Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-07-2015
Ran by Cliente (administrator) on CLIENTE-PC on 22-07-2015 16:59:10
Running from C:\Users\Cliente\Downloads
Loaded Profiles: Cliente (Available Profiles: Cliente)
Platform: Microsoft Windows 7 Ultimate (X86) OS Language: Português (Brasil)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPStart.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12336856 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPStart] => C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2008-10-10] (Synaptics, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-17] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-17] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1423843502-28375195-748503389-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1423843502-28375195-748503389-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-17] (AVAST Software)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{4AA18F80-C52B-40B2-A465-EE6C89280AD6}: [DhcpNameServer]
FF Plugin: -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2009-10-28] ()
FF Plugin: Update;version=3 -> C:\Program Files\Google\Update\\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin: Update;version=9 -> C:\Program Files\Google\Update\\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-17]
CHR Profile: C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-16]
CHR Extension: (Google Docs) - C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-16]
CHR Extension: (Google Drive) - C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-16]
CHR Extension: (YouTube) - C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-16]
CHR Extension: (Google Search) - C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-16]
CHR Extension: (Avast SafePrice) - C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-07-22]
CHR Extension: (Google Sheets) - C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-16]
CHR Extension: (Avast Online Security) - C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-16]
CHR Extension: (Google Wallet) - C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-16]
CHR Extension: (Gmail) - C:\Users\Cliente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-16]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-17]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-17]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-17] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-07-17] (Avast Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [280680 2015-06-04] (Intel Corporation)
R3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [255192 2015-05-22] (Realtek Semiconductor)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-17] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-07-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-07-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-17] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-17] (AVAST Software)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2015-07-17] (Disc Soft Ltd)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-07-17] (AVAST Software)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [270552 2014-11-06] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1334856 2013-05-02] (Realtek Semiconductor Corporation )
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-17] (Avast Software)
S3 BtAudioBusSrv; System32\Drivers\BtAudioBus.sys [X]
S3 BthL2caScoIfSrv; System32\Drivers\BtL2caScoIf.sys [X]
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [658136 2014-12-22] (Realsil Semiconductor Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [273624 2014-12-26] (Realsil Semiconductor Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-22 16:59 - 2015-07-22 17:17 - 00010738 _____ C:\Users\Cliente\Downloads\FRST.txt
2015-07-22 16:55 - 2015-07-22 17:01 - 00000000 ____D C:\FRST
2015-07-22 16:08 - 2015-07-22 16:42 - 01638912 _____ (Farbar) C:\Users\Cliente\Downloads\FRST.exe
2015-07-22 15:42 - 2015-07-22 15:47 - 02135552 _____ (Farbar) C:\Users\Cliente\Downloads\FRST64.exe
2015-07-20 19:34 - 2015-07-20 19:34 - 00004287 _____ C:\Users\Cliente\Downloads\hijackthis.log
2015-07-20 19:17 - 2015-07-20 19:18 - 00388608 _____ (Trend Micro Inc.) C:\Users\Cliente\Downloads\HijackThis (6).exe
2015-07-20 19:17 - 2015-07-20 19:18 - 00388608 _____ (Trend Micro Inc.) C:\Users\Cliente\Downloads\HijackThis (4).exe
2015-07-20 19:17 - 2015-07-20 19:18 - 00388608 _____ (Trend Micro Inc.) C:\Users\Cliente\Downloads\33B1.tmp
2015-07-20 19:17 - 2015-07-20 19:18 - 00388608 _____ (Trend Micro Inc.) C:\Users\Cliente\Downloads\33A1.tmp
2015-07-20 19:17 - 2015-07-20 19:18 - 00388608 _____ (Trend Micro Inc.) C:\Users\Cliente\Downloads\3120.tmp
2015-07-20 19:16 - 2015-07-20 19:18 - 00388608 _____ (Trend Micro Inc.) C:\Users\Cliente\Downloads\HijackThis.exe
2015-07-20 19:02 - 2015-07-20 19:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Cliente\Downloads\HijackThis (1).exe
2015-07-20 15:50 - 2015-07-20 15:50 - 00001399 _____ C:\Users\Cliente\Documents\JRT.txt
2015-07-20 15:45 - 2015-07-20 15:51 - 00000000 ____D C:\AdwCleaner
2015-07-20 15:40 - 2015-07-20 15:43 - 02248704 _____ C:\Users\Cliente\Downloads\adwcleaner_4.208.exe
2015-07-20 15:17 - 2015-07-20 15:17 - 00001399 _____ C:\Users\Cliente\Desktop\JRT.txt
2015-07-20 15:08 - 2015-07-20 15:13 - 01798288 _____ (Malwarebytes Corporation) C:\Users\Cliente\Downloads\JRT (2).exe
2015-07-20 15:07 - 2015-07-20 15:08 - 01798288 _____ (Malwarebytes Corporation) C:\Users\Cliente\Downloads\JRT (1).exe
2015-07-20 15:00 - 2015-07-20 15:07 - 01798288 _____ (Malwarebytes Corporation) C:\Users\Cliente\Downloads\JRT.exe
2015-07-17 10:22 - 2015-07-17 10:22 - 00000000 ____D C:\Users\Cliente\AppData\Roaming\AVAST Software
2015-07-17 10:17 - 2015-07-17 10:18 - 00000000 ____D C:\Windows\system32\vbox
2015-07-17 10:17 - 2015-07-17 10:17 - 00002071 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-17 10:17 - 2015-07-17 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-17 10:17 - 2015-07-17 10:15 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-07-17 10:17 - 2015-07-17 10:15 - 00113592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-07-17 10:16 - 2015-07-17 10:15 - 00433264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-07-17 10:16 - 2015-07-17 10:15 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-17 10:16 - 2015-07-17 10:15 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-17 10:16 - 2015-07-17 10:15 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-17 10:16 - 2015-07-17 10:15 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-17 10:16 - 2015-07-17 10:14 - 00788784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-17 10:16 - 2015-07-17 10:14 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-07-17 10:16 - 2015-07-17 10:14 - 00095112 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-07-17 10:14 - 2015-07-17 10:14 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-17 10:09 - 2015-07-17 10:09 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-17 10:03 - 2015-07-17 10:03 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2015-07-17 10:03 - 2015-07-17 10:03 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-17 10:01 - 2015-07-17 10:02 - 05499984 _____ (Avast Software s.r.o.) C:\Users\Cliente\Downloads\avast_free_antivirus_setup_online.exe
2015-07-17 09:51 - 2015-07-17 09:51 - 00002699 _____ C:\Users\Cliente\Desktop\Microsoft Office Word 2007.lnk
2015-07-17 09:51 - 2015-07-17 09:51 - 00002669 _____ C:\Users\Cliente\Desktop\Microsoft Office PowerPoint 2007.lnk
2015-07-17 09:51 - 2015-07-17 09:51 - 00002635 _____ C:\Users\Cliente\Desktop\Microsoft Office Excel 2007.lnk
2015-07-17 09:36 - 2015-07-17 10:23 - 00000000 ____D C:\Users\Cliente\AppData\Roaming\Adobe
2015-07-17 09:36 - 2015-07-17 09:37 - 00000000 ____D C:\Users\Cliente\AppData\Local\Adobe
2015-07-17 09:33 - 2015-07-17 09:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2015-07-17 09:33 - 2015-07-17 09:33 - 00001984 _____ C:\Users\Public\Desktop\Adobe Reader 9.lnk
2015-07-17 09:32 - 2015-07-17 09:35 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2015-07-17 09:32 - 2015-07-17 09:35 - 00000000 ____D C:\ProgramData\Adobe
2015-07-17 09:31 - 2015-07-17 09:32 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-07-17 09:31 - 2015-07-17 09:31 - 00000000 ____D C:\Program Files\Adobe
2015-07-17 09:24 - 2015-07-17 09:24 - 00000000 ____D C:\Windows\system32\Macromed
2015-07-17 09:19 - 2015-07-17 09:21 - 00000000 ____D C:\Program Files\MSECache
2015-07-17 08:56 - 2015-07-17 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-07-17 08:53 - 2006-10-26 19:56 - 00032592 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2015-07-17 08:52 - 2015-07-17 08:52 - 00000000 ____D C:\Program Files\Microsoft Works
2015-07-17 08:51 - 2015-07-17 08:51 - 00000000 ____D C:\Program Files\Microsoft Visual Studio
2015-07-17 08:51 - 2015-07-17 08:51 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-07-17 08:49 - 2015-07-17 08:49 - 00000000 ____D C:\Windows\PCHEALTH
2015-07-17 08:49 - 2015-07-17 08:49 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-07-17 08:45 - 2015-07-17 09:02 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2015-07-17 08:45 - 2015-07-17 09:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-17 08:45 - 2015-07-17 08:51 - 00000000 ____D C:\Program Files\Microsoft Office
2015-07-17 08:45 - 2015-07-17 08:45 - 00000000 ____D C:\Users\Cliente\AppData\Local\Microsoft Help
2015-07-17 08:45 - 2015-07-17 08:45 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2015-07-17 08:42 - 2015-07-17 08:42 - 00000000 __RHD C:\MSOCache
2015-07-17 08:38 - 2015-07-17 08:38 - 00001892 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-07-17 08:37 - 2015-07-17 08:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-07-17 08:34 - 2015-07-17 08:39 - 00000000 ____D C:\Users\Cliente\AppData\Roaming\DAEMON Tools Lite
2015-07-17 08:34 - 2015-07-17 08:34 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2015-07-17 08:34 - 2015-07-17 08:34 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2015-07-17 08:33 - 2015-07-17 08:39 - 00000000 ____D C:\Users\Todos os Usuários\DAEMON Tools Lite
2015-07-17 08:33 - 2015-07-17 08:39 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-07-17 07:02 - 2015-07-17 07:02 - 00000000 ____D C:\Windows\system32\appmgmt
2015-07-17 06:43 - 2015-07-17 10:34 - 00002300 _____ C:\Windows\PFRO.log
2015-07-16 22:35 - 2015-07-16 22:35 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_BtL2caScoIf_01009.Wdf
2015-07-16 22:23 - 2015-07-17 06:58 - 00000032 _____ C:\Windows\0
2015-07-16 22:23 - 2015-07-16 22:23 - 00000000 _____ C:\Windows\system32\0
2015-07-16 22:08 - 2015-07-16 22:08 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-16 22:08 - 2015-07-16 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-16 21:49 - 2015-07-22 17:13 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-16 21:49 - 2015-07-22 15:37 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-16 21:49 - 2015-07-16 22:08 - 00000000 ____D C:\Users\Cliente\AppData\Local\Google
2015-07-16 21:49 - 2015-07-16 21:59 - 00000000 ____D C:\Program Files\Google
2015-07-16 21:48 - 2015-07-16 21:49 - 00000000 ____D C:\Users\Cliente\AppData\Local\Deployment
2015-07-16 21:48 - 2015-07-16 21:48 - 00000000 ____D C:\Users\Cliente\AppData\Local\Apps\2.0
2015-07-16 17:17 - 2015-07-16 17:17 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01000.Wdf
2015-07-16 17:16 - 2015-07-16 17:16 - 00000000 ____D C:\Program Files\Synaptics
2015-07-16 17:15 - 2015-07-16 17:17 - 00005036 _____ C:\Windows\DPINST.LOG
2015-07-16 17:14 - 2008-10-10 10:02 - 01060424 _____ C:\Windows\system32\WdfCoInstaller01000.dll
2015-07-16 17:14 - 2008-10-10 10:02 - 00196608 _____ (Synaptics, Inc.) C:\Windows\system32\SynCtrl.dll
2015-07-16 17:14 - 2008-10-10 10:02 - 00192560 _____ (Synaptics, Inc.) C:\Windows\system32\Drivers\SynTP.sys
2015-07-16 17:14 - 2008-10-10 10:02 - 00163840 _____ (Synaptics, Inc.) C:\Windows\system32\SynCOM.dll
2015-07-16 17:14 - 2008-10-10 10:02 - 00147456 _____ (Synaptics, Inc.) C:\Windows\system32\SynTPAPI.dll
2015-07-16 17:14 - 2008-10-10 10:02 - 00110592 _____ (Synaptics, Inc.) C:\Windows\system32\SynTPCo4.dll
2015-07-16 16:42 - 2015-07-16 16:42 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2015-07-16 16:42 - 2015-07-16 16:42 - 00000000 ____D C:\Windows\RemotePackages
2015-07-16 16:42 - 2011-04-09 02:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-07-16 16:41 - 2011-04-09 03:13 - 03957632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-07-16 16:41 - 2011-04-09 03:13 - 03901824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-07-16 16:41 - 2009-12-08 05:05 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-07-16 16:41 - 2009-12-08 05:05 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-07-16 16:38 - 2009-06-10 18:14 - 00051867 _____ C:\Windows\Ultimate.xml
2015-07-16 16:19 - 2015-07-16 16:19 - 00000000 ____D C:\Windows\system32\SRSLabs
2015-07-16 16:19 - 2015-07-16 16:19 - 00000000 ____D C:\Windows\system32\RTCOM
2015-07-16 16:19 - 2015-06-18 18:45 - 03522264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2015-07-16 16:19 - 2015-06-18 17:59 - 02862488 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-07-16 16:19 - 2015-06-17 19:47 - 02585816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2015-07-16 16:19 - 2015-06-17 14:45 - 02394328 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2015-07-16 16:19 - 2015-06-15 17:39 - 01708248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2015-07-16 16:19 - 2015-05-18 14:47 - 02637528 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2015-07-16 16:19 - 2015-05-15 19:27 - 02630872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2015-07-16 16:19 - 2014-06-17 19:18 - 00844192 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2015-07-16 16:19 - 2012-01-10 10:20 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2015-07-16 16:19 - 2011-11-22 16:28 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2015-07-16 16:19 - 2011-03-17 12:16 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-07-16 16:19 - 2011-03-07 17:03 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-07-16 16:19 - 2010-11-08 07:31 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2015-07-16 16:19 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2015-07-16 16:19 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2015-07-16 16:19 - 2010-11-08 07:31 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2015-07-16 16:19 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2015-07-16 16:19 - 2010-11-08 07:31 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2015-07-16 16:18 - 2015-06-02 19:25 - 01490960 _____ (Conexant Systems Inc.) C:\Windows\system32\CX32APO.dll
2015-07-16 16:18 - 2015-05-25 15:18 - 02820120 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2015-07-16 16:18 - 2014-06-07 00:00 - 00519368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2015-07-16 16:18 - 2013-10-11 12:47 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-07-16 16:18 - 2012-03-08 11:47 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2015-07-16 16:17 - 2015-07-16 16:19 - 00000000 ___HD C:\Program Files\Temp
2015-07-16 16:17 - 2015-05-27 17:38 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-07-16 15:29 - 2015-07-16 16:18 - 00000000 ____D C:\Program Files\Realtek
2015-07-16 15:29 - 2014-12-26 00:41 - 00273624 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2015-07-16 15:29 - 2014-12-22 22:52 - 00658136 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsPer.sys
2015-07-16 15:29 - 2014-11-06 06:07 - 00222424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsP2Stor.sys
2015-07-16 15:29 - 2014-11-06 05:57 - 00270552 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys
2015-07-16 15:29 - 2014-11-06 05:54 - 00235736 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsBaStor.sys
2015-07-16 15:29 - 2014-01-27 02:39 - 09889496 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RsCRIcon.dll
2015-07-16 15:29 - 2012-06-02 19:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-16 15:29 - 2012-06-02 19:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-16 15:29 - 2012-06-02 19:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-16 15:29 - 2012-06-02 19:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-16 15:29 - 2012-06-02 19:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-16 15:29 - 2012-06-02 19:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-16 15:29 - 2012-06-02 19:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-16 15:27 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-16 15:27 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-16 15:22 - 2015-07-16 15:29 - 00000000 ____D C:\Windows\system32\sda
2015-07-16 15:21 - 2014-10-20 06:50 - 00073432 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX.dll
2015-07-16 15:15 - 2015-07-16 15:15 - 00000000 ____D C:\Users\Cliente\Intel
2015-07-16 14:31 - 2015-07-16 14:31 - 00015320 _____ C:\Windows\system32\results.xml
2015-07-16 14:22 - 2015-07-16 14:22 - 00000000 ____D C:\Users\Todos os Usuários\Intel
2015-07-16 14:22 - 2015-07-16 14:22 - 00000000 ____D C:\ProgramData\Intel
2015-07-16 14:22 - 2012-05-15 06:20 - 00104448 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL32.dll
2015-07-16 14:22 - 2012-05-15 06:20 - 00017920 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-07-16 11:21 - 2015-07-16 14:22 - 00000000 ____D C:\Program Files\Intel
2015-07-16 11:21 - 2011-08-31 20:20 - 00053248 _____ (Intel Corporation) C:\Windows\system32\CSVer.dll
2015-07-16 11:14 - 2010-12-18 02:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 11:07 - 2015-07-16 11:07 - 00000000 ____D C:\Program Files\Cisco
2015-07-16 11:07 - 2015-06-23 13:27 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-16 11:05 - 2015-07-16 11:07 - 00000000 ____D C:\Program Files\REALTEK PCIE Wireless LAN Driver
2015-07-16 11:05 - 2013-05-02 11:46 - 01334856 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys
2015-07-16 11:05 - 2013-01-30 11:41 - 00430080 _____ (Realtek) C:\Windows\SwUSB.exe
2015-07-16 11:05 - 2012-12-14 15:54 - 00036864 _____ () C:\Windows\runSW.exe
2015-07-16 11:05 - 2012-02-14 19:37 - 00535040 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2015-07-16 11:05 - 2010-12-01 09:31 - 00451072 _____ C:\Windows\system32\ISSRemoveSP.exe
2015-07-16 10:23 - 2015-07-17 09:36 - 00108824 _____ C:\Users\Cliente\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-16 10:20 - 2015-07-16 10:20 - 00000000 ____D C:\Users\Cliente\AppData\Roaming\Easeware
2015-07-16 10:20 - 2015-07-16 10:20 - 00000000 ____D C:\Program Files\Easeware
2015-07-16 10:16 - 2015-07-16 10:16 - 00000000 ____D C:\Windows\system32\Atheros_L1e
2015-07-16 10:15 - 2015-07-16 16:18 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-07-16 10:13 - 2011-03-22 01:44 - 00069232 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\L1C62x86.sys
2015-07-16 10:12 - 2015-07-16 14:20 - 00000000 ____D C:\Intel
2015-07-16 10:06 - 2015-07-16 10:06 - 00000000 ____D C:\Users\Cliente\AppData\Roaming\WinRAR
2015-07-16 10:05 - 2015-07-16 10:05 - 00000000 ____D C:\Users\Cliente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-16 10:05 - 2015-07-16 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-16 10:05 - 2015-07-16 10:05 - 00000000 ____D C:\Program Files\WinRAR
2015-07-15 17:38 - 2015-07-17 08:39 - 01491932 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-15 17:33 - 2015-07-20 19:33 - 00000000 ____D C:\Users\Cliente\AppData\Local\VirtualStore
2015-07-15 17:33 - 2015-07-16 15:15 - 00000000 ____D C:\Users\Cliente
2015-07-15 17:33 - 2015-07-15 17:33 - 00001385 _____ C:\Users\Cliente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-15 17:33 - 2015-07-15 17:33 - 00000020 ___SH C:\Users\Cliente\ntuser.ini
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Usuário Padrão
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Todos os Usuários
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default\Modelos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default\Meus documentos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default\Configurações locais
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Cliente\Modelos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Cliente\Meus documentos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Cliente\Menu Iniciar
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Cliente\Documents\Minhas músicas
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Cliente\Documents\Minhas imagens
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Cliente\Documents\Meus vídeos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Cliente\Dados de aplicativos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Cliente\Configurações locais
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Cliente\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Cliente\AppData\Local\Histórico
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Cliente\AppData\Local\Dados de aplicativos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Cliente\Ambiente de rede
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Users\Cliente\Ambiente de impressão
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\ProgramData\Modelos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\ProgramData\Favoritos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\ProgramData\Documentos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 _SHDL C:\Arquivos de Programas
2015-07-15 17:33 - 2015-07-15 17:33 - 00000000 __SHD C:\Recovery
2015-07-15 17:33 - 2009-07-14 01:42 - 00000000 ___RD C:\Users\Cliente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-15 17:33 - 2009-07-14 01:37 - 00000000 ___RD C:\Users\Cliente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-15 15:43 - 2015-07-15 15:43 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-07-15 15:42 - 2015-07-15 15:42 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-07-15 15:19 - 2015-07-15 15:19 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-07-15 14:22 - 2015-07-22 16:03 - 00901111 _____ C:\Windows\WindowsUpdate.log
2015-07-15 14:11 - 2015-07-15 15:38 - 00001313 _____ C:\Windows\TSSysprep.log
2015-07-15 14:08 - 2015-07-15 17:33 - 00000000 ____D C:\Windows\Panther
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-22 16:53 - 2009-07-14 01:34 - 00013920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-22 16:53 - 2009-07-14 01:34 - 00013920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-20 20:32 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-20 20:30 - 2009-07-14 01:39 - 00021345 _____ C:\Windows\setupact.log
2015-07-17 13:43 - 2009-07-13 23:37 - 00000000 __RHD C:\Users\Public\Libraries
2015-07-17 09:41 - 2009-07-14 01:33 - 00413368 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-17 08:52 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-17 08:51 - 2009-07-14 05:53 - 00000000 ____D C:\Windows\ShellNew
2015-07-17 08:51 - 2009-07-14 01:52 - 00000000 ____D C:\Program Files\MSBuild
2015-07-17 08:45 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\System
2015-07-17 08:45 - 2009-07-13 23:04 - 00000478 _____ C:\Windows\win.ini
2015-07-17 08:39 - 2009-07-14 05:31 - 00654470 _____ C:\Windows\system32\prfh0416.dat
2015-07-17 08:39 - 2009-07-14 05:31 - 00124922 _____ C:\Windows\system32\prfc0416.dat
2015-07-17 07:07 - 2009-07-13 23:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-16 22:16 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\LogFiles
2015-07-16 16:42 - 2009-07-14 01:52 - 00000000 ____D C:\Windows\system32\restore
2015-07-16 16:42 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\pt-BR
2015-07-15 17:44 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-07-15 17:33 - 2009-07-13 23:37 - 00000000 __RHD C:\Users\Default
2015-07-15 17:33 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\rescache
2015-07-15 17:33 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Windows NT
2015-07-15 14:13 - 2009-07-14 05:53 - 00000000 ____D C:\Windows\CSC
2015-07-15 14:11 - 2009-07-14 01:34 - 00001774 _____ C:\Windows\DtcInstall.log
2015-07-15 14:08 - 2009-07-14 01:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-07-15 14:07 - 2009-07-14 01:57 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
Some files in TEMP:
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
[2009-07-13 20:24] - [2009-07-13 22:16] - 0811520 ____A (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-16 13:02
==================== End of log ============================