cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Commentaire : http://www.cjoint.com/c/GAmiWRjKl5F

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 11-01-2017
Executado por Walter Franklim (administrador) em DEMOLAY (12-01-2017 04:42:56)
Executando a partir de C:\Users\Walter Franklim\Desktop
Perfis Carregados: Walter Franklim (Perfis Disponíveis: Particular & Walter Franklim & Convidado)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão não detectado!)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(IObit) C:\Program Files\IObit\Smart Defrag\Pub\PubMonitor.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
() C:\Windows\KMS-R@1nHook.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Users\Walter Franklim\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Walter Franklim\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Walter Franklim\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Walter Franklim\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Walter Franklim\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Walter Franklim\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Google Inc.) C:\Users\Walter Franklim\AppData\Local\Google\Chrome SxS\Application\chrome.exe

==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2262320 2013-05-27] (ELAN Microelectronics Corp.)
HKLM\...\RunOnce: [Gahetuma] => C:\Windows\system32\wscript.exe /E:vbscript /B "C:\Users\WALTER~1\AppData\Roaming\Dapagahep"
HKLM\...\RunOnce: [Bosefelibo] => C:\Windows\system32\wscript.exe /E:vbscript /B "C:\Users\WALTER~1\AppData\Roaming\Fitap"
Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll [2016-12-18] (Caixa Economica Federal)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-240237904-3152138187-639416452-1003\...\Policies\Explorer: [HideSCAHealth] 0
IFEO\OSPPSVC.EXE: [Debugger] KMS-R@1nHook.exe
IFEO\SppSvc.exe: [Debugger] KMS-R@1nHook.exe
ShellExecuteHooks: Sem Nome - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> Nenhum Arquivo
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll [1903328 2016-12-18] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2017-01-11] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2017-01-11] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2017-01-11] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => -> Nenhum Arquivo
Startup: C:\Users\Particular\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-10-07]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited)
GroupPolicy: Restrição ? <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 200.189.88.61 200.189.88.66
Tcpip\..\Interfaces\{74062B66-3D61-4744-B95A-C1E614AEE0D3}: [DhcpNameServer] 200.189.88.61 200.189.88.66
Tcpip\..\Interfaces\{AAF5829D-B5C1-469D-9880-A3A5A2BA4163}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{B1FD0B0B-4C40-4D8B-9E21-84AF39F4C5FC}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{CF6EE208-2653-4EBB-95AF-D8A4D8103F5D}: [DhcpNameServer] 200.189.88.52 200.189.88.12

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztCtCtAtB0BtC0FyC0CyEtBtDyEtDtN0D0Tzu0StCyByEtAtN1L2XzutAtFtByEtFtByDtFyDtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEzztByByC0CzyyDtGtA0CtCtCtG0DyE0EyBtGtDyDtCyDtG0B0DtAyCyC0C0BtD0C0CtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyE0F0Fzy0AtC0AtG0Dzy0AyDtGyEtD0C0DtGzztA0A0EtGtB0FyDyCzz0F0Azz0AtCtA0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEyCtD%26cr%3D791190614%26a%3Dwbf_fs_16_40%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=home
HKU\S-1-5-21-240237904-3152138187-639416452-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztCtCtAtB0BtC0FyC0CyEtBtDyEtDtN0D0Tzu0StCyByEtAtN1L2XzutAtFtByEtFtByDtFyDtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEzztByByC0CzyyDtGtA0CtCtCtG0DyE0EyBtGtDyDtCyDtG0B0DtAyCyC0C0BtD0C0CtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyE0F0Fzy0AtC0AtG0Dzy0AyDtGyEtD0C0DtGzztA0A0EtGtB0FyDyCzz0F0Azz0AtCtA0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEyCtD%26cr%3D791190614%26a%3Dwbf_fs_16_40%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
SearchScopes: HKLM -> DefaultScope {0633ee93-d776-472f-a0ff-e1416b8b2e3a} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_40¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztCtCtAtB0BtC0FyC0CyEtBtDyEtDtN0D0Tzu0StCyByEtAtN1L2XzutAtFtByEtFtByDtFyDtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEzztByByC0CzyyDtGtA0CtCtCtG0DyE0EyBtGtDyDtCyDtG0B0DtAyCyC0C0BtD0C0CtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyE0F0Fzy0AtC0AtG0Dzy0AyDtGyEtD0C0DtGzztA0A0EtGtB0FyDyCzz0F0Azz0AtCtA0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEyCtD%26cr%3D791190614%26a%3Dwbf_fs_16_40%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_40¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztCtCtAtB0BtC0FyC0CyEtBtDyEtDtN0D0Tzu0StCyByEtAtN1L2XzutAtFtByEtFtByDtFyDtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEzztByByC0CzyyDtGtA0CtCtCtG0DyE0EyBtGtDyDtCyDtG0B0DtAyCyC0C0BtD0C0CtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyE0F0Fzy0AtC0AtG0Dzy0AyDtGyEtD0C0DtGzztA0A0EtGtB0FyDyCzz0F0Azz0AtCtA0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEyCtD%26cr%3D791190614%26a%3Dwbf_fs_16_40%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://search.speedbit.com/search.aspx?s=E6Re105&q={searchTerms}
SearchScopes: HKU\S-1-5-21-240237904-3152138187-639416452-1003 -> DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-240237904-3152138187-639416452-1003 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-240237904-3152138187-639416452-1003 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-240237904-3152138187-639416452-1003 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://search.speedbit.com/search.aspx?s=E6Re105&q={searchTerms}
SearchScopes: HKU\S-1-5-21-240237904-3152138187-639416452-1003 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.hotsearches.info/?l=1&q={searchTerms}&pid=22394&r=2015/06/22&hid=13171133701857723959&lg=EN&cc=BR&unqvl=90
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-12-29] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-29] (Microsoft Corporation)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files\GbPlugin\gbiehcef.dll [2016-12-18] (Caixa Economica Federal)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-29] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-29] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-29] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-29] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-29] (Microsoft Corporation)
Handler: skypec2c - Nenhum Valor CLSID -
Handler: WSAllMyTubechrome - Nenhum Valor CLSID -
Handler: WSIEChrome - Nenhum Valor CLSID -
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Walter Franklim\AppData\Roaming\Mozilla\Firefox\Profiles\174vu3ic.default-1472101785015 [2017-01-10]
FF user.js: detected! => C:\Users\Walter Franklim\AppData\Roaming\Mozilla\Firefox\Profiles\174vu3ic.default-1472101785015\user.js [2016-12-23]
FF NewTab: Mozilla\Firefox\Profiles\174vu3ic.default-1472101785015 -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\174vu3ic.default-1472101785015 -> hxxp://www.google.com/
FF Keyword.URL: Mozilla\Firefox\Profiles\174vu3ic.default-1472101785015 -> user_pref("keyword.URL", true);
FF Extension: (MEGA) - C:\Users\Walter Franklim\AppData\Roaming\Mozilla\Firefox\Profiles\174vu3ic.default-1472101785015\Extensions\firefox@mega.co.nz.xpi [2016-12-10]
FF SearchPlugin: C:\Users\Walter Franklim\AppData\Roaming\Mozilla\Firefox\Profiles\174vu3ic.default-1472101785015\searchplugins\yahoo! powered.xml [2016-10-09]
FF HKLM\...\Firefox\Extensions: [searchpredict@speedbit.com] - => não encontrado (a)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-24] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Windows\system32\npovshelper.dll [2011-05-06] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-02] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-29] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-14] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-240237904-3152138187-639416452-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Walter Franklim\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-240237904-3152138187-639416452-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Walter Franklim\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-29] (Google Inc.)

Chrome:
=======
StartMenuInternet: Google Chrome Canary.MF2EIVJPYDAD4XSUXFJOXOBAOU - C:\Users\Walter Franklim\AppData\Local\Google\Chrome SxS\Application\chrome.exe

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S4 AdvancedSystemCareService10; C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [462624 2016-10-14] (IObit)
S4 BASSVC; C:\Program Files\Baidu Security\MoboMarket\1.3.7.5967\bassvc.exe [208928 2015-04-22] (Baidu, Inc.)
S4 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [1776216 2015-08-15] (Microsoft Corporation)
S4 FastTrackUltraAudioDevMon; C:\Program Files\M-Audio\Fast Track Ultra\AudioDevMon.exe [1700584 2014-09-22] (M-Audio)
R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [631520 2016-12-19] (GAS Tecnologia)
S4 KMS-R@1n; C:\Windows\KMS-R@1n.exe [23040 2016-12-23] () [Arquivo não assinado]
S4 PaceLicenseDServices; C:\Program Files\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2938880 2012-05-18] (PACE Anti-Piracy, Inc.) [Arquivo não assinado]
S4 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-12-04] (@ByELDI) [Arquivo não assinado]
S4 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [575488 2008-09-08] (Nokia.) [Arquivo não assinado]
S4 SparkSvc; C:\Program Files\baidu\Baidu Browser\sparkservice.exe [97080 2016-01-14] (Baidu Inc.)
S4 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [529632 2015-11-04] (GAS Tecnologia LTDA)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [75416 2016-12-24] (Alcor Micro, Corp.)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [3365624 2016-12-23] (Qualcomm Atheros Communications, Inc.)
R1 BprotectEx; C:\Windows\System32\drivers\BprotectEx.sys [113992 2015-03-31] (Baidu, Inc.)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47504 2016-07-16] (IVT Corporation.)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [21600 2011-12-21] (IVT Corporation.)
S3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [51200 2009-07-13] (Microsoft Corporation)
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [27744 2011-12-21] (IVT Corporation.)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2012-12-13] (Windows (R) Win 7 DDK provider)
R2 DigiNet; C:\Windows\System32\DRIVERS\diginet.sys [18264 2012-09-11] (Avid Technology, Inc.)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [327472 2013-05-31] (ELAN Microelectronics Corp.)
R0 GbpKm; C:\Windows\System32\drivers\GbpKm.sys [49496 2015-12-08] (GAS Tecnologia)
R1 HMFAxCore56d706f6725c732df006697fd5ec3381; C:\Windows\HMFAxCore56d706f6725c732df006697fd5ec3381.sys [96328 2013-11-29] (Eltima Software)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-08-28] (REALiX(tm))
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [489832 2013-11-21] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24424 2013-11-21] (Intel Corporation)
R3 Impcd; C:\Windows\System32\DRIVERS\Impcd.sys [132480 2010-02-27] (Intel Corporation) [Arquivo não assinado]
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [270336 2011-08-23] (Intel(R) Corporation) [Arquivo não assinado]
S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [23048 2010-04-06] (IVT Corporation.)
S3 MAUSBFASTTRACKULTRA; C:\Windows\System32\DRIVERS\MAudioFastTrackUltra.sys [145384 2014-09-22] (M-Audio)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-05-10] (Malwarebytes Corporation)
R1 ndisrd; C:\Windows\System32\DRIVERS\ndisrd.sys [37408 2014-10-28] (NT Kernel Resources)
S3 RDID1087; C:\Windows\System32\Drivers\rdwm1087.sys [61440 2009-09-18] (Roland Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [26792 2016-07-16] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-09-13] ()
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [33608 2014-04-09] (The OpenVPN Project)
R0 TPkd; C:\Windows\system32\Drivers\TPkd.sys [93336 2012-05-16] (PACE Anti-Piracy, Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-11] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert32.sys [31448 2015-07-07] (Basil)
S1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [80728 2016-02-17] (GAS Tecnologia)
S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [79064 2015-03-18] (GAS Tecnologia)
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbw.sys [36064 2015-07-28] (Yamaha Corporation)
S1 aswSnx; \SystemRoot\system32\drivers\aswSnx.sys [X]
S1 aswSP; \SystemRoot\system32\drivers\aswSP.sys [X]
S2 aswStm; \SystemRoot\system32\drivers\aswStm.sys [X]
S0 aswVmm; não ImagePath
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
U2 clr_optimization_v2.0.50727_64; não ImagePath
S3 cpuz138; não ImagePath
S0 gbpddreg; system32\drivers\gbpddreg32.sys [X]
S0 ngvss; não ImagePath
S3 PCFApiUtil; não ImagePath
S3 Spring; não ImagePath

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2029-09-07 12:31 - 2029-09-07 12:31 - 00028714 _____ (EMC Software GmbH) C:\Windows\system32\codec.dat
2017-01-12 04:42 - 2017-01-12 04:43 - 00021917 _____ C:\Users\Walter Franklim\Desktop\FRST.txt
2017-01-12 04:18 - 2017-01-12 04:42 - 00000000 ____D C:\FRST
2017-01-12 04:17 - 2017-01-12 04:17 - 01761280 _____ (Farbar) C:\Users\Walter Franklim\Desktop\FRST.exe
2017-01-12 04:07 - 2017-01-12 04:07 - 00639386 _____ C:\Users\Walter Franklim\Downloads\Windows6.1-KB3118401-x86.msu
2017-01-12 04:07 - 2017-01-12 04:07 - 00000000 ____D C:\83dfbb3839d58605c8582f3b
2017-01-12 04:02 - 2017-01-12 04:02 - 01179552 _____ (Microsoft Corporation) C:\Users\Walter Franklim\Downloads\SDKSETUP.EXE
2017-01-12 04:02 - 2017-01-12 04:02 - 00629006 _____ C:\Users\Walter Franklim\Downloads\Windows6.1-KB2999226-x86 (2).msu
2017-01-12 03:56 - 2017-01-12 03:56 - 00001014 _____ C:\Users\Public\Desktop\Kontakt 5.lnk
2017-01-12 03:56 - 2017-01-12 03:56 - 00000000 __HDC C:\Users\Todos os Usuários\{0CF1F946-2AAE-48A9-BD6C-DF71FE72E1D1}
2017-01-12 03:56 - 2017-01-12 03:56 - 00000000 __HDC C:\ProgramData\{0CF1F946-2AAE-48A9-BD6C-DF71FE72E1D1}
2017-01-12 03:53 - 2017-01-12 03:53 - 00000000 ____D C:\Users\Todos os Usuários\Native Instruments
2017-01-12 03:53 - 2017-01-12 03:53 - 00000000 ____D C:\ProgramData\Native Instruments
2017-01-12 03:53 - 2017-01-12 03:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2017-01-12 03:53 - 2017-01-12 03:53 - 00000000 ____D C:\Program Files\Native Instruments
2017-01-12 03:27 - 2017-01-12 03:27 - 00000000 ____D C:\e7d726e8d431924400269d203a51554d
2017-01-12 02:38 - 2016-09-30 18:31 - 00019648 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-01-12 02:38 - 2016-09-30 10:50 - 00023232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-01-12 02:37 - 2017-01-12 02:37 - 00000000 ____D C:\4997ffaa13b7862aa6d6
2017-01-12 00:50 - 2017-01-12 00:50 - 00000000 ____D C:\0ae1ef2c387ef02bf70731
2017-01-12 00:41 - 2017-01-12 00:41 - 00000000 ____D C:\Windows\pss
2017-01-12 00:39 - 2017-01-12 00:39 - 00000000 ____D C:\83a4d7539e771bbaa31212dc
2017-01-12 00:38 - 2017-01-12 00:38 - 00629006 _____ C:\Users\Walter Franklim\Downloads\Windows6.1-KB2999226-x86 (1).msu
2017-01-12 00:21 - 2017-01-12 00:21 - 00000000 ____D C:\a7ca2d13f025397de0228d8ede54951f
2017-01-12 00:07 - 2017-01-12 00:07 - 00629006 _____ C:\Users\Walter Franklim\Downloads\Windows6.1-KB2999226-x86.msu
2017-01-11 23:56 - 2017-01-11 23:56 - 00000000 ____D C:\51884ecf9508f65d261f
2017-01-11 22:46 - 2017-01-11 23:07 - 773240626 _____ C:\Users\Walter Franklim\Downloads\Kontakt 5.6.0.rar
2017-01-11 22:06 - 2017-01-11 22:06 - 00000000 ____D C:\Users\Walter Franklim\Documents\Native Instruments
2017-01-11 19:41 - 2017-01-11 19:51 - 615138286 _____ C:\Users\Walter Franklim\Downloads\TIMBRES KONTAKT.NKI - PARTE 1.rar
2017-01-11 18:58 - 2017-01-11 18:59 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\Spotify
2017-01-11 18:58 - 2017-01-11 18:58 - 00001854 _____ C:\Users\Walter Franklim\Desktop\Spotify.lnk
2017-01-11 18:58 - 2017-01-11 18:58 - 00001840 _____ C:\Users\Walter Franklim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-01-11 18:57 - 2017-01-11 19:04 - 00000000 ____D C:\Users\Walter Franklim\AppData\Roaming\Spotify
2017-01-04 23:50 - 2017-01-04 23:50 - 00358635 _____ C:\Users\Walter Franklim\Downloads\sf-sistema-sedol2-id-documento-composto-51259.pdf
2017-01-04 18:31 - 2017-01-04 18:31 - 00000000 ____D C:\e210dcbf6ecf2f692cdeba
2017-01-04 17:58 - 2017-01-04 17:59 - 13767776 _____ (Microsoft Corporation) C:\Users\Walter Franklim\Downloads\vc_redist.x86.exe
2017-01-04 17:41 - 2017-01-04 17:41 - 00000000 ____D C:\95e369a565ee91381d828f9bee95
2017-01-04 15:30 - 2017-01-04 15:30 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\M-Audio
2017-01-04 15:30 - 2017-01-04 15:30 - 00000000 ____D C:\Users\Todos os Usuários\M-Audio
2017-01-04 15:30 - 2017-01-04 15:30 - 00000000 ____D C:\ProgramData\M-Audio
2017-01-04 15:27 - 2017-01-10 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2017-01-04 15:26 - 2017-01-04 15:26 - 00000000 ____D C:\Program Files\M-Audio
2016-12-31 23:57 - 2016-12-31 23:57 - 00163247 _____ C:\Users\Particular\Downloads\WhatsApp Image 2016-12-31 at 23.55.01 (7).jpeg
2016-12-31 23:57 - 2016-12-31 23:57 - 00144165 _____ C:\Users\Particular\Downloads\WhatsApp Image 2016-12-31 at 23.55.01 (9).jpeg
2016-12-31 23:57 - 2016-12-31 23:57 - 00141340 _____ C:\Users\Particular\Downloads\WhatsApp Image 2016-12-31 at 23.55.01 (4).jpeg
2016-12-31 23:57 - 2016-12-31 23:57 - 00132220 _____ C:\Users\Particular\Downloads\WhatsApp Image 2016-12-31 at 23.55.01 (6).jpeg
2016-12-31 23:57 - 2016-12-31 23:57 - 00108571 _____ C:\Users\Particular\Downloads\WhatsApp Image 2016-12-31 at 23.55.01 (8).jpeg
2016-12-31 23:57 - 2016-12-31 23:57 - 00099566 _____ C:\Users\Particular\Downloads\WhatsApp Image 2016-12-31 at 23.55.01 (5).jpeg
2016-12-31 23:56 - 2016-12-31 23:56 - 00132174 _____ C:\Users\Particular\Downloads\WhatsApp Image 2016-12-31 at 23.55.01.jpeg
2016-12-31 23:56 - 2016-12-31 23:56 - 00124519 _____ C:\Users\Particular\Downloads\WhatsApp Image 2016-12-31 at 23.55.01 (1).jpeg
2016-12-30 18:27 - 2016-12-30 18:27 - 00524288 ___SH C:\Windows\system32\config\components{d60a5e18-cede-11e6-a81c-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-12-30 18:27 - 2010-05-01 00:20 - 00524288 ___SH C:\Windows\system32\config\components{d60a5e18-cede-11e6-a81c-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-12-30 18:27 - 2010-05-01 00:20 - 00065536 ___SH C:\Windows\system32\config\components{d60a5e18-cede-11e6-a81c-e8039a4ac700}.TM.blf
2016-12-30 07:41 - 2016-12-30 07:41 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-12-30 07:41 - 2016-12-30 07:41 - 00000000 ____D C:\ProgramData\GbPlugin
2016-12-30 07:33 - 2016-12-30 07:33 - 01048576 ___SH C:\Windows\system32\config\components{e0ed610d-cdfd-11e6-908a-e8039a4ac700}.TxR.2.regtrans-ms
2016-12-30 07:33 - 2016-12-30 07:33 - 01048576 ___SH C:\Windows\system32\config\components{e0ed610d-cdfd-11e6-908a-e8039a4ac700}.TxR.1.regtrans-ms
2016-12-30 07:33 - 2016-12-30 07:33 - 01048576 ___SH C:\Windows\system32\config\components{e0ed610d-cdfd-11e6-908a-e8039a4ac700}.TxR.0.regtrans-ms
2016-12-30 07:33 - 2016-12-30 07:33 - 00065536 ___SH C:\Windows\system32\config\components{e0ed610d-cdfd-11e6-908a-e8039a4ac700}.TxR.blf
2016-12-29 17:14 - 2016-12-29 17:14 - 00001921 _____ C:\Users\Walter Franklim\Desktop\chrome.lnk
2016-12-29 17:07 - 2017-01-11 11:36 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\Google
2016-12-29 17:03 - 2016-12-27 17:20 - 01125970 ____N C:\Users\Walter Franklim\Downloads\Fast Track Ultra Manual de Usuario.pdf
2016-12-29 15:38 - 2016-12-29 15:54 - 00524288 ___SH C:\Windows\system32\config\components{e0ed610e-cdfd-11e6-908a-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-12-29 15:38 - 2016-12-29 15:54 - 00524288 ___SH C:\Windows\system32\config\components{e0ed610e-cdfd-11e6-908a-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-12-29 15:38 - 2016-12-29 15:54 - 00065536 ___SH C:\Windows\system32\config\components{e0ed610e-cdfd-11e6-908a-e8039a4ac700}.TM.blf
2016-12-29 15:38 - 2016-12-29 15:38 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{0cda0994-cdfb-11e6-8d29-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-12-29 15:38 - 2016-12-29 15:38 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{0cda0994-cdfb-11e6-8d29-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-12-29 15:38 - 2016-12-29 15:38 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{0cda0994-cdfb-11e6-8d29-e8039a4ac700}.TM.blf
2016-12-29 12:43 - 2016-12-29 12:43 - 00000000 ____D C:\dbf5b8a16f14276f801167d1
2016-12-28 14:20 - 2016-12-28 14:20 - 00000000 ____D C:\Users\Walter Franklim\AppData\Roaming\CrystalIdea Software
2016-12-28 11:12 - 2016-12-28 11:12 - 00030869 _____ C:\Users\Walter Franklim\Downloads\homer-simpson-.jpg
2016-12-27 18:22 - 2016-12-27 18:22 - 00000146 _____ C:\Users\Walter Franklim\Desktop\M-Audio Fast Track Ultra.lnk
2016-12-26 00:21 - 2016-12-26 02:21 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{3820d8c7-cb1f-11e6-bddb-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-12-26 00:21 - 2016-12-26 02:21 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{3820d8c7-cb1f-11e6-bddb-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-12-26 00:21 - 2016-12-26 02:21 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{3820d8c7-cb1f-11e6-bddb-e8039a4ac700}.TM.blf
2016-12-25 23:59 - 2016-12-26 00:19 - 00524288 ___SH C:\Windows\system32\config\components{3820d7ff-cb1f-11e6-bddb-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-12-25 23:59 - 2016-12-26 00:19 - 00524288 ___SH C:\Windows\system32\config\components{3820d7ff-cb1f-11e6-bddb-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-12-25 23:59 - 2016-12-26 00:19 - 00065536 ___SH C:\Windows\system32\config\components{3820d7ff-cb1f-11e6-bddb-e8039a4ac700}.TM.blf
2016-12-25 23:57 - 2016-12-26 00:14 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{cbf568af-cb1b-11e6-974e-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-12-25 23:57 - 2016-12-26 00:14 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{cbf568af-cb1b-11e6-974e-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-12-25 23:57 - 2016-12-26 00:14 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{cbf568af-cb1b-11e6-974e-e8039a4ac700}.TM.blf
2016-12-25 23:42 - 2016-12-25 23:50 - 00000000 ____D C:\4f2b5a4243e5dcd17b25bcfbb10c9f46
2016-12-25 23:33 - 2016-12-25 23:41 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{e788ecb8-cb16-11e6-a557-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-12-25 23:33 - 2016-12-25 23:41 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{e788ecb8-cb16-11e6-a557-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-12-25 23:33 - 2016-12-25 23:41 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{e788ecb8-cb16-11e6-a557-e8039a4ac700}.TM.blf
2016-12-24 02:33 - 2016-12-24 02:33 - 00075416 _____ (Alcor Micro, Corp.) C:\Windows\system32\Drivers\AmUStor.sys
2016-12-24 02:33 - 2016-12-24 02:33 - 00041952 _____ C:\Windows\system32\AmUStor.ini
2016-12-24 02:33 - 2016-12-24 02:33 - 00019096 _____ (Alcor Micro, Corp.) C:\Windows\system32\AmUStor2.dll
2016-12-24 02:33 - 2016-12-24 02:33 - 00000124 _____ C:\Windows\system32\VendorCmd6485_SetSSC.bin
2016-12-24 02:12 - 2016-12-24 02:13 - 00000000 ____D C:\Users\Walter Franklim\AppData\Roaming\Skype
2016-12-24 02:12 - 2016-12-24 02:12 - 00000000 ____D C:\Users\Walter Franklim\Tracing
2016-12-24 02:12 - 2016-12-24 02:12 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-12-24 02:10 - 2016-12-24 02:10 - 00000000 ____D C:\Users\Walter Franklim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-24 02:04 - 2016-12-24 02:04 - 00000000 ____D C:\Users\Walter Franklim\AppData\Roaming\VS Revo Group
2016-12-24 00:18 - 2016-12-24 00:18 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\OfficeBSCache-MyComputer
2016-12-24 00:15 - 2016-12-24 00:15 - 00000000 ____D C:\Users\Walter Franklim\Documents\Modelos Personalizados do Office
2016-12-23 23:03 - 2016-12-23 23:03 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\mpress
2016-12-23 23:01 - 2016-12-23 23:01 - 00023040 _____ C:\Windows\KMS-R@1n.exe
2016-12-23 23:01 - 2016-12-23 23:01 - 00004608 _____ C:\Windows\KMS-R@1nHook.exe
2016-12-23 23:01 - 2016-12-23 23:01 - 00003584 _____ C:\Windows\KMS-R@1nHook.dll
2016-12-23 22:28 - 2016-12-23 22:28 - 00002191 _____ C:\Users\Walter Franklim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-23 22:28 - 2016-12-23 22:28 - 00002064 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-23 22:28 - 2016-12-23 22:28 - 00002064 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-23 22:28 - 2016-12-23 22:28 - 00002064 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-23 22:28 - 2016-12-23 22:28 - 00000000 ___RD C:\Users\Walter Franklim\OneDrive
2016-12-23 22:28 - 2016-12-23 22:28 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-12-23 22:28 - 2016-12-23 22:28 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-12-23 22:28 - 2016-12-23 22:28 - 00000000 ____D C:\Program Files\Microsoft OneDrive
2016-12-23 22:28 - 2016-12-23 22:28 - 00000000 ____D C:\ea90b1d26b3ac6592ec150
2016-12-23 22:27 - 2016-12-29 15:30 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-12-23 22:18 - 2016-12-23 22:18 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-12-23 22:18 - 2016-12-23 22:18 - 00002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-12-23 22:18 - 2016-12-23 22:18 - 00002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-12-23 22:18 - 2016-12-23 22:18 - 00002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-12-23 22:18 - 2016-12-23 22:18 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-12-23 22:18 - 2016-12-23 22:18 - 00002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-12-23 22:18 - 2016-12-23 22:18 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-12-23 22:18 - 2016-12-23 22:18 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-12-23 22:18 - 2016-12-23 22:18 - 00002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-12-23 22:18 - 2016-12-23 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2016-12-23 22:15 - 2016-12-29 12:42 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-12-23 22:15 - 2016-12-29 12:42 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-23 22:11 - 2016-12-23 22:11 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-12-23 20:46 - 2015-10-01 18:13 - 00014084 ____N C:\Users\Walter Franklim\Downloads\Strings.xml
2016-12-23 18:44 - 2016-12-23 18:44 - 00681026 _____ C:\Users\Walter Franklim\Downloads\choro de bebê 2.mp4
2016-12-23 17:49 - 2016-12-23 17:49 - 00000000 ____D C:\Users\Walter Franklim\AppData\OICE_15_974FA576_32C1D314_1F22
2016-12-23 17:02 - 2016-12-23 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2016-12-23 17:01 - 2016-12-23 17:02 - 00000000 ____D C:\Program Files\KMSpico
2016-12-23 17:01 - 2010-12-05 22:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2016-12-23 16:51 - 2017-01-12 06:28 - 00000000 ____D C:\Windows\AutoKMS
2016-12-23 16:19 - 2016-12-29 20:20 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-23 14:37 - 2016-12-23 14:37 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Toolkit
2016-12-23 14:37 - 2016-12-23 14:37 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2016-12-23 14:27 - 2016-12-23 16:57 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\Microsoft Toolkit
2016-12-23 12:22 - 2016-12-23 12:22 - 00144568 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2016-12-23 11:57 - 2016-12-23 11:57 - 00000162 ____H C:\Users\Particular\Desktop\~$Verbos.docx
2016-12-23 05:06 - 2016-12-23 05:06 - 00001114 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2016-12-23 04:16 - 2016-12-23 04:16 - 07704619 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-12-23 04:16 - 2016-12-23 04:16 - 07170864 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 07053688 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-12-23 04:16 - 2016-12-23 04:16 - 04291072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2016-12-23 04:16 - 2016-12-23 04:16 - 02912800 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 02905088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 02828432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET32E4.tmp
2016-12-23 04:16 - 2016-12-23 04:16 - 02558352 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 02148864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 01948800 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 01791792 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 01531672 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 01512312 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 01313120 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 01239800 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00936608 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00669584 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00645816 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00615872 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00532888 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00522704 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00522696 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00471288 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00402064 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00387624 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00371808 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00369784 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00364016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00357152 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00307232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00307232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00285624 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00243856 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00232416 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00229584 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00229584 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00229032 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00225040 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00196008 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00183608 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00181224 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00150552 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00142320 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00116648 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00105648 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00101616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00101328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00088272 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00083632 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00078480 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00074376 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00071704 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2016-12-23 04:16 - 2016-12-23 04:16 - 00022152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SETF53.tmp
2016-12-23 04:15 - 2016-12-23 04:16 - 72520712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2016-12-23 04:15 - 2016-12-23 04:15 - 02946560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2016-12-23 04:07 - 2016-12-23 04:07 - 00777736 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2016-12-23 04:06 - 2016-12-23 04:06 - 00085616 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2016-12-23 04:04 - 2017-01-04 19:54 - 00000000 ____D C:\Windows\LastGood
2016-12-23 04:04 - 2016-12-23 04:04 - 03365624 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athr.sys
2016-12-23 03:35 - 2017-01-02 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-12-23 03:35 - 2016-12-23 03:35 - 00000000 ____D C:\Users\Todos os Usuários\{74E9F814-C737-42CC-B721-DBBC4059367A}
2016-12-23 03:35 - 2016-12-23 03:35 - 00000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2016-12-23 01:32 - 2016-12-23 01:32 - 00001043 _____ C:\Users\Walter Franklim\Desktop\Cheat Engine.lnk
2016-12-23 01:32 - 2016-12-23 01:32 - 00000000 ____D C:\Users\Walter Franklim\Documents\My Cheat Tables
2016-12-23 01:32 - 2016-12-23 01:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6
2016-12-23 01:32 - 2016-12-23 01:32 - 00000000 ____D C:\Program Files\Cheat Engine 6.6
2016-12-23 01:24 - 2016-12-23 12:28 - 00000000 ____D C:\Users\Walter Franklim\AppData\LocalLow\uTorrent
2016-12-22 00:18 - 2016-12-22 10:15 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{ab4f208c-c7dd-11e6-a52e-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-12-22 00:18 - 2016-12-22 10:15 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{ab4f208c-c7dd-11e6-a52e-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-12-22 00:18 - 2016-12-22 10:15 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{ab4f208c-c7dd-11e6-a52e-e8039a4ac700}.TM.blf
2016-12-21 16:25 - 2016-12-21 16:40 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{ac4145cb-54d8-11df-93da-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-12-21 16:25 - 2016-12-21 16:40 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{ac4145cb-54d8-11df-93da-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-12-21 16:25 - 2016-12-21 16:40 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{ac4145cb-54d8-11df-93da-e8039a4ac700}.TM.blf
2016-12-21 11:57 - 2016-12-21 11:57 - 00152632 _____ C:\Users\Walter Franklim\Downloads\casa do Adalberto.jpeg
2016-12-20 12:49 - 2016-12-20 12:49 - 00043671 _____ C:\Users\Walter Franklim\Downloads\15439746_1570618116288568_4143034320209860300_n.jpg
2016-12-20 03:09 - 2016-12-20 03:09 - 00105529 _____ C:\Users\Walter Franklim\Downloads\Boleto- TRT 24.pdf
2016-12-20 01:10 - 2016-12-20 01:10 - 00606001 _____ C:\Users\Walter Franklim\Downloads\EDITAL-TRT 24 MS.pdf
2016-12-20 00:43 - 2016-12-22 00:15 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-12-19 18:25 - 2016-12-22 00:15 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\Apps\2.0
2016-12-19 18:25 - 2016-12-22 00:14 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\Apps
2016-12-19 18:25 - 2016-12-19 18:26 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\Deployment
2016-12-19 17:37 - 2016-12-22 10:43 - 00000000 ____D C:\Users\Todos os Usuários\Atheros
2016-12-19 17:37 - 2016-12-22 10:43 - 00000000 ____D C:\ProgramData\Atheros
2016-12-19 16:53 - 2016-12-19 16:53 - 00000000 ____D C:\Windows\system32\x32
2016-12-19 16:53 - 2016-12-19 16:53 - 00000000 ____D C:\Windows\system32\custom matrices
2016-12-19 16:33 - 2017-01-03 12:50 - 00002436 _____ C:\Users\Particular\Desktop\Google Chrome Canary.lnk
2016-12-18 04:24 - 2016-12-29 01:30 - 00524288 ___SH C:\Windows\system32\config\components{ed6fa5d9-c4fa-11e6-b5bc-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-12-18 04:24 - 2016-12-29 01:30 - 00065536 ___SH C:\Windows\system32\config\components{ed6fa5d9-c4fa-11e6-b5bc-e8039a4ac700}.TM.blf
2016-12-18 04:24 - 2016-12-18 04:36 - 00524288 ___SH C:\Windows\system32\config\components{ed6fa5d9-c4fa-11e6-b5bc-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-12-18 04:22 - 2016-12-18 04:47 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{4dc80fb2-c4e8-11e6-a0a0-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-12-18 04:22 - 2016-12-18 04:47 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{4dc80fb2-c4e8-11e6-a0a0-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-12-18 04:22 - 2016-12-18 04:47 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{4dc80fb2-c4e8-11e6-a0a0-e8039a4ac700}.TM.blf
2016-12-18 03:11 - 2016-12-18 03:11 - 00000259 _____ C:\Users\Todos os Usuários\fontcacheev1.dat
2016-12-18 03:11 - 2016-12-18 03:11 - 00000259 _____ C:\ProgramData\fontcacheev1.dat
2016-12-18 03:10 - 2016-12-18 03:10 - 00000000 ____D C:\Users\Walter Franklim\AppData\Roaming\Performix LLC
2016-12-18 03:09 - 2016-12-18 04:19 - 00000000 ____D C:\Program Files\Adguard
2016-12-18 03:09 - 2016-12-18 04:14 - 00000000 ____D C:\Users\Todos os Usuários\Adguard
2016-12-18 03:09 - 2016-12-18 04:14 - 00000000 ____D C:\ProgramData\Adguard
2016-12-18 00:37 - 2016-12-18 00:37 - 00007572 _____ C:\Users\Walter Franklim\Downloads\Nando Reis-Pra Voce Guardei O Amor #RLM.MID
2016-12-18 00:33 - 2016-12-18 00:33 - 00784574 _____ C:\Users\Walter Franklim\Downloads\nando_reis_por_onde_andei_MM.mid
2016-12-18 00:27 - 2016-12-18 00:27 - 01413341 _____ C:\Users\Walter Franklim\Downloads\Nando Reis-Pra Voce Guardei O Amor-MM .mid
2016-12-16 18:43 - 2016-12-16 18:43 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\fontconfig
2016-12-16 03:08 - 2016-12-16 03:38 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{e0c4abec-554d-11df-b1a0-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-12-16 03:08 - 2016-12-16 03:38 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{e0c4abec-554d-11df-b1a0-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-12-16 03:08 - 2016-12-16 03:38 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{e0c4abec-554d-11df-b1a0-e8039a4ac700}.TM.blf
2016-12-15 19:34 - 2016-12-24 21:56 - 00000000 ____D C:\Users\Walter Franklim\Desktop\Missa de Natal 2016
2016-12-12 20:43 - 2016-12-24 20:37 - 00000000 ____D C:\Users\Walter Franklim\Desktop\Nova pasta
2016-12-10 14:56 - 2016-12-10 16:27 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{0bcb2fdf-54d6-11df-8344-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-12-10 14:56 - 2016-12-10 16:27 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{0bcb2fdf-54d6-11df-8344-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-12-10 14:56 - 2016-12-10 16:27 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{0bcb2fdf-54d6-11df-8344-e8039a4ac700}.TM.blf
2016-12-10 13:14 - 2016-12-18 02:45 - 00000000 ____D C:\Users\Walter Franklim\AppData\LocalLow\Mozilla
2016-12-07 19:35 - 2016-12-18 04:20 - 00000000 ____D C:\Users\Walter Franklim\Desktop\JOSY PENDRIVE
2016-12-07 12:55 - 2016-12-07 12:55 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{1b490412-bbd6-11e6-a395-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-12-07 12:55 - 2016-12-07 12:55 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{1b490412-bbd6-11e6-a395-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-12-07 12:55 - 2016-12-07 12:55 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{1b490412-bbd6-11e6-a395-e8039a4ac700}.TM.blf
2016-12-07 09:32 - 2016-12-07 09:32 - 00053032 _____ C:\Users\Walter Franklim\Desktop\Musicas de natal - Coral ABRH.pdf
2016-12-06 00:32 - 2016-12-06 00:32 - 04405179 _____ C:\Users\Walter Franklim\Desktop\Missão Um Grande Compromisso.wma
2016-12-06 00:26 - 2016-12-06 00:26 - 00233969 _____ C:\Users\Walter Franklim\Documents\Sem Título.wma
2016-11-30 11:10 - 2016-11-30 11:10 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{a5f79c53-5540-11df-bb40-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-11-30 11:10 - 2016-11-30 11:10 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{a5f79c53-5540-11df-bb40-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-11-30 11:10 - 2016-11-30 11:10 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{a5f79c53-5540-11df-bb40-e8039a4ac700}.TM.blf
2016-11-28 18:35 - 2016-11-28 18:35 - 00002242 _____ C:\Users\Walter Franklim\Desktop\07-01-2017 SILAS E CRIS.lnk
2016-11-28 18:35 - 2016-11-28 18:35 - 00002078 _____ C:\Users\Walter Franklim\Desktop\TRT 11.lnk
2016-11-28 17:50 - 2016-11-28 17:50 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{171bb741-5607-11df-bd15-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-11-28 17:50 - 2016-11-28 17:50 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{171bb741-5607-11df-bd15-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-11-28 17:50 - 2016-11-28 17:50 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{171bb741-5607-11df-bd15-e8039a4ac700}.TM.blf
2016-11-27 16:28 - 2010-05-01 00:54 - 00000000 ____D C:\Users\Walter Franklim\Documents\SelfMV
2016-11-24 17:31 - 2016-11-24 17:31 - 00038508 _____ C:\Users\Walter Franklim\Desktop\PASSARINHO.jpg
2016-11-24 17:23 - 2016-11-24 17:23 - 00683310 _____ C:\Users\Walter Franklim\Desktop\Tribunal-Regional-do-Trabalho-11ª-Região-TJAA-1.pdf
2016-11-24 17:23 - 2016-11-24 17:23 - 00404504 _____ C:\Users\Walter Franklim\Desktop\Tribunal-de-Justiça-Roraima-Técnico-Judiciário.pdf
2016-11-24 13:52 - 2016-11-24 13:52 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{ce7d6070-b269-11e6-b470-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-11-24 13:52 - 2016-11-24 13:52 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{ce7d6070-b269-11e6-b470-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-11-24 13:52 - 2016-11-24 13:52 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{ce7d6070-b269-11e6-b470-e8039a4ac700}.TM.blf
2016-11-24 12:24 - 2016-11-24 13:16 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{19092690-b262-11e6-abfd-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-11-24 12:24 - 2016-11-24 13:16 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{19092690-b262-11e6-abfd-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-11-24 12:24 - 2016-11-24 13:16 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{19092690-b262-11e6-abfd-e8039a4ac700}.TM.blf
2016-11-24 03:22 - 2016-11-24 03:31 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{94b50a2e-b216-11e6-8513-e8039a4ac700}.TMContainer00000000000000000002.regtrans-ms
2016-11-24 03:22 - 2016-11-24 03:31 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{94b50a2e-b216-11e6-8513-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-11-24 03:22 - 2016-11-24 03:31 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{94b50a2e-b216-11e6-8513-e8039a4ac700}.TM.blf
2016-11-23 10:51 - 2017-01-10 18:03 - 37658624 _____ C:\Windows\system32\config\components.iobit
2016-11-23 06:47 - 2017-01-12 03:44 - 02360934 ____H C:\Users\Particular\AppData\Local\IconCache.db
2016-11-22 12:31 - 2016-11-22 12:31 - 00001742 _____ C:\Users\Walter Franklim\Desktop\CASAMENTO.lnk
2016-11-21 16:35 - 2016-11-21 16:53 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{add43383-54e1-11df-b2a2-4245f4e8d3d7}.TMContainer00000000000000000002.regtrans-ms
2016-11-21 16:35 - 2016-11-21 16:53 - 00524288 ___SH C:\Users\Walter Franklim\ntuser.dat{add43383-54e1-11df-b2a2-4245f4e8d3d7}.TMContainer00000000000000000001.regtrans-ms
2016-11-21 16:35 - 2016-11-21 16:53 - 00065536 ___SH C:\Users\Walter Franklim\ntuser.dat{add43383-54e1-11df-b2a2-4245f4e8d3d7}.TM.blf
2016-11-08 11:04 - 2016-11-08 11:04 - 00001742 _____ C:\Users\Walter Franklim\Desktop\CONCURSOS.lnk
2016-11-06 21:49 - 2016-12-18 04:17 - 00000000 ____D C:\Users\Particular\Desktop\Dados anteriores do Firefox
2016-11-04 22:34 - 2013-08-21 00:31 - 00084248 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2016-11-02 20:06 - 2016-11-24 15:04 - 00000000 ____D C:\Program Files\Common Files\Java
2016-11-02 20:05 - 2016-11-02 20:05 - 00000000 ____D C:\Users\Walter Franklim\AppData\Roaming\Sun
2016-11-02 19:58 - 2016-11-02 19:58 - 00737344 _____ (Oracle Corporation) C:\Users\Walter Franklim\Downloads\jxpiinstall.exe
2016-11-02 17:38 - 2016-11-02 17:38 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-11-02 17:37 - 2016-11-02 17:37 - 00000000 ____D C:\Users\Walter Franklim\Documents\samsung
2016-11-02 17:37 - 2016-11-02 17:37 - 00000000 ____D C:\Users\Walter Franklim\AppData\Roaming\Samsung
2016-10-25 16:33 - 2016-10-25 16:33 - 00002440 _____ C:\Users\Walter Franklim\Desktop\música da A.D.lnk
2016-10-24 18:52 - 2014-12-30 12:41 - 03945951 ____N C:\Users\Walter Franklim\Desktop\AUD-20141202-WA0007.mp3
2016-10-23 18:24 - 2016-10-23 21:34 - 00022620 _____ C:\Users\Walter Franklim\Downloads\CANTOS PARA MISSA 13 ANOS.docx
2016-10-21 12:56 - 2016-09-30 17:39 - 00842115 _____ C:\Users\Walter Franklim\Desktop\BODE.mp3
2016-10-20 20:41 - 2016-10-20 20:41 - 00524288 ___SH C:\Windows\system32\config\software{0ce1a53d-9727-11e6-9903-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
2016-10-20 20:41 - 2016-10-20 20:41 - 00524288 ___SH C:\Windows\system32\config\software{0ce1a53d-9727-11e6-9903-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
2016-10-20 20:41 - 2016-10-20 20:41 - 00065536 ___SH C:\Windows\system32\config\software{0ce1a53d-9727-11e6-9903-806e6f6e6963}.TM.blf

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-01-12 06:28 - 2014-09-17 00:34 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-01-12 06:28 - 2014-09-17 00:34 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-12 06:28 - 2013-11-18 18:33 - 00000000 ____D C:\Users\Convidado
2017-01-12 06:28 - 2010-04-30 23:41 - 00000000 ____D C:\Users\Particular
2017-01-12 06:28 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\registration
2017-01-12 04:36 - 2016-10-10 08:36 - 00000300 _____ C:\Windows\Tasks\{26DD22AC-832C-CA2B-0237-6BA87B71D30A}.job
2017-01-12 04:18 - 2016-10-09 22:18 - 00000296 _____ C:\Windows\Tasks\{3EE96778-275A-7B08-C1F3-364E317EC1FF}.job
2017-01-12 04:02 - 2014-04-29 15:54 - 00000318 _____ C:\Windows\Tasks\MySearchDial.job
2017-01-12 04:00 - 2013-12-06 12:00 - 00000318 _____ C:\Windows\Tasks\UpdaterEX.job
2017-01-12 03:55 - 2009-07-14 00:34 - 00029280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-12 03:55 - 2009-07-14 00:34 - 00029280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-12 03:53 - 2010-04-30 23:06 - 01651982 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-12 03:53 - 2009-07-29 14:38 - 00684832 _____ C:\Windows\system32\prfh0416.dat
2017-01-12 03:53 - 2009-07-29 14:38 - 00142354 _____ C:\Windows\system32\prfc0416.dat
2017-01-12 03:53 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\inf
2017-01-12 03:46 - 2009-07-14 00:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-12 02:30 - 2013-11-14 02:39 - 00000000 ____D C:\Users\Walter Franklim
2017-01-12 00:46 - 2014-02-04 17:50 - 00000000 ____D C:\Users\Todos os Usuários\Baidu Security
2017-01-12 00:46 - 2014-02-04 17:50 - 00000000 ____D C:\ProgramData\Baidu Security
2017-01-11 23:55 - 2013-09-17 20:50 - 00000948 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1000UA.job
2017-01-11 23:11 - 2014-03-17 23:20 - 00000000 ____D C:\Users\Particular\Desktop\KONTAKT
2017-01-11 22:39 - 2016-09-01 02:03 - 00000000 ____D C:\Users\Walter Franklim\Documents\MEGAsync Downloads
2017-01-11 22:17 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\NDF
2017-01-11 20:55 - 2013-09-17 20:50 - 00000926 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1000Core.job
2017-01-11 20:47 - 2016-10-08 15:16 - 00000000 ____D C:\Users\Walter Franklim\AvidLogFiles
2017-01-11 20:25 - 2016-09-01 02:00 - 00000000 ____D C:\Users\Todos os Usuários\MEGAsync
2017-01-11 20:25 - 2016-09-01 02:00 - 00000000 ____D C:\ProgramData\MEGAsync
2017-01-11 18:44 - 2014-07-09 18:00 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2017-01-11 18:44 - 2014-07-09 18:00 - 00000000 ____D C:\ProgramData\ProductData
2017-01-11 14:42 - 2013-09-02 22:50 - 00000000 ____D C:\Users\Todos os Usuários\TEMP
2017-01-11 14:42 - 2013-09-02 22:50 - 00000000 ____D C:\ProgramData\TEMP
2017-01-10 18:03 - 2014-07-16 17:03 - 00962560 _____ C:\Windows\system32\config\default.iobit
2017-01-10 18:03 - 2014-07-16 17:03 - 00106496 _____ C:\Windows\system32\config\sam.iobit
2017-01-10 18:03 - 2014-07-16 17:03 - 00028672 _____ C:\Windows\system32\config\security.iobit
2017-01-10 18:03 - 2014-07-16 17:02 - 78823424 _____ C:\Windows\system32\config\software.iobit
2017-01-10 17:25 - 2014-03-24 13:47 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2017-01-10 17:25 - 2014-03-24 13:47 - 00000000 ____D C:\ProgramData\IObit
2017-01-10 17:25 - 2009-07-14 03:49 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-01-10 00:37 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\AppCompat
2017-01-09 21:08 - 2014-02-10 14:35 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\CrashDumps
2017-01-09 15:40 - 2010-04-30 23:55 - 00144496 _____ C:\Users\Particular\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-06 03:41 - 2013-08-29 14:22 - 00000000 ____D C:\Users\Particular\Desktop\HD EXTERNO
2017-01-06 02:48 - 2016-10-09 21:53 - 00000000 ____D C:\FFOutput
2017-01-05 21:27 - 2010-05-01 10:35 - 00000000 ____D C:\Cakewalk Projects
2017-01-05 15:52 - 2014-10-31 01:39 - 00000000 ____D C:\Users\Walter Franklim\Documents\Bandicam
2017-01-03 12:58 - 2010-05-01 09:39 - 00000000 ____D C:\Users\Particular\AppData\Local\Google
2017-01-03 12:50 - 2014-07-10 11:20 - 00002444 _____ C:\Users\Particular\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2017-01-03 12:50 - 2014-07-10 11:20 - 00000000 ____D C:\Users\Particular\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary
2017-01-02 23:48 - 2016-01-29 15:08 - 00000000 ____D C:\Program Files\GbPlugin
2017-01-02 23:47 - 2016-01-29 15:35 - 00000000 ___HD C:\Program Files\GAS Tecnologia
2017-01-02 23:47 - 2016-01-29 15:35 - 00000000 ____D C:\Program Files\Diebold
2017-01-02 23:47 - 2014-02-22 00:17 - 00000000 ____D C:\Windows\Minidump
2016-12-31 00:30 - 2010-05-01 01:06 - 00524288 ___SH C:\Windows\system32\config\components{6e980e90-54de-11df-9792-e8039a4ac700}.TMContainer00000000000000000001.regtrans-ms
2016-12-31 00:30 - 2010-05-01 01:06 - 00065536 ___SH C:\Windows\system32\config\components{6e980e90-54de-11df-9792-e8039a4ac700}.TM.blf
2016-12-30 18:22 - 2013-10-09 18:39 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
2016-12-30 18:22 - 2013-10-09 18:39 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2016-12-30 07:42 - 2013-11-18 18:33 - 00262144 ___SH C:\Users\Convidado\ntuser.dat.LOG1
2016-12-29 16:54 - 2014-09-13 14:27 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local
2016-12-29 16:54 - 2014-09-13 14:26 - 00000000 ____D C:\Users\Administrador\AppData\Local
2016-12-29 16:35 - 2010-05-01 12:02 - 00001912 _____ C:\Windows\epplauncher.mif
2016-12-29 16:31 - 2013-11-18 04:22 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\Diagnostics
2016-12-29 15:27 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\Microsoft.NET
2016-12-29 15:21 - 2009-07-13 22:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-29 15:21 - 2009-07-13 22:37 - 00000000 ____D C:\Program Files\Common Files
2016-12-29 05:25 - 2009-07-14 00:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-29 01:54 - 2009-07-13 22:37 - 00000000 __RSD C:\Windows\assembly
2016-12-29 01:37 - 2014-03-24 13:46 - 00000000 ____D C:\Program Files\IObit
2016-12-28 12:25 - 2016-06-28 11:19 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\ElevatedDiagnostics
2016-12-26 00:27 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\winsxs
2016-12-26 00:21 - 2013-08-28 06:00 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-26 00:18 - 2014-02-16 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-12-26 00:18 - 2014-02-16 22:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-12-24 03:26 - 2016-06-30 12:20 - 00000000 ____D C:\Users\Walter Franklim\AppData\Roaming\dvdcss
2016-12-24 03:02 - 2014-03-02 12:37 - 00000000 ____D C:\Users\Walter Franklim\AppData\Roaming\uTorrent
2016-12-24 02:12 - 2014-03-26 16:09 - 00000000 ___RD C:\Program Files\Skype
2016-12-24 02:12 - 2014-03-26 16:09 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-12-24 02:12 - 2014-03-26 16:09 - 00000000 ____D C:\ProgramData\Skype
2016-12-24 02:12 - 2013-08-28 06:00 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-12-24 02:12 - 2010-04-30 23:33 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-12-24 02:12 - 2010-04-30 23:33 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-24 02:10 - 2010-04-30 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-24 02:10 - 2010-04-30 23:11 - 00000000 ____D C:\Program Files\WinRAR
2016-12-24 00:20 - 2013-11-14 02:39 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\Microsoft Help
2016-12-24 00:00 - 2016-10-09 22:15 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-12-24 00:00 - 2016-10-09 22:15 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-12-23 23:57 - 2009-07-14 00:33 - 00534168 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-23 23:42 - 2013-12-30 22:26 - 00000000 ____D C:\Users\Todos os Usuários\baidu
2016-12-23 23:42 - 2013-12-30 22:26 - 00000000 ____D C:\ProgramData\baidu
2016-12-23 23:15 - 2013-11-14 02:40 - 00000000 ___RD C:\Users\Walter Franklim\Searches
2016-12-23 23:08 - 2013-11-14 02:39 - 00000000 ___SD C:\Users\Walter Franklim\AppData\Roaming\Microsoft
2016-12-23 22:28 - 2013-11-14 02:39 - 00000000 ___RD C:\Users\Walter Franklim\Links
2016-12-23 22:28 - 2009-07-13 22:37 - 00000000 ___RD C:\Users\Default\Links
2016-12-23 22:28 - 2009-07-13 22:37 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-23 22:28 - 2009-07-13 22:37 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-23 22:28 - 2009-07-13 22:37 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-23 22:27 - 2010-04-30 23:21 - 00000000 ____D C:\Program Files\Microsoft.NET
2016-12-23 17:58 - 2010-04-30 23:19 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-12-23 17:58 - 2010-04-30 23:19 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-23 17:56 - 2009-07-14 03:50 - 00000000 ____D C:\Windows\ShellNew
2016-12-23 17:53 - 2009-07-13 22:37 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-23 17:53 - 2009-07-13 22:04 - 00000489 _____ C:\Windows\win.ini
2016-12-23 17:49 - 2013-11-14 02:39 - 00000000 ___HD C:\Users\Walter Franklim\AppData
2016-12-23 16:01 - 2014-03-24 13:46 - 00000000 ____D C:\Users\Walter Franklim\AppData\Roaming\IObit
2016-12-23 15:09 - 2015-07-30 18:41 - 00088851 _____ C:\Windows\system32\HWLook.log
2016-12-23 05:45 - 2009-07-14 00:52 - 00000000 ____D C:\Program Files\MSBuild
2016-12-23 05:06 - 2016-10-07 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2016-12-23 04:20 - 2014-02-12 19:23 - 00000000 ____D C:\Windows\system32\RTCOM
2016-12-23 04:11 - 2015-06-05 15:52 - 00000000 ____D C:\Program Files\VS Revo Group
2016-12-23 04:07 - 2010-05-01 00:06 - 00109648 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2016-12-23 03:36 - 2016-10-02 21:00 - 00000000 ____D C:\Program Files\Common Files\IObit
2016-12-23 01:24 - 2013-11-14 02:39 - 00000000 ____D C:\Users\Walter Franklim\AppData\LocalLow
2016-12-23 01:23 - 2014-03-02 12:39 - 00002674 _____ C:\Users\Walter Franklim\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-12-22 11:20 - 2014-02-12 16:14 - 00000000 ____D C:\Users\Walter Franklim\Documents\VirtualDJ
2016-12-22 11:19 - 2014-10-30 13:38 - 00000000 ____D C:\Users\Particular\AppData\Local\CUSTPDF Writer
2016-12-22 11:19 - 2014-09-01 14:15 - 00000000 ____D C:\Users\Particular\Documents\VirtualDJ
2016-12-22 11:19 - 2014-03-02 12:36 - 00000000 ____D C:\Users\Particular\AppData\Roaming\uTorrent
2016-12-22 11:19 - 2010-05-01 00:01 - 00000000 ____D C:\Users\Convidado\AppData\Local\CrashDumps
2016-12-22 11:19 - 2010-04-30 23:41 - 00000000 ___RD C:\Users\Particular\Videos
2016-12-22 11:19 - 2010-04-30 23:41 - 00000000 ___RD C:\Users\Particular\Pictures
2016-12-22 11:19 - 2010-04-30 23:41 - 00000000 ___RD C:\Users\Particular\Documents
2016-12-22 10:44 - 2010-04-30 23:41 - 00000000 ____D C:\Users\Particular\AppData\Roaming
2016-12-22 10:31 - 2013-11-10 17:15 - 00000000 ____D C:\Program Files\Samsung
2016-12-22 10:30 - 2013-11-10 17:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-12-22 00:15 - 2014-07-09 17:55 - 00000000 ____D C:\Users\Walter Franklim\AppData\LocalLow\IObit
2016-12-22 00:15 - 2014-02-12 17:20 - 00000000 ____D C:\Program Files\ma-config.com
2016-12-22 00:15 - 2009-07-13 22:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-12-21 19:33 - 2009-07-13 22:03 - 00262144 ____H C:\Windows\system32\config\SYSTEM.LOG2
2016-12-21 16:21 - 2016-01-27 00:00 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\Mozilla
2016-12-19 18:39 - 2015-07-24 15:13 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1003UA.job
2016-12-19 18:39 - 2015-07-24 15:13 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240237904-3152138187-639416452-1003Core.job
2016-12-19 18:06 - 2014-02-12 17:20 - 00000000 ____D C:\Users\Todos os Usuários\ma-config.com
2016-12-19 18:06 - 2014-02-12 17:20 - 00000000 ____D C:\ProgramData\ma-config.com
2016-12-19 17:18 - 2010-05-01 00:06 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-12-19 16:53 - 2013-11-21 21:50 - 00000000 ____D C:\Users\Walter Franklim\AppData\Local\CodecDecoder
2016-12-18 04:47 - 2010-05-01 11:55 - 00000000 ____D C:\Program Files\Google
2016-12-18 04:20 - 2016-03-24 15:15 - 00000000 ____D C:\Users\Walter Franklim\AppData\Roaming\vlc
2016-12-18 04:19 - 2016-03-24 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-12-18 04:19 - 2015-10-24 00:33 - 00000000 ____D C:\Program Files\Canon
2016-12-18 04:19 - 2013-11-18 18:33 - 00000000 ___RD C:\Users\Convidado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-18 04:19 - 2010-05-01 15:42 - 00000000 ____D C:\Program Files\ASIO4ALL v2
2016-12-18 02:27 - 2016-02-07 21:34 - 00524288 ___SH C:\Windows\system32\config\components{a6653b44-ce03-11e5-86d8-e81132b1f6c5}.TMContainer00000000000000000002.regtrans-ms
2016-12-18 02:27 - 2016-02-07 21:34 - 00065536 ___SH C:\Windows\system32\config\components{a6653b44-ce03-11e5-86d8-e81132b1f6c5}.TM.blf
2016-12-16 03:06 - 2016-10-07 02:45 - 00000000 ____D C:\Users\Walter Franklim\AppData\Roaming\Audacity
2016-12-16 03:06 - 2014-08-10 04:16 - 00000000 ____D C:\Users\Walter Franklim\AppData\Roaming\ProductData
2016-12-16 03:05 - 2013-12-30 22:26 - 00000000 ____D C:\Program Files\Baidu Security

==================== Arquivos na raiz de alguns diretórios =======

2016-10-10 08:36 - 2016-10-10 08:36 - 0018202 _____ () C:\Users\Walter Franklim\AppData\Roaming\Dapagahep
2014-04-01 13:34 - 2014-04-01 13:35 - 0000348 _____ () C:\Users\Walter Franklim\AppData\Roaming\FileShred.log
2016-10-09 22:18 - 2016-10-09 22:18 - 0020324 _____ () C:\Users\Walter Franklim\AppData\Roaming\Fitap
2013-12-30 20:00 - 2016-10-10 01:18 - 0000205 _____ () C:\Users\Walter Franklim\AppData\Roaming\WB.CFG
2015-07-27 06:55 - 2010-05-01 03:04 - 0007636 _____ () C:\Users\Walter Franklim\AppData\Local\Resmon.ResmonCfg
2015-06-22 14:39 - 2015-06-22 14:39 - 0000000 _____ () C:\Users\Walter Franklim\AppData\Local\Temp.dat
2015-03-15 17:27 - 2015-03-15 17:27 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-02-12 19:24 - 2014-02-12 19:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-28 15:57 - 2016-06-28 11:58 - 0014501 _____ () C:\ProgramData\Duplicaterecord.js
2013-11-22 07:40 - 2013-11-22 07:40 - 0170344 _____ (Baidu, Inc.) C:\ProgramData\FileSplitUpLoad.dll
2016-12-18 03:11 - 2016-12-18 03:11 - 0000259 _____ () C:\ProgramData\fontcacheev1.dat
2015-12-19 03:32 - 2015-12-19 03:32 - 0225053 _____ () C:\ProgramData\XVOMGHUQBJVOUWPAWOD.dat

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\Duplicaterecord.js
C:\ProgramData\FileSplitUpLoad.dll
C:\ProgramData\fontcacheev1.dat
C:\ProgramData\XVOMGHUQBJVOUWPAWOD.dat
C:\Users\Todos os Usuários\Duplicaterecord.js
C:\Users\Todos os Usuários\FileSplitUpLoad.dll
C:\Users\Todos os Usuários\fontcacheev1.dat
C:\Users\Todos os Usuários\XVOMGHUQBJVOUWPAWOD.dat
C:\Windows\Tasks\{26DD22AC-832C-CA2B-0237-6BA87B71D30A}.job
C:\Windows\Tasks\{3EE96778-275A-7B08-C1F3-364E317EC1FF}.job


==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2017-01-03 01:59

==================== Fim de FRST.txt ============================

Publicité

Signaler le contenu de ce document

Publicité