Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 07-12-2016
Executado por Weverton (administrador) em WEVERTON-PC (13-12-2016 01:21:18)
Executando a partir de C:\Users\Weverton\Downloads
Perfis Carregados: Weverton (Perfis Disponíveis: Weverton & Família & Wanderson & Mcx1-WEVERTON-PC)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
() C:\Program Files (x86)\Client\client.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Client\client.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wusa.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13675736 2014-08-13] (Realtek Semiconductor)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4294391776-4171377967-4143943055-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
Startup: C:\Users\Wanderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2016-12-10]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Weverton\AppData\Local\Facebook\Games\FacebookGameroom.exe (Nenhum Arquivo)
Startup: C:\Users\Weverton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\corelsetup.exe [2016-12-12] ()
GroupPolicy: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{485E640C-3D34-4C01-865E-A061B72165DA}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKU\S-1-5-21-4294391776-4171377967-4143943055-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.pandion.im/#q=%s
HKU\S-1-5-21-4294391776-4171377967-4143943055-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
HKU\S-1-5-21-4294391776-4171377967-4143943055-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-4294391776-4171377967-4143943055-1000 -> Google Powered Pandion Search URL = hxxp://search.pandion.im/#q=%s
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-10-30] (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-08-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-08-21] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-07-09] (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF HKU\S-1-5-21-4294391776-4171377967-4143943055-1000\...\Firefox\Extensions: [{536ad1d6-d9d9-41e5-8945-864506a1f2fc}] - C:\Users\Weverton\AppData\Local\Pandion\Application\src\..\search\xpi
FF Extension: (Google Powered Pandion Search) - C:\Users\Weverton\AppData\Local\Pandion\Application\src\..\search\xpi [2016-10-06] [não assinado]
FF Plugin: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-08-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-08-21] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Weverton\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2016-04-29] (Raidcall)
FF Plugin-x32: @raidcall.tw/RCplugin -> C:\Users\Weverton\AppData\Roaming\RCTW\plugins\nprcplugin.dll [2013-06-25] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com.br/
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Profile: C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default [2016-12-13]
CHR Extension: (Google Apresentações) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-18]
CHR Extension: (Google Docs) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-18]
CHR Extension: (Google Drive) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-18]
CHR Extension: (YouTube) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-18]
CHR Extension: (Desprotetor.com - Desprotetor de links) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\cocohmmjllchepkjocddkihldoiillkl [2016-08-18]
CHR Extension: (Facebook App Launcher) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\dihbebhmaoagdpbcnfedokpfkkgmmpgc [2016-08-21]
CHR Extension: (Sketch Toy) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ednofnkligfbacmlfggaccfhpkfopojb [2016-08-18]
CHR Extension: (Notícias sociais para Facebook) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\edoadhjjfgeniilpmnoaddaihjkkhheb [2016-08-18]
CHR Extension: (Angry Birds Tribute New Tab) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcndonbcofpiipoigklnfgiekngjhaj [2016-10-11]
CHR Extension: (Planilhas do Google) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-18]
CHR Extension: (Documentos Google off-line) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-18]
CHR Extension: (Avast Online Security) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-31]
CHR Extension: (Bubble Shooter Balões) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpbhbohcdnlcediiopngchhnnofnhaec [2016-08-18]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-18]
CHR Extension: (Gmail) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-18]
CHR Extension: (Chrome Media Router) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-26]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-10-06] (Anchorfree Inc.)
S3 cpuz139; \??\C:\Users\Weverton\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
S3 xspirit; \??\C:\Windows\xspirit.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-13 01:17 - 2016-12-13 01:17 - 00036781 _____ C:\Users\Weverton\Downloads\Addition.txt
2016-12-13 01:14 - 2016-12-13 01:21 - 00013908 _____ C:\Users\Weverton\Downloads\FRST.txt
2016-12-13 01:14 - 2016-12-13 01:21 - 00000000 ____D C:\FRST
2016-12-13 01:14 - 2016-12-13 01:14 - 02420224 _____ (Farbar) C:\Users\Weverton\Downloads\FRST64.exe
2016-12-13 01:10 - 2016-12-13 01:10 - 00003630 _____ C:\Users\Weverton\Downloads\api-ms-win-crt-runtime-l1-1-0.zip
2016-12-12 22:53 - 2016-12-12 22:53 - 01034556 _____ C:\Users\Weverton\Downloads\Windows6.1-KB2999226-x64.msu
2016-12-12 22:53 - 2016-12-12 22:53 - 00000000 ___HT C:\Windows\wusa.lock
2016-12-12 22:53 - 2016-12-12 22:53 - 00000000 ____D C:\c4b5f12b55d58f9d30c694d9d1
2016-12-12 22:50 - 2016-12-13 01:14 - 00003060 _____ C:\Users\Public\Desktop\Corel CAPTURE X8 (64-Bit).lnk
2016-12-12 22:50 - 2016-12-13 01:14 - 00002343 _____ C:\Users\Public\Desktop\Corel CONNECT X8 (64-Bit).lnk
2016-12-12 22:50 - 2016-12-13 01:13 - 00003063 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X8 (64-Bit).lnk
2016-12-12 22:50 - 2016-12-13 01:13 - 00003015 _____ C:\Users\Public\Desktop\CorelDRAW X8 (64-Bit).lnk
2016-12-12 22:50 - 2016-12-13 01:13 - 00002256 _____ C:\Users\Public\Desktop\Corel Font Manager X8 (64-Bit).lnk
2016-12-12 22:50 - 2016-12-12 22:50 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Corel
2016-12-12 22:50 - 2016-12-12 22:50 - 00000000 ____D C:\Program Files (x86)\gs
2016-12-12 22:48 - 2016-12-13 01:16 - 00003328 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTaskCore
2016-12-12 22:48 - 2016-12-12 22:48 - 00000000 ____D C:\Users\Todos os Usuários\VsTelemetry
2016-12-12 22:48 - 2016-12-12 22:48 - 00000000 ____D C:\ProgramData\VsTelemetry
2016-12-12 22:48 - 2016-12-12 22:48 - 00000000 ____D C:\Program Files (x86)\Corel
2016-12-12 22:47 - 2016-12-12 22:47 - 00000000 ____D C:\Program Files\Common Files\Corel
2016-12-12 22:45 - 2016-12-12 22:45 - 00000000 ____D C:\Users\Public\Documents\Corel
2016-12-12 22:44 - 2016-12-13 01:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)
2016-12-12 22:42 - 2016-12-13 01:12 - 00000000 ____D C:\Program Files\Corel
2016-12-12 22:42 - 2016-12-12 22:47 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2016-12-12 22:42 - 2016-12-12 22:47 - 00000000 ____D C:\ProgramData\Corel
2016-12-12 22:35 - 2016-12-12 22:35 - 00003142 _____ C:\Windows\System32\Tasks\{21692552-DB04-4AED-887D-CBA27C5BBB60}
2016-12-12 16:48 - 2016-12-12 16:48 - 00621568 _____ C:\Users\Weverton\AppData\Roaming\repair.exe
2016-12-10 21:33 - 2016-12-10 21:33 - 00001132 _____ C:\Users\Wanderson\Desktop\Facebook Gameroom.lnk
2016-12-10 21:33 - 2016-12-10 21:33 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2016-12-10 21:33 - 2016-12-10 21:33 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Facebook
2016-12-10 21:33 - 2016-12-10 21:33 - 00000000 ____D C:\Users\Wanderson\AppData\Local\CEF
2016-12-10 21:30 - 2016-12-10 21:31 - 00249592 _____ (Facebook) C:\Users\Wanderson\Downloads\FacebookGameroom.exe
2016-12-10 10:47 - 2016-12-12 11:01 - 00001591 _____ C:\Users\Todos os Usuários\Client Monitor
2016-12-10 10:47 - 2016-12-12 11:01 - 00001591 _____ C:\ProgramData\Client Monitor
2016-12-10 10:46 - 2016-12-12 11:01 - 00000000 ____D C:\Users\Todos os Usuários\Client
2016-12-10 10:46 - 2016-12-12 11:01 - 00000000 ____D C:\ProgramData\Client
2016-12-09 12:59 - 2016-12-09 13:01 - 00000000 ____D C:\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits
2016-12-09 12:54 - 2016-12-12 19:04 - 00003310 _____ C:\Windows\System32\Tasks\Client Monitor
2016-12-09 12:54 - 2016-12-09 12:54 - 00000000 ____D C:\Windows\System32\Tasks\Update
2016-12-09 12:54 - 2016-12-09 12:54 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Monitor
2016-12-09 12:54 - 2016-12-09 12:54 - 00000000 ____D C:\Program Files (x86)\Client
2016-12-09 12:53 - 2016-04-28 20:30 - 01864704 _____ C:\Users\Weverton\Desktop\keygen.exe
2016-12-09 06:32 - 2016-12-11 19:53 - 00000000 ____D C:\Users\Weverton\AppData\Local\LogMeIn Hamachi
2016-12-09 06:32 - 2016-12-09 06:32 - 00000000 ____D C:\Users\Weverton\AppData\Local\LogMeIn
2016-12-08 22:27 - 2016-12-09 00:02 - 00000000 ____D C:\Users\Wanderson\AppData\Local\LogMeIn Hamachi
2016-12-08 22:27 - 2016-12-08 22:27 - 00000000 ____D C:\Users\Wanderson\AppData\Local\LogMeIn
2016-12-08 22:27 - 2016-12-08 22:27 - 00000000 ____D C:\Users\Todos os Usuários\LogMeIn
2016-12-08 22:27 - 2016-12-08 22:27 - 00000000 ____D C:\ProgramData\LogMeIn
2016-12-08 22:26 - 2016-12-08 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-12-08 22:26 - 2016-12-08 22:26 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-12-08 22:23 - 2016-12-08 22:24 - 08417280 _____ C:\Users\Wanderson\Downloads\hamachi.msi
2016-12-05 20:45 - 2016-12-05 20:45 - 00000000 _____ C:\Users\Wanderson\Desktop\Novo(a) Apresentação do Microsoft PowerPoint.pptx
2016-12-05 18:40 - 2016-12-05 18:40 - 00000000 _____ C:\Users\Weverton\Downloads\download
2016-12-05 07:49 - 2016-12-05 07:49 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\vlc
2016-12-03 23:35 - 2016-12-03 23:35 - 00002882 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_Wanderson
2016-12-03 23:35 - 2016-12-03 23:35 - 00000000 ____D C:\Users\Wanderson\AppData\LocalLow\IObit
2016-12-01 09:34 - 2016-12-01 09:34 - 00034726 _____ C:\Users\Weverton\Downloads\Atvs_8575602_1.pdf
2016-12-01 09:34 - 2016-12-01 09:34 - 00025243 _____ C:\Users\Weverton\Downloads\CacAtvs_8575602_1.pdf
2016-12-01 09:34 - 2016-12-01 09:34 - 00017538 _____ C:\Users\Weverton\Downloads\NtfAtvs_8575602_1.pdf
2016-11-30 08:26 - 2016-11-30 08:26 - 00168354 _____ C:\Users\Weverton\Desktop\itau2.pdf
2016-11-30 08:25 - 2016-11-30 08:25 - 00168348 _____ C:\Users\Weverton\Desktop\itau.pdf
2016-11-25 13:13 - 2016-11-25 13:13 - 00250593 _____ C:\Users\Weverton\Downloads\FaturaHipercard-11-2016.pdf
2016-11-21 20:28 - 2016-11-21 20:28 - 00090595 _____ C:\Users\Weverton\Downloads\QUADRO DE VAGAS_SAO VICENTE DO SERIDO.pdf
2016-11-20 00:03 - 2016-11-20 00:16 - 103242730 _____ C:\Users\Weverton\Downloads\2005 - Acústico MTV_finalmentedonwload.rar
2016-11-20 00:02 - 2013-10-27 10:18 - 00000000 ____D C:\Users\Weverton\Downloads\O RAPPA - Acústico MTV
2016-11-19 22:10 - 2016-11-19 22:49 - 104531890 _____ C:\Users\Weverton\Downloads\O RAPPA - Acústico MTV.rar
2016-11-18 13:07 - 2016-11-18 13:07 - 00000000 ____D C:\Users\Weverton\Documents\Originals
2016-11-16 11:46 - 2016-11-16 11:46 - 00105889 _____ C:\Users\Weverton\Downloads\noname (1).eml
2016-11-16 11:44 - 2016-11-16 11:44 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Windows Live Writer
2016-11-16 11:44 - 2016-11-16 11:44 - 00000000 ____D C:\Users\Weverton\AppData\Local\Windows Live Writer
2016-11-16 11:43 - 2016-11-16 11:44 - 00105889 _____ C:\Users\Weverton\Downloads\noname.eml
2016-11-11 13:47 - 2016-11-11 13:47 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys
2016-11-11 12:33 - 2016-11-11 12:33 - 00079479 _____ C:\Users\Weverton\Downloads\NovaEstruturaTECINFO2011_2012.xlsx
2016-11-05 09:48 - 2016-11-05 09:48 - 00251747 _____ C:\Users\Wanderson\Downloads\FaturaHipercard-11-2016.pdf
2016-11-05 09:48 - 2016-11-05 09:48 - 00251048 _____ C:\Users\Wanderson\Downloads\FaturaHipercard-10-2016.pdf
2016-11-03 23:37 - 2016-11-04 00:35 - 2047469266 ____R C:\Users\Weverton\Downloads\CorelDraw X8 Graphics Suite X8 Multilanguage 32 e 64 Bits PT-BR.rar
2016-11-01 07:14 - 2016-11-01 07:14 - 55083008 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2016-11-01 07:14 - 2016-11-01 07:14 - 00311296 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2016-11-01 07:14 - 2016-11-01 07:14 - 00102400 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2016-11-01 07:14 - 2016-11-01 07:14 - 00028672 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2016-10-31 22:52 - 2016-10-31 22:52 - 00433308 _____ C:\Users\Weverton\Downloads\WhatsApp Video 2016-10-31 at 22.51.08.mp4
2016-10-27 09:59 - 2016-10-27 09:59 - 00000390 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-10-27 09:59 - 2016-10-27 09:59 - 00000390 __RSH C:\ProgramData\ntuser.pol
2016-10-27 00:08 - 2016-12-03 23:19 - 00000000 ____D C:\Users\Mcx1-WEVERTON-PC
2016-10-27 00:08 - 2016-10-27 00:08 - 00000020 ___SH C:\Users\Mcx1-WEVERTON-PC\ntuser.ini
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Modelos
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Meus documentos
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Menu Iniciar
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Documents\Minhas músicas
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Documents\Minhas imagens
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Documents\Meus vídeos
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Dados de aplicativos
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Configurações locais
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\AppData\Local\Histórico
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\AppData\Local\Dados de aplicativos
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Ambiente de rede
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Ambiente de impressão
2016-10-27 00:08 - 2016-10-19 20:32 - 00002110 _____ C:\Users\Mcx1-WEVERTON-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-27 00:08 - 2010-11-21 06:47 - 00000000 ____D C:\Users\Mcx1-WEVERTON-PC\AppData\Roaming\Media Center Programs
2016-10-25 21:33 - 2016-10-25 21:34 - 01065376 _____ (Google Inc.) C:\Users\Weverton\Downloads\ChromeSetup.exe
2016-10-25 07:21 - 2016-10-27 00:13 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\vlc
2016-10-25 07:21 - 2016-10-25 07:21 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-10-25 07:21 - 2016-10-25 07:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-10-25 07:19 - 2016-12-03 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-10-25 07:19 - 2016-10-25 07:19 - 00002318 _____ C:\Users\Public\Desktop\Free Video to Xbox Converter.lnk
2016-10-25 07:19 - 2016-10-25 07:19 - 00001243 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-10-25 07:19 - 2016-10-25 07:19 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\DVDVideoSoft
2016-10-25 07:15 - 2016-10-25 07:16 - 30533688 _____ C:\Users\Weverton\Downloads\vlc-2.2.4-win32.exe
2016-10-25 07:14 - 2016-10-25 07:16 - 25539712 _____ (DVDVideoSoft Ltd. ) C:\Users\Weverton\Downloads\free-video-to-xbox-converter-5-0-22-128-es-en-win.exe
2016-10-25 07:09 - 2016-10-25 07:09 - 00000000 ____D C:\Users\Weverton\Documents\Apowersoft
2016-10-25 07:09 - 2016-10-25 07:09 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Apowersoft
2016-10-25 07:09 - 2016-10-25 07:09 - 00000000 ____D C:\Users\Todos os Usuários\Apowersoft
2016-10-25 07:09 - 2016-10-25 07:09 - 00000000 ____D C:\ProgramData\Apowersoft
2016-10-25 07:05 - 2016-10-25 07:07 - 21094712 _____ (APOWERSOFT LIMITED ) C:\Users\Weverton\Downloads\mkv-converter-studio.exe
2016-10-19 21:14 - 2016-10-19 21:14 - 00009160 _____ C:\Users\Weverton\Documents\000.wlmp
2016-10-19 20:40 - 2016-10-19 20:40 - 00000000 ____D C:\Users\Weverton\Tracing
2016-10-19 20:37 - 2016-10-19 20:37 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-10-19 20:37 - 2016-10-19 20:37 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-10-19 20:37 - 2016-10-19 20:37 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-10-19 20:37 - 2016-10-19 20:37 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-10-19 20:36 - 2016-10-19 20:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-10-19 20:36 - 2014-03-31 21:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2016-10-19 20:33 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-10-19 20:33 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-10-19 20:33 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-10-19 20:33 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-10-19 20:33 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-10-19 20:32 - 2016-10-19 20:32 - 00002155 _____ C:\Users\Weverton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-19 20:32 - 2016-10-19 20:32 - 00002110 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-19 20:32 - 2016-10-19 20:32 - 00002110 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-19 20:32 - 2016-10-19 20:32 - 00002110 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-19 20:32 - 2016-10-19 20:32 - 00000000 ___RD C:\Users\Weverton\OneDrive
2016-10-19 20:32 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-10-19 20:31 - 2016-10-19 20:31 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-10-19 20:31 - 2016-10-19 20:31 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-10-19 20:30 - 2016-11-16 11:44 - 00000000 ____D C:\Users\Weverton\AppData\Local\Windows Live
2016-10-19 20:30 - 2016-10-19 20:30 - 01242312 _____ (Microsoft Corporation) C:\Users\Weverton\Downloads\Baixaki_windows-movie-maker [1].exe
2016-10-19 20:28 - 2016-10-19 20:29 - 01816736 _____ ( ) C:\Users\Weverton\Downloads\Baixaki_windows-movie-maker.exe
2016-10-19 20:20 - 2016-10-19 20:20 - 00108144 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.24 (1).jpeg
2016-10-19 20:20 - 2016-10-19 20:20 - 00091741 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.27 (1).jpeg
2016-10-19 20:20 - 2016-10-19 20:20 - 00086489 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.21 (1).jpeg
2016-10-19 20:20 - 2016-10-19 20:20 - 00071042 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.24 (2).jpeg
2016-10-19 20:20 - 2016-10-19 20:20 - 00061437 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.27.jpeg
2016-10-19 20:20 - 2016-10-19 20:20 - 00054399 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.24.jpeg
2016-10-19 20:20 - 2016-10-19 20:20 - 00038575 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.22.jpeg
2016-10-19 20:20 - 2016-10-19 20:20 - 00036436 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.21.jpeg
2016-10-19 19:17 - 2016-10-19 19:17 - 00000000 ____D C:\Users\Todos os Usuários\Vitalwerks
2016-10-19 19:17 - 2016-10-19 19:17 - 00000000 ____D C:\ProgramData\Vitalwerks
2016-10-19 19:15 - 2016-10-19 19:15 - 00000000 ____D C:\Users\Weverton\AppData\Local\Vitalwerks
2016-10-19 19:14 - 2016-10-19 19:14 - 00241736 _____ C:\Users\Weverton\Downloads\DUCSetup_v4_1_1.exe
2016-10-18 10:54 - 2016-12-13 00:54 - 00000282 _____ C:\Windows\Tasks\{3FE401CC-8D92-B6E2-85AE-42DA21CA5C0E}.job
2016-10-18 10:54 - 2016-10-19 08:54 - 00000000 ____D C:\Users\Wanderson\AppData\Local\{B7EB8150-92B9-EC26-F98F-CBF4255D36CA}
2016-10-18 10:54 - 2016-10-18 10:54 - 00003232 _____ C:\Windows\System32\Tasks\{3FE401CC-8D92-B6E2-85AE-42DA21CA5C0E}
2016-10-18 10:53 - 2016-10-18 10:59 - 00000000 ____D C:\Users\Wanderson\AppData\Local\{B7B681EA-931E-ED52-FE86-C8BADAEE3422}
2016-10-17 23:11 - 2016-10-17 23:19 - 00000000 ____D C:\Users\Wanderson\Documents\Músicas só Bonde do Brasil
2016-10-17 22:57 - 2016-10-17 23:11 - 00000000 ____D C:\Users\Wanderson\Documents\Músicas só Breguinha
2016-10-17 22:53 - 2016-10-17 22:56 - 00000000 ____D C:\Users\Wanderson\Documents\Músicas só Sofrência
2016-10-17 08:45 - 2016-12-11 22:24 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\.minecraft
2016-10-17 08:45 - 2016-10-17 08:45 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\java
2016-10-16 22:22 - 2016-10-16 22:22 - 00000000 ____D C:\Users\Weverton\Documents\Electronic Arts
2016-10-16 22:21 - 2016-10-16 22:21 - 00001650 _____ C:\Users\Weverton\Desktop\The Sims 4.lnk
2016-10-16 22:18 - 2016-12-12 22:49 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-10-16 22:18 - 2016-12-12 22:49 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-16 22:18 - 2014-10-19 14:54 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2016-10-16 22:17 - 2016-10-16 22:17 - 00001195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2016-10-16 14:05 - 2016-10-16 14:05 - 176302643 _____ C:\Users\Weverton\Downloads\Minecraft 1.8.1.zip
2016-10-16 14:05 - 2016-10-16 14:05 - 00002101 _____ C:\Users\Public\Desktop\Minecraft.lnk
2016-10-16 14:05 - 2016-10-16 14:05 - 00000000 ____D C:\Users\Weverton\Desktop\Minecraft 1.8.1
2016-10-16 14:05 - 2016-10-16 14:05 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-10-16 13:28 - 2016-10-16 14:05 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\.minecraft
2016-10-16 13:28 - 2016-10-16 13:28 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\java
2016-10-16 13:23 - 2016-10-16 13:23 - 02314240 _____ C:\Users\Weverton\Downloads\MinecraftInstaller.msi
2016-10-16 13:18 - 2016-10-16 13:19 - 09775953 _____ C:\Users\Weverton\Downloads\craftlandia.zip
2016-10-16 13:17 - 2016-10-16 21:55 - 00000000 ____D C:\Users\Weverton\Downloads\[www.tecdowns.com.br] The.Sims.4-RELOADED
2016-10-14 12:38 - 2016-10-14 12:38 - 00852686 _____ C:\Users\Weverton\Downloads\'-'.html
2016-10-14 12:38 - 2016-10-14 12:38 - 00000000 ____D C:\Users\Weverton\Downloads\'-'_files
2016-10-11 13:22 - 2016-10-11 13:23 - 04448979 _____ C:\Users\Weverton\Downloads\manual-acr-1000-20150615143727.pdf
2016-10-10 22:06 - 2016-10-10 22:06 - 00251324 _____ C:\Users\Weverton\Downloads\FaturaHipercard-09-2016 (1).pdf
2016-10-10 22:05 - 2016-10-10 22:05 - 00251281 _____ C:\Users\Weverton\Downloads\FaturaHipercard-10-2016.pdf
2016-10-10 16:03 - 2016-10-10 16:03 - 00000000 ____D C:\Users\Weverton\AppData\Local\CrashRpt
2016-10-10 15:59 - 2016-10-10 16:02 - 13979168 _____ C:\Users\Weverton\Downloads\HSS-6.0.3-install-hss-816-ext.exe
2016-10-08 10:48 - 2016-12-03 23:48 - 00000209 _____ C:\Users\Wanderson\AppData\Roaming\WB.CFG
2016-10-07 23:48 - 2016-10-07 23:48 - 00001138 _____ C:\Users\Weverton\Desktop\Facebook Games Arcade (BETA).lnk
2016-10-07 23:48 - 2016-10-07 23:48 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2016-10-07 23:48 - 2016-10-07 23:48 - 00000000 ____D C:\Users\Weverton\AppData\Local\FacebookGames
2016-10-07 23:47 - 2016-10-07 23:47 - 00000000 ____D C:\Users\Weverton\AppData\Local\Facebook
2016-10-07 23:45 - 2016-10-07 23:45 - 00110816 _____ () C:\Users\Weverton\Downloads\FacebookGamesArcadeSetup.exe
2016-10-07 16:54 - 2016-10-07 16:54 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\WinRAR
2016-10-07 16:51 - 2016-10-18 10:58 - 00002243 _____ C:\Users\Wanderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2016-10-07 16:51 - 2016-10-18 10:58 - 00000000 ____D C:\Users\Wanderson\AppData\Local\chromium
2016-10-07 16:48 - 2016-12-13 00:48 - 00000284 _____ C:\Windows\Tasks\{7B91D2B7-E887-95F1-F98A-0FE008BE1BAC}.job
2016-10-07 16:48 - 2016-12-03 23:49 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Lamocukodo
2016-10-07 16:48 - 2016-10-18 10:54 - 00002378 _____ C:\Users\Wanderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-10-07 16:48 - 2016-10-07 16:51 - 00000000 ____D C:\Users\Wanderson\AppData\Local\{C975FF29-EDDD-9391-8045-B679A42D4AE1}
2016-10-07 16:48 - 2016-10-07 16:48 - 00003234 _____ C:\Windows\System32\Tasks\{7B91D2B7-E887-95F1-F98A-0FE008BE1BAC}
2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Setup356618
2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Setup353482
2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Setup352359
2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Sarafat
2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\Users\Todos os Usuários\{A0376554-2A75-EF92-ACB3-71D036F1FA1E}
2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\ProgramData\{A0376554-2A75-EF92-ACB3-71D036F1FA1E}
2016-10-07 16:46 - 2016-10-07 16:46 - 01267784 _____ ( ) C:\Users\Wanderson\Downloads\CD VOL.9 - DESEJO DE MENINA.exe
2016-10-07 16:44 - 2016-10-07 16:45 - 01267784 _____ ( ) C:\Users\Wanderson\Downloads\DM - As Melhores 03.exe
2016-10-07 16:44 - 2016-10-07 16:44 - 01267784 _____ ( ) C:\Users\Wanderson\Downloads\CD BUTECO DA DESEJO.exe
2016-10-06 21:37 - 2016-10-06 21:37 - 00001261 _____ C:\Users\Weverton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pandion.lnk
2016-10-06 21:37 - 2016-10-06 21:37 - 00001253 _____ C:\Users\Weverton\Desktop\Pandion.lnk
2016-10-06 21:37 - 2016-10-06 21:37 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Pandion
2016-10-06 21:37 - 2016-10-06 21:37 - 00000000 ____D C:\Users\Weverton\AppData\Local\Pandion
2016-10-06 21:36 - 2016-10-06 21:36 - 01904200 _____ C:\Users\Weverton\Downloads\Pandion_2.6.114.msi
2016-10-06 12:31 - 2016-10-06 12:31 - 00042064 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys
2016-10-04 22:16 - 2016-10-04 22:16 - 01947947 _____ C:\Users\Weverton\Downloads\Cartaz_TECINFO 2017.jpeg
2016-10-04 21:59 - 2016-10-04 21:59 - 01947947 _____ C:\Users\Weverton\Downloads\Cartaz_TECINFO 2017.pdf
2016-09-30 20:05 - 2016-10-12 16:57 - 00033710 _____ C:\Users\Wanderson\Documents\Apresentação1.pptx
2016-09-27 10:53 - 2016-09-27 10:53 - 00001608 _____ C:\Users\Weverton\Downloads\Não confirmado 814265.crdownload
2016-09-27 10:53 - 2016-09-27 10:53 - 00001608 _____ C:\Users\Weverton\Downloads\Não confirmado 444260.crdownload
2016-09-27 10:52 - 2016-09-27 10:52 - 00001608 _____ C:\Users\Weverton\Downloads\Não confirmado 25649.crdownload
2016-09-27 09:48 - 2016-09-27 09:49 - 00772096 _____ C:\Users\Weverton\Downloads\pw clean - 1.0.6 - [atalhos].exe
2016-09-23 12:51 - 2016-09-23 12:54 - 29541534 _____ C:\Users\Weverton\Downloads\lista-dez_2015.pdf
2016-09-23 12:50 - 2016-09-23 12:50 - 00107272 _____ C:\Users\Weverton\Downloads\RedeAT.pdf
2016-09-21 10:01 - 2016-09-21 10:01 - 05170312 _____ (Macrovision Corporation) C:\Users\Wanderson\Downloads\HP_Keyboard_V1.5.0.6.exe
2016-09-21 10:01 - 2016-09-21 10:01 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\driveridentifier
2016-09-21 10:00 - 2016-09-21 10:00 - 04276266 _____ (DriverIdentifier ) C:\Users\Wanderson\Downloads\driverdouble_setup.exe
2016-09-21 09:54 - 2016-09-21 09:54 - 02207264 _____ (Easeware ) C:\Users\Wanderson\Downloads\DriverNavigator_Setup.exe
2016-09-21 09:36 - 2016-09-21 09:36 - 02793824 _____ (Speedy HLDGS Limited ) C:\Users\Wanderson\Downloads\setup.exe
2016-09-20 21:14 - 2016-09-20 21:14 - 00000000 ____D C:\Users\Família\AppData\LocalLow\IObit
2016-09-19 08:35 - 2016-09-19 08:35 - 00250170 _____ C:\Users\Weverton\Downloads\FaturaHipercard-09-2016.pdf
2016-09-19 08:35 - 2016-09-19 08:35 - 00249817 _____ C:\Users\Weverton\Downloads\FaturaHipercard-08-2016.pdf
2016-09-16 15:24 - 2016-09-16 15:24 - 00081722 _____ C:\Users\Weverton\Documents\Bora.pdf
2016-09-16 13:50 - 2016-09-16 13:50 - 00083764 _____ C:\Users\Weverton\Documents\666666.pdf
2016-09-16 11:34 - 2016-09-16 11:34 - 00085188 _____ C:\Users\Weverton\Documents\208.pdf
2016-09-16 08:07 - 2016-09-16 08:07 - 00081943 _____ C:\Users\Weverton\Documents\210.pdf
2016-09-15 00:28 - 2016-09-15 00:28 - 00091355 _____ C:\Users\Weverton\Documents\ultimas de todas.pdf
2016-09-14 19:03 - 2016-09-14 19:03 - 00082062 _____ C:\Users\Weverton\Documents\66.pdf
2016-09-14 00:50 - 2016-09-14 00:50 - 00084764 _____ C:\Users\Weverton\Documents\vvv.pdf
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-12 22:49 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-12 22:44 - 2009-07-14 01:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-12 22:44 - 2009-07-14 01:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-12 22:39 - 2016-08-18 20:21 - 00136152 _____ C:\Users\Weverton\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-12 22:34 - 2016-10-19 19:15 - 00000000 ____D C:\Program Files (x86)\No-IP
2016-12-12 19:04 - 2016-08-21 15:58 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-12-12 19:04 - 2016-08-21 15:58 - 00000000 ____D C:\ProgramData\ProductData
2016-12-12 19:03 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-11 19:52 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-09 12:44 - 2016-08-21 15:57 - 00000000 ____D C:\Users\Weverton\Downloads\Advanced Systemcare-9 PRO + Crack - By SystemTEC
2016-12-08 22:26 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-12-08 07:53 - 2016-08-21 15:57 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-12-08 07:53 - 2016-08-21 15:57 - 00000000 ____D C:\ProgramData\IObit
2016-12-07 07:26 - 2016-08-21 15:58 - 00002260 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-12-05 06:20 - 2016-08-18 19:45 - 00000000 ____D C:\Users\Weverton
2016-12-03 23:34 - 2016-08-18 21:04 - 00002804 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-12-03 23:19 - 2016-09-12 20:53 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\PhotoScape
2016-12-03 23:19 - 2016-09-07 19:55 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\uTorrent
2016-12-03 23:19 - 2016-08-23 07:45 - 00000000 ____D C:\Users\Família\AppData\Roaming\ProductData
2016-12-03 23:19 - 2016-08-22 19:00 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\ProductData
2016-12-03 23:19 - 2016-08-21 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2016-12-03 23:19 - 2016-08-21 15:58 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\ProductData
2016-12-03 23:19 - 2016-08-21 15:58 - 00000000 ____D C:\Users\Weverton\AppData\LocalLow\IObit
2016-12-03 23:19 - 2016-08-21 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-12-03 23:19 - 2016-08-21 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-12-03 23:19 - 2016-08-21 15:57 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\IObit
2016-12-03 23:19 - 2016-08-19 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-03 23:19 - 2016-08-19 14:02 - 00000000 ____D C:\Program Files\Java
2016-12-03 23:19 - 2016-08-19 11:00 - 00000000 ____D C:\Users\Família
2016-12-03 23:19 - 2016-08-19 10:59 - 00000000 ____D C:\Users\Wanderson
2016-12-03 23:19 - 2016-08-18 20:07 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-12-03 23:19 - 2010-11-21 06:47 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-12-03 23:19 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-12-03 23:19 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\registration
2016-12-03 23:18 - 2016-08-19 11:00 - 00000000 ____D C:\Users\Família\AppData\Local\Google
2016-12-03 23:18 - 2016-08-18 20:03 - 00000000 __RHD C:\MSOCache
==================== Arquivos na raiz de alguns diretórios =======
2016-08-18 20:29 - 2016-08-18 20:29 - 7065600 _____ () C:\Program Files (x86)\GUTE8E8.tmp
2016-12-12 16:48 - 2016-12-12 16:48 - 0621568 _____ () C:\Users\Weverton\AppData\Roaming\repair.exe
2016-12-10 10:47 - 2016-12-12 11:01 - 0001591 _____ () C:\ProgramData\Client Monitor
2016-08-18 20:14 - 2016-08-18 20:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{3FE401CC-8D92-B6E2-85AE-42DA21CA5C0E}.job
C:\Windows\Tasks\{7B91D2B7-E887-95F1-F98A-0FE008BE1BAC}.job
Alguns arquivos em TEMP:
====================
C:\Users\Wanderson\AppData\Local\Temp\ICReinstall_CD BUTECO DA DESEJO.exe
C:\Users\Weverton\AppData\Local\Temp\corelsetup.exe
C:\Users\Weverton\AppData\Local\Temp\Keygen1.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-08-18 19:40
==================== Fim de FRST.txt ============================
Executado por Weverton (administrador) em WEVERTON-PC (13-12-2016 01:21:18)
Executando a partir de C:\Users\Weverton\Downloads
Perfis Carregados: Weverton (Perfis Disponíveis: Weverton & Família & Wanderson & Mcx1-WEVERTON-PC)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
() C:\Program Files (x86)\Client\client.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Client\client.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wusa.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13675736 2014-08-13] (Realtek Semiconductor)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4294391776-4171377967-4143943055-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
Startup: C:\Users\Wanderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2016-12-10]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Weverton\AppData\Local\Facebook\Games\FacebookGameroom.exe (Nenhum Arquivo)
Startup: C:\Users\Weverton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\corelsetup.exe [2016-12-12] ()
GroupPolicy: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{485E640C-3D34-4C01-865E-A061B72165DA}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKU\S-1-5-21-4294391776-4171377967-4143943055-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.pandion.im/#q=%s
HKU\S-1-5-21-4294391776-4171377967-4143943055-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
HKU\S-1-5-21-4294391776-4171377967-4143943055-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-4294391776-4171377967-4143943055-1000 -> Google Powered Pandion Search URL = hxxp://search.pandion.im/#q=%s
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-10-30] (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-08-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-08-21] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-07-09] (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF HKU\S-1-5-21-4294391776-4171377967-4143943055-1000\...\Firefox\Extensions: [{536ad1d6-d9d9-41e5-8945-864506a1f2fc}] - C:\Users\Weverton\AppData\Local\Pandion\Application\src\..\search\xpi
FF Extension: (Google Powered Pandion Search) - C:\Users\Weverton\AppData\Local\Pandion\Application\src\..\search\xpi [2016-10-06] [não assinado]
FF Plugin: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-08-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-08-21] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Weverton\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2016-04-29] (Raidcall)
FF Plugin-x32: @raidcall.tw/RCplugin -> C:\Users\Weverton\AppData\Roaming\RCTW\plugins\nprcplugin.dll [2013-06-25] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com.br/
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Profile: C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default [2016-12-13]
CHR Extension: (Google Apresentações) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-18]
CHR Extension: (Google Docs) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-18]
CHR Extension: (Google Drive) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-18]
CHR Extension: (YouTube) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-18]
CHR Extension: (Desprotetor.com - Desprotetor de links) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\cocohmmjllchepkjocddkihldoiillkl [2016-08-18]
CHR Extension: (Facebook App Launcher) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\dihbebhmaoagdpbcnfedokpfkkgmmpgc [2016-08-21]
CHR Extension: (Sketch Toy) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ednofnkligfbacmlfggaccfhpkfopojb [2016-08-18]
CHR Extension: (Notícias sociais para Facebook) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\edoadhjjfgeniilpmnoaddaihjkkhheb [2016-08-18]
CHR Extension: (Angry Birds Tribute New Tab) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcndonbcofpiipoigklnfgiekngjhaj [2016-10-11]
CHR Extension: (Planilhas do Google) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-18]
CHR Extension: (Documentos Google off-line) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-18]
CHR Extension: (Avast Online Security) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-31]
CHR Extension: (Bubble Shooter Balões) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpbhbohcdnlcediiopngchhnnofnhaec [2016-08-18]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-18]
CHR Extension: (Gmail) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-18]
CHR Extension: (Chrome Media Router) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-26]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-10-06] (Anchorfree Inc.)
S3 cpuz139; \??\C:\Users\Weverton\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
S3 xspirit; \??\C:\Windows\xspirit.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-13 01:17 - 2016-12-13 01:17 - 00036781 _____ C:\Users\Weverton\Downloads\Addition.txt
2016-12-13 01:14 - 2016-12-13 01:21 - 00013908 _____ C:\Users\Weverton\Downloads\FRST.txt
2016-12-13 01:14 - 2016-12-13 01:21 - 00000000 ____D C:\FRST
2016-12-13 01:14 - 2016-12-13 01:14 - 02420224 _____ (Farbar) C:\Users\Weverton\Downloads\FRST64.exe
2016-12-13 01:10 - 2016-12-13 01:10 - 00003630 _____ C:\Users\Weverton\Downloads\api-ms-win-crt-runtime-l1-1-0.zip
2016-12-12 22:53 - 2016-12-12 22:53 - 01034556 _____ C:\Users\Weverton\Downloads\Windows6.1-KB2999226-x64.msu
2016-12-12 22:53 - 2016-12-12 22:53 - 00000000 ___HT C:\Windows\wusa.lock
2016-12-12 22:53 - 2016-12-12 22:53 - 00000000 ____D C:\c4b5f12b55d58f9d30c694d9d1
2016-12-12 22:50 - 2016-12-13 01:14 - 00003060 _____ C:\Users\Public\Desktop\Corel CAPTURE X8 (64-Bit).lnk
2016-12-12 22:50 - 2016-12-13 01:14 - 00002343 _____ C:\Users\Public\Desktop\Corel CONNECT X8 (64-Bit).lnk
2016-12-12 22:50 - 2016-12-13 01:13 - 00003063 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X8 (64-Bit).lnk
2016-12-12 22:50 - 2016-12-13 01:13 - 00003015 _____ C:\Users\Public\Desktop\CorelDRAW X8 (64-Bit).lnk
2016-12-12 22:50 - 2016-12-13 01:13 - 00002256 _____ C:\Users\Public\Desktop\Corel Font Manager X8 (64-Bit).lnk
2016-12-12 22:50 - 2016-12-12 22:50 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Corel
2016-12-12 22:50 - 2016-12-12 22:50 - 00000000 ____D C:\Program Files (x86)\gs
2016-12-12 22:48 - 2016-12-13 01:16 - 00003328 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTaskCore
2016-12-12 22:48 - 2016-12-12 22:48 - 00000000 ____D C:\Users\Todos os Usuários\VsTelemetry
2016-12-12 22:48 - 2016-12-12 22:48 - 00000000 ____D C:\ProgramData\VsTelemetry
2016-12-12 22:48 - 2016-12-12 22:48 - 00000000 ____D C:\Program Files (x86)\Corel
2016-12-12 22:47 - 2016-12-12 22:47 - 00000000 ____D C:\Program Files\Common Files\Corel
2016-12-12 22:45 - 2016-12-12 22:45 - 00000000 ____D C:\Users\Public\Documents\Corel
2016-12-12 22:44 - 2016-12-13 01:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)
2016-12-12 22:42 - 2016-12-13 01:12 - 00000000 ____D C:\Program Files\Corel
2016-12-12 22:42 - 2016-12-12 22:47 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2016-12-12 22:42 - 2016-12-12 22:47 - 00000000 ____D C:\ProgramData\Corel
2016-12-12 22:35 - 2016-12-12 22:35 - 00003142 _____ C:\Windows\System32\Tasks\{21692552-DB04-4AED-887D-CBA27C5BBB60}
2016-12-12 16:48 - 2016-12-12 16:48 - 00621568 _____ C:\Users\Weverton\AppData\Roaming\repair.exe
2016-12-10 21:33 - 2016-12-10 21:33 - 00001132 _____ C:\Users\Wanderson\Desktop\Facebook Gameroom.lnk
2016-12-10 21:33 - 2016-12-10 21:33 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2016-12-10 21:33 - 2016-12-10 21:33 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Facebook
2016-12-10 21:33 - 2016-12-10 21:33 - 00000000 ____D C:\Users\Wanderson\AppData\Local\CEF
2016-12-10 21:30 - 2016-12-10 21:31 - 00249592 _____ (Facebook) C:\Users\Wanderson\Downloads\FacebookGameroom.exe
2016-12-10 10:47 - 2016-12-12 11:01 - 00001591 _____ C:\Users\Todos os Usuários\Client Monitor
2016-12-10 10:47 - 2016-12-12 11:01 - 00001591 _____ C:\ProgramData\Client Monitor
2016-12-10 10:46 - 2016-12-12 11:01 - 00000000 ____D C:\Users\Todos os Usuários\Client
2016-12-10 10:46 - 2016-12-12 11:01 - 00000000 ____D C:\ProgramData\Client
2016-12-09 12:59 - 2016-12-09 13:01 - 00000000 ____D C:\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits
2016-12-09 12:54 - 2016-12-12 19:04 - 00003310 _____ C:\Windows\System32\Tasks\Client Monitor
2016-12-09 12:54 - 2016-12-09 12:54 - 00000000 ____D C:\Windows\System32\Tasks\Update
2016-12-09 12:54 - 2016-12-09 12:54 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Monitor
2016-12-09 12:54 - 2016-12-09 12:54 - 00000000 ____D C:\Program Files (x86)\Client
2016-12-09 12:53 - 2016-04-28 20:30 - 01864704 _____ C:\Users\Weverton\Desktop\keygen.exe
2016-12-09 06:32 - 2016-12-11 19:53 - 00000000 ____D C:\Users\Weverton\AppData\Local\LogMeIn Hamachi
2016-12-09 06:32 - 2016-12-09 06:32 - 00000000 ____D C:\Users\Weverton\AppData\Local\LogMeIn
2016-12-08 22:27 - 2016-12-09 00:02 - 00000000 ____D C:\Users\Wanderson\AppData\Local\LogMeIn Hamachi
2016-12-08 22:27 - 2016-12-08 22:27 - 00000000 ____D C:\Users\Wanderson\AppData\Local\LogMeIn
2016-12-08 22:27 - 2016-12-08 22:27 - 00000000 ____D C:\Users\Todos os Usuários\LogMeIn
2016-12-08 22:27 - 2016-12-08 22:27 - 00000000 ____D C:\ProgramData\LogMeIn
2016-12-08 22:26 - 2016-12-08 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-12-08 22:26 - 2016-12-08 22:26 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-12-08 22:23 - 2016-12-08 22:24 - 08417280 _____ C:\Users\Wanderson\Downloads\hamachi.msi
2016-12-05 20:45 - 2016-12-05 20:45 - 00000000 _____ C:\Users\Wanderson\Desktop\Novo(a) Apresentação do Microsoft PowerPoint.pptx
2016-12-05 18:40 - 2016-12-05 18:40 - 00000000 _____ C:\Users\Weverton\Downloads\download
2016-12-05 07:49 - 2016-12-05 07:49 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\vlc
2016-12-03 23:35 - 2016-12-03 23:35 - 00002882 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_Wanderson
2016-12-03 23:35 - 2016-12-03 23:35 - 00000000 ____D C:\Users\Wanderson\AppData\LocalLow\IObit
2016-12-01 09:34 - 2016-12-01 09:34 - 00034726 _____ C:\Users\Weverton\Downloads\Atvs_8575602_1.pdf
2016-12-01 09:34 - 2016-12-01 09:34 - 00025243 _____ C:\Users\Weverton\Downloads\CacAtvs_8575602_1.pdf
2016-12-01 09:34 - 2016-12-01 09:34 - 00017538 _____ C:\Users\Weverton\Downloads\NtfAtvs_8575602_1.pdf
2016-11-30 08:26 - 2016-11-30 08:26 - 00168354 _____ C:\Users\Weverton\Desktop\itau2.pdf
2016-11-30 08:25 - 2016-11-30 08:25 - 00168348 _____ C:\Users\Weverton\Desktop\itau.pdf
2016-11-25 13:13 - 2016-11-25 13:13 - 00250593 _____ C:\Users\Weverton\Downloads\FaturaHipercard-11-2016.pdf
2016-11-21 20:28 - 2016-11-21 20:28 - 00090595 _____ C:\Users\Weverton\Downloads\QUADRO DE VAGAS_SAO VICENTE DO SERIDO.pdf
2016-11-20 00:03 - 2016-11-20 00:16 - 103242730 _____ C:\Users\Weverton\Downloads\2005 - Acústico MTV_finalmentedonwload.rar
2016-11-20 00:02 - 2013-10-27 10:18 - 00000000 ____D C:\Users\Weverton\Downloads\O RAPPA - Acústico MTV
2016-11-19 22:10 - 2016-11-19 22:49 - 104531890 _____ C:\Users\Weverton\Downloads\O RAPPA - Acústico MTV.rar
2016-11-18 13:07 - 2016-11-18 13:07 - 00000000 ____D C:\Users\Weverton\Documents\Originals
2016-11-16 11:46 - 2016-11-16 11:46 - 00105889 _____ C:\Users\Weverton\Downloads\noname (1).eml
2016-11-16 11:44 - 2016-11-16 11:44 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Windows Live Writer
2016-11-16 11:44 - 2016-11-16 11:44 - 00000000 ____D C:\Users\Weverton\AppData\Local\Windows Live Writer
2016-11-16 11:43 - 2016-11-16 11:44 - 00105889 _____ C:\Users\Weverton\Downloads\noname.eml
2016-11-11 13:47 - 2016-11-11 13:47 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys
2016-11-11 12:33 - 2016-11-11 12:33 - 00079479 _____ C:\Users\Weverton\Downloads\NovaEstruturaTECINFO2011_2012.xlsx
2016-11-05 09:48 - 2016-11-05 09:48 - 00251747 _____ C:\Users\Wanderson\Downloads\FaturaHipercard-11-2016.pdf
2016-11-05 09:48 - 2016-11-05 09:48 - 00251048 _____ C:\Users\Wanderson\Downloads\FaturaHipercard-10-2016.pdf
2016-11-03 23:37 - 2016-11-04 00:35 - 2047469266 ____R C:\Users\Weverton\Downloads\CorelDraw X8 Graphics Suite X8 Multilanguage 32 e 64 Bits PT-BR.rar
2016-11-01 07:14 - 2016-11-01 07:14 - 55083008 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2016-11-01 07:14 - 2016-11-01 07:14 - 00311296 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2016-11-01 07:14 - 2016-11-01 07:14 - 00102400 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2016-11-01 07:14 - 2016-11-01 07:14 - 00028672 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2016-10-31 22:52 - 2016-10-31 22:52 - 00433308 _____ C:\Users\Weverton\Downloads\WhatsApp Video 2016-10-31 at 22.51.08.mp4
2016-10-27 09:59 - 2016-10-27 09:59 - 00000390 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-10-27 09:59 - 2016-10-27 09:59 - 00000390 __RSH C:\ProgramData\ntuser.pol
2016-10-27 00:08 - 2016-12-03 23:19 - 00000000 ____D C:\Users\Mcx1-WEVERTON-PC
2016-10-27 00:08 - 2016-10-27 00:08 - 00000020 ___SH C:\Users\Mcx1-WEVERTON-PC\ntuser.ini
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Modelos
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Meus documentos
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Menu Iniciar
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Documents\Minhas músicas
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Documents\Minhas imagens
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Documents\Meus vídeos
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Dados de aplicativos
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Configurações locais
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\AppData\Local\Histórico
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\AppData\Local\Dados de aplicativos
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Ambiente de rede
2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Ambiente de impressão
2016-10-27 00:08 - 2016-10-19 20:32 - 00002110 _____ C:\Users\Mcx1-WEVERTON-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-27 00:08 - 2010-11-21 06:47 - 00000000 ____D C:\Users\Mcx1-WEVERTON-PC\AppData\Roaming\Media Center Programs
2016-10-25 21:33 - 2016-10-25 21:34 - 01065376 _____ (Google Inc.) C:\Users\Weverton\Downloads\ChromeSetup.exe
2016-10-25 07:21 - 2016-10-27 00:13 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\vlc
2016-10-25 07:21 - 2016-10-25 07:21 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-10-25 07:21 - 2016-10-25 07:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-10-25 07:19 - 2016-12-03 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-10-25 07:19 - 2016-10-25 07:19 - 00002318 _____ C:\Users\Public\Desktop\Free Video to Xbox Converter.lnk
2016-10-25 07:19 - 2016-10-25 07:19 - 00001243 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-10-25 07:19 - 2016-10-25 07:19 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\DVDVideoSoft
2016-10-25 07:15 - 2016-10-25 07:16 - 30533688 _____ C:\Users\Weverton\Downloads\vlc-2.2.4-win32.exe
2016-10-25 07:14 - 2016-10-25 07:16 - 25539712 _____ (DVDVideoSoft Ltd. ) C:\Users\Weverton\Downloads\free-video-to-xbox-converter-5-0-22-128-es-en-win.exe
2016-10-25 07:09 - 2016-10-25 07:09 - 00000000 ____D C:\Users\Weverton\Documents\Apowersoft
2016-10-25 07:09 - 2016-10-25 07:09 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Apowersoft
2016-10-25 07:09 - 2016-10-25 07:09 - 00000000 ____D C:\Users\Todos os Usuários\Apowersoft
2016-10-25 07:09 - 2016-10-25 07:09 - 00000000 ____D C:\ProgramData\Apowersoft
2016-10-25 07:05 - 2016-10-25 07:07 - 21094712 _____ (APOWERSOFT LIMITED ) C:\Users\Weverton\Downloads\mkv-converter-studio.exe
2016-10-19 21:14 - 2016-10-19 21:14 - 00009160 _____ C:\Users\Weverton\Documents\000.wlmp
2016-10-19 20:40 - 2016-10-19 20:40 - 00000000 ____D C:\Users\Weverton\Tracing
2016-10-19 20:37 - 2016-10-19 20:37 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-10-19 20:37 - 2016-10-19 20:37 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-10-19 20:37 - 2016-10-19 20:37 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-10-19 20:37 - 2016-10-19 20:37 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-10-19 20:36 - 2016-10-19 20:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-10-19 20:36 - 2014-03-31 21:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2016-10-19 20:33 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-10-19 20:33 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-10-19 20:33 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-10-19 20:33 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-10-19 20:33 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-10-19 20:32 - 2016-10-19 20:32 - 00002155 _____ C:\Users\Weverton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-19 20:32 - 2016-10-19 20:32 - 00002110 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-19 20:32 - 2016-10-19 20:32 - 00002110 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-19 20:32 - 2016-10-19 20:32 - 00002110 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-10-19 20:32 - 2016-10-19 20:32 - 00000000 ___RD C:\Users\Weverton\OneDrive
2016-10-19 20:32 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-10-19 20:31 - 2016-10-19 20:31 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-10-19 20:31 - 2016-10-19 20:31 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-10-19 20:30 - 2016-11-16 11:44 - 00000000 ____D C:\Users\Weverton\AppData\Local\Windows Live
2016-10-19 20:30 - 2016-10-19 20:30 - 01242312 _____ (Microsoft Corporation) C:\Users\Weverton\Downloads\Baixaki_windows-movie-maker [1].exe
2016-10-19 20:28 - 2016-10-19 20:29 - 01816736 _____ ( ) C:\Users\Weverton\Downloads\Baixaki_windows-movie-maker.exe
2016-10-19 20:20 - 2016-10-19 20:20 - 00108144 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.24 (1).jpeg
2016-10-19 20:20 - 2016-10-19 20:20 - 00091741 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.27 (1).jpeg
2016-10-19 20:20 - 2016-10-19 20:20 - 00086489 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.21 (1).jpeg
2016-10-19 20:20 - 2016-10-19 20:20 - 00071042 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.24 (2).jpeg
2016-10-19 20:20 - 2016-10-19 20:20 - 00061437 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.27.jpeg
2016-10-19 20:20 - 2016-10-19 20:20 - 00054399 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.24.jpeg
2016-10-19 20:20 - 2016-10-19 20:20 - 00038575 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.22.jpeg
2016-10-19 20:20 - 2016-10-19 20:20 - 00036436 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.21.jpeg
2016-10-19 19:17 - 2016-10-19 19:17 - 00000000 ____D C:\Users\Todos os Usuários\Vitalwerks
2016-10-19 19:17 - 2016-10-19 19:17 - 00000000 ____D C:\ProgramData\Vitalwerks
2016-10-19 19:15 - 2016-10-19 19:15 - 00000000 ____D C:\Users\Weverton\AppData\Local\Vitalwerks
2016-10-19 19:14 - 2016-10-19 19:14 - 00241736 _____ C:\Users\Weverton\Downloads\DUCSetup_v4_1_1.exe
2016-10-18 10:54 - 2016-12-13 00:54 - 00000282 _____ C:\Windows\Tasks\{3FE401CC-8D92-B6E2-85AE-42DA21CA5C0E}.job
2016-10-18 10:54 - 2016-10-19 08:54 - 00000000 ____D C:\Users\Wanderson\AppData\Local\{B7EB8150-92B9-EC26-F98F-CBF4255D36CA}
2016-10-18 10:54 - 2016-10-18 10:54 - 00003232 _____ C:\Windows\System32\Tasks\{3FE401CC-8D92-B6E2-85AE-42DA21CA5C0E}
2016-10-18 10:53 - 2016-10-18 10:59 - 00000000 ____D C:\Users\Wanderson\AppData\Local\{B7B681EA-931E-ED52-FE86-C8BADAEE3422}
2016-10-17 23:11 - 2016-10-17 23:19 - 00000000 ____D C:\Users\Wanderson\Documents\Músicas só Bonde do Brasil
2016-10-17 22:57 - 2016-10-17 23:11 - 00000000 ____D C:\Users\Wanderson\Documents\Músicas só Breguinha
2016-10-17 22:53 - 2016-10-17 22:56 - 00000000 ____D C:\Users\Wanderson\Documents\Músicas só Sofrência
2016-10-17 08:45 - 2016-12-11 22:24 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\.minecraft
2016-10-17 08:45 - 2016-10-17 08:45 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\java
2016-10-16 22:22 - 2016-10-16 22:22 - 00000000 ____D C:\Users\Weverton\Documents\Electronic Arts
2016-10-16 22:21 - 2016-10-16 22:21 - 00001650 _____ C:\Users\Weverton\Desktop\The Sims 4.lnk
2016-10-16 22:18 - 2016-12-12 22:49 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-10-16 22:18 - 2016-12-12 22:49 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-16 22:18 - 2014-10-19 14:54 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2016-10-16 22:17 - 2016-10-16 22:17 - 00001195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2016-10-16 14:05 - 2016-10-16 14:05 - 176302643 _____ C:\Users\Weverton\Downloads\Minecraft 1.8.1.zip
2016-10-16 14:05 - 2016-10-16 14:05 - 00002101 _____ C:\Users\Public\Desktop\Minecraft.lnk
2016-10-16 14:05 - 2016-10-16 14:05 - 00000000 ____D C:\Users\Weverton\Desktop\Minecraft 1.8.1
2016-10-16 14:05 - 2016-10-16 14:05 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-10-16 13:28 - 2016-10-16 14:05 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\.minecraft
2016-10-16 13:28 - 2016-10-16 13:28 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\java
2016-10-16 13:23 - 2016-10-16 13:23 - 02314240 _____ C:\Users\Weverton\Downloads\MinecraftInstaller.msi
2016-10-16 13:18 - 2016-10-16 13:19 - 09775953 _____ C:\Users\Weverton\Downloads\craftlandia.zip
2016-10-16 13:17 - 2016-10-16 21:55 - 00000000 ____D C:\Users\Weverton\Downloads\[www.tecdowns.com.br] The.Sims.4-RELOADED
2016-10-14 12:38 - 2016-10-14 12:38 - 00852686 _____ C:\Users\Weverton\Downloads\'-'.html
2016-10-14 12:38 - 2016-10-14 12:38 - 00000000 ____D C:\Users\Weverton\Downloads\'-'_files
2016-10-11 13:22 - 2016-10-11 13:23 - 04448979 _____ C:\Users\Weverton\Downloads\manual-acr-1000-20150615143727.pdf
2016-10-10 22:06 - 2016-10-10 22:06 - 00251324 _____ C:\Users\Weverton\Downloads\FaturaHipercard-09-2016 (1).pdf
2016-10-10 22:05 - 2016-10-10 22:05 - 00251281 _____ C:\Users\Weverton\Downloads\FaturaHipercard-10-2016.pdf
2016-10-10 16:03 - 2016-10-10 16:03 - 00000000 ____D C:\Users\Weverton\AppData\Local\CrashRpt
2016-10-10 15:59 - 2016-10-10 16:02 - 13979168 _____ C:\Users\Weverton\Downloads\HSS-6.0.3-install-hss-816-ext.exe
2016-10-08 10:48 - 2016-12-03 23:48 - 00000209 _____ C:\Users\Wanderson\AppData\Roaming\WB.CFG
2016-10-07 23:48 - 2016-10-07 23:48 - 00001138 _____ C:\Users\Weverton\Desktop\Facebook Games Arcade (BETA).lnk
2016-10-07 23:48 - 2016-10-07 23:48 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2016-10-07 23:48 - 2016-10-07 23:48 - 00000000 ____D C:\Users\Weverton\AppData\Local\FacebookGames
2016-10-07 23:47 - 2016-10-07 23:47 - 00000000 ____D C:\Users\Weverton\AppData\Local\Facebook
2016-10-07 23:45 - 2016-10-07 23:45 - 00110816 _____ () C:\Users\Weverton\Downloads\FacebookGamesArcadeSetup.exe
2016-10-07 16:54 - 2016-10-07 16:54 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\WinRAR
2016-10-07 16:51 - 2016-10-18 10:58 - 00002243 _____ C:\Users\Wanderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2016-10-07 16:51 - 2016-10-18 10:58 - 00000000 ____D C:\Users\Wanderson\AppData\Local\chromium
2016-10-07 16:48 - 2016-12-13 00:48 - 00000284 _____ C:\Windows\Tasks\{7B91D2B7-E887-95F1-F98A-0FE008BE1BAC}.job
2016-10-07 16:48 - 2016-12-03 23:49 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Lamocukodo
2016-10-07 16:48 - 2016-10-18 10:54 - 00002378 _____ C:\Users\Wanderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-10-07 16:48 - 2016-10-07 16:51 - 00000000 ____D C:\Users\Wanderson\AppData\Local\{C975FF29-EDDD-9391-8045-B679A42D4AE1}
2016-10-07 16:48 - 2016-10-07 16:48 - 00003234 _____ C:\Windows\System32\Tasks\{7B91D2B7-E887-95F1-F98A-0FE008BE1BAC}
2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Setup356618
2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Setup353482
2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Setup352359
2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Sarafat
2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\Users\Todos os Usuários\{A0376554-2A75-EF92-ACB3-71D036F1FA1E}
2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\ProgramData\{A0376554-2A75-EF92-ACB3-71D036F1FA1E}
2016-10-07 16:46 - 2016-10-07 16:46 - 01267784 _____ ( ) C:\Users\Wanderson\Downloads\CD VOL.9 - DESEJO DE MENINA.exe
2016-10-07 16:44 - 2016-10-07 16:45 - 01267784 _____ ( ) C:\Users\Wanderson\Downloads\DM - As Melhores 03.exe
2016-10-07 16:44 - 2016-10-07 16:44 - 01267784 _____ ( ) C:\Users\Wanderson\Downloads\CD BUTECO DA DESEJO.exe
2016-10-06 21:37 - 2016-10-06 21:37 - 00001261 _____ C:\Users\Weverton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pandion.lnk
2016-10-06 21:37 - 2016-10-06 21:37 - 00001253 _____ C:\Users\Weverton\Desktop\Pandion.lnk
2016-10-06 21:37 - 2016-10-06 21:37 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Pandion
2016-10-06 21:37 - 2016-10-06 21:37 - 00000000 ____D C:\Users\Weverton\AppData\Local\Pandion
2016-10-06 21:36 - 2016-10-06 21:36 - 01904200 _____ C:\Users\Weverton\Downloads\Pandion_2.6.114.msi
2016-10-06 12:31 - 2016-10-06 12:31 - 00042064 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys
2016-10-04 22:16 - 2016-10-04 22:16 - 01947947 _____ C:\Users\Weverton\Downloads\Cartaz_TECINFO 2017.jpeg
2016-10-04 21:59 - 2016-10-04 21:59 - 01947947 _____ C:\Users\Weverton\Downloads\Cartaz_TECINFO 2017.pdf
2016-09-30 20:05 - 2016-10-12 16:57 - 00033710 _____ C:\Users\Wanderson\Documents\Apresentação1.pptx
2016-09-27 10:53 - 2016-09-27 10:53 - 00001608 _____ C:\Users\Weverton\Downloads\Não confirmado 814265.crdownload
2016-09-27 10:53 - 2016-09-27 10:53 - 00001608 _____ C:\Users\Weverton\Downloads\Não confirmado 444260.crdownload
2016-09-27 10:52 - 2016-09-27 10:52 - 00001608 _____ C:\Users\Weverton\Downloads\Não confirmado 25649.crdownload
2016-09-27 09:48 - 2016-09-27 09:49 - 00772096 _____ C:\Users\Weverton\Downloads\pw clean - 1.0.6 - [atalhos].exe
2016-09-23 12:51 - 2016-09-23 12:54 - 29541534 _____ C:\Users\Weverton\Downloads\lista-dez_2015.pdf
2016-09-23 12:50 - 2016-09-23 12:50 - 00107272 _____ C:\Users\Weverton\Downloads\RedeAT.pdf
2016-09-21 10:01 - 2016-09-21 10:01 - 05170312 _____ (Macrovision Corporation) C:\Users\Wanderson\Downloads\HP_Keyboard_V1.5.0.6.exe
2016-09-21 10:01 - 2016-09-21 10:01 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\driveridentifier
2016-09-21 10:00 - 2016-09-21 10:00 - 04276266 _____ (DriverIdentifier ) C:\Users\Wanderson\Downloads\driverdouble_setup.exe
2016-09-21 09:54 - 2016-09-21 09:54 - 02207264 _____ (Easeware ) C:\Users\Wanderson\Downloads\DriverNavigator_Setup.exe
2016-09-21 09:36 - 2016-09-21 09:36 - 02793824 _____ (Speedy HLDGS Limited ) C:\Users\Wanderson\Downloads\setup.exe
2016-09-20 21:14 - 2016-09-20 21:14 - 00000000 ____D C:\Users\Família\AppData\LocalLow\IObit
2016-09-19 08:35 - 2016-09-19 08:35 - 00250170 _____ C:\Users\Weverton\Downloads\FaturaHipercard-09-2016.pdf
2016-09-19 08:35 - 2016-09-19 08:35 - 00249817 _____ C:\Users\Weverton\Downloads\FaturaHipercard-08-2016.pdf
2016-09-16 15:24 - 2016-09-16 15:24 - 00081722 _____ C:\Users\Weverton\Documents\Bora.pdf
2016-09-16 13:50 - 2016-09-16 13:50 - 00083764 _____ C:\Users\Weverton\Documents\666666.pdf
2016-09-16 11:34 - 2016-09-16 11:34 - 00085188 _____ C:\Users\Weverton\Documents\208.pdf
2016-09-16 08:07 - 2016-09-16 08:07 - 00081943 _____ C:\Users\Weverton\Documents\210.pdf
2016-09-15 00:28 - 2016-09-15 00:28 - 00091355 _____ C:\Users\Weverton\Documents\ultimas de todas.pdf
2016-09-14 19:03 - 2016-09-14 19:03 - 00082062 _____ C:\Users\Weverton\Documents\66.pdf
2016-09-14 00:50 - 2016-09-14 00:50 - 00084764 _____ C:\Users\Weverton\Documents\vvv.pdf
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-12 22:49 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-12 22:44 - 2009-07-14 01:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-12 22:44 - 2009-07-14 01:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-12 22:39 - 2016-08-18 20:21 - 00136152 _____ C:\Users\Weverton\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-12 22:34 - 2016-10-19 19:15 - 00000000 ____D C:\Program Files (x86)\No-IP
2016-12-12 19:04 - 2016-08-21 15:58 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-12-12 19:04 - 2016-08-21 15:58 - 00000000 ____D C:\ProgramData\ProductData
2016-12-12 19:03 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-11 19:52 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-09 12:44 - 2016-08-21 15:57 - 00000000 ____D C:\Users\Weverton\Downloads\Advanced Systemcare-9 PRO + Crack - By SystemTEC
2016-12-08 22:26 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-12-08 07:53 - 2016-08-21 15:57 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-12-08 07:53 - 2016-08-21 15:57 - 00000000 ____D C:\ProgramData\IObit
2016-12-07 07:26 - 2016-08-21 15:58 - 00002260 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-12-05 06:20 - 2016-08-18 19:45 - 00000000 ____D C:\Users\Weverton
2016-12-03 23:34 - 2016-08-18 21:04 - 00002804 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-12-03 23:19 - 2016-09-12 20:53 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\PhotoScape
2016-12-03 23:19 - 2016-09-07 19:55 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\uTorrent
2016-12-03 23:19 - 2016-08-23 07:45 - 00000000 ____D C:\Users\Família\AppData\Roaming\ProductData
2016-12-03 23:19 - 2016-08-22 19:00 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\ProductData
2016-12-03 23:19 - 2016-08-21 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2016-12-03 23:19 - 2016-08-21 15:58 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\ProductData
2016-12-03 23:19 - 2016-08-21 15:58 - 00000000 ____D C:\Users\Weverton\AppData\LocalLow\IObit
2016-12-03 23:19 - 2016-08-21 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-12-03 23:19 - 2016-08-21 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-12-03 23:19 - 2016-08-21 15:57 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\IObit
2016-12-03 23:19 - 2016-08-19 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-03 23:19 - 2016-08-19 14:02 - 00000000 ____D C:\Program Files\Java
2016-12-03 23:19 - 2016-08-19 11:00 - 00000000 ____D C:\Users\Família
2016-12-03 23:19 - 2016-08-19 10:59 - 00000000 ____D C:\Users\Wanderson
2016-12-03 23:19 - 2016-08-18 20:07 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-12-03 23:19 - 2010-11-21 06:47 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-12-03 23:19 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-12-03 23:19 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\registration
2016-12-03 23:18 - 2016-08-19 11:00 - 00000000 ____D C:\Users\Família\AppData\Local\Google
2016-12-03 23:18 - 2016-08-18 20:03 - 00000000 __RHD C:\MSOCache
==================== Arquivos na raiz de alguns diretórios =======
2016-08-18 20:29 - 2016-08-18 20:29 - 7065600 _____ () C:\Program Files (x86)\GUTE8E8.tmp
2016-12-12 16:48 - 2016-12-12 16:48 - 0621568 _____ () C:\Users\Weverton\AppData\Roaming\repair.exe
2016-12-10 10:47 - 2016-12-12 11:01 - 0001591 _____ () C:\ProgramData\Client Monitor
2016-08-18 20:14 - 2016-08-18 20:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{3FE401CC-8D92-B6E2-85AE-42DA21CA5C0E}.job
C:\Windows\Tasks\{7B91D2B7-E887-95F1-F98A-0FE008BE1BAC}.job
Alguns arquivos em TEMP:
====================
C:\Users\Wanderson\AppData\Local\Temp\ICReinstall_CD BUTECO DA DESEJO.exe
C:\Users\Weverton\AppData\Local\Temp\corelsetup.exe
C:\Users\Weverton\AppData\Local\Temp\Keygen1.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-08-18 19:40
==================== Fim de FRST.txt ============================