-29 23:05 - 2016-05-29 23:28 - 283505784 _____ (NVIDIA Corporation) C:\Users\Jack Linzmaier\Downloads\341.95-desktop-win8-win7-winvista-64bit-international.exe 2016-05-29 22:18 - 2016-05-29 22:18 - 00000017 _____ C:\Users\Jack Linzmaier\AppData\Local\resmon.resmoncfg 2016-05-29 16:41 - 2016-05-29 16:41 - 00000000 ____D C:\206723eb2831d34f7a 2016-05-29 16:40 - 2016-05-29 16:40 - 00000000 ____D C:\b7ae025eb243a367187f47eb317c02e1 2016-05-29 16:37 - 2016-05-29 16:37 - 00000000 ____D C:\NVIDIA 2016-05-29 15:57 - 2016-05-29 15:57 - 00000000 ____D C:\Program Files\DIFX 2016-05-29 15:41 - 2016-05-29 15:41 - 00000000 ____D C:\Windows\SysWOW64\sda 2016-05-29 15:40 - 2014-01-07 03:24 - 00359128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys 2016-05-29 15:40 - 2014-01-07 03:10 - 00313048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsBaStor.sys 2016-05-29 15:40 - 2014-01-03 05:34 - 00465624 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsPer.sys 2016-05-29 15:40 - 2014-01-03 05:08 - 00291544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsP2Stor.sys 2016-05-29 15:40 - 2014-01-03 02:33 - 00271064 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys 2016-05-29 15:40 - 2014-01-03 00:14 - 00331992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUVStor.sys 2016-05-29 15:40 - 2013-04-25 07:12 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll 2016-05-29 15:36 - 2009-02-12 21:24 - 01485824 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\CAX_DPV.sys 2016-05-29 15:36 - 2009-02-12 21:20 - 00292864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\CAXHWAZL.sys 2016-05-29 15:36 - 2009-02-12 21:19 - 00740864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\CAX_CNXT.sys 2016-05-29 15:36 - 2008-03-25 00:42 - 00146036 _____ C:\Windows\system32\Drivers\HSFProf.cty 2016-05-29 15:35 - 2016-05-29 15:35 - 00000000 ____D C:\Users\Todos os Usuários\Apple 2016-05-29 15:35 - 2016-05-29 15:35 - 00000000 ____D C:\ProgramData\Apple 2016-05-29 15:33 - 2009-05-06 11:00 - 00394752 _____ (Conexant Systems, Inc.) C:\Windows\system32\UCI64M41.dll 2016-05-29 15:33 - 2009-04-29 11:21 - 00436736 _____ (Conexant Systems, Inc.) C:\Windows\SysWOW64\XAudio64.dll 2016-05-29 15:33 - 2009-04-29 11:21 - 00010240 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\XAudio64.sys 2016-05-29 15:33 - 2006-06-18 06:27 - 00017024 _____ (Conexant) C:\Windows\system32\Drivers\mdmxsdk.sys 2016-05-29 15:33 - 2006-06-18 06:26 - 00094208 _____ (Conexant) C:\Windows\SysWOW64\mdmxsdk.dll 2016-05-29 15:31 - 2016-05-29 16:27 - 00000000 _____ C:\Users\Jack Linzmaier\Downloads\340.52-desktop-win8-win7-winvista-64bit-english-whql.exe 2016-05-29 15:31 - 2016-05-29 15:31 - 00000000 ____D C:\Program Files (x86)\Intel 2016-05-29 15:31 - 2008-02-22 13:06 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2016-05-29 15:30 - 2016-05-29 16:01 - 00000000 _____ C:\Users\Jack Linzmaier\Downloads\synaptics_touchpad_18_1_3_6.zip 2016-05-29 15:20 - 2016-05-29 15:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2016-05-29 15:08 - 2016-05-29 15:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2016-05-29 15:07 - 2016-05-29 15:07 - 00000000 ____D C:\d4660436ac67d2899c18531398 2016-05-29 15:07 - 2016-05-29 15:07 - 00000000 ____D C:\ce82ad45764c982dbd4b38dc42034e 2016-05-29 15:03 - 2016-05-29 15:33 - 129486648 _____ (Apple Inc.) C:\Users\Jack Linzmaier\Downloads\iCloudSetup Ok.exe 2016-05-29 14:45 - 2016-06-07 10:32 - 00111792 _____ C:\Users\Jack Linzmaier\AppData\Local\GDIPFONTCACHEV1.DAT 2016-05-29 14:42 - 2016-05-29 14:42 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Roaming\WinRAR 2016-05-29 14:41 - 2016-05-29 14:41 - 00000000 ____D C:\cedfd174c6b404a30c17ccf0db306e 2016-05-29 14:40 - 2016-05-29 14:40 - 00000000 ____D C:\82d13323135b7bd4ce0311 2016-05-29 14:39 - 2016-05-29 14:39 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-05-29 14:39 - 2016-05-29 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-05-29 14:39 - 2016-05-29 14:39 - 00000000 ____D C:\Program Files (x86)\WinRAR 2016-05-29 14:23 - 2016-05-29 14:23 - 00002155 _____ C:\Users\Jack Linzmaier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-05-29 14:23 - 2016-05-29 14:23 - 00002110 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-05-29 14:23 - 2016-05-29 14:23 - 00002110 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-05-29 14:23 - 2016-05-29 14:23 - 00002110 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-05-29 14:23 - 2016-05-29 14:23 - 00000000 ___RD C:\Users\Jack Linzmaier\OneDrive 2016-05-29 14:23 - 2016-05-29 14:23 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2016-05-29 14:22 - 2016-05-29 14:22 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive 2016-05-29 14:22 - 2016-05-29 14:22 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-05-29 14:21 - 2016-05-29 15:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-05-29 14:21 - 2016-05-29 15:40 - 00000000 ____D C:\Program Files (x86)\Realtek 2016-05-29 14:21 - 2016-05-29 14:22 - 00000000 ___HD C:\Program Files (x86)\Temp 2016-05-29 14:21 - 2016-05-29 14:21 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2016-05-29 14:21 - 2016-05-29 14:21 - 00000000 ____D C:\Program Files\Realtek 2016-05-29 14:21 - 2016-05-29 14:19 - 01824672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2016-05-29 14:21 - 2016-05-29 14:19 - 01603104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 01292832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 01167904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00831488 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00611360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2016-05-29 14:21 - 2016-05-29 14:19 - 00513536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00417824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00332320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00311296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00304640 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00304640 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00211376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00193536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00176640 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00166400 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00150528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00149536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00123780 _____ C:\Windows\system32\Drivers\RtConvEQ.DAT 2016-05-29 14:21 - 2016-05-29 14:19 - 00108032 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00062496 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll 2016-05-29 14:21 - 2016-05-29 14:19 - 00001496 _____ C:\Windows\system32\Drivers\RtkAcerM.dat 2016-05-29 14:21 - 2016-05-29 14:19 - 00000728 _____ C:\Windows\system32\Drivers\RtHdatEx.dat 2016-05-29 14:21 - 2016-05-29 14:19 - 00000520 _____ C:\Windows\system32\Drivers\RTEQEX2.dat 2016-05-29 14:21 - 2016-05-29 14:19 - 00000520 _____ C:\Windows\system32\Drivers\RTEQEX1.dat 2016-05-29 14:21 - 2016-05-29 14:19 - 00000520 _____ C:\Windows\system32\Drivers\RTEQEX0.dat 2016-05-29 14:21 - 2016-05-29 14:19 - 00000008 _____ C:\Windows\system32\Drivers\rtkhdaud.dat 2016-05-29 14:02 - 2016-05-29 14:02 - 00000000 ____D C:\789a17c3828eab900d 2016-05-29 14:00 - 2016-05-29 14:00 - 00000000 ____D C:\42c3132c02ff383eb55b3f 2016-05-29 13:55 - 2016-06-08 22:41 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-05-29 13:55 - 2016-06-08 22:41 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-05-29 13:49 - 2016-06-09 12:14 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-29 13:49 - 2016-05-29 14:09 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-05-29 13:48 - 2016-06-09 12:45 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-29 13:48 - 2016-05-29 15:46 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Local\Google 2016-05-29 13:48 - 2016-05-29 14:09 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-05-29 13:48 - 2016-05-29 13:54 - 00000000 ____D C:\Program Files (x86)\Google 2016-05-29 13:48 - 2016-05-29 13:48 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk 2016-05-29 13:48 - 2016-05-29 13:48 - 00002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2016-05-29 13:47 - 2016-05-29 13:47 - 00002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2016-05-29 13:47 - 2016-05-29 13:47 - 00002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2016-05-29 13:47 - 2016-05-29 13:47 - 00002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2016-05-29 13:47 - 2016-05-29 13:47 - 00002394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2016-05-29 13:47 - 2016-05-29 13:47 - 00002384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2016-05-29 13:47 - 2016-05-29 13:47 - 00002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2016-05-29 13:47 - 2016-05-29 13:47 - 00002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2016-05-29 13:47 - 2016-05-29 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016 2016-05-29 13:42 - 2016-05-30 10:37 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft 2016-05-29 13:42 - 2016-05-30 10:37 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-05-29 13:42 - 2016-05-29 13:42 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2016-05-29 10:12 - 2016-05-30 10:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-05-29 10:12 - 2016-05-29 10:12 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-05-29 10:11 - 2016-05-29 10:11 - 00001954 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2016-05-29 10:11 - 2016-05-29 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2016-05-29 10:10 - 2016-05-29 10:11 - 00000000 ____D C:\Users\Todos os Usuários\DAEMON Tools Lite 2016-05-29 10:10 - 2016-05-29 10:11 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Roaming\DAEMON Tools Lite 2016-05-29 10:10 - 2016-05-29 10:11 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2016-05-29 10:10 - 2016-05-29 10:10 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2016-05-29 10:10 - 2016-05-29 10:10 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite 2016-05-29 10:08 - 2014-05-14 13:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-05-29 10:08 - 2014-05-14 13:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-05-29 10:08 - 2014-05-14 13:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2016-05-29 10:08 - 2014-05-14 13:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-05-29 10:08 - 2014-05-14 13:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-05-29 10:08 - 2014-05-14 13:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-05-29 10:08 - 2014-05-14 13:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2016-05-29 10:08 - 2014-05-14 13:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-05-29 10:08 - 2014-05-14 13:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-05-29 10:08 - 2014-05-14 13:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2016-05-29 10:08 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-05-29 10:08 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2016-05-29 10:08 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-05-29 10:08 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2016-05-29 09:59 - 2016-05-31 16:41 - 00000000 ____D C:\Users\Jack Linzmaier 2016-05-29 09:59 - 2016-05-29 09:59 - 00001423 _____ C:\Users\Jack Linzmaier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-05-29 09:59 - 2016-05-29 09:59 - 00001389 _____ C:\Users\Jack Linzmaier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2016-05-29 09:59 - 2016-05-29 09:59 - 00000020 ___SH C:\Users\Jack Linzmaier\ntuser.ini 2016-05-29 09:59 - 2016-05-29 09:59 - 00000000 _SHDL C:\Users\Jack Linzmaier\Modelos 2016-05-29 09:59 - 2016-05-29 09:59 - 00000000 _SHDL C:\Users\Jack Linzmaier\Meus documentos 2016-05-29 09:59 - 2016-05-29 09:59 - 00000000 _SHDL C:\Users\Jack Linzmaier\Menu Iniciar 2016-05-29 09:59 - 2016-05-29 09:59 - 00000000 _SHDL C:\Users\Jack Linzmaier\Documents\Minhas músicas 2016-05-29 09:59 - 2016-05-29 09:59 - 00000000 _SHDL C:\Users\Jack Linzmaier\Documents\Minhas imagens 2016-05-29 09:59 - 2016-05-29 09:59 - 00000000 _SHDL C:\Users\Jack Linzmaier\Documents\Meus vídeos 2016-05-29 09:59 - 2016-05-29 09:59 - 00000000 _SHDL C:\Users\Jack Linzmaier\Dados de aplicativos 2016-05-29 09:59 - 2016-05-29 09:59 - 00000000 _SHDL C:\Users\Jack Linzmaier\Configurações locais 2016-05-29 09:59 - 2016-05-29 09:59 - 00000000 _SHDL C:\Users\Jack Linzmaier\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-05-29 09:59 - 2016-05-29 09:59 - 00000000 _SHDL C:\Users\Jack Linzmaier\AppData\Local\Histórico 2016-05-29 09:59 - 2016-05-29 09:59 - 00000000 _SHDL C:\Users\Jack Linzmaier\AppData\Local\Dados de aplicativos 2016-05-29 09:59 - 2016-05-29 09:59 - 00000000 _SHDL C:\Users\Jack Linzmaier\Ambiente de rede 2016-05-29 09:59 - 2016-05-29 09:59 - 00000000 _SHDL C:\Users\Jack Linzmaier\Ambiente de impressão 2016-05-29 09:59 - 2016-05-29 09:59 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Local\VirtualStore 2016-05-29 09:59 - 2010-11-21 06:47 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Roaming\Media Center Programs 2016-05-29 09:54 - 2016-05-29 09:54 - 00000000 ____D C:\Windows\rescache 2016-05-29 09:50 - 2016-05-29 09:50 - 00000000 ____D C:\Windows\CSC 2016-05-29 09:49 - 2016-05-29 14:45 - 00000000 ____D C:\Users\Jack Linzmaier\Desktop\Jack ==================== Três Meses Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-06-09 13:02 - 2009-07-14 01:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-06-09 13:02 - 2009-07-14 01:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-06-09 12:59 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf 2016-06-09 12:52 - 2010-11-21 06:37 - 00709464 _____ C:\Windows\system32\prfh0416.dat 2016-06-09 12:52 - 2010-11-21 06:37 - 00148130 _____ C:\Windows\system32\prfc0416.dat 2016-06-09 12:52 - 2009-07-14 02:13 - 01643824 _____ C:\Windows\system32\PerfStringBackup.INI 2016-06-09 12:44 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-06-07 16:24 - 2009-07-14 01:45 - 00433472 _____ C:\Windows\system32\FNTCACHE.DAT 2016-06-07 16:23 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\LiveKernelReports 2016-06-02 14:40 - 2016-02-27 20:05 - 00000000 ____D C:\Users\Jack Linzmaier\Facul 2016-05-31 21:00 - 2009-07-14 00:20 - 00000000 __RHD C:\Users\Public\Libraries 2016-05-31 15:15 - 2009-07-14 00:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2016-05-31 15:15 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy 2016-05-31 13:09 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2016-05-31 12:05 - 2007-12-20 00:16 - 00000000 ____D C:\Users\Jack Linzmaier\AppData\Local\NVIDIA Corporation 2016-05-31 11:48 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\Help 2016-05-30 09:57 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system 2016-05-29 14:30 - 2009-07-14 02:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2016-05-29 13:40 - 2009-07-14 01:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-05-29 09:59 - 2012-08-30 16:10 - 00000000 ____D C:\Windows\Panther 2016-05-29 09:45 - 2009-07-14 02:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template ==================== Arquivos na raiz de alguns diretórios ======= 2016-05-29 22:18 - 2016-05-29 22:18 - 0000017 _____ () C:\Users\Jack Linzmaier\AppData\Local\resmon.resmoncfg Alguns arquivos em TEMP: ==================== C:\Users\Jack Linzmaier\AppData\Local\Temp\DriftierAmalgamating.dll C:\Users\Jack Linzmaier\AppData\Local\Temp\RtkBtMnt.exe C:\Users\Jack Linzmaier\AppData\Local\Temp\sfamcc00001.dll C:\Users\Jack Linzmaier\AppData\Local\Temp\sfextra.dll C:\Users\Jack Linzmaier\AppData\Local\Temp\uninstall_temp_133677.exe ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2012-08-30 16:11 ==================== Fim de FRST.txt ============================