Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 17-07-2016 02
Executado por Admin (administrador) em PCI5 (17-07-2016 10:46:11)
Executando a partir de C:\Users\Admin\Downloads
Perfis Carregados: Admin (Perfis Disponíveis: Admin)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
() C:\Program Files (x86)\Connect Manager\AssistantServices.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
() C:\Program Files (x86)\Connect Manager\UIExec.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\Connect Manager\UIExec.exe [138584 2010-09-25] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758280 2016-06-16] (APN)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation)
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\...\Run: [Spotify Web Helper] => C:\Users\Admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-13] (Spotify Ltd)
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\...\Run: [Spotify] => C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-13] (Spotify Ltd)
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\...\Run: [Spotydl] => C:\Program Files (x86)\Spotydl\spotydl.exe -s
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\...\MountPoints2: {15d984db-243a-11e5-8648-08606ed1675b} - F:\setup.exe
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 3510 series (Rede).lnk [2016-07-17]
ShortcutTarget: Monitorar alertas de tinta - HP Deskjet 3510 series (Rede).lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyEnable: [S-1-5-21-3760824119-2999690160-2574430072-1000] => Proxy está habilitado.
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8880AF36-EF50-493C-95CB-E8C1E85C7662}: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{ABFD580E-0169-48D1-A98C-7A8BAADFEEED}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggbeAFcWQ5FFRhGJQ0BTA0QFwEOIlpaBBRAFFEbcVpbVVxBRQ0FIk0FA1ADB0VXfVBdFElXTwhxIUNXE24UQw==
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggbeAFcWQ5FFRhGJQ0BTA0QFwEOIlpaBBRAFFEbcVpbVVxBRQ0FIk0FA1ADB0VXfVBdFElXTwhxIUNXE24UQw==
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQEAWV1JFgEXbVxdVQBcFVQVdBRaAlsUDAQWJAEJAlpFRAVHeB9aFQQTSEcFME0FCFwEURNNfWtZG1YDdlBB&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQEAWV1JFgEXbVxdVQBcFVQVdBRaAlsUDAQWJAEJAlpFRAVHeB9aFQQTSEcFME0FCFwEURNNfWtZG1YDdlBB&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3760824119-2999690160-2574430072-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQEAWV1JFgEXbVxdVQBcFVQVdBRaAlsUDAQWJAEJAlpFRAVHeB9aFQQTSEcFME0FCFwEURNNfWtZG1YDdlBB&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3760824119-2999690160-2574430072-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQEAWV1JFgEXbVxdVQBcFVQVdBRaAlsUDAQWJAEJAlpFRAVHeB9aFQQTSEcFME0FCFwEURNNfWtZG1YDdlBB&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll [2015-08-04] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll [2015-08-04] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-03] (Oracle Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-03] (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\079p0edl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2015-08-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2015-08-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-03] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> teoma.com/?gct=hp
CHR DefaultSearchURL: Default -> hxxps://www.teoma.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://teoma.com
CHR DefaultSuggestURL: Default -> hxxp://www.teoma.com/ss?type=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-04]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-04]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Planilhas do Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-04]
CHR Extension: (Documentos Google off-line) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-06]
CHR Extension: (VoiceNote II - Speech to text) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfmldhibfm [2016-05-09]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-06]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-04]
CHR HKLM\...\Chrome\Extension: [fhnobihfdnklhoilcilfogdcegekpgfn] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\fhnobihfdnklhoilcilfogdcegekpgfn.crx [2016-06-16]
CHR HKLM-x32\...\Chrome\Extension: [fhnobihfdnklhoilcilfogdcegekpgfn] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\fhnobihfdnklhoilcilfogdcegekpgfn.crx [2016-06-16]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [198216 2016-06-16] (APN LLC.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 UI Assistant Service; C:\Program Files (x86)\Connect Manager\AssistantServices.exe [252784 2010-09-25] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-10-22] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-07-06] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-17 10:43 - 2016-07-17 10:43 - 00032548 _____ C:\Users\Admin\Downloads\Addition.txt
2016-07-17 10:42 - 2016-07-17 10:46 - 00015142 _____ C:\Users\Admin\Downloads\FRST.txt
2016-07-17 10:42 - 2016-07-17 10:46 - 00000000 ____D C:\FRST
2016-07-17 10:41 - 2016-07-17 10:41 - 02391040 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2016-07-17 09:17 - 2016-07-17 09:17 - 01034556 _____ C:\Users\Admin\Downloads\Windows6.1-KB2999226-x64 (1).msu
2016-07-16 20:26 - 2016-06-25 13:03 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2016-07-16 03:12 - 2016-07-16 03:12 - 00000755 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emergency 2016.lnk
2016-07-16 03:12 - 2016-07-16 03:12 - 00000743 _____ C:\Users\Public\Desktop\Emergency 2016.lnk
2016-07-16 03:11 - 2016-07-16 03:26 - 00000000 ____D C:\Program Files\Emergency 2016
2016-07-15 22:01 - 2016-07-16 00:52 - 00000000 ____D C:\Users\Admin\Downloads\Emergency.2016-RELOADED
2016-07-15 21:09 - 2016-07-15 21:09 - 04793407 _____ C:\Users\Admin\Downloads\INFORMATIVO ESBELTO INFANTE.pdf
2016-07-15 21:03 - 2016-07-15 21:03 - 00194314 _____ C:\Users\Admin\Downloads\VESTIARIO-1_Atualizada.pdf
2016-07-15 21:02 - 2016-07-15 21:02 - 00086954 _____ C:\Users\Admin\Downloads\ESCALA_16JUL16-SAB.pdf
2016-07-14 14:41 - 2016-07-17 08:28 - 00003416 _____ C:\Windows\System32\Tasks\SteamClient
2016-07-13 21:58 - 2012-06-02 19:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-07-13 21:58 - 2012-06-02 19:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-07-13 21:58 - 2012-06-02 19:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-07-13 21:58 - 2012-06-02 19:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-07-13 21:57 - 2012-06-02 19:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-07-13 21:57 - 2012-06-02 19:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-07-13 21:57 - 2012-06-02 19:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-07-13 21:57 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-07-13 21:57 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-07-13 21:54 - 2016-07-13 21:55 - 14749120 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\vc_redist.x64.exe
2016-07-12 22:36 - 2016-07-12 22:36 - 00013188 _____ C:\Users\Admin\Downloads\api-ms-win-crt-runtime-l1-1-0 (2).zip
2016-07-12 22:36 - 2016-07-12 22:36 - 00003143 _____ C:\Users\Admin\Downloads\api-ms-win-crt-runtime-l1-1-0 (1).zip
2016-07-12 22:36 - 2015-05-29 10:28 - 00007680 ____N (Microsoft Corporation) C:\Users\Admin\Downloads\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-12 22:36 - 2013-07-30 12:04 - 00001003 ____N C:\Users\Admin\Downloads\README.txt
2016-07-12 22:34 - 2016-07-12 22:34 - 00315624 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\dxwebsetup (2).exe
2016-07-12 22:33 - 2016-07-12 22:33 - 00315624 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\dxwebsetup (1).exe
2016-07-12 22:18 - 2016-07-12 22:18 - 01034556 _____ C:\Users\Admin\Downloads\Windows6.1-KB2999226-x64.msu
2016-07-10 21:29 - 2016-07-10 21:29 - 00003143 _____ C:\Users\Admin\Downloads\api-ms-win-crt-runtime-l1-1-0.zip
2016-07-10 19:59 - 2016-07-10 19:59 - 00000000 ____D C:\Users\Todos os Usuários\AskPartnerNetwork
2016-07-10 19:59 - 2016-07-10 19:59 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2016-07-10 19:59 - 2016-07-10 19:59 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2016-07-10 19:59 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2016-07-10 19:57 - 2016-07-10 19:59 - 17463680 _____ (DsNET Corp ) C:\Users\Admin\Downloads\aTube_Catcher_ATU3_9024.exe
2016-07-10 19:18 - 2016-07-16 03:11 - 00000000 ____D C:\Program Files (x86)\Emergency 2016
2016-07-10 18:29 - 2016-07-10 18:29 - 00223211 _____ C:\Users\Admin\Documents\d2c79cf2418d943660c17ef80c651c7b228.jpeg
2016-07-10 18:25 - 2016-07-10 18:25 - 00003584 _____ C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-10 17:46 - 2016-07-10 17:46 - 00000000 ____D C:\Users\Admin\Desktop\Nova pasta
2016-07-10 17:15 - 2016-07-10 17:15 - 00019943 _____ C:\Users\Admin\Downloads\1 CA.ods
2016-07-10 14:51 - 2016-07-10 16:58 - 00000000 ____D C:\Users\Admin\Downloads\Emergency 2016
2016-07-10 14:16 - 2016-07-10 14:26 - 91277874 _____ C:\Users\Admin\Downloads\Coast_to_Coast_v1.7.1.scs
2016-07-10 08:14 - 2016-07-10 08:14 - 15389481 _____ C:\Users\Admin\Downloads\C-21-74 TMB.pdf
2016-07-09 19:49 - 2016-07-09 19:49 - 00001107 _____ C:\Users\Admin\Downloads\Police__1_ (1).scs
2016-07-09 18:52 - 2016-07-09 18:52 - 00053133 _____ C:\Users\Admin\Downloads\GABARITO_INTRODUCAO_AO_ESTUDO_DO_DIREITO_09-07-2016.pdf
2016-07-08 23:31 - 2016-07-08 23:31 - 00698994 _____ C:\Users\Admin\Downloads\1 - O.Sv. nº 30-P3-APM-BAFC Empenho Discentes da APM 03jul16-doc.pdf
2016-07-08 23:28 - 2016-07-08 23:28 - 00292298 _____ C:\Users\Admin\Downloads\ESCALA_EFETIVO_E_HIPOTECA_VIRADA_CULTURAL_2016.pdf
2016-07-07 22:31 - 2016-07-07 22:31 - 00139517 _____ C:\Users\Admin\Downloads\ATO_CANCELAMENTO_INSCRICAO_CFS_2016.pdf
2016-07-02 07:18 - 2016-07-02 07:18 - 00232438 _____ C:\Users\Admin\Downloads\Trabalho 2 POG 2016.pdf
2016-07-01 23:57 - 2016-07-01 23:57 - 00781087 _____ C:\Users\Admin\Downloads\ESCALA_DE_SERVICO_INTERNO_-_POSTO_AVANCADO_27JUN_A_03JUL.pdf
2016-07-01 23:56 - 2016-07-01 23:57 - 00561181 _____ C:\Users\Admin\Downloads\ESCALAS_DE_RECEPCOES_-_EFSD_-_27JUN_A_03JUL.pdf
2016-07-01 23:56 - 2016-07-01 23:56 - 00369274 _____ C:\Users\Admin\Downloads\PLANTAO_DE_VESTIARIO_-_27JUN_A_02JUL.pdf
2016-07-01 22:08 - 2016-07-01 22:08 - 00535962 _____ C:\Users\Admin\Downloads\1 - O.Sv. nº 28-P3-APM-BAFC Empenho Discentes da APM 03jul16.pdf
2016-06-25 22:41 - 2016-06-25 22:41 - 00000898 _____ C:\Users\Admin\Desktop\Counter-Strike Global Offensive WaRzOnE.lnk
2016-06-25 22:41 - 2016-06-25 22:41 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive
2016-06-25 22:36 - 2016-06-25 22:37 - 00001107 _____ C:\Users\Admin\Downloads\Police__1_.scs
2016-06-25 19:08 - 2016-07-15 21:59 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\BitTorrent
2016-06-25 18:02 - 2016-06-25 18:02 - 00000000 ____D C:\Users\Admin\Documents\SkidRow
2016-06-25 17:58 - 2016-06-25 17:58 - 00001750 _____ C:\Users\Public\Desktop\American Truck Simulator - Arizona(x86).lnk
2016-06-25 17:58 - 2016-06-25 17:58 - 00001750 _____ C:\Users\Public\Desktop\American Truck Simulator - Arizona(x64).lnk
2016-06-25 17:58 - 2016-06-25 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCS Software
2016-06-25 17:56 - 2016-06-25 17:56 - 00000000 ____D C:\Program Files (x86)\SCS Software
2016-06-25 17:12 - 2016-07-15 22:59 - 00000000 ___SD C:\Users\Admin\AppData\LocalLow\Temp
2016-06-25 16:46 - 2016-06-25 16:46 - 00000000 ____D C:\Users\Admin\Downloads\Counter-Strike Global Offensive - WaRzOnE
2016-06-25 16:40 - 2016-06-25 17:07 - 00000000 ____D C:\Users\Admin\Downloads\American.Truck.Simulator.Arizona-SKIDROW
2016-06-25 16:39 - 2016-06-25 16:39 - 00002675 _____ C:\Users\Admin\Desktop\BitTorrent.lnk
2016-06-25 16:39 - 2016-06-25 16:39 - 00002675 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2016-06-25 16:38 - 2016-07-16 03:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\BitTorrent
2016-06-25 16:38 - 2016-06-25 16:38 - 01963528 _____ (BitTorrent Inc.) C:\Users\Admin\Downloads\BitTorrent-7_9_6_42179.exe
2016-06-25 16:36 - 2016-06-25 16:36 - 00025989 _____ C:\Users\Admin\Downloads\American.Truck.Simulator.Arizona-SKIDROW-by Cadu Gamer.torrent
2016-06-25 16:29 - 2016-06-25 16:29 - 00507116 _____ C:\Users\Admin\Downloads\1 - O.Sv. nº 27-P3-APM-BAFC Empenho Discentes da APM 25Jun16-Sab.pdf
2016-06-25 16:26 - 2016-06-25 16:26 - 00231967 _____ C:\Users\Admin\Downloads\OSv._JPO_MORRO_ALTO_231750Jun16_1v.pdf
2016-06-23 22:34 - 2016-06-23 22:34 - 00000000 ____D C:\Users\Admin\AppData\Local\Macromedia
2016-06-20 20:50 - 2016-06-20 20:50 - 00561821 _____ C:\Users\Admin\Downloads\a-ESCALA_DE_SERVICO_INTERNO_-PLANTOES_DE_RECEPCAO-DOS_DISCENTES-CFSDCSTAPO_2016-20_A_26JUNHO2016.pdf
2016-06-19 18:45 - 2016-06-19 18:45 - 00392060 _____ C:\Users\Admin\Downloads\BPI 2016 - Nr 01530.pdf
2016-06-19 18:40 - 2016-06-19 18:40 - 00002316 _____ C:\Users\Admin\Desktop\MPB Brasil - 90,3 FM - A Rádio que toca exclusivamente música brasileira.html
2016-06-19 18:22 - 2016-06-20 22:40 - 00000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2016-06-19 18:22 - 2016-06-19 18:27 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2016-06-19 18:22 - 2016-06-19 18:22 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-19 18:22 - 2016-06-19 18:22 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-19 18:22 - 2016-06-19 18:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-19 18:22 - 2016-06-19 18:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-19 18:19 - 2016-06-19 18:19 - 00242296 _____ C:\Users\Admin\Downloads\Firefox Setup Stub 47.0.exe
2016-06-19 12:02 - 2016-06-19 12:02 - 00000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2016-06-16 20:14 - 2016-07-10 18:29 - 00094208 ___SH C:\Users\Admin\Documents\Thumbs.db
2016-06-13 21:19 - 2016-06-13 21:19 - 00792527 _____ C:\Users\Admin\Downloads\ESCALA_DE_SERVICO_INTERNO_-_POSTO_AVANCADO_-_DOS_DISCENTES_CFSDCSTAPO-2016-13_a_19JUNHO16.pdf
2016-06-12 12:49 - 2016-06-12 12:51 - 45380289 _____ C:\Users\Admin\Downloads\John_Deere_Planters_Pack.zip
2016-06-12 12:48 - 2016-07-10 14:45 - 00000000 ____D C:\Users\Admin\Documents\American Truck Simulator
2016-06-12 12:48 - 2016-06-12 12:48 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\American Truck Simulator v1.0.0.0s
2016-06-12 12:48 - 2016-06-12 12:48 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2016-06-12 12:47 - 2016-06-12 12:47 - 00000000 ____D C:\2-click run
2016-06-12 12:31 - 2016-06-12 12:32 - 32013962 _____ C:\Users\Admin\Downloads\RutasMortales.rar
2016-06-09 21:21 - 2016-06-09 21:21 - 00001589 _____ C:\Users\Public\Desktop\Brothers in Arms - Hell's Highway.lnk
2016-06-09 21:21 - 2016-06-09 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-06-09 21:05 - 2016-06-09 21:05 - 00000000 ____D C:\Windows\SysWOW64\AGEIA
2016-06-09 21:05 - 2016-06-09 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-09 21:05 - 2016-06-09 21:05 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-06-09 21:05 - 2016-06-09 21:05 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-06-07 21:19 - 2016-06-07 21:19 - 00223280 _____ C:\Users\Admin\Downloads\a_ESCALA_DE_SERVICO_INTERNO_-_PLANTAO_VESTIARO_-_DOS_DISCENTES_CFSDCSTAPO-2016-06_A_11JUNHO2016.pdf
2016-06-06 20:45 - 2016-06-27 09:04 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAdmin
2016-06-06 20:45 - 2016-06-27 09:04 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForAdmin.job
2016-06-05 15:40 - 2016-06-05 15:40 - 00106552 _____ C:\Users\Admin\Downloads\Demonstrativo.pdf
2016-06-05 15:40 - 2016-06-05 15:40 - 00055463 _____ C:\Users\Admin\Downloads\ExtratoConsignacao.pdf
2016-06-05 15:29 - 2016-06-05 15:29 - 00053757 _____ C:\Users\Admin\Downloads\GABARITO_TECNICA_POLICIAL_MILITAR.pdf
2016-06-05 15:27 - 2016-06-05 15:27 - 00067090 _____ C:\Users\Admin\Downloads\GABARITO_-_COMUNICACAO_OPERACIONAIS-_2016-RETIFICADO.pdf
2016-06-05 15:22 - 2016-06-05 15:22 - 00059546 _____ C:\Users\Admin\Downloads\GABARITO_ARMAMANETO_E_EQUIPAMENTO_POLICIAL_27-05-2016.pdf
2016-06-04 19:43 - 2016-06-04 19:43 - 00228536 _____ C:\Users\Admin\Downloads\Representações sociais em movimento _ psicologia do ativismo político - Pedrinho A. Guareschi, Aline Reis Calvo Hernández, Manuel Cárdenas (Psychologist) - Google Livros.html
2016-05-30 20:36 - 2016-05-30 20:36 - 00239803 _____ C:\Users\Admin\Downloads\ACFrOgB8q8B92GgFHf7soYasgWdNhThezlhsHRc2bvxDWaOPq3Mgv9NG9UphNzHfN4Sy9JanNCEkzMWBvSpJ7Uzc9n2rrOqtcJuLTWfLIXw277wTuF-__5Dl0_8hgqw=.pdf
2016-05-26 17:40 - 2016-05-26 17:40 - 00926072 _____ C:\Users\Admin\Downloads\ScriptHookV_1.0.678.1.zip
2016-05-26 17:31 - 2016-05-26 17:32 - 04235264 _____ (New Technology Studio) C:\Users\Admin\Downloads\ovisetup.exe
2016-05-22 19:12 - 2016-05-22 19:12 - 00534280 _____ C:\Users\Admin\Downloads\Exercicios para fixação Historico à Armas de Porte com gabarito questões fechadas (1).pdf
2016-05-22 12:08 - 2016-05-22 12:08 - 00000000 ____D C:\Users\Admin\Desktop\exercicios cfsd
2016-05-22 10:47 - 2016-05-22 10:47 - 00638050 _____ C:\Users\Admin\Downloads\ACFrOgAYur9Brc-GczVyIk3LKG21XsnNzEiVi3PwhFCTz_Q5DISbe7akXNOAuSaasWpXDw7xnUkqApvlxKdJtU63SdHWDErwKCPwYmu7nNDhtlCIUuO4L3LD-a_PLTc=.pdf
2016-05-22 10:45 - 2016-05-22 10:45 - 00534280 _____ C:\Users\Admin\Downloads\Exercicios para fixação Historico à Armas de Porte com gabarito questões fechadas.pdf
2016-05-17 21:31 - 2016-05-17 21:32 - 01879583 _____ C:\Users\Admin\Downloads\104 Carlos Henrique Luiz.pdf
2016-05-15 16:00 - 2016-07-10 08:12 - 00000000 ____D C:\Users\Admin\Desktop\slides aulas
2016-05-15 09:09 - 2016-05-15 09:09 - 00729674 _____ C:\Users\Admin\Downloads\ScriptHookVDotNet.zip
2016-05-15 08:59 - 2016-05-15 08:59 - 07194312 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\vcredist_x64.exe
2016-05-15 08:59 - 2016-05-15 08:59 - 06503984 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\vcredist_x86 (1).exe
2016-05-15 08:59 - 2016-05-15 08:59 - 01420840 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\vcredist_arm.exe
2016-05-15 00:06 - 2016-05-26 17:25 - 00000967 _____ C:\Users\Public\Desktop\PoliceMod 2.lnk
2016-05-15 00:06 - 2016-05-15 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PoliceMod 2
2016-05-14 22:37 - 2016-05-14 22:39 - 69999448 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\NDP452-KB2901907-x86-x64-AllOS-ENU.exe
2016-05-14 22:32 - 2016-05-14 22:32 - 05073240 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\vcredist_x86.exe
2016-05-14 22:05 - 2016-05-14 22:05 - 08096502 _____ C:\Users\Admin\Downloads\4e6025-Police Mod 1.0b (1).zip
2016-05-08 22:08 - 2016-05-08 22:08 - 00001606 _____ C:\Users\Admin\Desktop\Island Flight Simulator.lnk
2016-05-08 22:08 - 2016-05-08 22:08 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Island Flight Simulator
2016-05-08 22:07 - 2016-05-08 22:08 - 00000000 ____D C:\Island Flight Simulator
2016-05-08 20:24 - 2016-05-08 20:25 - 00000000 ____D C:\Users\Admin\Island.Flight.Simulator.MULTI3-0x0815
2016-05-08 13:04 - 2016-05-08 13:04 - 02027925 _____ C:\Users\Admin\Downloads\Unidade VI - Aulas 15-16-17-18 - Resenha (4).pdf
2016-05-08 13:03 - 2016-05-08 13:03 - 00039895 _____ C:\Users\Admin\Downloads\Resenha Sociologia do Crime (3).pdf
2016-05-08 12:31 - 2016-05-08 12:31 - 01879583 _____ C:\Users\Admin\Downloads\104 Carlos Henrique Luiz- monografia metodologia.pdf
2016-05-07 17:57 - 2016-05-07 17:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Hewlett-Packard
2016-05-07 17:50 - 2016-05-07 17:50 - 00002231 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2016-05-07 17:50 - 2016-05-07 17:50 - 00000000 ____D C:\System.sav
2016-05-07 17:50 - 2016-05-07 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-05-07 17:49 - 2016-05-15 21:04 - 00000000 ____D C:\Users\Todos os Usuários\Hewlett-Packard
2016-05-07 17:49 - 2016-05-15 21:04 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-05-07 17:49 - 2016-05-07 17:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\hpqLog
2016-05-07 17:41 - 2016-05-14 22:03 - 00000000 ____D C:\Users\Admin\AppData\Roaming\HpUpdate
2016-05-07 17:41 - 2016-05-07 17:41 - 00003606 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 3510 series
2016-05-07 17:41 - 2016-05-07 17:41 - 00002212 _____ C:\Users\Public\Desktop\HP Deskjet 3510 series.lnk
2016-05-07 17:41 - 2016-05-07 17:41 - 00001995 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2016-05-07 17:41 - 2016-05-07 17:41 - 00001159 _____ C:\Users\Public\Desktop\Comprar suprimentos - HP Deskjet 3510 series.lnk
2016-05-07 17:41 - 2016-05-07 17:41 - 00000000 ____D C:\Users\Todos os Usuários\Visan
2016-05-07 17:41 - 2016-05-07 17:41 - 00000000 ____D C:\Users\Todos os Usuários\HP Photo Creations
2016-05-07 17:41 - 2016-05-07 17:41 - 00000000 ____D C:\ProgramData\Visan
2016-05-07 17:41 - 2016-05-07 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-05-07 17:41 - 2016-05-07 17:41 - 00000000 ____D C:\ProgramData\HP Photo Creations
2016-05-07 17:41 - 2016-05-07 17:41 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2016-05-07 17:41 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMAD11.dll
2016-05-07 17:40 - 2016-05-07 17:57 - 00000000 ____D C:\Users\Admin\AppData\Local\HP
2016-05-07 17:40 - 2016-05-07 17:41 - 00000000 ____D C:\Program Files (x86)\HP
2016-05-07 17:40 - 2016-05-07 17:40 - 00000057 _____ C:\Users\Todos os Usuários\Ament.ini
2016-05-07 17:40 - 2016-05-07 17:40 - 00000057 _____ C:\ProgramData\Ament.ini
2016-05-07 17:40 - 2016-05-07 17:40 - 00000000 ____D C:\Users\Todos os Usuários\HP
2016-05-07 17:40 - 2016-05-07 17:40 - 00000000 ____D C:\ProgramData\HP
2016-05-07 17:40 - 2016-05-07 17:40 - 00000000 ____D C:\Program Files\HP
2016-05-07 17:31 - 2016-07-13 22:00 - 00000000 ____D C:\Users\Admin\Downloads\HP Downloads
2016-05-07 17:31 - 2016-05-15 21:04 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2016-05-07 17:31 - 2016-05-15 21:04 - 00000000 ____D C:\Users\Admin\AppData\Local\Hewlett-Packard
2016-05-07 17:31 - 2016-05-07 17:50 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-05-07 17:30 - 2016-05-07 17:30 - 03836976 _____ (Oleg N. Scherbakov) C:\Users\Admin\Downloads\HPSupportSolutionsFramework-12.3.11.29.exe
2016-05-07 17:27 - 2016-06-20 21:03 - 00000000 ___RD C:\Users\Admin\Documents\Scanned Documents
2016-05-07 17:27 - 2016-05-07 17:29 - 00000000 ____D C:\Users\Admin\Documents\Fax
2016-05-07 16:29 - 2016-07-10 18:36 - 00000000 ____D C:\Users\Admin\Desktop\TRABALHOS CFSD
2016-05-07 12:21 - 2016-05-07 18:04 - 13622748 _____ C:\Users\Admin\Downloads\Manual de Ordem Unida - C 22-5.pdf
2016-05-07 09:37 - 2016-06-12 12:35 - 00000000 ____D C:\Users\Admin\Documents\Euro Truck Simulator 2
2016-05-06 22:20 - 2016-05-06 22:20 - 00000222 _____ C:\Users\Admin\Desktop\Euro Truck Simulator 2.url
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-17 09:57 - 2015-09-14 10:26 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-17 09:50 - 2015-07-03 13:13 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-17 08:35 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-17 08:35 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-17 08:33 - 2009-07-14 14:55 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-07-17 08:33 - 2009-07-14 14:55 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-07-17 08:33 - 2009-07-14 02:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-17 08:33 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-07-17 08:29 - 2015-12-07 20:01 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Spotify
2016-07-17 08:29 - 2015-07-10 20:39 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-17 08:28 - 2015-12-07 20:19 - 00000000 ____D C:\Users\Admin\AppData\Local\Spotify
2016-07-17 08:28 - 2015-07-03 13:13 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-17 08:27 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-16 21:58 - 2015-07-03 13:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-16 21:58 - 2015-07-03 13:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-16 20:54 - 2015-07-03 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-07-16 20:53 - 2015-07-03 13:13 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-07-16 20:52 - 2015-07-03 13:18 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-07-16 20:52 - 2015-07-03 13:18 - 00001912 _____ C:\Windows\epplauncher.mif
2016-07-16 20:52 - 2015-07-03 13:18 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-07-16 20:52 - 2015-07-03 13:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-07-16 03:54 - 2015-07-05 13:48 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-16 03:54 - 2015-07-05 13:48 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-14 15:30 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
2016-07-13 21:57 - 2015-09-14 10:26 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-13 20:57 - 2015-07-20 08:06 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-13 20:57 - 2015-07-20 08:06 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-13 20:57 - 2015-07-20 08:06 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-13 20:57 - 2015-07-20 08:06 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-12 22:37 - 2015-10-18 20:36 - 00000000 ____D C:\Users\Admin\Downloads\Nova pasta
2016-07-12 22:33 - 2015-08-21 22:09 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-07-12 21:07 - 2015-07-17 21:49 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-07-11 22:49 - 2015-07-18 20:02 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-11 22:37 - 2015-09-01 11:12 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Steam
2016-07-10 19:59 - 2015-10-07 21:42 - 00001190 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2016-07-10 19:59 - 2015-10-07 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2016-07-10 15:45 - 2015-12-07 19:44 - 00000000 ____D C:\Users\Admin\spoti
2016-07-10 13:54 - 2016-02-01 09:07 - 00000000 ____D C:\Users\Admin\Downloads\Nova pasta (4)
2016-07-09 20:08 - 2016-02-01 09:22 - 00000000 ____D C:\Users\Admin\Downloads\Nova pasta (5)
2016-07-06 21:39 - 2015-07-05 13:06 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-27 09:10 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-25 22:34 - 2015-07-06 21:07 - 00000000 ____D C:\Games
2016-06-17 21:51 - 2015-07-03 13:13 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 21:51 - 2015-07-03 13:13 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Arquivos na raiz de alguns diretórios =======
2016-07-10 18:25 - 2016-07-10 18:25 - 0003584 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-11 11:07 - 2016-01-11 11:07 - 0000000 _____ () C:\Users\Admin\AppData\Local\{38AAD789-F6D3-4D36-BCBA-04FAAC722E13}
2016-02-02 07:07 - 2016-02-02 07:07 - 0000000 _____ () C:\Users\Admin\AppData\Local\{B70D71F3-259E-4A1E-9EBA-4D70D1CE9350}
2016-05-07 17:40 - 2016-05-07 17:40 - 0000057 _____ () C:\ProgramData\Ament.ini
Alguns arquivos em TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\amd-catalyst-omega-14.12-with-dotnet45-win7-64bit.exe
C:\Users\Admin\AppData\Local\Temp\atcMedia3791444254246.exe
C:\Users\Admin\AppData\Local\Temp\atcMedia9191468180575.exe
C:\Users\Admin\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Admin\AppData\Local\Temp\raptrpatch.exe
C:\Users\Admin\AppData\Local\Temp\raptr_stub.exe
C:\Users\Admin\AppData\Local\Temp\tmp3ACE.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-07-17 09:36
==================== Fim de FRST.txt ============================
Executado por Admin (administrador) em PCI5 (17-07-2016 10:46:11)
Executando a partir de C:\Users\Admin\Downloads
Perfis Carregados: Admin (Perfis Disponíveis: Admin)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
() C:\Program Files (x86)\Connect Manager\AssistantServices.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
() C:\Program Files (x86)\Connect Manager\UIExec.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\Connect Manager\UIExec.exe [138584 2010-09-25] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758280 2016-06-16] (APN)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation)
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\...\Run: [Spotify Web Helper] => C:\Users\Admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-13] (Spotify Ltd)
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\...\Run: [Spotify] => C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-13] (Spotify Ltd)
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\...\Run: [Spotydl] => C:\Program Files (x86)\Spotydl\spotydl.exe -s
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\...\MountPoints2: {15d984db-243a-11e5-8648-08606ed1675b} - F:\setup.exe
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 3510 series (Rede).lnk [2016-07-17]
ShortcutTarget: Monitorar alertas de tinta - HP Deskjet 3510 series (Rede).lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyEnable: [S-1-5-21-3760824119-2999690160-2574430072-1000] => Proxy está habilitado.
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8880AF36-EF50-493C-95CB-E8C1E85C7662}: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{ABFD580E-0169-48D1-A98C-7A8BAADFEEED}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggbeAFcWQ5FFRhGJQ0BTA0QFwEOIlpaBBRAFFEbcVpbVVxBRQ0FIk0FA1ADB0VXfVBdFElXTwhxIUNXE24UQw==
HKU\S-1-5-21-3760824119-2999690160-2574430072-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggbeAFcWQ5FFRhGJQ0BTA0QFwEOIlpaBBRAFFEbcVpbVVxBRQ0FIk0FA1ADB0VXfVBdFElXTwhxIUNXE24UQw==
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQEAWV1JFgEXbVxdVQBcFVQVdBRaAlsUDAQWJAEJAlpFRAVHeB9aFQQTSEcFME0FCFwEURNNfWtZG1YDdlBB&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQEAWV1JFgEXbVxdVQBcFVQVdBRaAlsUDAQWJAEJAlpFRAVHeB9aFQQTSEcFME0FCFwEURNNfWtZG1YDdlBB&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3760824119-2999690160-2574430072-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQEAWV1JFgEXbVxdVQBcFVQVdBRaAlsUDAQWJAEJAlpFRAVHeB9aFQQTSEcFME0FCFwEURNNfWtZG1YDdlBB&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3760824119-2999690160-2574430072-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQEAWV1JFgEXbVxdVQBcFVQVdBRaAlsUDAQWJAEJAlpFRAVHeB9aFQQTSEcFME0FCFwEURNNfWtZG1YDdlBB&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll [2015-08-04] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll [2015-08-04] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-03] (Oracle Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-03] (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\079p0edl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2015-08-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2015-08-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-03] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> teoma.com/?gct=hp
CHR DefaultSearchURL: Default -> hxxps://www.teoma.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://teoma.com
CHR DefaultSuggestURL: Default -> hxxp://www.teoma.com/ss?type=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-04]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-04]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Planilhas do Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-04]
CHR Extension: (Documentos Google off-line) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-06]
CHR Extension: (VoiceNote II - Speech to text) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfmldhibfm [2016-05-09]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-06]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-04]
CHR HKLM\...\Chrome\Extension: [fhnobihfdnklhoilcilfogdcegekpgfn] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\fhnobihfdnklhoilcilfogdcegekpgfn.crx [2016-06-16]
CHR HKLM-x32\...\Chrome\Extension: [fhnobihfdnklhoilcilfogdcegekpgfn] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\fhnobihfdnklhoilcilfogdcegekpgfn.crx [2016-06-16]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [198216 2016-06-16] (APN LLC.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 UI Assistant Service; C:\Program Files (x86)\Connect Manager\AssistantServices.exe [252784 2010-09-25] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-10-22] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-07-06] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-17 10:43 - 2016-07-17 10:43 - 00032548 _____ C:\Users\Admin\Downloads\Addition.txt
2016-07-17 10:42 - 2016-07-17 10:46 - 00015142 _____ C:\Users\Admin\Downloads\FRST.txt
2016-07-17 10:42 - 2016-07-17 10:46 - 00000000 ____D C:\FRST
2016-07-17 10:41 - 2016-07-17 10:41 - 02391040 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2016-07-17 09:17 - 2016-07-17 09:17 - 01034556 _____ C:\Users\Admin\Downloads\Windows6.1-KB2999226-x64 (1).msu
2016-07-16 20:26 - 2016-06-25 13:03 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2016-07-16 03:12 - 2016-07-16 03:12 - 00000755 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emergency 2016.lnk
2016-07-16 03:12 - 2016-07-16 03:12 - 00000743 _____ C:\Users\Public\Desktop\Emergency 2016.lnk
2016-07-16 03:11 - 2016-07-16 03:26 - 00000000 ____D C:\Program Files\Emergency 2016
2016-07-15 22:01 - 2016-07-16 00:52 - 00000000 ____D C:\Users\Admin\Downloads\Emergency.2016-RELOADED
2016-07-15 21:09 - 2016-07-15 21:09 - 04793407 _____ C:\Users\Admin\Downloads\INFORMATIVO ESBELTO INFANTE.pdf
2016-07-15 21:03 - 2016-07-15 21:03 - 00194314 _____ C:\Users\Admin\Downloads\VESTIARIO-1_Atualizada.pdf
2016-07-15 21:02 - 2016-07-15 21:02 - 00086954 _____ C:\Users\Admin\Downloads\ESCALA_16JUL16-SAB.pdf
2016-07-14 14:41 - 2016-07-17 08:28 - 00003416 _____ C:\Windows\System32\Tasks\SteamClient
2016-07-13 21:58 - 2012-06-02 19:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-07-13 21:58 - 2012-06-02 19:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-07-13 21:58 - 2012-06-02 19:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-07-13 21:58 - 2012-06-02 19:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-07-13 21:57 - 2012-06-02 19:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-07-13 21:57 - 2012-06-02 19:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-07-13 21:57 - 2012-06-02 19:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-07-13 21:57 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-07-13 21:57 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-07-13 21:54 - 2016-07-13 21:55 - 14749120 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\vc_redist.x64.exe
2016-07-12 22:36 - 2016-07-12 22:36 - 00013188 _____ C:\Users\Admin\Downloads\api-ms-win-crt-runtime-l1-1-0 (2).zip
2016-07-12 22:36 - 2016-07-12 22:36 - 00003143 _____ C:\Users\Admin\Downloads\api-ms-win-crt-runtime-l1-1-0 (1).zip
2016-07-12 22:36 - 2015-05-29 10:28 - 00007680 ____N (Microsoft Corporation) C:\Users\Admin\Downloads\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-12 22:36 - 2013-07-30 12:04 - 00001003 ____N C:\Users\Admin\Downloads\README.txt
2016-07-12 22:34 - 2016-07-12 22:34 - 00315624 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\dxwebsetup (2).exe
2016-07-12 22:33 - 2016-07-12 22:33 - 00315624 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\dxwebsetup (1).exe
2016-07-12 22:18 - 2016-07-12 22:18 - 01034556 _____ C:\Users\Admin\Downloads\Windows6.1-KB2999226-x64.msu
2016-07-10 21:29 - 2016-07-10 21:29 - 00003143 _____ C:\Users\Admin\Downloads\api-ms-win-crt-runtime-l1-1-0.zip
2016-07-10 19:59 - 2016-07-10 19:59 - 00000000 ____D C:\Users\Todos os Usuários\AskPartnerNetwork
2016-07-10 19:59 - 2016-07-10 19:59 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2016-07-10 19:59 - 2016-07-10 19:59 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2016-07-10 19:59 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2016-07-10 19:57 - 2016-07-10 19:59 - 17463680 _____ (DsNET Corp ) C:\Users\Admin\Downloads\aTube_Catcher_ATU3_9024.exe
2016-07-10 19:18 - 2016-07-16 03:11 - 00000000 ____D C:\Program Files (x86)\Emergency 2016
2016-07-10 18:29 - 2016-07-10 18:29 - 00223211 _____ C:\Users\Admin\Documents\d2c79cf2418d943660c17ef80c651c7b228.jpeg
2016-07-10 18:25 - 2016-07-10 18:25 - 00003584 _____ C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-10 17:46 - 2016-07-10 17:46 - 00000000 ____D C:\Users\Admin\Desktop\Nova pasta
2016-07-10 17:15 - 2016-07-10 17:15 - 00019943 _____ C:\Users\Admin\Downloads\1 CA.ods
2016-07-10 14:51 - 2016-07-10 16:58 - 00000000 ____D C:\Users\Admin\Downloads\Emergency 2016
2016-07-10 14:16 - 2016-07-10 14:26 - 91277874 _____ C:\Users\Admin\Downloads\Coast_to_Coast_v1.7.1.scs
2016-07-10 08:14 - 2016-07-10 08:14 - 15389481 _____ C:\Users\Admin\Downloads\C-21-74 TMB.pdf
2016-07-09 19:49 - 2016-07-09 19:49 - 00001107 _____ C:\Users\Admin\Downloads\Police__1_ (1).scs
2016-07-09 18:52 - 2016-07-09 18:52 - 00053133 _____ C:\Users\Admin\Downloads\GABARITO_INTRODUCAO_AO_ESTUDO_DO_DIREITO_09-07-2016.pdf
2016-07-08 23:31 - 2016-07-08 23:31 - 00698994 _____ C:\Users\Admin\Downloads\1 - O.Sv. nº 30-P3-APM-BAFC Empenho Discentes da APM 03jul16-doc.pdf
2016-07-08 23:28 - 2016-07-08 23:28 - 00292298 _____ C:\Users\Admin\Downloads\ESCALA_EFETIVO_E_HIPOTECA_VIRADA_CULTURAL_2016.pdf
2016-07-07 22:31 - 2016-07-07 22:31 - 00139517 _____ C:\Users\Admin\Downloads\ATO_CANCELAMENTO_INSCRICAO_CFS_2016.pdf
2016-07-02 07:18 - 2016-07-02 07:18 - 00232438 _____ C:\Users\Admin\Downloads\Trabalho 2 POG 2016.pdf
2016-07-01 23:57 - 2016-07-01 23:57 - 00781087 _____ C:\Users\Admin\Downloads\ESCALA_DE_SERVICO_INTERNO_-_POSTO_AVANCADO_27JUN_A_03JUL.pdf
2016-07-01 23:56 - 2016-07-01 23:57 - 00561181 _____ C:\Users\Admin\Downloads\ESCALAS_DE_RECEPCOES_-_EFSD_-_27JUN_A_03JUL.pdf
2016-07-01 23:56 - 2016-07-01 23:56 - 00369274 _____ C:\Users\Admin\Downloads\PLANTAO_DE_VESTIARIO_-_27JUN_A_02JUL.pdf
2016-07-01 22:08 - 2016-07-01 22:08 - 00535962 _____ C:\Users\Admin\Downloads\1 - O.Sv. nº 28-P3-APM-BAFC Empenho Discentes da APM 03jul16.pdf
2016-06-25 22:41 - 2016-06-25 22:41 - 00000898 _____ C:\Users\Admin\Desktop\Counter-Strike Global Offensive WaRzOnE.lnk
2016-06-25 22:41 - 2016-06-25 22:41 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive
2016-06-25 22:36 - 2016-06-25 22:37 - 00001107 _____ C:\Users\Admin\Downloads\Police__1_.scs
2016-06-25 19:08 - 2016-07-15 21:59 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\BitTorrent
2016-06-25 18:02 - 2016-06-25 18:02 - 00000000 ____D C:\Users\Admin\Documents\SkidRow
2016-06-25 17:58 - 2016-06-25 17:58 - 00001750 _____ C:\Users\Public\Desktop\American Truck Simulator - Arizona(x86).lnk
2016-06-25 17:58 - 2016-06-25 17:58 - 00001750 _____ C:\Users\Public\Desktop\American Truck Simulator - Arizona(x64).lnk
2016-06-25 17:58 - 2016-06-25 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCS Software
2016-06-25 17:56 - 2016-06-25 17:56 - 00000000 ____D C:\Program Files (x86)\SCS Software
2016-06-25 17:12 - 2016-07-15 22:59 - 00000000 ___SD C:\Users\Admin\AppData\LocalLow\Temp
2016-06-25 16:46 - 2016-06-25 16:46 - 00000000 ____D C:\Users\Admin\Downloads\Counter-Strike Global Offensive - WaRzOnE
2016-06-25 16:40 - 2016-06-25 17:07 - 00000000 ____D C:\Users\Admin\Downloads\American.Truck.Simulator.Arizona-SKIDROW
2016-06-25 16:39 - 2016-06-25 16:39 - 00002675 _____ C:\Users\Admin\Desktop\BitTorrent.lnk
2016-06-25 16:39 - 2016-06-25 16:39 - 00002675 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2016-06-25 16:38 - 2016-07-16 03:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\BitTorrent
2016-06-25 16:38 - 2016-06-25 16:38 - 01963528 _____ (BitTorrent Inc.) C:\Users\Admin\Downloads\BitTorrent-7_9_6_42179.exe
2016-06-25 16:36 - 2016-06-25 16:36 - 00025989 _____ C:\Users\Admin\Downloads\American.Truck.Simulator.Arizona-SKIDROW-by Cadu Gamer.torrent
2016-06-25 16:29 - 2016-06-25 16:29 - 00507116 _____ C:\Users\Admin\Downloads\1 - O.Sv. nº 27-P3-APM-BAFC Empenho Discentes da APM 25Jun16-Sab.pdf
2016-06-25 16:26 - 2016-06-25 16:26 - 00231967 _____ C:\Users\Admin\Downloads\OSv._JPO_MORRO_ALTO_231750Jun16_1v.pdf
2016-06-23 22:34 - 2016-06-23 22:34 - 00000000 ____D C:\Users\Admin\AppData\Local\Macromedia
2016-06-20 20:50 - 2016-06-20 20:50 - 00561821 _____ C:\Users\Admin\Downloads\a-ESCALA_DE_SERVICO_INTERNO_-PLANTOES_DE_RECEPCAO-DOS_DISCENTES-CFSDCSTAPO_2016-20_A_26JUNHO2016.pdf
2016-06-19 18:45 - 2016-06-19 18:45 - 00392060 _____ C:\Users\Admin\Downloads\BPI 2016 - Nr 01530.pdf
2016-06-19 18:40 - 2016-06-19 18:40 - 00002316 _____ C:\Users\Admin\Desktop\MPB Brasil - 90,3 FM - A Rádio que toca exclusivamente música brasileira.html
2016-06-19 18:22 - 2016-06-20 22:40 - 00000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2016-06-19 18:22 - 2016-06-19 18:27 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2016-06-19 18:22 - 2016-06-19 18:22 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-19 18:22 - 2016-06-19 18:22 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-19 18:22 - 2016-06-19 18:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-19 18:22 - 2016-06-19 18:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-19 18:19 - 2016-06-19 18:19 - 00242296 _____ C:\Users\Admin\Downloads\Firefox Setup Stub 47.0.exe
2016-06-19 12:02 - 2016-06-19 12:02 - 00000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2016-06-16 20:14 - 2016-07-10 18:29 - 00094208 ___SH C:\Users\Admin\Documents\Thumbs.db
2016-06-13 21:19 - 2016-06-13 21:19 - 00792527 _____ C:\Users\Admin\Downloads\ESCALA_DE_SERVICO_INTERNO_-_POSTO_AVANCADO_-_DOS_DISCENTES_CFSDCSTAPO-2016-13_a_19JUNHO16.pdf
2016-06-12 12:49 - 2016-06-12 12:51 - 45380289 _____ C:\Users\Admin\Downloads\John_Deere_Planters_Pack.zip
2016-06-12 12:48 - 2016-07-10 14:45 - 00000000 ____D C:\Users\Admin\Documents\American Truck Simulator
2016-06-12 12:48 - 2016-06-12 12:48 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\American Truck Simulator v1.0.0.0s
2016-06-12 12:48 - 2016-06-12 12:48 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2016-06-12 12:47 - 2016-06-12 12:47 - 00000000 ____D C:\2-click run
2016-06-12 12:31 - 2016-06-12 12:32 - 32013962 _____ C:\Users\Admin\Downloads\RutasMortales.rar
2016-06-09 21:21 - 2016-06-09 21:21 - 00001589 _____ C:\Users\Public\Desktop\Brothers in Arms - Hell's Highway.lnk
2016-06-09 21:21 - 2016-06-09 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-06-09 21:05 - 2016-06-09 21:05 - 00000000 ____D C:\Windows\SysWOW64\AGEIA
2016-06-09 21:05 - 2016-06-09 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-09 21:05 - 2016-06-09 21:05 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-06-09 21:05 - 2016-06-09 21:05 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-06-07 21:19 - 2016-06-07 21:19 - 00223280 _____ C:\Users\Admin\Downloads\a_ESCALA_DE_SERVICO_INTERNO_-_PLANTAO_VESTIARO_-_DOS_DISCENTES_CFSDCSTAPO-2016-06_A_11JUNHO2016.pdf
2016-06-06 20:45 - 2016-06-27 09:04 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAdmin
2016-06-06 20:45 - 2016-06-27 09:04 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForAdmin.job
2016-06-05 15:40 - 2016-06-05 15:40 - 00106552 _____ C:\Users\Admin\Downloads\Demonstrativo.pdf
2016-06-05 15:40 - 2016-06-05 15:40 - 00055463 _____ C:\Users\Admin\Downloads\ExtratoConsignacao.pdf
2016-06-05 15:29 - 2016-06-05 15:29 - 00053757 _____ C:\Users\Admin\Downloads\GABARITO_TECNICA_POLICIAL_MILITAR.pdf
2016-06-05 15:27 - 2016-06-05 15:27 - 00067090 _____ C:\Users\Admin\Downloads\GABARITO_-_COMUNICACAO_OPERACIONAIS-_2016-RETIFICADO.pdf
2016-06-05 15:22 - 2016-06-05 15:22 - 00059546 _____ C:\Users\Admin\Downloads\GABARITO_ARMAMANETO_E_EQUIPAMENTO_POLICIAL_27-05-2016.pdf
2016-06-04 19:43 - 2016-06-04 19:43 - 00228536 _____ C:\Users\Admin\Downloads\Representações sociais em movimento _ psicologia do ativismo político - Pedrinho A. Guareschi, Aline Reis Calvo Hernández, Manuel Cárdenas (Psychologist) - Google Livros.html
2016-05-30 20:36 - 2016-05-30 20:36 - 00239803 _____ C:\Users\Admin\Downloads\ACFrOgB8q8B92GgFHf7soYasgWdNhThezlhsHRc2bvxDWaOPq3Mgv9NG9UphNzHfN4Sy9JanNCEkzMWBvSpJ7Uzc9n2rrOqtcJuLTWfLIXw277wTuF-__5Dl0_8hgqw=.pdf
2016-05-26 17:40 - 2016-05-26 17:40 - 00926072 _____ C:\Users\Admin\Downloads\ScriptHookV_1.0.678.1.zip
2016-05-26 17:31 - 2016-05-26 17:32 - 04235264 _____ (New Technology Studio) C:\Users\Admin\Downloads\ovisetup.exe
2016-05-22 19:12 - 2016-05-22 19:12 - 00534280 _____ C:\Users\Admin\Downloads\Exercicios para fixação Historico à Armas de Porte com gabarito questões fechadas (1).pdf
2016-05-22 12:08 - 2016-05-22 12:08 - 00000000 ____D C:\Users\Admin\Desktop\exercicios cfsd
2016-05-22 10:47 - 2016-05-22 10:47 - 00638050 _____ C:\Users\Admin\Downloads\ACFrOgAYur9Brc-GczVyIk3LKG21XsnNzEiVi3PwhFCTz_Q5DISbe7akXNOAuSaasWpXDw7xnUkqApvlxKdJtU63SdHWDErwKCPwYmu7nNDhtlCIUuO4L3LD-a_PLTc=.pdf
2016-05-22 10:45 - 2016-05-22 10:45 - 00534280 _____ C:\Users\Admin\Downloads\Exercicios para fixação Historico à Armas de Porte com gabarito questões fechadas.pdf
2016-05-17 21:31 - 2016-05-17 21:32 - 01879583 _____ C:\Users\Admin\Downloads\104 Carlos Henrique Luiz.pdf
2016-05-15 16:00 - 2016-07-10 08:12 - 00000000 ____D C:\Users\Admin\Desktop\slides aulas
2016-05-15 09:09 - 2016-05-15 09:09 - 00729674 _____ C:\Users\Admin\Downloads\ScriptHookVDotNet.zip
2016-05-15 08:59 - 2016-05-15 08:59 - 07194312 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\vcredist_x64.exe
2016-05-15 08:59 - 2016-05-15 08:59 - 06503984 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\vcredist_x86 (1).exe
2016-05-15 08:59 - 2016-05-15 08:59 - 01420840 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\vcredist_arm.exe
2016-05-15 00:06 - 2016-05-26 17:25 - 00000967 _____ C:\Users\Public\Desktop\PoliceMod 2.lnk
2016-05-15 00:06 - 2016-05-15 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PoliceMod 2
2016-05-14 22:37 - 2016-05-14 22:39 - 69999448 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\NDP452-KB2901907-x86-x64-AllOS-ENU.exe
2016-05-14 22:32 - 2016-05-14 22:32 - 05073240 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\vcredist_x86.exe
2016-05-14 22:05 - 2016-05-14 22:05 - 08096502 _____ C:\Users\Admin\Downloads\4e6025-Police Mod 1.0b (1).zip
2016-05-08 22:08 - 2016-05-08 22:08 - 00001606 _____ C:\Users\Admin\Desktop\Island Flight Simulator.lnk
2016-05-08 22:08 - 2016-05-08 22:08 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Island Flight Simulator
2016-05-08 22:07 - 2016-05-08 22:08 - 00000000 ____D C:\Island Flight Simulator
2016-05-08 20:24 - 2016-05-08 20:25 - 00000000 ____D C:\Users\Admin\Island.Flight.Simulator.MULTI3-0x0815
2016-05-08 13:04 - 2016-05-08 13:04 - 02027925 _____ C:\Users\Admin\Downloads\Unidade VI - Aulas 15-16-17-18 - Resenha (4).pdf
2016-05-08 13:03 - 2016-05-08 13:03 - 00039895 _____ C:\Users\Admin\Downloads\Resenha Sociologia do Crime (3).pdf
2016-05-08 12:31 - 2016-05-08 12:31 - 01879583 _____ C:\Users\Admin\Downloads\104 Carlos Henrique Luiz- monografia metodologia.pdf
2016-05-07 17:57 - 2016-05-07 17:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Hewlett-Packard
2016-05-07 17:50 - 2016-05-07 17:50 - 00002231 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2016-05-07 17:50 - 2016-05-07 17:50 - 00000000 ____D C:\System.sav
2016-05-07 17:50 - 2016-05-07 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-05-07 17:49 - 2016-05-15 21:04 - 00000000 ____D C:\Users\Todos os Usuários\Hewlett-Packard
2016-05-07 17:49 - 2016-05-15 21:04 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-05-07 17:49 - 2016-05-07 17:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\hpqLog
2016-05-07 17:41 - 2016-05-14 22:03 - 00000000 ____D C:\Users\Admin\AppData\Roaming\HpUpdate
2016-05-07 17:41 - 2016-05-07 17:41 - 00003606 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 3510 series
2016-05-07 17:41 - 2016-05-07 17:41 - 00002212 _____ C:\Users\Public\Desktop\HP Deskjet 3510 series.lnk
2016-05-07 17:41 - 2016-05-07 17:41 - 00001995 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2016-05-07 17:41 - 2016-05-07 17:41 - 00001159 _____ C:\Users\Public\Desktop\Comprar suprimentos - HP Deskjet 3510 series.lnk
2016-05-07 17:41 - 2016-05-07 17:41 - 00000000 ____D C:\Users\Todos os Usuários\Visan
2016-05-07 17:41 - 2016-05-07 17:41 - 00000000 ____D C:\Users\Todos os Usuários\HP Photo Creations
2016-05-07 17:41 - 2016-05-07 17:41 - 00000000 ____D C:\ProgramData\Visan
2016-05-07 17:41 - 2016-05-07 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-05-07 17:41 - 2016-05-07 17:41 - 00000000 ____D C:\ProgramData\HP Photo Creations
2016-05-07 17:41 - 2016-05-07 17:41 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2016-05-07 17:41 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMAD11.dll
2016-05-07 17:40 - 2016-05-07 17:57 - 00000000 ____D C:\Users\Admin\AppData\Local\HP
2016-05-07 17:40 - 2016-05-07 17:41 - 00000000 ____D C:\Program Files (x86)\HP
2016-05-07 17:40 - 2016-05-07 17:40 - 00000057 _____ C:\Users\Todos os Usuários\Ament.ini
2016-05-07 17:40 - 2016-05-07 17:40 - 00000057 _____ C:\ProgramData\Ament.ini
2016-05-07 17:40 - 2016-05-07 17:40 - 00000000 ____D C:\Users\Todos os Usuários\HP
2016-05-07 17:40 - 2016-05-07 17:40 - 00000000 ____D C:\ProgramData\HP
2016-05-07 17:40 - 2016-05-07 17:40 - 00000000 ____D C:\Program Files\HP
2016-05-07 17:31 - 2016-07-13 22:00 - 00000000 ____D C:\Users\Admin\Downloads\HP Downloads
2016-05-07 17:31 - 2016-05-15 21:04 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2016-05-07 17:31 - 2016-05-15 21:04 - 00000000 ____D C:\Users\Admin\AppData\Local\Hewlett-Packard
2016-05-07 17:31 - 2016-05-07 17:50 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-05-07 17:30 - 2016-05-07 17:30 - 03836976 _____ (Oleg N. Scherbakov) C:\Users\Admin\Downloads\HPSupportSolutionsFramework-12.3.11.29.exe
2016-05-07 17:27 - 2016-06-20 21:03 - 00000000 ___RD C:\Users\Admin\Documents\Scanned Documents
2016-05-07 17:27 - 2016-05-07 17:29 - 00000000 ____D C:\Users\Admin\Documents\Fax
2016-05-07 16:29 - 2016-07-10 18:36 - 00000000 ____D C:\Users\Admin\Desktop\TRABALHOS CFSD
2016-05-07 12:21 - 2016-05-07 18:04 - 13622748 _____ C:\Users\Admin\Downloads\Manual de Ordem Unida - C 22-5.pdf
2016-05-07 09:37 - 2016-06-12 12:35 - 00000000 ____D C:\Users\Admin\Documents\Euro Truck Simulator 2
2016-05-06 22:20 - 2016-05-06 22:20 - 00000222 _____ C:\Users\Admin\Desktop\Euro Truck Simulator 2.url
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-17 09:57 - 2015-09-14 10:26 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-17 09:50 - 2015-07-03 13:13 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-17 08:35 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-17 08:35 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-17 08:33 - 2009-07-14 14:55 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-07-17 08:33 - 2009-07-14 14:55 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-07-17 08:33 - 2009-07-14 02:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-17 08:33 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-07-17 08:29 - 2015-12-07 20:01 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Spotify
2016-07-17 08:29 - 2015-07-10 20:39 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-17 08:28 - 2015-12-07 20:19 - 00000000 ____D C:\Users\Admin\AppData\Local\Spotify
2016-07-17 08:28 - 2015-07-03 13:13 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-17 08:27 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-16 21:58 - 2015-07-03 13:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-16 21:58 - 2015-07-03 13:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-16 20:54 - 2015-07-03 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-07-16 20:53 - 2015-07-03 13:13 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-07-16 20:52 - 2015-07-03 13:18 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-07-16 20:52 - 2015-07-03 13:18 - 00001912 _____ C:\Windows\epplauncher.mif
2016-07-16 20:52 - 2015-07-03 13:18 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-07-16 20:52 - 2015-07-03 13:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-07-16 03:54 - 2015-07-05 13:48 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-16 03:54 - 2015-07-05 13:48 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-14 15:30 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
2016-07-13 21:57 - 2015-09-14 10:26 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-13 20:57 - 2015-07-20 08:06 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-13 20:57 - 2015-07-20 08:06 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-13 20:57 - 2015-07-20 08:06 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-13 20:57 - 2015-07-20 08:06 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-12 22:37 - 2015-10-18 20:36 - 00000000 ____D C:\Users\Admin\Downloads\Nova pasta
2016-07-12 22:33 - 2015-08-21 22:09 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-07-12 21:07 - 2015-07-17 21:49 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-07-11 22:49 - 2015-07-18 20:02 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-11 22:37 - 2015-09-01 11:12 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Steam
2016-07-10 19:59 - 2015-10-07 21:42 - 00001190 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2016-07-10 19:59 - 2015-10-07 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2016-07-10 15:45 - 2015-12-07 19:44 - 00000000 ____D C:\Users\Admin\spoti
2016-07-10 13:54 - 2016-02-01 09:07 - 00000000 ____D C:\Users\Admin\Downloads\Nova pasta (4)
2016-07-09 20:08 - 2016-02-01 09:22 - 00000000 ____D C:\Users\Admin\Downloads\Nova pasta (5)
2016-07-06 21:39 - 2015-07-05 13:06 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-27 09:10 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-25 22:34 - 2015-07-06 21:07 - 00000000 ____D C:\Games
2016-06-17 21:51 - 2015-07-03 13:13 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 21:51 - 2015-07-03 13:13 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Arquivos na raiz de alguns diretórios =======
2016-07-10 18:25 - 2016-07-10 18:25 - 0003584 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-11 11:07 - 2016-01-11 11:07 - 0000000 _____ () C:\Users\Admin\AppData\Local\{38AAD789-F6D3-4D36-BCBA-04FAAC722E13}
2016-02-02 07:07 - 2016-02-02 07:07 - 0000000 _____ () C:\Users\Admin\AppData\Local\{B70D71F3-259E-4A1E-9EBA-4D70D1CE9350}
2016-05-07 17:40 - 2016-05-07 17:40 - 0000057 _____ () C:\ProgramData\Ament.ini
Alguns arquivos em TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\amd-catalyst-omega-14.12-with-dotnet45-win7-64bit.exe
C:\Users\Admin\AppData\Local\Temp\atcMedia3791444254246.exe
C:\Users\Admin\AppData\Local\Temp\atcMedia9191468180575.exe
C:\Users\Admin\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Admin\AppData\Local\Temp\raptrpatch.exe
C:\Users\Admin\AppData\Local\Temp\raptr_stub.exe
C:\Users\Admin\AppData\Local\Temp\tmp3ACE.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-07-17 09:36
==================== Fim de FRST.txt ============================