Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 02-07-2016
Executado por Marcio (administrador) em MICRO02 (05-07-2016 11:31:04)
Executando a partir de C:\Users\Marcio\Downloads
Perfis Carregados: Marcio (Perfis Disponíveis: Marcio)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(© 2015 Microsoft Corporation) C:\Users\Marcio\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(BitTorrent Inc.) C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(BitTorrent Inc.) C:\Users\Marcio\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) C:\Users\Marcio\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) C:\Users\Marcio\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [sessionmsg.sys] => "C:\PROGRA~3\sessionmsg.sys.exe"
HKLM\...\Run: [netsh.sys] => "C:\PROGRA~3\netsh.sys.exe"
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Run: [BingSvc] => C:\Users\Marcio\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50755200 2015-12-08] (Skype Technologies S.A.)
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Run: [{9292D12D-A302-4586-94AD-17D1D79A2C1C}] => powershell.exe -noprofile -windowstyle hidden -executionpolicy bypass iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\WDNXZJIBCZNZCVP').CPRKQMW)));
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Run: [BrowserMe] => C:\Users\Marcio\AppData\Roaming\BrowserMe\GoogleUpdate.exe
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Run: [BrowserUpdate] => C:\Users\Marcio\AppData\Roaming\BrowserMe\GoogleUpdate.exe
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Run: [uTorrent] => C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe [2530304 2016-06-18] (BitTorrent Inc.)
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --multi-profiles --disable-translate --disable-infobars --no-message-box --mute-audio --user-data-dir="C:\Users\Marcio\AppData\Local\Google (a entrada de dados tem 207 mais caracteres).
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Policies\Explorer: []
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\MountPoints2: {c8d253db-9715-11e4-b818-c8600061708c} - G:\LGAutoRun.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll Nenhum Arquivo
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\..\Interfaces\{05BE7C17-5A7C-4CA1-96B3-446C700F7CB7}: [NameServer] 177.8.119.110,177.8.113.2
Tcpip\..\Interfaces\{B7CC717D-2E2A-433B-8693-E23B2511EA59}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/?type=435371&fr=spigot-yhp-ie
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=pt-br
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421334124&from=cor&uid=KINGSTONXSV300S37A120G_50026B774406A11F&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421334124&from=cor&uid=KINGSTONXSV300S37A120G_50026B774406A11F&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421334124&from=cor&uid=KINGSTONXSV300S37A120G_50026B774406A11F&q={searchTerms}
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_bxi01_15_03_ch&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDyCtCyBtDzz0CyDyDtCyCtN0D0Tzu0StCtCtCtCtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzy0FtAyCyB0FzytGtC0EyDtAtGyBtD0E0FtGtAyByEtBtGtB0C0AtAtA0CyC0F0DtA0A0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyCyDzyyDyDyEyBtG0DtBtBzztGyE0AyByCtGzy0CyBtBtGtDyC0B0DyBzy0E0EyC0FtD0D2Q&cr=889926145&ir=
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421334124&from=cor&uid=KINGSTONXSV300S37A120G_50026B774406A11F&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421334124&from=cor&uid=KINGSTONXSV300S37A120G_50026B774406A11F&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-126392097-1680451695-1276721474-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-126392097-1680451695-1276721474-1000 -> {00B22D42-E04E-4B19-837B-290AAC410174} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421334124&from=cor&uid=KINGSTONXSV300S37A120G_50026B774406A11F&q={searchTerms}
SearchScopes: HKU\S-1-5-21-126392097-1680451695-1276721474-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-126392097-1680451695-1276721474-1000 -> {0E423410-37DE-48BC-8636-E8B698453AC8} URL = hxxps://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=435371&p={searchTerms}
SearchScopes: HKU\S-1-5-21-126392097-1680451695-1276721474-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421334124&from=cor&uid=KINGSTONXSV300S37A120G_50026B774406A11F&q={searchTerms}
SearchScopes: HKU\S-1-5-21-126392097-1680451695-1276721474-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_bxi01_15_03_ch&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDyCtCyBtDzz0CyDyDtCyCtN0D0Tzu0StCtCtCtCtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzy0FtAyCyB0FzytGtC0EyDtAtGyBtD0E0FtGtAyByEtBtGtB0C0AtAtA0CyC0F0DtA0A0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyCyDzyyDyDyEyBtG0DtBtBzztGyE0AyByCtGzy0CyBtBtGtDyC0B0DyBzy0E0EyC0FtD0D2Q&cr=889926145&ir=
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Toolbar: HKLM - Carteira Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll Nenhum Arquivo
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\iw041w8k.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://www.hotmail.com/
FF Keyword.URL: hxxps://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=435371&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-126392097-1680451695-1276721474-1000: gastecnologia.com.br/sf/cef64 -> C:\Users\Marcio\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [Nenhum Arquivo]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\50o2pz8v.default\extensions\fftoolbar2014@etech.com => não encontrado (a)
FF HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Marcio\AppData\Local\GAS Tecnologia\GBBD\cef\xpi => não encontrado (a)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-126392097-1680451695-1276721474-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-126392097-1680451695-1276721474-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
"6257a70ebcb87e64" => serviço não pode ser desbloqueado. <===== ATENÇÃO
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Arquivo não assinado]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2505472 2015-10-09] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Arquivo não assinado]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [Arquivo não assinado]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-04-28] (Hewlett-Packard) [Arquivo não assinado]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-04-28] (Hewlett-Packard) [Arquivo não assinado]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [950200 2016-05-24] (Bitdefender)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 Update Framed Display; "C:\Program Files (x86)\Framed Display\updateFramedDisplay.exe" [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-21] () [Arquivo não assinado]
U5 6257a70ebcb87e64; C:\Windows\System32\Drivers\6257a70ebcb87e64.sys [76248 2016-02-12] () <===== ATENÇÃO Necurs Rootkit?
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] () [Arquivo não assinado]
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-21] () [Arquivo não assinado]
S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-13] () [Arquivo não assinado]
S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-13] () [Arquivo não assinado]
S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-13] () [Arquivo não assinado]
R1 AFD; C:\Windows\system32\drivers\afd.sys [499712 2010-11-21] () [Arquivo não assinado]
S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-13] () [Arquivo não assinado]
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-13] () [Arquivo não assinado]
S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-13] () [Arquivo não assinado]
S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [64512 2009-07-13] () [Arquivo não assinado]
R3 AmdPPM; C:\Windows\System32\DRIVERS\amdppm.sys [60928 2009-07-13] () [Arquivo não assinado]
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2010-11-21] () [Arquivo não assinado]
S3 amdsbs; C:\Windows\system32\drivers\amdsbs.sys [194128 2009-07-13] () [Arquivo não assinado]
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2010-11-21] () [Arquivo não assinado]
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-21] () [Arquivo não assinado]
S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-13] () [Arquivo não assinado]
S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-13] () [Arquivo não assinado]
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] () [Arquivo não assinado]
R0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-13] () [Arquivo não assinado]
S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] () [Arquivo não assinado]
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] () [Arquivo não assinado]
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-13] () [Arquivo não assinado]
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] ()
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-13] () [Arquivo não assinado]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2009-07-13] () [Arquivo não assinado]
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] () [Arquivo não assinado]
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] () [Arquivo não assinado]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] () [Arquivo não assinado]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] () [Arquivo não assinado]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] () [Arquivo não assinado]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] () [Arquivo não assinado]
S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [72192 2009-07-13] () [Arquivo não assinado]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] () [Arquivo não assinado]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-21] () [Arquivo não assinado]
S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-13] () [Arquivo não assinado]
R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-13] () [Arquivo não assinado]
S3 CmBatt; C:\Windows\system32\drivers\CmBatt.sys [17664 2009-07-13] () [Arquivo não assinado]
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-13] () [Arquivo não assinado]
R0 CNG; C:\Windows\System32\Drivers\cng.sys [459248 2010-11-21] () [Arquivo não assinado]
S3 Compbatt; C:\Windows\system32\drivers\compbatt.sys [21584 2009-07-13] () [Arquivo não assinado]
R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2010-11-21] () [Arquivo não assinado]
S4 crcdisk; C:\Windows\system32\drivers\crcdisk.sys [24144 2009-07-13] () [Arquivo não assinado]
R1 CSC; C:\Windows\System32\drivers\csc.sys [514560 2010-11-21] () [Arquivo não assinado]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-21] () [Arquivo não assinado]
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] () [Arquivo não assinado]
R0 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-13] () [Arquivo não assinado]
S3 dmvsc; C:\Windows\system32\drivers\dmvsc.sys [71168 2010-11-21] () [Arquivo não assinado]
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-13] () [Arquivo não assinado]
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [982912 2010-11-21] () [Arquivo não assinado]
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264040 2015-09-23] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] () [Arquivo não assinado]
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2015-09-23] (ESET)
S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-13] () [Arquivo não assinado]
S2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [170792 2015-09-23] (ESET)
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-13] () [Arquivo não assinado]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] () [Arquivo não assinado]
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] () [Arquivo não assinado]
S3 fdc; C:\Windows\system32\drivers\fdc.sys [29696 2009-07-13] () [Arquivo não assinado]
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] () [Arquivo não assinado]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] () [Arquivo não assinado]
S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [24576 2009-07-13] () [Arquivo não assinado]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] () [Arquivo não assinado]
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-13] () [Arquivo não assinado]
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23104 2009-07-13] ()
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223248 2010-11-21] () [Arquivo não assinado]
S3 gagp30kx; C:\Windows\system32\drivers\gagp30kx.sys [65088 2009-07-13] () [Arquivo não assinado]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] () [Arquivo não assinado]
R3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-21] () [Arquivo não assinado]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2010-11-21] () [Arquivo não assinado]
S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [26624 2009-07-13] () [Arquivo não assinado]
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-13] () [Arquivo não assinado]
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-13] () [Arquivo não assinado]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-21] () [Arquivo não assinado]
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-21] () [Arquivo não assinado]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-21] () [Arquivo não assinado]
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] () [Arquivo não assinado]
S3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-13] () [Arquivo não assinado]
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2010-11-21] () [Arquivo não assinado]
S3 iirsp; C:\Windows\system32\drivers\iirsp.sys [44112 2009-07-13] () [Arquivo não assinado]
S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-13] () [Arquivo não assinado]
S3 intelppm; C:\Windows\system32\drivers\intelppm.sys [62464 2009-07-13] () [Arquivo não assinado]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-21] () [Arquivo não assinado]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-21] () [Arquivo não assinado]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] () [Arquivo não assinado]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] () [Arquivo não assinado]
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-13] () [Arquivo não assinado]
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [273792 2010-11-21] () [Arquivo não assinado]
R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-13] () [Arquivo não assinado]
R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-21] () [Arquivo não assinado]
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95616 2010-11-21] () [Arquivo não assinado]
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [152960 2010-11-21] () [Arquivo não assinado]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-13] () [Arquivo não assinado]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] () [Arquivo não assinado]
S3 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [114752 2009-07-13] () [Arquivo não assinado]
S3 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [106560 2009-07-13] () [Arquivo não assinado]
S3 LSI_SAS2; C:\Windows\system32\drivers\lsi_sas2.sys [65600 2009-07-13] () [Arquivo não assinado]
S3 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [115776 2009-07-13] () [Arquivo não assinado]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-13] () [Arquivo não assinado]
S3 megasas; C:\Windows\system32\drivers\megasas.sys [35392 2009-07-13] () [Arquivo não assinado]
S3 MegaSR; C:\Windows\system32\drivers\MegaSR.sys [284736 2009-07-13] () [Arquivo não assinado]
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] () [Arquivo não assinado]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] () [Arquivo não assinado]
R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-13] () [Arquivo não assinado]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] () [Arquivo não assinado]
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] () [Arquivo não assinado]
S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-21] () [Arquivo não assinado]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] () [Arquivo não assinado]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2010-11-21] () [Arquivo não assinado]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2010-11-21] () [Arquivo não assinado]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [287744 2010-11-21] () [Arquivo não assinado]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2010-11-21] () [Arquivo não assinado]
S3 msahci; C:\Windows\system32\drivers\msahci.sys [31104 2010-11-21] () [Arquivo não assinado]
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-21] () [Arquivo não assinado]
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] ()
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] () [Arquivo não assinado]
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-13] () [Arquivo não assinado]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] () [Arquivo não assinado]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] () [Arquivo não assinado]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] () [Arquivo não assinado]
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-21] ()
R1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-13] () [Arquivo não assinado]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] () [Arquivo não assinado]
S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [15360 2009-07-13] () [Arquivo não assinado]
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] () [Arquivo não assinado]
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] () [Arquivo não assinado]
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [951680 2010-11-21] () [Arquivo não assinado]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] () [Arquivo não assinado]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] () [Arquivo não assinado]
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-21] () [Arquivo não assinado]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-21] () [Arquivo não assinado]
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-21] ()
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] () [Arquivo não assinado]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-21] () [Arquivo não assinado]
S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-13] () [Arquivo não assinado]
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] ()
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] () [Arquivo não assinado]
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1659776 2010-11-21] ()
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] () [Arquivo não assinado]
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [12866008 2014-07-02] () [Arquivo não assinado]
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2010-11-21] () [Arquivo não assinado]
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2010-11-21] () [Arquivo não assinado]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] () [Arquivo não assinado]
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] () [Arquivo não assinado]
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-13] () [Arquivo não assinado]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-13] () [Arquivo não assinado]
R3 Parport; C:\Windows\System32\DRIVERS\parport.sys [97280 2009-07-13] () [Arquivo não assinado]
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75136 2010-11-21] () [Arquivo não assinado]
R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] () [Arquivo não assinado]
R0 pciide; C:\Windows\System32\drivers\pciide.sys [12352 2009-07-13] () [Arquivo não assinado]
S3 pcmcia; C:\Windows\system32\drivers\pcmcia.sys [220752 2009-07-13] () [Arquivo não assinado]
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] () [Arquivo não assinado]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-13] () [Arquivo não assinado]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-21] () [Arquivo não assinado]
S3 Processor; C:\Windows\system32\drivers\processr.sys [60416 2009-07-13] () [Arquivo não assinado]
S0 PsBoot; C:\Windows\System32\Drivers\PsBoot.sys [40480 2014-03-11] (Panda Security, S.L.)
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-21] () [Arquivo não assinado]
S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-13] () [Arquivo não assinado]
S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-13] () [Arquivo não assinado]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-13] () [Arquivo não assinado]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] () [Arquivo não assinado]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] () [Arquivo não assinado]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-21] () [Arquivo não assinado]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] () [Arquivo não assinado]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] () [Arquivo não assinado]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-21] () [Arquivo não assinado]
R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-13] () [Arquivo não assinado]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] () [Arquivo não assinado]
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-21] () [Arquivo não assinado]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] () [Arquivo não assinado]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] () [Arquivo não assinado]
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [20992 2010-11-21] () [Arquivo não assinado]
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2010-11-21] ()
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] () [Arquivo não assinado]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] () [Arquivo não assinado]
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [677480 2012-02-03] () [Arquivo não assinado]
S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [6656 2010-11-21] () [Arquivo não assinado]
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-21] () [Arquivo não assinado]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-21] () [Arquivo não assinado]
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] ()
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-13] () [Arquivo não assinado]
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] () [Arquivo não assinado]
S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-13] () [Arquivo não assinado]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-13] () [Arquivo não assinado]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-13] () [Arquivo não assinado]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-21] () [Arquivo não assinado]
S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-13] () [Arquivo não assinado]
S3 SiSRaid2; C:\Windows\system32\drivers\SiSRaid2.sys [43584 2009-07-13] () [Arquivo não assinado]
S3 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [80464 2009-07-13] () [Arquivo não assinado]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] () [Arquivo não assinado]
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] ()
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [468992 2010-11-21] () [Arquivo não assinado]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [413184 2010-11-21] () [Arquivo não assinado]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [167936 2010-11-21] () [Arquivo não assinado]
S3 stexstor; C:\Windows\system32\drivers\stexstor.sys [24656 2009-07-13] () [Arquivo não assinado]
R0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46464 2010-11-21] () [Arquivo não assinado]
S3 storvsc; C:\Windows\system32\drivers\storvsc.sys [34688 2010-11-21] () [Arquivo não assinado]
R3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-13] () [Arquivo não assinado]
S3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [88960 2010-11-21] () [Arquivo não assinado]
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1924480 2010-11-21] () [Arquivo não assinado]
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1924480 2010-11-21] () [Arquivo não assinado]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45056 2010-11-21] () [Arquivo não assinado]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] () [Arquivo não assinado]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-13] () [Arquivo não assinado]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-21] () [Arquivo não assinado]
R1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [63360 2010-11-21] () [Arquivo não assinado]
S3 terminpt; C:\Windows\system32\drivers\terminpt.sys [34816 2010-11-21] () [Arquivo não assinado]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39424 2010-11-21] () [Arquivo não assinado]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-21] () [Arquivo não assinado]
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [31232 2010-11-21] () [Arquivo não assinado]
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [117248 2010-11-21] () [Arquivo não assinado]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-21] () [Arquivo não assinado]
S3 uagp35; C:\Windows\system32\drivers\uagp35.sys [64080 2009-07-13] () [Arquivo não assinado]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-21] () [Arquivo não assinado]
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-13] () [Arquivo não assinado]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-21] () [Arquivo não assinado]
S3 UmPass; C:\Windows\system32\drivers\umpass.sys [9728 2009-07-13] () [Arquivo não assinado]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2010-11-21] () [Arquivo não assinado]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100352 2009-07-13] () [Arquivo não assinado]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [52224 2010-11-21] () [Arquivo não assinado]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2010-11-21] () [Arquivo não assinado]
R3 usbohci; C:\Windows\System32\DRIVERS\usbohci.sys [25600 2009-07-13] () [Arquivo não assinado]
S3 usbprint; C:\Windows\system32\drivers\usbprint.sys [25088 2009-07-13] () [Arquivo não assinado]
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2010-11-21] () [Arquivo não assinado]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2009-07-13] () [Arquivo não assinado]
S3 usb_rndisx; C:\Windows\System32\DRIVERS\usb8023x.sys [19968 2009-07-13] () [Arquivo não assinado]
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-13] () [Arquivo não assinado]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] () [Arquivo não assinado]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] () [Arquivo não assinado]
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-21] () [Arquivo não assinado]
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-13] () [Arquivo não assinado]
S3 vmbus; C:\Windows\system32\drivers\vmbus.sys [199552 2010-11-21] () [Arquivo não assinado]
S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [21760 2010-11-21] () [Arquivo não assinado]
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] () [Arquivo não assinado]
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] () [Arquivo não assinado]
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] () [Arquivo não assinado]
S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [161872 2009-07-13] () [Arquivo não assinado]
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2009-07-13] () [Arquivo não assinado]
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-13] () [Arquivo não assinado]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] () [Arquivo não assinado]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] () [Arquivo não assinado]
S3 Wd; C:\Windows\system32\drivers\wd.sys [21056 2009-07-13] () [Arquivo não assinado]
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [654928 2009-07-13] () [Arquivo não assinado]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] () [Arquivo não assinado]
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-13] () [Arquivo não assinado]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-21] () [Arquivo não assinado]
R3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-13] () [Arquivo não assinado]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-13] () [Arquivo não assinado]
S3 WSDPrintDevice; C:\Windows\System32\DRIVERS\WSDPrint.sys [23040 2009-07-13] () [Arquivo não assinado]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2010-11-21] () [Arquivo não assinado]
R3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2010-11-21] () [Arquivo não assinado]
U5 6257a70ebcb87e64; <===== ATENÇÃO: Serviço Bloqueado
S1 ccnfd_1_10_0_6; system32\drivers\ccnfd_1_10_0_6.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U4 vsserv; não ImagePath
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-05 11:25 - 2016-07-05 11:31 - 00043130 _____ C:\Users\Marcio\Downloads\FRST.txt
2016-07-05 11:25 - 2016-07-05 11:25 - 00031275 _____ C:\Users\Marcio\Downloads\Addition.txt
2016-07-05 11:23 - 2016-07-05 11:31 - 00000000 ____D C:\FRST
2016-07-05 11:23 - 2016-07-05 11:23 - 02390016 _____ (Farbar) C:\Users\Marcio\Downloads\FRST64.exe
2016-07-05 10:17 - 2016-07-05 10:17 - 00011424 _____ C:\Users\Marcio\Downloads\Outlook.com(19).zip
2016-07-05 09:31 - 2016-07-05 09:32 - 00135339 _____ C:\Users\Marcio\Downloads\CUMPOM PARA SORTEIO DE PRODUTOS..zip
2016-07-05 08:07 - 2016-07-05 08:08 - 12505176 _____ (Corel Corporation) C:\Users\Marcio\Downloads\CorelDRAWGraphicsSuiteX8Installer_RW(1).exe
2016-07-05 07:47 - 2016-07-05 07:47 - 00000000 ____D C:\Program Files (x86)\gs
2016-07-05 07:46 - 2016-07-05 08:43 - 00003316 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTaskCore
2016-07-05 07:46 - 2016-07-05 07:46 - 00000000 ____D C:\Users\Todos os Usuários\VsTelemetry
2016-07-05 07:46 - 2016-07-05 07:46 - 00000000 ____D C:\ProgramData\VsTelemetry
2016-07-05 07:46 - 2016-07-05 07:46 - 00000000 ____D C:\Program Files\Common Files\Corel
2016-07-05 07:46 - 2016-07-05 07:46 - 00000000 ____D C:\Program Files (x86)\Corel
2016-07-05 07:45 - 2016-07-05 08:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)
2016-07-05 07:23 - 2016-07-05 08:42 - 534612834 _____ C:\Users\Marcio\Downloads\CorelDRAWGraphicsSuiteX8Installer_pt64Bit.zip
2016-07-05 07:23 - 2016-07-05 07:23 - 12505176 _____ (Corel Corporation) C:\Users\Marcio\Downloads\CorelDRAWGraphicsSuiteX8Installer_RW.exe
2016-07-05 07:23 - 2016-07-05 07:23 - 00000000 ____D C:\Users\Todos os Usuários\UniqueId
2016-07-05 07:23 - 2016-07-05 07:23 - 00000000 ____D C:\ProgramData\UniqueId
2016-07-05 07:12 - 2016-07-05 07:12 - 05818366 _____ C:\Users\Marcio\Downloads\ENC ESQUEMA DE MONTAGEM FABRIMOVEIS.zip
2016-07-04 15:52 - 2016-07-04 15:54 - 05082013 _____ C:\Users\Marcio\Downloads\ENC Re ESQUEMAS ROUP BARCELONA - URGENTE(1).zip
2016-07-04 15:49 - 2016-07-04 15:49 - 00063323 _____ C:\Users\Marcio\Downloads\pedido 15333 jmk mirassol.zip
2016-07-04 15:26 - 2016-07-04 15:26 - 12924185 _____ C:\Users\Marcio\Downloads\ENC Manuais.zip
2016-07-04 15:25 - 2016-07-04 15:25 - 00062976 _____ C:\Users\Marcio\Downloads\pedido 15331 jmk mirassol.zip
2016-07-04 15:16 - 2016-07-04 15:16 - 05082013 _____ C:\Users\Marcio\Downloads\ENC Re ESQUEMAS ROUP BARCELONA - URGENTE.zip
2016-07-04 15:16 - 2016-07-04 15:16 - 00381405 _____ C:\Users\Marcio\Downloads\Outlook.com(18).zip
2016-07-04 15:15 - 2016-07-04 15:15 - 00405844 _____ C:\Users\Marcio\Downloads\Outlook.com(17).zip
2016-07-04 15:14 - 2016-07-04 15:14 - 00387221 _____ C:\Users\Marcio\Downloads\Outlook.com(16).zip
2016-07-04 08:30 - 2016-07-04 08:30 - 00064455 _____ C:\Users\Marcio\Downloads\pedido 15329 jmk mirassol.zip
2016-07-01 07:23 - 2016-07-01 07:23 - 00020650 _____ C:\Users\Marcio\Downloads\Outlook.com(15).zip
2016-07-01 07:22 - 2016-07-01 07:22 - 00020650 _____ C:\Users\Marcio\Downloads\Outlook.com(14).zip
2016-07-01 07:22 - 2016-07-01 07:22 - 00018129 _____ C:\Users\Marcio\Downloads\Outlook.com(13).zip
2016-07-01 07:12 - 2016-07-01 07:12 - 01827884 _____ C:\Users\Marcio\Downloads\Esquema Rack Veneto e rack Torino.zip
2016-06-30 12:45 - 2016-06-30 12:45 - 00063922 _____ C:\Users\Marcio\Downloads\pedido 15315 jmk mirassol.zip
2016-06-30 07:08 - 2016-06-30 07:09 - 00006476 _____ C:\Users\Marcio\Downloads\Outlook.com(12).zip
2016-06-29 09:13 - 2016-06-29 09:13 - 00010451 _____ C:\Users\Marcio\Downloads\MESA COMPUTADOR SPACE.zip
2016-06-29 07:00 - 2016-06-29 07:00 - 01001361 _____ C:\Users\Marcio\Downloads\CONVITES FESTA JUNINA 3 IDADE.zip
2016-06-29 06:59 - 2016-06-29 06:59 - 00076780 _____ C:\Users\Marcio\Downloads\Fundo Social.zip
2016-06-28 11:45 - 2016-06-28 11:45 - 00010386 _____ C:\Users\Marcio\Downloads\Outlook.com(11).zip
2016-06-28 10:43 - 2016-06-28 10:43 - 00006088 _____ C:\Users\Marcio\Downloads\Outlook.com(10).zip
2016-06-28 07:12 - 2016-06-28 07:12 - 00006476 _____ C:\Users\Marcio\Downloads\Outlook.com(9).zip
2016-06-27 17:26 - 2016-06-27 17:26 - 00815684 _____ C:\Users\Marcio\Downloads\RES esquema de montagem Multiuso Napole 2016.zip
2016-06-27 14:32 - 2016-06-27 14:32 - 00754626 _____ C:\Users\Marcio\Downloads\esquema de montagem Multiuso Napole 2016.zip
2016-06-24 16:35 - 2016-06-24 16:35 - 00010222 _____ C:\Users\Marcio\Downloads\Outlook.com(8).zip
2016-06-24 15:12 - 2016-06-24 15:12 - 00020420 _____ C:\Users\Marcio\Downloads\PRODUTOS NOVOS.zip
2016-06-24 10:04 - 2016-06-24 10:04 - 00538064 _____ C:\Users\Marcio\Downloads\ENC ESQUEMA DE MONATGEM.zip
2016-06-23 10:42 - 2016-06-23 10:43 - 00255274 _____ C:\Users\Marcio\Downloads\Etiquetas(1).pdf
2016-06-23 10:30 - 2016-07-05 07:56 - 00000000 ____D C:\Users\Marcio\AppData\LocalLow\uTorrent
2016-06-23 10:02 - 2016-06-23 10:02 - 00255274 _____ C:\Users\Marcio\Downloads\Etiquetas.pdf
2016-06-23 09:20 - 2016-06-23 09:20 - 01211675 _____ C:\Users\Marcio\Downloads\Outlook.com(7).zip
2016-06-23 09:01 - 2016-06-23 09:01 - 00051951 _____ C:\Users\Marcio\Downloads\Outlook.com(6).zip
2016-06-22 16:02 - 2016-06-22 16:02 - 00062978 _____ C:\Users\Marcio\Downloads\pedido 15281 jmk mirassol.zip
2016-06-22 09:37 - 2016-06-22 09:37 - 00063574 _____ C:\Users\Marcio\Downloads\pedido 15270 jmk mirassol.zip
2016-06-22 08:50 - 2016-06-22 08:50 - 02091493 _____ C:\Users\Marcio\Downloads\ENC BOM DIA SEGUE ESQUEMA CORRETO ROUPEIRO PIENZA , POR FAVOR IGNORAR O EMAIL ANTERIOR.zip
2016-06-21 10:53 - 2016-06-21 10:53 - 02157222 _____ C:\Users\Marcio\Downloads\ENC esquema de montagem roupeiro pienza.zip
2016-06-20 07:03 - 2016-06-20 07:09 - 173691500 ____R C:\Users\Marcio\Downloads\ESET NOD32 V9 32BITS E 64BITS + ATIVADOR PORTABLE PTBR.rar
2016-06-18 16:34 - 2016-06-18 16:34 - 00000000 ____D C:\Users\Todos os Usuários\ESET
2016-06-18 16:34 - 2016-06-18 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-06-18 16:34 - 2016-06-18 16:34 - 00000000 ____D C:\ProgramData\ESET
2016-06-18 16:33 - 2016-06-18 16:33 - 00000000 ____D C:\Program Files\ESET
2016-06-18 16:28 - 2016-06-18 16:28 - 00000000 ____D C:\Users\Marcio\AppData\Local\{B5F70934-5E12-42d2-882D-62D42EA1FA67}
2016-06-18 16:27 - 2016-06-18 16:27 - 00002606 _____ C:\Users\Marcio\Desktop\µTorrent.lnk
2016-06-18 16:27 - 2016-06-18 16:27 - 00002606 _____ C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-06-18 16:26 - 2016-06-18 16:26 - 02530304 _____ (BitTorrent Inc.) C:\Users\Marcio\Downloads\uTorrent.exe
2016-06-18 16:25 - 2016-06-18 16:25 - 00013661 _____ C:\Users\Marcio\Downloads\ESET_NOD32_V9_32BITS_E_64BITS___ATIVADOR_PORTABLE_PTBR.rar_www.CPturbo.org.torrent
2016-06-17 07:19 - 2016-06-17 07:19 - 04446652 _____ C:\Users\Marcio\Downloads\ENC Enviando email CAMA CARROS VELOZ E PINK.zip
2016-06-17 07:18 - 2016-06-17 07:18 - 00062746 _____ C:\Users\Marcio\Downloads\pedido 15238 jmk mirassol.zip
2016-06-15 15:20 - 2016-06-15 15:21 - 01143359 _____ C:\Users\Marcio\Downloads\PEDIDO - OC 31379.zip
2016-06-15 15:00 - 2016-06-15 15:00 - 00890243 _____ C:\Users\Marcio\Downloads\Prospecto novo.zip
2016-06-14 17:31 - 2016-06-14 17:31 - 01029401 _____ C:\Users\Marcio\Downloads\Esquema de montagem Roupeiro Camboriu(1).zip
2016-06-14 16:33 - 2016-06-14 16:33 - 00229255 _____ C:\Users\Marcio\Downloads\RECEITA KIT ARM. PRATICO(1).zip
2016-06-14 15:22 - 2016-06-14 15:22 - 00229255 _____ C:\Users\Marcio\Downloads\RECEITA KIT ARM. PRATICO.zip
2016-06-14 11:40 - 2016-06-14 11:40 - 00045340 _____ C:\Users\Marcio\Downloads\RES ENC Segue o kit da comoda italia.zip
2016-06-14 09:59 - 2016-06-14 09:59 - 00040999 _____ C:\Users\Marcio\Downloads\ENC Segue o kit da comoda italia(1).zip
2016-06-14 09:55 - 2016-06-14 09:55 - 00026778 _____ C:\Users\Todos os Usuários\1465908955.bdinstall.bin
2016-06-14 09:55 - 2016-06-14 09:55 - 00026778 _____ C:\ProgramData\1465908955.bdinstall.bin
2016-06-13 14:35 - 2016-06-13 14:36 - 07612117 _____ C:\Users\Marcio\Downloads\Impresso PSF2(Prefeitura).zip
2016-06-10 09:30 - 2016-06-14 06:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-10 08:57 - 2016-06-10 08:57 - 01055050 _____ C:\Users\Marcio\Downloads\Outlook.com(5).zip
2016-06-09 12:25 - 2016-06-09 12:25 - 00070790 _____ C:\Users\Marcio\Downloads\pedido 15205 jmk mirassol.zip
2016-06-09 12:23 - 2016-06-09 12:23 - 07016412 _____ C:\Users\Marcio\Downloads\ENC Esquemas.zip
2016-06-08 11:16 - 2016-06-08 11:16 - 00063402 _____ C:\Users\Marcio\Downloads\pedido 15181 jmk mirassol.zip
2016-06-07 17:30 - 2016-06-07 17:30 - 03250679 _____ C:\Users\Marcio\Downloads\Acessorios Gold Plus(1).zip
2016-06-07 17:29 - 2016-06-07 17:29 - 03250679 _____ C:\Users\Marcio\Downloads\Acessorios Gold Plus.zip
2016-06-07 17:02 - 2016-06-07 17:02 - 00482828 _____ C:\Users\Marcio\Downloads\ENC ESQUEMA DO KIT 1508X(1).zip
2016-06-07 17:01 - 2016-06-07 17:01 - 00482828 _____ C:\Users\Marcio\Downloads\ENC ESQUEMA DO KIT 1508X.zip
2016-06-07 16:56 - 2016-06-07 16:56 - 09586092 _____ C:\Users\Marcio\Downloads\Prospecto Painel Domini.zip
2016-06-07 09:49 - 2016-06-07 09:49 - 01615534 _____ C:\Users\Marcio\Downloads\ENC Atualizar Esquema - 3.175.zip
2016-06-07 07:58 - 2016-06-07 07:58 - 00023587 _____ C:\Users\Marcio\Downloads\Outlook.com(4).zip
2016-06-07 07:22 - 2016-06-07 07:22 - 00070518 _____ C:\Users\Marcio\Downloads\pedido 15176 jmk mirassol.zip
2016-06-06 07:21 - 2016-06-06 07:21 - 00049689 _____ C:\Users\Marcio\Downloads\PS_15154.pdf
2016-06-03 10:22 - 2016-06-03 10:22 - 01261642 _____ C:\Users\Marcio\Downloads\ENC desenho esquema avelan.zip
2016-06-03 10:00 - 2016-06-03 10:01 - 06557816 _____ C:\Users\Marcio\Downloads\RES MULTI USO CANCUN.zip
2016-06-03 08:39 - 2016-06-03 08:39 - 00071543 _____ C:\Users\Marcio\Downloads\pedido 15149 jmk mirassol.zip
2016-06-03 07:43 - 2016-06-03 07:43 - 02138998 _____ C:\Users\Marcio\Downloads\Enc Manual correto comoda naturre.zip
2016-06-02 17:10 - 2016-06-02 17:10 - 01334563 _____ C:\Users\Marcio\Downloads\Acessorios Mesa de Centro.zip
2016-06-02 11:07 - 2016-06-02 11:08 - 08930564 _____ C:\Users\Marcio\Downloads\RES PAINEL MASTER.zip
2016-06-02 09:52 - 2016-06-02 09:53 - 08992311 _____ C:\Users\Marcio\Downloads\PAINEL MASTER.zip
2016-06-02 08:22 - 2016-06-02 08:22 - 00070450 _____ C:\Users\Marcio\Downloads\pedido 15137 jmk mirassol.zip
2016-06-01 13:04 - 2016-06-01 13:04 - 00040999 _____ C:\Users\Marcio\Downloads\ENC Segue o kit da comoda italia.zip
2016-06-01 12:48 - 2016-06-01 12:48 - 00528642 _____ C:\Users\Marcio\Downloads\Esquema de montagem Roupeiro Camboriu.zip
2016-06-01 12:45 - 2016-06-01 12:45 - 14214866 _____ C:\Users\Marcio\Downloads\Outlook.com(3).zip
2016-05-31 16:48 - 2016-05-31 16:48 - 00041606 _____ C:\Users\Marcio\Downloads\RPL DISTRIBUIDORA DE PAPEIS EIRELI - NF-e Nro 30951 Serie 0.zip
2016-05-31 14:25 - 2016-05-31 14:25 - 00004315 _____ C:\Users\Marcio\Downloads\minecraft.zip
2016-05-31 12:42 - 2016-05-31 12:42 - 01741194 _____ C:\Users\Marcio\Downloads\Outlook.com(2).zip
2016-05-31 12:03 - 2016-05-31 12:06 - 13952366 _____ C:\Users\Marcio\Downloads\Outlook.com(1).zip
2016-05-31 10:57 - 2016-05-31 10:57 - 00866595 _____ C:\Users\Marcio\Downloads\Esquema de montagem Home suspenso Arezo.zip
2016-05-31 10:52 - 2016-05-31 10:52 - 00070780 _____ C:\Users\Marcio\Downloads\pedido 15118 jmk mirassol.zip
2016-05-31 10:52 - 2016-05-31 10:52 - 00070780 _____ C:\Users\Marcio\Downloads\pedido 15118 jmk mirassol(1).zip
2016-05-31 10:44 - 2016-05-31 10:44 - 03508585 _____ C:\Users\Marcio\Downloads\ENC BOA TARDE LUCAS.zip
2016-05-30 13:53 - 2016-05-30 13:53 - 04652729 _____ C:\Users\Marcio\Downloads\Fotos.zip
2016-05-30 09:16 - 2016-05-30 09:17 - 13235921 _____ C:\Users\Marcio\Downloads\RES BOM DIA.zip
2016-05-26 09:25 - 2016-05-26 09:25 - 00064573 _____ C:\Users\Marcio\Downloads\pedido 15104 jmk mirassol(1).zip
2016-05-26 08:36 - 2016-05-26 08:36 - 00064573 _____ C:\Users\Marcio\Downloads\pedido 15104 jmk mirassol.zip
2016-05-25 17:01 - 2016-05-25 17:01 - 00072465 _____ C:\Users\Todos os Usuários\1464202146.3900.bin
2016-05-25 17:01 - 2016-05-25 17:01 - 00072465 _____ C:\ProgramData\1464202146.3900.bin
2016-05-25 15:41 - 2016-05-25 15:41 - 00003640 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-05-25 15:39 - 2016-07-05 11:17 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-05-25 14:50 - 2016-05-25 14:50 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-05-25 14:50 - 2016-05-25 14:50 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2016-05-25 14:50 - 2016-05-25 14:50 - 00113543 _____ C:\Windows\SysWOW64\slmgr.vbs
2016-05-25 14:50 - 2016-05-25 14:50 - 00002048 _____ C:\Windows\SysWOW64\winver.exe
2016-05-25 14:50 - 2016-05-25 14:50 - 00001536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2016-05-24 09:53 - 2016-05-24 09:53 - 00063438 _____ C:\Users\Marcio\Downloads\pedido 15093 jmk mirassol.zip
2016-05-23 16:46 - 2016-05-23 16:46 - 02715274 _____ C:\Users\Marcio\Downloads\ENC JB 19052016.zip
2016-05-23 11:29 - 2016-05-23 11:29 - 00064934 _____ C:\Users\Marcio\Downloads\pedido 15079 jmk mirassol.zip
2016-05-23 07:17 - 2016-05-23 07:17 - 00495706 _____ C:\Users\Marcio\Downloads\fotos dos produtos restantes.zip
2016-05-23 07:08 - 2016-05-23 07:08 - 00873508 _____ C:\Users\Marcio\Downloads\Esquema montagem Comoda Florence PLUS.zip
2016-05-23 07:07 - 2016-05-23 07:07 - 01315451 _____ C:\Users\Marcio\Downloads\Esquema de montagem Comoda Zafira.zip
2016-05-20 09:32 - 2016-05-20 09:32 - 02171620 _____ C:\Users\Marcio\Downloads\ENC esquema avelan.zip
2016-05-18 13:20 - 2014-03-11 12:48 - 00040480 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PsBoot.sys
2016-05-18 13:17 - 2016-05-25 15:28 - 00000000 ____D C:\Program Files (x86)\Panda Security
2016-05-18 13:17 - 2016-05-25 15:26 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Panda Security
2016-05-18 13:14 - 2016-05-25 15:26 - 00000000 ____D C:\Users\Todos os Usuários\Panda Security
2016-05-18 13:14 - 2016-05-25 15:26 - 00000000 ____D C:\ProgramData\Panda Security
2016-05-18 13:14 - 2016-05-18 13:14 - 02252720 _____ (Panda Security, S.L.) C:\Users\Marcio\Downloads\PANDAFREEAV.exe
2016-05-18 13:07 - 2016-05-18 13:07 - 00000000 ____D C:\Users\Marcio\.fontconfig
2016-05-18 13:06 - 2016-05-18 13:06 - 00482568 _____ C:\Users\Marcio\Downloads\adobe_flash_player-38578169.exe
2016-05-18 13:06 - 2016-05-18 13:06 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\NVIDIA
2016-05-18 13:06 - 2016-05-18 13:06 - 00000000 ____D C:\Users\Marcio\AppData\Local\Movavi
2016-05-18 13:06 - 2016-05-18 13:06 - 00000000 ____D C:\Users\Marcio\AppData\Local\converter
2016-05-18 13:05 - 2016-05-18 13:05 - 00000016 _____ C:\Users\Todos os Usuários\mntemp
2016-05-18 13:05 - 2016-05-18 13:05 - 00000016 _____ C:\ProgramData\mntemp
2016-05-18 13:05 - 2016-05-18 13:05 - 00000000 ____D C:\Users\Todos os Usuários\Movavi Video Converter 16
2016-05-18 13:05 - 2016-05-18 13:05 - 00000000 ____D C:\Users\Todos os Usuários\Movavi
2016-05-18 13:05 - 2016-05-18 13:05 - 00000000 ____D C:\ProgramData\Movavi Video Converter 16
2016-05-18 13:05 - 2016-05-18 13:05 - 00000000 ____D C:\ProgramData\Movavi
2016-05-18 13:03 - 2016-05-18 13:04 - 50819464 _____ (Movavi) C:\Users\Marcio\Downloads\MovaviVideoConverterSetupF_16.exe
2016-05-18 11:31 - 2016-05-18 11:31 - 14729216 _____ C:\Users\Marcio\Downloads\Phantom_Ultra_HDTV_V8.04.16_20160517Vm.bin
2016-05-18 08:32 - 2016-05-18 08:33 - 11449989 _____ C:\Users\Marcio\Downloads\Comoda Master2.skp
2016-05-05 12:43 - 2016-05-05 12:43 - 00027749 _____ C:\Users\Todos os Usuários\1462463014.bdinstall.bin
2016-05-05 12:43 - 2016-05-05 12:43 - 00027749 _____ C:\ProgramData\1462463014.bdinstall.bin
2016-05-05 11:36 - 2016-05-05 11:36 - 00000000 ____D C:\Users\Marcio\AppData\Local\CEF
2016-05-05 11:34 - 2016-07-05 07:46 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-05-05 11:34 - 2016-07-05 07:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-05 11:34 - 2016-05-05 12:40 - 00000000 ____D C:\Program Files\Intel
2016-05-05 11:33 - 2016-05-05 12:40 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-05-05 11:33 - 2016-05-05 12:40 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-05-05 11:23 - 2016-05-05 12:39 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2016-05-05 11:23 - 2016-05-05 12:39 - 00000000 ____D C:\ProgramData\McAfee
2016-05-05 11:23 - 2016-05-05 11:23 - 00000000 ____D C:\Users\Marcio\AppData\LocalLow\Adobe
2016-05-05 11:22 - 2016-06-02 07:21 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-05 11:22 - 2016-05-12 08:08 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-05 11:22 - 2016-05-05 11:24 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-05-05 11:22 - 2016-05-05 11:24 - 00000000 ____D C:\ProgramData\Adobe
2016-05-05 11:22 - 2016-05-05 11:22 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-05 10:04 - 2016-05-05 10:04 - 00726910 _____ C:\Users\Marcio\Downloads\Restricoes de ultimo ano de mandato - artigos.pdf
2016-05-05 08:11 - 2016-05-05 08:11 - 00216639 _____ C:\Users\Todos os Usuários\1462446684.bdinstall.bin
2016-05-05 08:11 - 2016-05-05 08:11 - 00216639 _____ C:\ProgramData\1462446684.bdinstall.bin
2016-05-04 11:55 - 2016-05-04 11:55 - 10314888 _____ C:\Users\Marcio\Downloads\bitdefender_tsecurity(1).exe
2016-04-28 16:39 - 2016-04-28 16:39 - 00703474 _____ C:\Users\Marcio\Downloads\BERÇO PROVENCE SGS(1).pdf
2016-04-28 16:38 - 2016-04-28 16:39 - 00703474 _____ C:\Users\Marcio\Downloads\BERÇO PROVENCE SGS.pdf
2016-04-28 16:28 - 2016-04-28 16:28 - 02814724 _____ C:\Users\Marcio\Downloads\COMODA PROVENCE SLIM.pdf
2016-04-26 06:48 - 2016-04-26 06:48 - 00661534 _____ C:\Users\Marcio\Downloads\CAMA CASAL.pdf
2016-04-25 17:09 - 2016-06-14 06:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-25 17:09 - 2016-04-26 06:49 - 00000000 ____D C:\Users\Marcio\AppData\Local\Mozilla
2016-04-25 17:09 - 2016-04-25 17:15 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Mozilla
2016-04-25 17:09 - 2016-04-25 17:09 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-25 17:09 - 2016-04-25 17:09 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-25 16:36 - 2016-04-25 16:36 - 00027748 _____ C:\Users\Todos os Usuários\1461612971.bdinstall.bin
2016-04-25 16:36 - 2016-04-25 16:36 - 00027748 _____ C:\ProgramData\1461612971.bdinstall.bin
2016-04-25 13:27 - 2016-04-25 13:27 - 07388036 _____ C:\Users\Marcio\Downloads\Enc prospectos atualizados matic.zip
2016-04-25 10:06 - 2016-04-25 10:06 - 00072042 _____ C:\Users\Marcio\Downloads\pedido 14912 jmk mirassol.zip
2016-04-25 07:54 - 2016-04-25 07:54 - 07807873 _____ C:\Users\Marcio\Downloads\ENC Fwd Fwd Fwd MANUAL BUFFET TOP, MANUAL MESA ANNE _ ANNE QUADRADA, MANUAL MESA CAMILA, MANUAL MESA GABRIELA, MANUAL MESA JULIA, MANUAL MESA KAROL, MANUAL MESA RAQUEL, MANUAL APARADOR TOP.zip
2016-04-25 07:53 - 2016-04-25 07:53 - 04503218 _____ C:\Users\Marcio\Downloads\ENC Fwd Fwd Enviando email CABECEIRA BOX DUBAI.zip
2016-04-25 07:15 - 2016-04-25 07:15 - 01955062 _____ C:\Users\Marcio\Downloads\Outlook.com (16).zip
2016-04-25 07:10 - 2016-04-25 07:10 - 01515398 _____ C:\Users\Marcio\Downloads\Outlook.com (15).zip
2016-04-25 07:09 - 2016-04-25 07:09 - 00071816 _____ C:\Users\Marcio\Downloads\pedido 14882 jmk mirassol.zip
2016-04-20 14:36 - 2016-04-20 14:36 - 00586251 _____ C:\Users\Marcio\Downloads\ENC MESSINA - frente correta.zip
2016-04-20 10:44 - 2016-04-20 10:44 - 00071211 _____ C:\Users\Marcio\Downloads\pedido 14874 jmk mirassol.zip
2016-04-20 00:49 - 2016-04-20 00:49 - 00071127 _____ C:\Users\Marcio\Downloads\pedido 14863 jmk mirassol.zip
2016-04-19 09:39 - 2016-06-18 16:11 - 00000920 ____H C:\Users\Todos os Usuários\@system.temp
2016-04-19 09:39 - 2016-06-18 16:11 - 00000920 ____H C:\ProgramData\@system.temp
2016-04-19 09:39 - 2016-04-19 09:39 - 00000008 ____H C:\Users\Todos os Usuários\@000001.dat
2016-04-19 09:39 - 2016-04-19 09:39 - 00000008 ____H C:\ProgramData\@000001.dat
2016-04-19 09:38 - 2016-06-20 07:28 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\BrowserMe
2016-04-19 09:38 - 2016-06-18 16:11 - 00000656 ____H C:\Users\Todos os Usuários\@system3.att
2016-04-19 09:38 - 2016-06-18 16:11 - 00000656 ____H C:\ProgramData\@system3.att
2016-04-19 09:38 - 2016-04-19 09:38 - 00000480 ____H C:\Users\Marcio\AppData\Roaming\½Ó
2016-04-19 09:16 - 2016-04-19 09:16 - 00070801 _____ C:\Users\Marcio\Downloads\pedido 14854 jmk mirassol.zip
2016-04-18 16:29 - 2016-04-18 16:29 - 02300553 _____ C:\Users\Marcio\Downloads\Outlook.com (14).zip
2016-04-15 16:22 - 2016-04-15 16:22 - 00063626 _____ C:\Users\Marcio\Downloads\pedido 14851 jmk mirassol.zip
2016-04-14 09:53 - 2016-04-14 09:53 - 00064249 _____ C:\Users\Marcio\Downloads\pedido 14845 jmk mirassol.zip
2016-04-14 09:00 - 2016-04-14 09:00 - 00000000 ____D C:\Users\Marcio\AppData\Local\ESET
2016-04-14 08:56 - 2016-04-14 08:56 - 00055685 _____ C:\Users\Marcio\Downloads\Pedido Esquemas.zip
2016-04-14 08:50 - 2016-04-14 08:53 - 93866656 _____ (ESET) C:\Users\Marcio\Downloads\eav_nt64_ptb.exe
2016-04-14 08:40 - 2016-04-14 08:40 - 00212354 _____ C:\Users\Todos os Usuários\1460633995.bdinstall.bin
2016-04-14 08:40 - 2016-04-14 08:40 - 00212354 _____ C:\ProgramData\1460633995.bdinstall.bin
2016-04-14 08:29 - 2016-04-14 08:29 - 10314888 _____ C:\Users\Marcio\Downloads\bitdefender_tsecurity.exe
2016-04-14 08:06 - 2016-04-25 17:03 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-04-14 08:04 - 2016-04-14 08:13 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-04-14 08:04 - 2016-04-14 08:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-14 08:03 - 2016-04-14 08:04 - 05066104 _____ (AVAST Software) C:\Users\Marcio\Downloads\avast_free_antivirus_setup_online_bxk_a.exe
2016-04-13 10:33 - 2016-04-13 10:33 - 02798353 _____ C:\Users\Marcio\Downloads\Outlook.com (13).zip
2016-04-13 08:15 - 2016-04-13 08:15 - 00212373 _____ C:\Users\Todos os Usuários\1460542506.bdinstall.bin
2016-04-13 08:15 - 2016-04-13 08:15 - 00212373 _____ C:\ProgramData\1460542506.bdinstall.bin
2016-04-13 08:13 - 2016-04-13 08:14 - 05592856 _____ C:\Users\Marcio\Downloads\pedido matic.zip
2016-04-12 12:34 - 2016-04-12 12:34 - 00011841 _____ C:\Users\Marcio\Downloads\JALMAC - BALCAO ESMERALDA.pdf
2016-04-11 12:49 - 2016-04-11 12:49 - 05538646 _____ C:\Users\Marcio\Downloads\tRANSPARENCIA.pdf
2016-04-11 12:43 - 2016-04-11 12:43 - 01218752 _____ C:\Users\Marcio\Downloads\ldo.pdf
2016-04-11 12:42 - 2016-04-11 12:42 - 00417293 _____ C:\Users\Marcio\Downloads\Calendario e Restrições Eleitorais (1).pdf
2016-04-11 12:41 - 2016-04-11 12:41 - 00417293 _____ C:\Users\Marcio\Downloads\Calendario e Restrições Eleitorais.pdf
2016-04-11 11:40 - 2016-04-11 11:40 - 00062904 _____ C:\Users\Marcio\Downloads\pedido 14803 jmk mirassol.zip
2016-04-11 09:20 - 2016-04-11 09:20 - 03878518 _____ C:\Users\Marcio\Downloads\ENC ESQUEMA.zip
2016-04-08 09:56 - 2016-04-08 09:56 - 00624441 _____ C:\Users\Marcio\Downloads\ENC Atualizar Esquema - 1.388.zip
2016-04-08 09:55 - 2016-04-08 09:55 - 00775617 _____ C:\Users\Marcio\Downloads\ENC Atualizar Esquema Montagem - 1.411.zip
2016-04-08 09:53 - 2016-04-08 09:53 - 01648493 _____ C:\Users\Marcio\Downloads\ENC Atualizar Esquema 3.162 e 3.163.zip
2016-04-08 09:52 - 2016-04-08 09:52 - 00066167 _____ C:\Users\Marcio\Downloads\pedido 14795 jmk mirassol.zip
2016-04-08 07:32 - 2016-04-08 07:32 - 00210004 _____ C:\Users\Todos os Usuários\1460108151.bdinstall.bin
2016-04-08 07:32 - 2016-04-08 07:32 - 00210004 _____ C:\ProgramData\1460108151.bdinstall.bin
2016-04-07 16:31 - 2016-04-07 16:31 - 00070173 _____ C:\Users\Marcio\Downloads\ENC pedido 14764 jmk mirassol (1).zip
2016-04-07 16:28 - 2016-04-07 16:28 - 00070173 _____ C:\Users\Marcio\Downloads\ENC pedido 14764 jmk mirassol.zip
2016-04-07 09:27 - 2016-04-07 09:27 - 01182648 _____ C:\Users\Marcio\Downloads\PEDIDO - OC 30737.zip
2016-04-06 15:43 - 2016-04-06 15:43 - 00041903 _____ C:\Users\Marcio\Downloads\RPL DISTRIBUIDORA DE PAPEIS EIRELI - NF-e Nro 29942 Serie 0.zip
2016-04-06 14:16 - 2016-04-06 14:16 - 00011803 _____ C:\Users\Marcio\Downloads\CARIMBRO (1).zip
2016-04-06 12:41 - 2016-04-06 12:41 - 00011803 _____ C:\Users\Marcio\Downloads\CARIMBRO.zip
2016-04-06 10:40 - 2016-04-06 10:40 - 01416507 _____ C:\Users\Marcio\Downloads\Outlook.com (12).zip
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-05 11:30 - 2014-08-09 15:42 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\uTorrent
2016-07-05 11:29 - 2014-08-11 08:22 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Skype
2016-07-05 11:28 - 2009-07-14 01:45 - 00016832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-05 11:28 - 2009-07-14 01:45 - 00016832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-05 11:15 - 2015-01-27 06:08 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-05 09:21 - 2010-11-21 06:37 - 00705700 _____ C:\Windows\system32\prfh0416.dat
2016-07-05 09:21 - 2010-11-21 06:37 - 00147540 _____ C:\Windows\system32\prfc0416.dat
2016-07-05 09:21 - 2009-07-14 02:13 - 01635410 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-05 09:21 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-07-05 09:16 - 2014-09-22 08:17 - 00000000 ____D C:\Users\Marcio\AppData\LocalLow\Temp
2016-07-05 07:56 - 2014-08-09 15:55 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-07-05 07:56 - 2014-08-09 15:55 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-05 07:56 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-05 07:46 - 2014-08-09 16:19 - 00000000 ____D C:\Users\Public\Documents\Corel
2016-07-05 07:46 - 2014-08-09 16:18 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2016-07-05 07:46 - 2014-08-09 16:18 - 00000000 ____D C:\ProgramData\Corel
2016-07-05 07:46 - 2014-08-09 16:18 - 00000000 ____D C:\Program Files\Corel
2016-07-05 07:46 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-07-05 07:42 - 2014-08-09 15:54 - 01599116 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-06-22 06:55 - 2009-07-14 01:45 - 00875496 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-21 14:02 - 2014-08-09 15:38 - 00282424 _____ C:\Users\Marcio\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-17 10:15 - 2015-01-27 06:08 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-17 10:15 - 2015-01-08 15:30 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-17 10:15 - 2015-01-08 15:30 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-15 15:01 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-07 08:00 - 2009-07-14 02:32 - 00000000 ____D C:\Windows\system32\FxsTmp
==================== Arquivos na raiz de alguns diretórios =======
2016-04-19 09:38 - 2016-04-19 09:38 - 0000480 ____H () C:\Users\Marcio\AppData\Roaming\½Ó
2015-01-08 15:06 - 2015-01-08 15:06 - 0000600 _____ () C:\Users\Marcio\AppData\Local\PUTTY.RND
2014-09-25 13:51 - 2014-09-25 13:51 - 1222278 _____ () C:\ProgramData\1411661257.bdinstall.bin
2015-12-14 11:09 - 2015-12-14 11:09 - 1490391 _____ () C:\ProgramData\1450100002.bdinstall.bin
2015-12-14 11:03 - 2015-12-14 11:03 - 0050045 _____ () C:\ProgramData\1450101792.bdinstall.bin
2015-12-16 11:36 - 2015-12-16 11:36 - 0032389 _____ () C:\ProgramData\1450276525.bdinstall.bin
2016-04-01 16:23 - 2016-04-01 16:23 - 0209302 _____ () C:\ProgramData\1459532132.bdinstall.bin
2016-04-01 16:24 - 2016-04-01 16:24 - 0027748 _____ () C:\ProgramData\1459538653.bdinstall.bin
2016-04-04 09:02 - 2016-04-04 09:02 - 0212776 _____ () C:\ProgramData\1459771297.bdinstall.bin
2016-04-08 07:32 - 2016-04-08 07:32 - 0210004 _____ () C:\ProgramData\1460108151.bdinstall.bin
2016-04-13 08:15 - 2016-04-13 08:15 - 0212373 _____ () C:\ProgramData\1460542506.bdinstall.bin
2016-04-14 08:40 - 2016-04-14 08:40 - 0212354 _____ () C:\ProgramData\1460633995.bdinstall.bin
2016-04-25 16:36 - 2016-04-25 16:36 - 0027748 _____ () C:\ProgramData\1461612971.bdinstall.bin
2016-05-05 08:11 - 2016-05-05 08:11 - 0216639 _____ () C:\ProgramData\1462446684.bdinstall.bin
2016-05-05 12:43 - 2016-05-05 12:43 - 0027749 _____ () C:\ProgramData\1462463014.bdinstall.bin
2016-05-25 17:01 - 2016-05-25 17:01 - 0072465 _____ () C:\ProgramData\1464202146.3900.bin
2016-06-14 09:55 - 2016-06-14 09:55 - 0026778 _____ () C:\ProgramData\1465908955.bdinstall.bin
2016-04-19 09:39 - 2016-04-19 09:39 - 0000008 ____H () C:\ProgramData\@000001.dat
2016-04-19 09:39 - 2016-06-18 16:11 - 0000920 ____H () C:\ProgramData\@system.temp
2016-04-19 09:38 - 2016-06-18 16:11 - 0000656 ____H () C:\ProgramData\@system3.att
2015-01-15 12:07 - 2015-01-15 12:07 - 0000227 _____ () C:\ProgramData\bc.ini
2015-03-29 11:04 - 2015-03-29 11:04 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2016-05-18 13:05 - 2016-05-18 13:05 - 0000016 _____ () C:\ProgramData\mntemp
Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\@000001.dat
C:\Users\Marcio\hpbcfgre.dll
C:\Users\Marcio\hpmco140.dll
C:\Users\Marcio\hpmews01.dat
C:\Users\Marcio\hpmews01.dll
C:\Users\Marcio\hpmldm01.dat
C:\Users\Marcio\hpmldm01.dll
C:\Users\Marcio\hpmprein.dll
C:\Users\Marcio\Hpzc3212.dll
C:\Users\Marcio\Install.dll
C:\Users\Marcio\Install.exe
C:\Users\Todos os Usuários\@000001.dat
Alguns arquivos em TEMP:
====================
C:\Users\Marcio\AppData\Local\Temp\avguirn_08413647934.exe
C:\Users\Marcio\AppData\Local\Temp\cdo1065610883.dll
C:\Users\Marcio\AppData\Local\Temp\cdo1145970302.dll
C:\Users\Marcio\AppData\Local\Temp\cdo1187794716.dll
C:\Users\Marcio\AppData\Local\Temp\cdo1269157125.dll
C:\Users\Marcio\AppData\Local\Temp\cdo1597044704.dll
C:\Users\Marcio\AppData\Local\Temp\cdo1628299449.dll
C:\Users\Marcio\AppData\Local\Temp\cdo1650545185.dll
C:\Users\Marcio\AppData\Local\Temp\cdo1677642441.dll
C:\Users\Marcio\AppData\Local\Temp\cdo2142950596.dll
C:\Users\Marcio\AppData\Local\Temp\cdo2214868733.dll
C:\Users\Marcio\AppData\Local\Temp\cdo2434942137.dll
C:\Users\Marcio\AppData\Local\Temp\cdo2723735699.dll
C:\Users\Marcio\AppData\Local\Temp\cdo276391374.dll
C:\Users\Marcio\AppData\Local\Temp\cdo2772145879.dll
C:\Users\Marcio\AppData\Local\Temp\cdo2816801640.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3030681219.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3076232841.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3193429566.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3316291443.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3398211222.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3435211692.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3502163660.dll
C:\Users\Marcio\AppData\Local\Temp\cdo375738424.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3964233713.dll
C:\Users\Marcio\AppData\Local\Temp\cdo399759786.dll
C:\Users\Marcio\AppData\Local\Temp\cdo40934319.dll
C:\Users\Marcio\AppData\Local\Temp\cdo4173057875.dll
C:\Users\Marcio\AppData\Local\Temp\cdo527476373.dll
C:\Users\Marcio\AppData\Local\Temp\cdo686314613.dll
C:\Users\Marcio\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\Marcio\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Marcio\AppData\Local\Temp\{714E00DF-F230-44A9-885A-13D2A395EBD0}.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll
[2010-11-21 00:24] - [2010-11-21 00:24] - 1008640 ____A (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E
C:\Windows\SysWOW64\User32.dll
[2016-05-25 14:50] - [2016-05-25 14:50] - 0833024 ____A (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys
[2010-11-21 00:23] - [2010-11-21 00:23] - 0295808 ____A () D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\Drivers\volsnap.sys => não Nome Da Empresa <===== ATENÇÃO
testsigning: ==> o 'modo de teste' está configurado. Cheque por possível driver não assinado <===== ATENÇÃO
LastRegBack: 2016-06-27 10:20
==================== Fim de FRST.txt ============================
Executado por Marcio (administrador) em MICRO02 (05-07-2016 11:31:04)
Executando a partir de C:\Users\Marcio\Downloads
Perfis Carregados: Marcio (Perfis Disponíveis: Marcio)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(© 2015 Microsoft Corporation) C:\Users\Marcio\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(BitTorrent Inc.) C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(BitTorrent Inc.) C:\Users\Marcio\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) C:\Users\Marcio\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) C:\Users\Marcio\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [sessionmsg.sys] => "C:\PROGRA~3\sessionmsg.sys.exe"
HKLM\...\Run: [netsh.sys] => "C:\PROGRA~3\netsh.sys.exe"
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Run: [BingSvc] => C:\Users\Marcio\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50755200 2015-12-08] (Skype Technologies S.A.)
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Run: [{9292D12D-A302-4586-94AD-17D1D79A2C1C}] => powershell.exe -noprofile -windowstyle hidden -executionpolicy bypass iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\WDNXZJIBCZNZCVP').CPRKQMW)));
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Run: [BrowserMe] => C:\Users\Marcio\AppData\Roaming\BrowserMe\GoogleUpdate.exe
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Run: [BrowserUpdate] => C:\Users\Marcio\AppData\Roaming\BrowserMe\GoogleUpdate.exe
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Run: [uTorrent] => C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe [2530304 2016-06-18] (BitTorrent Inc.)
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --multi-profiles --disable-translate --disable-infobars --no-message-box --mute-audio --user-data-dir="C:\Users\Marcio\AppData\Local\Google (a entrada de dados tem 207 mais caracteres).
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Policies\Explorer: []
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\MountPoints2: {c8d253db-9715-11e4-b818-c8600061708c} - G:\LGAutoRun.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll Nenhum Arquivo
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\..\Interfaces\{05BE7C17-5A7C-4CA1-96B3-446C700F7CB7}: [NameServer] 177.8.119.110,177.8.113.2
Tcpip\..\Interfaces\{B7CC717D-2E2A-433B-8693-E23B2511EA59}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/?type=435371&fr=spigot-yhp-ie
HKU\S-1-5-21-126392097-1680451695-1276721474-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=pt-br
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421334124&from=cor&uid=KINGSTONXSV300S37A120G_50026B774406A11F&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421334124&from=cor&uid=KINGSTONXSV300S37A120G_50026B774406A11F&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421334124&from=cor&uid=KINGSTONXSV300S37A120G_50026B774406A11F&q={searchTerms}
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_bxi01_15_03_ch&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDyCtCyBtDzz0CyDyDtCyCtN0D0Tzu0StCtCtCtCtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzy0FtAyCyB0FzytGtC0EyDtAtGyBtD0E0FtGtAyByEtBtGtB0C0AtAtA0CyC0F0DtA0A0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyCyDzyyDyDyEyBtG0DtBtBzztGyE0AyByCtGzy0CyBtBtGtDyC0B0DyBzy0E0EyC0FtD0D2Q&cr=889926145&ir=
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421334124&from=cor&uid=KINGSTONXSV300S37A120G_50026B774406A11F&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421334124&from=cor&uid=KINGSTONXSV300S37A120G_50026B774406A11F&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-126392097-1680451695-1276721474-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-126392097-1680451695-1276721474-1000 -> {00B22D42-E04E-4B19-837B-290AAC410174} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421334124&from=cor&uid=KINGSTONXSV300S37A120G_50026B774406A11F&q={searchTerms}
SearchScopes: HKU\S-1-5-21-126392097-1680451695-1276721474-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-126392097-1680451695-1276721474-1000 -> {0E423410-37DE-48BC-8636-E8B698453AC8} URL = hxxps://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=435371&p={searchTerms}
SearchScopes: HKU\S-1-5-21-126392097-1680451695-1276721474-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421334124&from=cor&uid=KINGSTONXSV300S37A120G_50026B774406A11F&q={searchTerms}
SearchScopes: HKU\S-1-5-21-126392097-1680451695-1276721474-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_bxi01_15_03_ch&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDyCtCyBtDzz0CyDyDtCyCtN0D0Tzu0StCtCtCtCtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzy0FtAyCyB0FzytGtC0EyDtAtGyBtD0E0FtGtAyByEtBtGtB0C0AtAtA0CyC0F0DtA0A0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyCyDzyyDyDyEyBtG0DtBtBzztGyE0AyByCtGzy0CyBtBtGtDyC0B0DyBzy0E0EyC0FtD0D2Q&cr=889926145&ir=
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Toolbar: HKLM - Carteira Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll Nenhum Arquivo
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\iw041w8k.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://www.hotmail.com/
FF Keyword.URL: hxxps://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=435371&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-126392097-1680451695-1276721474-1000: gastecnologia.com.br/sf/cef64 -> C:\Users\Marcio\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [Nenhum Arquivo]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\50o2pz8v.default\extensions\fftoolbar2014@etech.com => não encontrado (a)
FF HKU\S-1-5-21-126392097-1680451695-1276721474-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Marcio\AppData\Local\GAS Tecnologia\GBBD\cef\xpi => não encontrado (a)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-126392097-1680451695-1276721474-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-126392097-1680451695-1276721474-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
"6257a70ebcb87e64" => serviço não pode ser desbloqueado. <===== ATENÇÃO
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Arquivo não assinado]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2505472 2015-10-09] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Arquivo não assinado]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [Arquivo não assinado]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-04-28] (Hewlett-Packard) [Arquivo não assinado]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-04-28] (Hewlett-Packard) [Arquivo não assinado]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [950200 2016-05-24] (Bitdefender)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 Update Framed Display; "C:\Program Files (x86)\Framed Display\updateFramedDisplay.exe" [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-21] () [Arquivo não assinado]
U5 6257a70ebcb87e64; C:\Windows\System32\Drivers\6257a70ebcb87e64.sys [76248 2016-02-12] () <===== ATENÇÃO Necurs Rootkit?
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] () [Arquivo não assinado]
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-21] () [Arquivo não assinado]
S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-13] () [Arquivo não assinado]
S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-13] () [Arquivo não assinado]
S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-13] () [Arquivo não assinado]
R1 AFD; C:\Windows\system32\drivers\afd.sys [499712 2010-11-21] () [Arquivo não assinado]
S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-13] () [Arquivo não assinado]
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-13] () [Arquivo não assinado]
S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-13] () [Arquivo não assinado]
S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [64512 2009-07-13] () [Arquivo não assinado]
R3 AmdPPM; C:\Windows\System32\DRIVERS\amdppm.sys [60928 2009-07-13] () [Arquivo não assinado]
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2010-11-21] () [Arquivo não assinado]
S3 amdsbs; C:\Windows\system32\drivers\amdsbs.sys [194128 2009-07-13] () [Arquivo não assinado]
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2010-11-21] () [Arquivo não assinado]
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-21] () [Arquivo não assinado]
S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-13] () [Arquivo não assinado]
S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-13] () [Arquivo não assinado]
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] () [Arquivo não assinado]
R0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-13] () [Arquivo não assinado]
S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] () [Arquivo não assinado]
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] () [Arquivo não assinado]
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-13] () [Arquivo não assinado]
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] ()
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-13] () [Arquivo não assinado]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2009-07-13] () [Arquivo não assinado]
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] () [Arquivo não assinado]
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] () [Arquivo não assinado]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] () [Arquivo não assinado]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] () [Arquivo não assinado]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] () [Arquivo não assinado]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] () [Arquivo não assinado]
S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [72192 2009-07-13] () [Arquivo não assinado]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] () [Arquivo não assinado]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-21] () [Arquivo não assinado]
S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-13] () [Arquivo não assinado]
R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-13] () [Arquivo não assinado]
S3 CmBatt; C:\Windows\system32\drivers\CmBatt.sys [17664 2009-07-13] () [Arquivo não assinado]
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-13] () [Arquivo não assinado]
R0 CNG; C:\Windows\System32\Drivers\cng.sys [459248 2010-11-21] () [Arquivo não assinado]
S3 Compbatt; C:\Windows\system32\drivers\compbatt.sys [21584 2009-07-13] () [Arquivo não assinado]
R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2010-11-21] () [Arquivo não assinado]
S4 crcdisk; C:\Windows\system32\drivers\crcdisk.sys [24144 2009-07-13] () [Arquivo não assinado]
R1 CSC; C:\Windows\System32\drivers\csc.sys [514560 2010-11-21] () [Arquivo não assinado]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-21] () [Arquivo não assinado]
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] () [Arquivo não assinado]
R0 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-13] () [Arquivo não assinado]
S3 dmvsc; C:\Windows\system32\drivers\dmvsc.sys [71168 2010-11-21] () [Arquivo não assinado]
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-13] () [Arquivo não assinado]
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [982912 2010-11-21] () [Arquivo não assinado]
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264040 2015-09-23] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] () [Arquivo não assinado]
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2015-09-23] (ESET)
S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-13] () [Arquivo não assinado]
S2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [170792 2015-09-23] (ESET)
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-13] () [Arquivo não assinado]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] () [Arquivo não assinado]
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] () [Arquivo não assinado]
S3 fdc; C:\Windows\system32\drivers\fdc.sys [29696 2009-07-13] () [Arquivo não assinado]
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] () [Arquivo não assinado]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] () [Arquivo não assinado]
S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [24576 2009-07-13] () [Arquivo não assinado]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] () [Arquivo não assinado]
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-13] () [Arquivo não assinado]
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23104 2009-07-13] ()
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223248 2010-11-21] () [Arquivo não assinado]
S3 gagp30kx; C:\Windows\system32\drivers\gagp30kx.sys [65088 2009-07-13] () [Arquivo não assinado]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] () [Arquivo não assinado]
R3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-21] () [Arquivo não assinado]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2010-11-21] () [Arquivo não assinado]
S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [26624 2009-07-13] () [Arquivo não assinado]
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-13] () [Arquivo não assinado]
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-13] () [Arquivo não assinado]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-21] () [Arquivo não assinado]
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-21] () [Arquivo não assinado]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-21] () [Arquivo não assinado]
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] () [Arquivo não assinado]
S3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-13] () [Arquivo não assinado]
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2010-11-21] () [Arquivo não assinado]
S3 iirsp; C:\Windows\system32\drivers\iirsp.sys [44112 2009-07-13] () [Arquivo não assinado]
S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-13] () [Arquivo não assinado]
S3 intelppm; C:\Windows\system32\drivers\intelppm.sys [62464 2009-07-13] () [Arquivo não assinado]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-21] () [Arquivo não assinado]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-21] () [Arquivo não assinado]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] () [Arquivo não assinado]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] () [Arquivo não assinado]
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-13] () [Arquivo não assinado]
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [273792 2010-11-21] () [Arquivo não assinado]
R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-13] () [Arquivo não assinado]
R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-21] () [Arquivo não assinado]
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95616 2010-11-21] () [Arquivo não assinado]
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [152960 2010-11-21] () [Arquivo não assinado]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-13] () [Arquivo não assinado]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] () [Arquivo não assinado]
S3 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [114752 2009-07-13] () [Arquivo não assinado]
S3 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [106560 2009-07-13] () [Arquivo não assinado]
S3 LSI_SAS2; C:\Windows\system32\drivers\lsi_sas2.sys [65600 2009-07-13] () [Arquivo não assinado]
S3 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [115776 2009-07-13] () [Arquivo não assinado]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-13] () [Arquivo não assinado]
S3 megasas; C:\Windows\system32\drivers\megasas.sys [35392 2009-07-13] () [Arquivo não assinado]
S3 MegaSR; C:\Windows\system32\drivers\MegaSR.sys [284736 2009-07-13] () [Arquivo não assinado]
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] () [Arquivo não assinado]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] () [Arquivo não assinado]
R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-13] () [Arquivo não assinado]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] () [Arquivo não assinado]
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] () [Arquivo não assinado]
S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-21] () [Arquivo não assinado]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] () [Arquivo não assinado]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2010-11-21] () [Arquivo não assinado]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2010-11-21] () [Arquivo não assinado]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [287744 2010-11-21] () [Arquivo não assinado]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2010-11-21] () [Arquivo não assinado]
S3 msahci; C:\Windows\system32\drivers\msahci.sys [31104 2010-11-21] () [Arquivo não assinado]
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-21] () [Arquivo não assinado]
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] ()
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] () [Arquivo não assinado]
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-13] () [Arquivo não assinado]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] () [Arquivo não assinado]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] () [Arquivo não assinado]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] () [Arquivo não assinado]
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-21] ()
R1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-13] () [Arquivo não assinado]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] () [Arquivo não assinado]
S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [15360 2009-07-13] () [Arquivo não assinado]
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] () [Arquivo não assinado]
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] () [Arquivo não assinado]
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [951680 2010-11-21] () [Arquivo não assinado]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] () [Arquivo não assinado]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] () [Arquivo não assinado]
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-21] () [Arquivo não assinado]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-21] () [Arquivo não assinado]
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-21] ()
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] () [Arquivo não assinado]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-21] () [Arquivo não assinado]
S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-13] () [Arquivo não assinado]
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] ()
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] () [Arquivo não assinado]
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1659776 2010-11-21] ()
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] () [Arquivo não assinado]
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [12866008 2014-07-02] () [Arquivo não assinado]
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2010-11-21] () [Arquivo não assinado]
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2010-11-21] () [Arquivo não assinado]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] () [Arquivo não assinado]
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] () [Arquivo não assinado]
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-13] () [Arquivo não assinado]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-13] () [Arquivo não assinado]
R3 Parport; C:\Windows\System32\DRIVERS\parport.sys [97280 2009-07-13] () [Arquivo não assinado]
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75136 2010-11-21] () [Arquivo não assinado]
R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] () [Arquivo não assinado]
R0 pciide; C:\Windows\System32\drivers\pciide.sys [12352 2009-07-13] () [Arquivo não assinado]
S3 pcmcia; C:\Windows\system32\drivers\pcmcia.sys [220752 2009-07-13] () [Arquivo não assinado]
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] () [Arquivo não assinado]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-13] () [Arquivo não assinado]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-21] () [Arquivo não assinado]
S3 Processor; C:\Windows\system32\drivers\processr.sys [60416 2009-07-13] () [Arquivo não assinado]
S0 PsBoot; C:\Windows\System32\Drivers\PsBoot.sys [40480 2014-03-11] (Panda Security, S.L.)
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-21] () [Arquivo não assinado]
S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-13] () [Arquivo não assinado]
S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-13] () [Arquivo não assinado]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-13] () [Arquivo não assinado]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] () [Arquivo não assinado]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] () [Arquivo não assinado]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-21] () [Arquivo não assinado]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] () [Arquivo não assinado]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] () [Arquivo não assinado]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-21] () [Arquivo não assinado]
R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-13] () [Arquivo não assinado]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] () [Arquivo não assinado]
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-21] () [Arquivo não assinado]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] () [Arquivo não assinado]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] () [Arquivo não assinado]
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [20992 2010-11-21] () [Arquivo não assinado]
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2010-11-21] ()
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] () [Arquivo não assinado]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] () [Arquivo não assinado]
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [677480 2012-02-03] () [Arquivo não assinado]
S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [6656 2010-11-21] () [Arquivo não assinado]
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-21] () [Arquivo não assinado]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-21] () [Arquivo não assinado]
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] ()
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-13] () [Arquivo não assinado]
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] () [Arquivo não assinado]
S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-13] () [Arquivo não assinado]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-13] () [Arquivo não assinado]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-13] () [Arquivo não assinado]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-21] () [Arquivo não assinado]
S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-13] () [Arquivo não assinado]
S3 SiSRaid2; C:\Windows\system32\drivers\SiSRaid2.sys [43584 2009-07-13] () [Arquivo não assinado]
S3 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [80464 2009-07-13] () [Arquivo não assinado]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] () [Arquivo não assinado]
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] ()
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [468992 2010-11-21] () [Arquivo não assinado]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [413184 2010-11-21] () [Arquivo não assinado]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [167936 2010-11-21] () [Arquivo não assinado]
S3 stexstor; C:\Windows\system32\drivers\stexstor.sys [24656 2009-07-13] () [Arquivo não assinado]
R0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46464 2010-11-21] () [Arquivo não assinado]
S3 storvsc; C:\Windows\system32\drivers\storvsc.sys [34688 2010-11-21] () [Arquivo não assinado]
R3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-13] () [Arquivo não assinado]
S3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [88960 2010-11-21] () [Arquivo não assinado]
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1924480 2010-11-21] () [Arquivo não assinado]
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1924480 2010-11-21] () [Arquivo não assinado]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45056 2010-11-21] () [Arquivo não assinado]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] () [Arquivo não assinado]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-13] () [Arquivo não assinado]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-21] () [Arquivo não assinado]
R1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [63360 2010-11-21] () [Arquivo não assinado]
S3 terminpt; C:\Windows\system32\drivers\terminpt.sys [34816 2010-11-21] () [Arquivo não assinado]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39424 2010-11-21] () [Arquivo não assinado]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-21] () [Arquivo não assinado]
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [31232 2010-11-21] () [Arquivo não assinado]
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [117248 2010-11-21] () [Arquivo não assinado]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-21] () [Arquivo não assinado]
S3 uagp35; C:\Windows\system32\drivers\uagp35.sys [64080 2009-07-13] () [Arquivo não assinado]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-21] () [Arquivo não assinado]
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-13] () [Arquivo não assinado]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-21] () [Arquivo não assinado]
S3 UmPass; C:\Windows\system32\drivers\umpass.sys [9728 2009-07-13] () [Arquivo não assinado]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2010-11-21] () [Arquivo não assinado]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100352 2009-07-13] () [Arquivo não assinado]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [52224 2010-11-21] () [Arquivo não assinado]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2010-11-21] () [Arquivo não assinado]
R3 usbohci; C:\Windows\System32\DRIVERS\usbohci.sys [25600 2009-07-13] () [Arquivo não assinado]
S3 usbprint; C:\Windows\system32\drivers\usbprint.sys [25088 2009-07-13] () [Arquivo não assinado]
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2010-11-21] () [Arquivo não assinado]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2009-07-13] () [Arquivo não assinado]
S3 usb_rndisx; C:\Windows\System32\DRIVERS\usb8023x.sys [19968 2009-07-13] () [Arquivo não assinado]
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-13] () [Arquivo não assinado]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] () [Arquivo não assinado]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] () [Arquivo não assinado]
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-21] () [Arquivo não assinado]
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-13] () [Arquivo não assinado]
S3 vmbus; C:\Windows\system32\drivers\vmbus.sys [199552 2010-11-21] () [Arquivo não assinado]
S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [21760 2010-11-21] () [Arquivo não assinado]
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] () [Arquivo não assinado]
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] () [Arquivo não assinado]
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] () [Arquivo não assinado]
S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [161872 2009-07-13] () [Arquivo não assinado]
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2009-07-13] () [Arquivo não assinado]
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-13] () [Arquivo não assinado]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] () [Arquivo não assinado]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] () [Arquivo não assinado]
S3 Wd; C:\Windows\system32\drivers\wd.sys [21056 2009-07-13] () [Arquivo não assinado]
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [654928 2009-07-13] () [Arquivo não assinado]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] () [Arquivo não assinado]
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-13] () [Arquivo não assinado]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-21] () [Arquivo não assinado]
R3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-13] () [Arquivo não assinado]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-13] () [Arquivo não assinado]
S3 WSDPrintDevice; C:\Windows\System32\DRIVERS\WSDPrint.sys [23040 2009-07-13] () [Arquivo não assinado]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2010-11-21] () [Arquivo não assinado]
R3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2010-11-21] () [Arquivo não assinado]
U5 6257a70ebcb87e64; <===== ATENÇÃO: Serviço Bloqueado
S1 ccnfd_1_10_0_6; system32\drivers\ccnfd_1_10_0_6.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U4 vsserv; não ImagePath
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-05 11:25 - 2016-07-05 11:31 - 00043130 _____ C:\Users\Marcio\Downloads\FRST.txt
2016-07-05 11:25 - 2016-07-05 11:25 - 00031275 _____ C:\Users\Marcio\Downloads\Addition.txt
2016-07-05 11:23 - 2016-07-05 11:31 - 00000000 ____D C:\FRST
2016-07-05 11:23 - 2016-07-05 11:23 - 02390016 _____ (Farbar) C:\Users\Marcio\Downloads\FRST64.exe
2016-07-05 10:17 - 2016-07-05 10:17 - 00011424 _____ C:\Users\Marcio\Downloads\Outlook.com(19).zip
2016-07-05 09:31 - 2016-07-05 09:32 - 00135339 _____ C:\Users\Marcio\Downloads\CUMPOM PARA SORTEIO DE PRODUTOS..zip
2016-07-05 08:07 - 2016-07-05 08:08 - 12505176 _____ (Corel Corporation) C:\Users\Marcio\Downloads\CorelDRAWGraphicsSuiteX8Installer_RW(1).exe
2016-07-05 07:47 - 2016-07-05 07:47 - 00000000 ____D C:\Program Files (x86)\gs
2016-07-05 07:46 - 2016-07-05 08:43 - 00003316 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTaskCore
2016-07-05 07:46 - 2016-07-05 07:46 - 00000000 ____D C:\Users\Todos os Usuários\VsTelemetry
2016-07-05 07:46 - 2016-07-05 07:46 - 00000000 ____D C:\ProgramData\VsTelemetry
2016-07-05 07:46 - 2016-07-05 07:46 - 00000000 ____D C:\Program Files\Common Files\Corel
2016-07-05 07:46 - 2016-07-05 07:46 - 00000000 ____D C:\Program Files (x86)\Corel
2016-07-05 07:45 - 2016-07-05 08:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)
2016-07-05 07:23 - 2016-07-05 08:42 - 534612834 _____ C:\Users\Marcio\Downloads\CorelDRAWGraphicsSuiteX8Installer_pt64Bit.zip
2016-07-05 07:23 - 2016-07-05 07:23 - 12505176 _____ (Corel Corporation) C:\Users\Marcio\Downloads\CorelDRAWGraphicsSuiteX8Installer_RW.exe
2016-07-05 07:23 - 2016-07-05 07:23 - 00000000 ____D C:\Users\Todos os Usuários\UniqueId
2016-07-05 07:23 - 2016-07-05 07:23 - 00000000 ____D C:\ProgramData\UniqueId
2016-07-05 07:12 - 2016-07-05 07:12 - 05818366 _____ C:\Users\Marcio\Downloads\ENC ESQUEMA DE MONTAGEM FABRIMOVEIS.zip
2016-07-04 15:52 - 2016-07-04 15:54 - 05082013 _____ C:\Users\Marcio\Downloads\ENC Re ESQUEMAS ROUP BARCELONA - URGENTE(1).zip
2016-07-04 15:49 - 2016-07-04 15:49 - 00063323 _____ C:\Users\Marcio\Downloads\pedido 15333 jmk mirassol.zip
2016-07-04 15:26 - 2016-07-04 15:26 - 12924185 _____ C:\Users\Marcio\Downloads\ENC Manuais.zip
2016-07-04 15:25 - 2016-07-04 15:25 - 00062976 _____ C:\Users\Marcio\Downloads\pedido 15331 jmk mirassol.zip
2016-07-04 15:16 - 2016-07-04 15:16 - 05082013 _____ C:\Users\Marcio\Downloads\ENC Re ESQUEMAS ROUP BARCELONA - URGENTE.zip
2016-07-04 15:16 - 2016-07-04 15:16 - 00381405 _____ C:\Users\Marcio\Downloads\Outlook.com(18).zip
2016-07-04 15:15 - 2016-07-04 15:15 - 00405844 _____ C:\Users\Marcio\Downloads\Outlook.com(17).zip
2016-07-04 15:14 - 2016-07-04 15:14 - 00387221 _____ C:\Users\Marcio\Downloads\Outlook.com(16).zip
2016-07-04 08:30 - 2016-07-04 08:30 - 00064455 _____ C:\Users\Marcio\Downloads\pedido 15329 jmk mirassol.zip
2016-07-01 07:23 - 2016-07-01 07:23 - 00020650 _____ C:\Users\Marcio\Downloads\Outlook.com(15).zip
2016-07-01 07:22 - 2016-07-01 07:22 - 00020650 _____ C:\Users\Marcio\Downloads\Outlook.com(14).zip
2016-07-01 07:22 - 2016-07-01 07:22 - 00018129 _____ C:\Users\Marcio\Downloads\Outlook.com(13).zip
2016-07-01 07:12 - 2016-07-01 07:12 - 01827884 _____ C:\Users\Marcio\Downloads\Esquema Rack Veneto e rack Torino.zip
2016-06-30 12:45 - 2016-06-30 12:45 - 00063922 _____ C:\Users\Marcio\Downloads\pedido 15315 jmk mirassol.zip
2016-06-30 07:08 - 2016-06-30 07:09 - 00006476 _____ C:\Users\Marcio\Downloads\Outlook.com(12).zip
2016-06-29 09:13 - 2016-06-29 09:13 - 00010451 _____ C:\Users\Marcio\Downloads\MESA COMPUTADOR SPACE.zip
2016-06-29 07:00 - 2016-06-29 07:00 - 01001361 _____ C:\Users\Marcio\Downloads\CONVITES FESTA JUNINA 3 IDADE.zip
2016-06-29 06:59 - 2016-06-29 06:59 - 00076780 _____ C:\Users\Marcio\Downloads\Fundo Social.zip
2016-06-28 11:45 - 2016-06-28 11:45 - 00010386 _____ C:\Users\Marcio\Downloads\Outlook.com(11).zip
2016-06-28 10:43 - 2016-06-28 10:43 - 00006088 _____ C:\Users\Marcio\Downloads\Outlook.com(10).zip
2016-06-28 07:12 - 2016-06-28 07:12 - 00006476 _____ C:\Users\Marcio\Downloads\Outlook.com(9).zip
2016-06-27 17:26 - 2016-06-27 17:26 - 00815684 _____ C:\Users\Marcio\Downloads\RES esquema de montagem Multiuso Napole 2016.zip
2016-06-27 14:32 - 2016-06-27 14:32 - 00754626 _____ C:\Users\Marcio\Downloads\esquema de montagem Multiuso Napole 2016.zip
2016-06-24 16:35 - 2016-06-24 16:35 - 00010222 _____ C:\Users\Marcio\Downloads\Outlook.com(8).zip
2016-06-24 15:12 - 2016-06-24 15:12 - 00020420 _____ C:\Users\Marcio\Downloads\PRODUTOS NOVOS.zip
2016-06-24 10:04 - 2016-06-24 10:04 - 00538064 _____ C:\Users\Marcio\Downloads\ENC ESQUEMA DE MONATGEM.zip
2016-06-23 10:42 - 2016-06-23 10:43 - 00255274 _____ C:\Users\Marcio\Downloads\Etiquetas(1).pdf
2016-06-23 10:30 - 2016-07-05 07:56 - 00000000 ____D C:\Users\Marcio\AppData\LocalLow\uTorrent
2016-06-23 10:02 - 2016-06-23 10:02 - 00255274 _____ C:\Users\Marcio\Downloads\Etiquetas.pdf
2016-06-23 09:20 - 2016-06-23 09:20 - 01211675 _____ C:\Users\Marcio\Downloads\Outlook.com(7).zip
2016-06-23 09:01 - 2016-06-23 09:01 - 00051951 _____ C:\Users\Marcio\Downloads\Outlook.com(6).zip
2016-06-22 16:02 - 2016-06-22 16:02 - 00062978 _____ C:\Users\Marcio\Downloads\pedido 15281 jmk mirassol.zip
2016-06-22 09:37 - 2016-06-22 09:37 - 00063574 _____ C:\Users\Marcio\Downloads\pedido 15270 jmk mirassol.zip
2016-06-22 08:50 - 2016-06-22 08:50 - 02091493 _____ C:\Users\Marcio\Downloads\ENC BOM DIA SEGUE ESQUEMA CORRETO ROUPEIRO PIENZA , POR FAVOR IGNORAR O EMAIL ANTERIOR.zip
2016-06-21 10:53 - 2016-06-21 10:53 - 02157222 _____ C:\Users\Marcio\Downloads\ENC esquema de montagem roupeiro pienza.zip
2016-06-20 07:03 - 2016-06-20 07:09 - 173691500 ____R C:\Users\Marcio\Downloads\ESET NOD32 V9 32BITS E 64BITS + ATIVADOR PORTABLE PTBR.rar
2016-06-18 16:34 - 2016-06-18 16:34 - 00000000 ____D C:\Users\Todos os Usuários\ESET
2016-06-18 16:34 - 2016-06-18 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-06-18 16:34 - 2016-06-18 16:34 - 00000000 ____D C:\ProgramData\ESET
2016-06-18 16:33 - 2016-06-18 16:33 - 00000000 ____D C:\Program Files\ESET
2016-06-18 16:28 - 2016-06-18 16:28 - 00000000 ____D C:\Users\Marcio\AppData\Local\{B5F70934-5E12-42d2-882D-62D42EA1FA67}
2016-06-18 16:27 - 2016-06-18 16:27 - 00002606 _____ C:\Users\Marcio\Desktop\µTorrent.lnk
2016-06-18 16:27 - 2016-06-18 16:27 - 00002606 _____ C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-06-18 16:26 - 2016-06-18 16:26 - 02530304 _____ (BitTorrent Inc.) C:\Users\Marcio\Downloads\uTorrent.exe
2016-06-18 16:25 - 2016-06-18 16:25 - 00013661 _____ C:\Users\Marcio\Downloads\ESET_NOD32_V9_32BITS_E_64BITS___ATIVADOR_PORTABLE_PTBR.rar_www.CPturbo.org.torrent
2016-06-17 07:19 - 2016-06-17 07:19 - 04446652 _____ C:\Users\Marcio\Downloads\ENC Enviando email CAMA CARROS VELOZ E PINK.zip
2016-06-17 07:18 - 2016-06-17 07:18 - 00062746 _____ C:\Users\Marcio\Downloads\pedido 15238 jmk mirassol.zip
2016-06-15 15:20 - 2016-06-15 15:21 - 01143359 _____ C:\Users\Marcio\Downloads\PEDIDO - OC 31379.zip
2016-06-15 15:00 - 2016-06-15 15:00 - 00890243 _____ C:\Users\Marcio\Downloads\Prospecto novo.zip
2016-06-14 17:31 - 2016-06-14 17:31 - 01029401 _____ C:\Users\Marcio\Downloads\Esquema de montagem Roupeiro Camboriu(1).zip
2016-06-14 16:33 - 2016-06-14 16:33 - 00229255 _____ C:\Users\Marcio\Downloads\RECEITA KIT ARM. PRATICO(1).zip
2016-06-14 15:22 - 2016-06-14 15:22 - 00229255 _____ C:\Users\Marcio\Downloads\RECEITA KIT ARM. PRATICO.zip
2016-06-14 11:40 - 2016-06-14 11:40 - 00045340 _____ C:\Users\Marcio\Downloads\RES ENC Segue o kit da comoda italia.zip
2016-06-14 09:59 - 2016-06-14 09:59 - 00040999 _____ C:\Users\Marcio\Downloads\ENC Segue o kit da comoda italia(1).zip
2016-06-14 09:55 - 2016-06-14 09:55 - 00026778 _____ C:\Users\Todos os Usuários\1465908955.bdinstall.bin
2016-06-14 09:55 - 2016-06-14 09:55 - 00026778 _____ C:\ProgramData\1465908955.bdinstall.bin
2016-06-13 14:35 - 2016-06-13 14:36 - 07612117 _____ C:\Users\Marcio\Downloads\Impresso PSF2(Prefeitura).zip
2016-06-10 09:30 - 2016-06-14 06:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-10 08:57 - 2016-06-10 08:57 - 01055050 _____ C:\Users\Marcio\Downloads\Outlook.com(5).zip
2016-06-09 12:25 - 2016-06-09 12:25 - 00070790 _____ C:\Users\Marcio\Downloads\pedido 15205 jmk mirassol.zip
2016-06-09 12:23 - 2016-06-09 12:23 - 07016412 _____ C:\Users\Marcio\Downloads\ENC Esquemas.zip
2016-06-08 11:16 - 2016-06-08 11:16 - 00063402 _____ C:\Users\Marcio\Downloads\pedido 15181 jmk mirassol.zip
2016-06-07 17:30 - 2016-06-07 17:30 - 03250679 _____ C:\Users\Marcio\Downloads\Acessorios Gold Plus(1).zip
2016-06-07 17:29 - 2016-06-07 17:29 - 03250679 _____ C:\Users\Marcio\Downloads\Acessorios Gold Plus.zip
2016-06-07 17:02 - 2016-06-07 17:02 - 00482828 _____ C:\Users\Marcio\Downloads\ENC ESQUEMA DO KIT 1508X(1).zip
2016-06-07 17:01 - 2016-06-07 17:01 - 00482828 _____ C:\Users\Marcio\Downloads\ENC ESQUEMA DO KIT 1508X.zip
2016-06-07 16:56 - 2016-06-07 16:56 - 09586092 _____ C:\Users\Marcio\Downloads\Prospecto Painel Domini.zip
2016-06-07 09:49 - 2016-06-07 09:49 - 01615534 _____ C:\Users\Marcio\Downloads\ENC Atualizar Esquema - 3.175.zip
2016-06-07 07:58 - 2016-06-07 07:58 - 00023587 _____ C:\Users\Marcio\Downloads\Outlook.com(4).zip
2016-06-07 07:22 - 2016-06-07 07:22 - 00070518 _____ C:\Users\Marcio\Downloads\pedido 15176 jmk mirassol.zip
2016-06-06 07:21 - 2016-06-06 07:21 - 00049689 _____ C:\Users\Marcio\Downloads\PS_15154.pdf
2016-06-03 10:22 - 2016-06-03 10:22 - 01261642 _____ C:\Users\Marcio\Downloads\ENC desenho esquema avelan.zip
2016-06-03 10:00 - 2016-06-03 10:01 - 06557816 _____ C:\Users\Marcio\Downloads\RES MULTI USO CANCUN.zip
2016-06-03 08:39 - 2016-06-03 08:39 - 00071543 _____ C:\Users\Marcio\Downloads\pedido 15149 jmk mirassol.zip
2016-06-03 07:43 - 2016-06-03 07:43 - 02138998 _____ C:\Users\Marcio\Downloads\Enc Manual correto comoda naturre.zip
2016-06-02 17:10 - 2016-06-02 17:10 - 01334563 _____ C:\Users\Marcio\Downloads\Acessorios Mesa de Centro.zip
2016-06-02 11:07 - 2016-06-02 11:08 - 08930564 _____ C:\Users\Marcio\Downloads\RES PAINEL MASTER.zip
2016-06-02 09:52 - 2016-06-02 09:53 - 08992311 _____ C:\Users\Marcio\Downloads\PAINEL MASTER.zip
2016-06-02 08:22 - 2016-06-02 08:22 - 00070450 _____ C:\Users\Marcio\Downloads\pedido 15137 jmk mirassol.zip
2016-06-01 13:04 - 2016-06-01 13:04 - 00040999 _____ C:\Users\Marcio\Downloads\ENC Segue o kit da comoda italia.zip
2016-06-01 12:48 - 2016-06-01 12:48 - 00528642 _____ C:\Users\Marcio\Downloads\Esquema de montagem Roupeiro Camboriu.zip
2016-06-01 12:45 - 2016-06-01 12:45 - 14214866 _____ C:\Users\Marcio\Downloads\Outlook.com(3).zip
2016-05-31 16:48 - 2016-05-31 16:48 - 00041606 _____ C:\Users\Marcio\Downloads\RPL DISTRIBUIDORA DE PAPEIS EIRELI - NF-e Nro 30951 Serie 0.zip
2016-05-31 14:25 - 2016-05-31 14:25 - 00004315 _____ C:\Users\Marcio\Downloads\minecraft.zip
2016-05-31 12:42 - 2016-05-31 12:42 - 01741194 _____ C:\Users\Marcio\Downloads\Outlook.com(2).zip
2016-05-31 12:03 - 2016-05-31 12:06 - 13952366 _____ C:\Users\Marcio\Downloads\Outlook.com(1).zip
2016-05-31 10:57 - 2016-05-31 10:57 - 00866595 _____ C:\Users\Marcio\Downloads\Esquema de montagem Home suspenso Arezo.zip
2016-05-31 10:52 - 2016-05-31 10:52 - 00070780 _____ C:\Users\Marcio\Downloads\pedido 15118 jmk mirassol.zip
2016-05-31 10:52 - 2016-05-31 10:52 - 00070780 _____ C:\Users\Marcio\Downloads\pedido 15118 jmk mirassol(1).zip
2016-05-31 10:44 - 2016-05-31 10:44 - 03508585 _____ C:\Users\Marcio\Downloads\ENC BOA TARDE LUCAS.zip
2016-05-30 13:53 - 2016-05-30 13:53 - 04652729 _____ C:\Users\Marcio\Downloads\Fotos.zip
2016-05-30 09:16 - 2016-05-30 09:17 - 13235921 _____ C:\Users\Marcio\Downloads\RES BOM DIA.zip
2016-05-26 09:25 - 2016-05-26 09:25 - 00064573 _____ C:\Users\Marcio\Downloads\pedido 15104 jmk mirassol(1).zip
2016-05-26 08:36 - 2016-05-26 08:36 - 00064573 _____ C:\Users\Marcio\Downloads\pedido 15104 jmk mirassol.zip
2016-05-25 17:01 - 2016-05-25 17:01 - 00072465 _____ C:\Users\Todos os Usuários\1464202146.3900.bin
2016-05-25 17:01 - 2016-05-25 17:01 - 00072465 _____ C:\ProgramData\1464202146.3900.bin
2016-05-25 15:41 - 2016-05-25 15:41 - 00003640 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-05-25 15:39 - 2016-07-05 11:17 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-05-25 14:50 - 2016-05-25 14:50 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-05-25 14:50 - 2016-05-25 14:50 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2016-05-25 14:50 - 2016-05-25 14:50 - 00113543 _____ C:\Windows\SysWOW64\slmgr.vbs
2016-05-25 14:50 - 2016-05-25 14:50 - 00002048 _____ C:\Windows\SysWOW64\winver.exe
2016-05-25 14:50 - 2016-05-25 14:50 - 00001536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2016-05-24 09:53 - 2016-05-24 09:53 - 00063438 _____ C:\Users\Marcio\Downloads\pedido 15093 jmk mirassol.zip
2016-05-23 16:46 - 2016-05-23 16:46 - 02715274 _____ C:\Users\Marcio\Downloads\ENC JB 19052016.zip
2016-05-23 11:29 - 2016-05-23 11:29 - 00064934 _____ C:\Users\Marcio\Downloads\pedido 15079 jmk mirassol.zip
2016-05-23 07:17 - 2016-05-23 07:17 - 00495706 _____ C:\Users\Marcio\Downloads\fotos dos produtos restantes.zip
2016-05-23 07:08 - 2016-05-23 07:08 - 00873508 _____ C:\Users\Marcio\Downloads\Esquema montagem Comoda Florence PLUS.zip
2016-05-23 07:07 - 2016-05-23 07:07 - 01315451 _____ C:\Users\Marcio\Downloads\Esquema de montagem Comoda Zafira.zip
2016-05-20 09:32 - 2016-05-20 09:32 - 02171620 _____ C:\Users\Marcio\Downloads\ENC esquema avelan.zip
2016-05-18 13:20 - 2014-03-11 12:48 - 00040480 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PsBoot.sys
2016-05-18 13:17 - 2016-05-25 15:28 - 00000000 ____D C:\Program Files (x86)\Panda Security
2016-05-18 13:17 - 2016-05-25 15:26 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Panda Security
2016-05-18 13:14 - 2016-05-25 15:26 - 00000000 ____D C:\Users\Todos os Usuários\Panda Security
2016-05-18 13:14 - 2016-05-25 15:26 - 00000000 ____D C:\ProgramData\Panda Security
2016-05-18 13:14 - 2016-05-18 13:14 - 02252720 _____ (Panda Security, S.L.) C:\Users\Marcio\Downloads\PANDAFREEAV.exe
2016-05-18 13:07 - 2016-05-18 13:07 - 00000000 ____D C:\Users\Marcio\.fontconfig
2016-05-18 13:06 - 2016-05-18 13:06 - 00482568 _____ C:\Users\Marcio\Downloads\adobe_flash_player-38578169.exe
2016-05-18 13:06 - 2016-05-18 13:06 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\NVIDIA
2016-05-18 13:06 - 2016-05-18 13:06 - 00000000 ____D C:\Users\Marcio\AppData\Local\Movavi
2016-05-18 13:06 - 2016-05-18 13:06 - 00000000 ____D C:\Users\Marcio\AppData\Local\converter
2016-05-18 13:05 - 2016-05-18 13:05 - 00000016 _____ C:\Users\Todos os Usuários\mntemp
2016-05-18 13:05 - 2016-05-18 13:05 - 00000016 _____ C:\ProgramData\mntemp
2016-05-18 13:05 - 2016-05-18 13:05 - 00000000 ____D C:\Users\Todos os Usuários\Movavi Video Converter 16
2016-05-18 13:05 - 2016-05-18 13:05 - 00000000 ____D C:\Users\Todos os Usuários\Movavi
2016-05-18 13:05 - 2016-05-18 13:05 - 00000000 ____D C:\ProgramData\Movavi Video Converter 16
2016-05-18 13:05 - 2016-05-18 13:05 - 00000000 ____D C:\ProgramData\Movavi
2016-05-18 13:03 - 2016-05-18 13:04 - 50819464 _____ (Movavi) C:\Users\Marcio\Downloads\MovaviVideoConverterSetupF_16.exe
2016-05-18 11:31 - 2016-05-18 11:31 - 14729216 _____ C:\Users\Marcio\Downloads\Phantom_Ultra_HDTV_V8.04.16_20160517Vm.bin
2016-05-18 08:32 - 2016-05-18 08:33 - 11449989 _____ C:\Users\Marcio\Downloads\Comoda Master2.skp
2016-05-05 12:43 - 2016-05-05 12:43 - 00027749 _____ C:\Users\Todos os Usuários\1462463014.bdinstall.bin
2016-05-05 12:43 - 2016-05-05 12:43 - 00027749 _____ C:\ProgramData\1462463014.bdinstall.bin
2016-05-05 11:36 - 2016-05-05 11:36 - 00000000 ____D C:\Users\Marcio\AppData\Local\CEF
2016-05-05 11:34 - 2016-07-05 07:46 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-05-05 11:34 - 2016-07-05 07:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-05 11:34 - 2016-05-05 12:40 - 00000000 ____D C:\Program Files\Intel
2016-05-05 11:33 - 2016-05-05 12:40 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-05-05 11:33 - 2016-05-05 12:40 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-05-05 11:23 - 2016-05-05 12:39 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2016-05-05 11:23 - 2016-05-05 12:39 - 00000000 ____D C:\ProgramData\McAfee
2016-05-05 11:23 - 2016-05-05 11:23 - 00000000 ____D C:\Users\Marcio\AppData\LocalLow\Adobe
2016-05-05 11:22 - 2016-06-02 07:21 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-05 11:22 - 2016-05-12 08:08 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-05 11:22 - 2016-05-05 11:24 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-05-05 11:22 - 2016-05-05 11:24 - 00000000 ____D C:\ProgramData\Adobe
2016-05-05 11:22 - 2016-05-05 11:22 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-05 10:04 - 2016-05-05 10:04 - 00726910 _____ C:\Users\Marcio\Downloads\Restricoes de ultimo ano de mandato - artigos.pdf
2016-05-05 08:11 - 2016-05-05 08:11 - 00216639 _____ C:\Users\Todos os Usuários\1462446684.bdinstall.bin
2016-05-05 08:11 - 2016-05-05 08:11 - 00216639 _____ C:\ProgramData\1462446684.bdinstall.bin
2016-05-04 11:55 - 2016-05-04 11:55 - 10314888 _____ C:\Users\Marcio\Downloads\bitdefender_tsecurity(1).exe
2016-04-28 16:39 - 2016-04-28 16:39 - 00703474 _____ C:\Users\Marcio\Downloads\BERÇO PROVENCE SGS(1).pdf
2016-04-28 16:38 - 2016-04-28 16:39 - 00703474 _____ C:\Users\Marcio\Downloads\BERÇO PROVENCE SGS.pdf
2016-04-28 16:28 - 2016-04-28 16:28 - 02814724 _____ C:\Users\Marcio\Downloads\COMODA PROVENCE SLIM.pdf
2016-04-26 06:48 - 2016-04-26 06:48 - 00661534 _____ C:\Users\Marcio\Downloads\CAMA CASAL.pdf
2016-04-25 17:09 - 2016-06-14 06:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-25 17:09 - 2016-04-26 06:49 - 00000000 ____D C:\Users\Marcio\AppData\Local\Mozilla
2016-04-25 17:09 - 2016-04-25 17:15 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Mozilla
2016-04-25 17:09 - 2016-04-25 17:09 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-25 17:09 - 2016-04-25 17:09 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-25 16:36 - 2016-04-25 16:36 - 00027748 _____ C:\Users\Todos os Usuários\1461612971.bdinstall.bin
2016-04-25 16:36 - 2016-04-25 16:36 - 00027748 _____ C:\ProgramData\1461612971.bdinstall.bin
2016-04-25 13:27 - 2016-04-25 13:27 - 07388036 _____ C:\Users\Marcio\Downloads\Enc prospectos atualizados matic.zip
2016-04-25 10:06 - 2016-04-25 10:06 - 00072042 _____ C:\Users\Marcio\Downloads\pedido 14912 jmk mirassol.zip
2016-04-25 07:54 - 2016-04-25 07:54 - 07807873 _____ C:\Users\Marcio\Downloads\ENC Fwd Fwd Fwd MANUAL BUFFET TOP, MANUAL MESA ANNE _ ANNE QUADRADA, MANUAL MESA CAMILA, MANUAL MESA GABRIELA, MANUAL MESA JULIA, MANUAL MESA KAROL, MANUAL MESA RAQUEL, MANUAL APARADOR TOP.zip
2016-04-25 07:53 - 2016-04-25 07:53 - 04503218 _____ C:\Users\Marcio\Downloads\ENC Fwd Fwd Enviando email CABECEIRA BOX DUBAI.zip
2016-04-25 07:15 - 2016-04-25 07:15 - 01955062 _____ C:\Users\Marcio\Downloads\Outlook.com (16).zip
2016-04-25 07:10 - 2016-04-25 07:10 - 01515398 _____ C:\Users\Marcio\Downloads\Outlook.com (15).zip
2016-04-25 07:09 - 2016-04-25 07:09 - 00071816 _____ C:\Users\Marcio\Downloads\pedido 14882 jmk mirassol.zip
2016-04-20 14:36 - 2016-04-20 14:36 - 00586251 _____ C:\Users\Marcio\Downloads\ENC MESSINA - frente correta.zip
2016-04-20 10:44 - 2016-04-20 10:44 - 00071211 _____ C:\Users\Marcio\Downloads\pedido 14874 jmk mirassol.zip
2016-04-20 00:49 - 2016-04-20 00:49 - 00071127 _____ C:\Users\Marcio\Downloads\pedido 14863 jmk mirassol.zip
2016-04-19 09:39 - 2016-06-18 16:11 - 00000920 ____H C:\Users\Todos os Usuários\@system.temp
2016-04-19 09:39 - 2016-06-18 16:11 - 00000920 ____H C:\ProgramData\@system.temp
2016-04-19 09:39 - 2016-04-19 09:39 - 00000008 ____H C:\Users\Todos os Usuários\@000001.dat
2016-04-19 09:39 - 2016-04-19 09:39 - 00000008 ____H C:\ProgramData\@000001.dat
2016-04-19 09:38 - 2016-06-20 07:28 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\BrowserMe
2016-04-19 09:38 - 2016-06-18 16:11 - 00000656 ____H C:\Users\Todos os Usuários\@system3.att
2016-04-19 09:38 - 2016-06-18 16:11 - 00000656 ____H C:\ProgramData\@system3.att
2016-04-19 09:38 - 2016-04-19 09:38 - 00000480 ____H C:\Users\Marcio\AppData\Roaming\½Ó
2016-04-19 09:16 - 2016-04-19 09:16 - 00070801 _____ C:\Users\Marcio\Downloads\pedido 14854 jmk mirassol.zip
2016-04-18 16:29 - 2016-04-18 16:29 - 02300553 _____ C:\Users\Marcio\Downloads\Outlook.com (14).zip
2016-04-15 16:22 - 2016-04-15 16:22 - 00063626 _____ C:\Users\Marcio\Downloads\pedido 14851 jmk mirassol.zip
2016-04-14 09:53 - 2016-04-14 09:53 - 00064249 _____ C:\Users\Marcio\Downloads\pedido 14845 jmk mirassol.zip
2016-04-14 09:00 - 2016-04-14 09:00 - 00000000 ____D C:\Users\Marcio\AppData\Local\ESET
2016-04-14 08:56 - 2016-04-14 08:56 - 00055685 _____ C:\Users\Marcio\Downloads\Pedido Esquemas.zip
2016-04-14 08:50 - 2016-04-14 08:53 - 93866656 _____ (ESET) C:\Users\Marcio\Downloads\eav_nt64_ptb.exe
2016-04-14 08:40 - 2016-04-14 08:40 - 00212354 _____ C:\Users\Todos os Usuários\1460633995.bdinstall.bin
2016-04-14 08:40 - 2016-04-14 08:40 - 00212354 _____ C:\ProgramData\1460633995.bdinstall.bin
2016-04-14 08:29 - 2016-04-14 08:29 - 10314888 _____ C:\Users\Marcio\Downloads\bitdefender_tsecurity.exe
2016-04-14 08:06 - 2016-04-25 17:03 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-04-14 08:04 - 2016-04-14 08:13 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-04-14 08:04 - 2016-04-14 08:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-14 08:03 - 2016-04-14 08:04 - 05066104 _____ (AVAST Software) C:\Users\Marcio\Downloads\avast_free_antivirus_setup_online_bxk_a.exe
2016-04-13 10:33 - 2016-04-13 10:33 - 02798353 _____ C:\Users\Marcio\Downloads\Outlook.com (13).zip
2016-04-13 08:15 - 2016-04-13 08:15 - 00212373 _____ C:\Users\Todos os Usuários\1460542506.bdinstall.bin
2016-04-13 08:15 - 2016-04-13 08:15 - 00212373 _____ C:\ProgramData\1460542506.bdinstall.bin
2016-04-13 08:13 - 2016-04-13 08:14 - 05592856 _____ C:\Users\Marcio\Downloads\pedido matic.zip
2016-04-12 12:34 - 2016-04-12 12:34 - 00011841 _____ C:\Users\Marcio\Downloads\JALMAC - BALCAO ESMERALDA.pdf
2016-04-11 12:49 - 2016-04-11 12:49 - 05538646 _____ C:\Users\Marcio\Downloads\tRANSPARENCIA.pdf
2016-04-11 12:43 - 2016-04-11 12:43 - 01218752 _____ C:\Users\Marcio\Downloads\ldo.pdf
2016-04-11 12:42 - 2016-04-11 12:42 - 00417293 _____ C:\Users\Marcio\Downloads\Calendario e Restrições Eleitorais (1).pdf
2016-04-11 12:41 - 2016-04-11 12:41 - 00417293 _____ C:\Users\Marcio\Downloads\Calendario e Restrições Eleitorais.pdf
2016-04-11 11:40 - 2016-04-11 11:40 - 00062904 _____ C:\Users\Marcio\Downloads\pedido 14803 jmk mirassol.zip
2016-04-11 09:20 - 2016-04-11 09:20 - 03878518 _____ C:\Users\Marcio\Downloads\ENC ESQUEMA.zip
2016-04-08 09:56 - 2016-04-08 09:56 - 00624441 _____ C:\Users\Marcio\Downloads\ENC Atualizar Esquema - 1.388.zip
2016-04-08 09:55 - 2016-04-08 09:55 - 00775617 _____ C:\Users\Marcio\Downloads\ENC Atualizar Esquema Montagem - 1.411.zip
2016-04-08 09:53 - 2016-04-08 09:53 - 01648493 _____ C:\Users\Marcio\Downloads\ENC Atualizar Esquema 3.162 e 3.163.zip
2016-04-08 09:52 - 2016-04-08 09:52 - 00066167 _____ C:\Users\Marcio\Downloads\pedido 14795 jmk mirassol.zip
2016-04-08 07:32 - 2016-04-08 07:32 - 00210004 _____ C:\Users\Todos os Usuários\1460108151.bdinstall.bin
2016-04-08 07:32 - 2016-04-08 07:32 - 00210004 _____ C:\ProgramData\1460108151.bdinstall.bin
2016-04-07 16:31 - 2016-04-07 16:31 - 00070173 _____ C:\Users\Marcio\Downloads\ENC pedido 14764 jmk mirassol (1).zip
2016-04-07 16:28 - 2016-04-07 16:28 - 00070173 _____ C:\Users\Marcio\Downloads\ENC pedido 14764 jmk mirassol.zip
2016-04-07 09:27 - 2016-04-07 09:27 - 01182648 _____ C:\Users\Marcio\Downloads\PEDIDO - OC 30737.zip
2016-04-06 15:43 - 2016-04-06 15:43 - 00041903 _____ C:\Users\Marcio\Downloads\RPL DISTRIBUIDORA DE PAPEIS EIRELI - NF-e Nro 29942 Serie 0.zip
2016-04-06 14:16 - 2016-04-06 14:16 - 00011803 _____ C:\Users\Marcio\Downloads\CARIMBRO (1).zip
2016-04-06 12:41 - 2016-04-06 12:41 - 00011803 _____ C:\Users\Marcio\Downloads\CARIMBRO.zip
2016-04-06 10:40 - 2016-04-06 10:40 - 01416507 _____ C:\Users\Marcio\Downloads\Outlook.com (12).zip
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-05 11:30 - 2014-08-09 15:42 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\uTorrent
2016-07-05 11:29 - 2014-08-11 08:22 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Skype
2016-07-05 11:28 - 2009-07-14 01:45 - 00016832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-05 11:28 - 2009-07-14 01:45 - 00016832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-05 11:15 - 2015-01-27 06:08 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-05 09:21 - 2010-11-21 06:37 - 00705700 _____ C:\Windows\system32\prfh0416.dat
2016-07-05 09:21 - 2010-11-21 06:37 - 00147540 _____ C:\Windows\system32\prfc0416.dat
2016-07-05 09:21 - 2009-07-14 02:13 - 01635410 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-05 09:21 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-07-05 09:16 - 2014-09-22 08:17 - 00000000 ____D C:\Users\Marcio\AppData\LocalLow\Temp
2016-07-05 07:56 - 2014-08-09 15:55 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-07-05 07:56 - 2014-08-09 15:55 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-05 07:56 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-05 07:46 - 2014-08-09 16:19 - 00000000 ____D C:\Users\Public\Documents\Corel
2016-07-05 07:46 - 2014-08-09 16:18 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2016-07-05 07:46 - 2014-08-09 16:18 - 00000000 ____D C:\ProgramData\Corel
2016-07-05 07:46 - 2014-08-09 16:18 - 00000000 ____D C:\Program Files\Corel
2016-07-05 07:46 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-07-05 07:42 - 2014-08-09 15:54 - 01599116 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-06-22 06:55 - 2009-07-14 01:45 - 00875496 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-21 14:02 - 2014-08-09 15:38 - 00282424 _____ C:\Users\Marcio\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-17 10:15 - 2015-01-27 06:08 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-17 10:15 - 2015-01-08 15:30 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-17 10:15 - 2015-01-08 15:30 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-15 15:01 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-07 08:00 - 2009-07-14 02:32 - 00000000 ____D C:\Windows\system32\FxsTmp
==================== Arquivos na raiz de alguns diretórios =======
2016-04-19 09:38 - 2016-04-19 09:38 - 0000480 ____H () C:\Users\Marcio\AppData\Roaming\½Ó
2015-01-08 15:06 - 2015-01-08 15:06 - 0000600 _____ () C:\Users\Marcio\AppData\Local\PUTTY.RND
2014-09-25 13:51 - 2014-09-25 13:51 - 1222278 _____ () C:\ProgramData\1411661257.bdinstall.bin
2015-12-14 11:09 - 2015-12-14 11:09 - 1490391 _____ () C:\ProgramData\1450100002.bdinstall.bin
2015-12-14 11:03 - 2015-12-14 11:03 - 0050045 _____ () C:\ProgramData\1450101792.bdinstall.bin
2015-12-16 11:36 - 2015-12-16 11:36 - 0032389 _____ () C:\ProgramData\1450276525.bdinstall.bin
2016-04-01 16:23 - 2016-04-01 16:23 - 0209302 _____ () C:\ProgramData\1459532132.bdinstall.bin
2016-04-01 16:24 - 2016-04-01 16:24 - 0027748 _____ () C:\ProgramData\1459538653.bdinstall.bin
2016-04-04 09:02 - 2016-04-04 09:02 - 0212776 _____ () C:\ProgramData\1459771297.bdinstall.bin
2016-04-08 07:32 - 2016-04-08 07:32 - 0210004 _____ () C:\ProgramData\1460108151.bdinstall.bin
2016-04-13 08:15 - 2016-04-13 08:15 - 0212373 _____ () C:\ProgramData\1460542506.bdinstall.bin
2016-04-14 08:40 - 2016-04-14 08:40 - 0212354 _____ () C:\ProgramData\1460633995.bdinstall.bin
2016-04-25 16:36 - 2016-04-25 16:36 - 0027748 _____ () C:\ProgramData\1461612971.bdinstall.bin
2016-05-05 08:11 - 2016-05-05 08:11 - 0216639 _____ () C:\ProgramData\1462446684.bdinstall.bin
2016-05-05 12:43 - 2016-05-05 12:43 - 0027749 _____ () C:\ProgramData\1462463014.bdinstall.bin
2016-05-25 17:01 - 2016-05-25 17:01 - 0072465 _____ () C:\ProgramData\1464202146.3900.bin
2016-06-14 09:55 - 2016-06-14 09:55 - 0026778 _____ () C:\ProgramData\1465908955.bdinstall.bin
2016-04-19 09:39 - 2016-04-19 09:39 - 0000008 ____H () C:\ProgramData\@000001.dat
2016-04-19 09:39 - 2016-06-18 16:11 - 0000920 ____H () C:\ProgramData\@system.temp
2016-04-19 09:38 - 2016-06-18 16:11 - 0000656 ____H () C:\ProgramData\@system3.att
2015-01-15 12:07 - 2015-01-15 12:07 - 0000227 _____ () C:\ProgramData\bc.ini
2015-03-29 11:04 - 2015-03-29 11:04 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2016-05-18 13:05 - 2016-05-18 13:05 - 0000016 _____ () C:\ProgramData\mntemp
Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\@000001.dat
C:\Users\Marcio\hpbcfgre.dll
C:\Users\Marcio\hpmco140.dll
C:\Users\Marcio\hpmews01.dat
C:\Users\Marcio\hpmews01.dll
C:\Users\Marcio\hpmldm01.dat
C:\Users\Marcio\hpmldm01.dll
C:\Users\Marcio\hpmprein.dll
C:\Users\Marcio\Hpzc3212.dll
C:\Users\Marcio\Install.dll
C:\Users\Marcio\Install.exe
C:\Users\Todos os Usuários\@000001.dat
Alguns arquivos em TEMP:
====================
C:\Users\Marcio\AppData\Local\Temp\avguirn_08413647934.exe
C:\Users\Marcio\AppData\Local\Temp\cdo1065610883.dll
C:\Users\Marcio\AppData\Local\Temp\cdo1145970302.dll
C:\Users\Marcio\AppData\Local\Temp\cdo1187794716.dll
C:\Users\Marcio\AppData\Local\Temp\cdo1269157125.dll
C:\Users\Marcio\AppData\Local\Temp\cdo1597044704.dll
C:\Users\Marcio\AppData\Local\Temp\cdo1628299449.dll
C:\Users\Marcio\AppData\Local\Temp\cdo1650545185.dll
C:\Users\Marcio\AppData\Local\Temp\cdo1677642441.dll
C:\Users\Marcio\AppData\Local\Temp\cdo2142950596.dll
C:\Users\Marcio\AppData\Local\Temp\cdo2214868733.dll
C:\Users\Marcio\AppData\Local\Temp\cdo2434942137.dll
C:\Users\Marcio\AppData\Local\Temp\cdo2723735699.dll
C:\Users\Marcio\AppData\Local\Temp\cdo276391374.dll
C:\Users\Marcio\AppData\Local\Temp\cdo2772145879.dll
C:\Users\Marcio\AppData\Local\Temp\cdo2816801640.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3030681219.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3076232841.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3193429566.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3316291443.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3398211222.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3435211692.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3502163660.dll
C:\Users\Marcio\AppData\Local\Temp\cdo375738424.dll
C:\Users\Marcio\AppData\Local\Temp\cdo3964233713.dll
C:\Users\Marcio\AppData\Local\Temp\cdo399759786.dll
C:\Users\Marcio\AppData\Local\Temp\cdo40934319.dll
C:\Users\Marcio\AppData\Local\Temp\cdo4173057875.dll
C:\Users\Marcio\AppData\Local\Temp\cdo527476373.dll
C:\Users\Marcio\AppData\Local\Temp\cdo686314613.dll
C:\Users\Marcio\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\Marcio\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Marcio\AppData\Local\Temp\{714E00DF-F230-44A9-885A-13D2A395EBD0}.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll
[2010-11-21 00:24] - [2010-11-21 00:24] - 1008640 ____A (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E
C:\Windows\SysWOW64\User32.dll
[2016-05-25 14:50] - [2016-05-25 14:50] - 0833024 ____A (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys
[2010-11-21 00:23] - [2010-11-21 00:23] - 0295808 ____A () D41D8CD98F00B204E9800998ECF8427E
C:\Windows\system32\Drivers\volsnap.sys => não Nome Da Empresa <===== ATENÇÃO
testsigning: ==> o 'modo de teste' está configurado. Cheque por possível driver não assinado <===== ATENÇÃO
LastRegBack: 2016-06-27 10:20
==================== Fim de FRST.txt ============================