Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 22-01-2017
Executado por Windows (administrador) em CLIENTE (24-01-2017 13:09:02)
Executando a partir de C:\Users\Windows\Downloads
Perfis Carregados: Windows (Perfis Disponíveis: Windows)
Platform: Windows 8.1 Enterprise (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\KMS-R@1n.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TweakBit) C:\Program Files (x86)\TweakBit\FixMyPC\FixMyPC.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(DLL-Files.com Client ) C:\Users\Windows\Downloads\clientsetup_d-0.exe
() C:\Users\Windows\AppData\Local\Temp\is-2MOP4.tmp\clientsetup_d-0.tmp
(DLL-Files.com Client ) C:\Users\Windows\Downloads\clientsetup_d-0.exe
() C:\Users\Windows\AppData\Local\Temp\is-4SIH9.tmp\clientsetup_d-0.tmp
(Microsoft Corporation) C:\Windows\System32\Dism.exe
(Microsoft Corporation) C:\Users\Windows\AppData\Local\Temp\F32CEF20-D822-42E7-BB83-CA446C2CD9C4\DismHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-12] (AVAST Software)
HKLM-x32\...\RunOnce: [Fafagefirife] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Windows\AppData\Roaming\Sebetacan"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2417617235-4106719252-2122872377-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-2417617235-4106719252-2122872377-1001\...\Run: [Chromium] => c:\users\windows\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-12] (AVAST Software)
GroupPolicy: Restrição <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{C56EF7A1-612C-4AF2-AD0F-D4AE2CFC6E8C}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{C90CE4AE-50A2-4106-9559-10E9762EB9E6}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise
HKU\S-1-5-21-2417617235-4106719252-2122872377-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2417617235-4106719252-2122872377-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2417617235-4106719252-2122872377-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-01-24] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-01-21] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-01-24] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-12-12] (AVAST Software)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-24] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-24] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-24] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-24] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-24] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-12]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-21] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [1999-12-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [1999-12-31] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-01-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-01-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default [2017-01-24]
CHR Extension: (Google Docs) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-12]
CHR Extension: (Google Drive) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-12]
CHR Extension: (YouTube) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-12]
CHR Extension: (Documentos Google off-line) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-12]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-23]
CHR Extension: (Search Manager) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2017-01-24]
CHR Extension: (Gmail) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-12]
CHR Extension: (Chrome Media Router) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2417617235-4106719252-2122872377-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-12] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3020992 2016-12-28] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 1999-12-31] (Intel Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-12-12] () [Arquivo não assinado]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-12-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-12-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-12-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-12-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-12-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-12-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-12-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-12-12] (AVAST Software)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 1999-12-31] (Intel Corporation)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16056 2016-12-12] (SlimWare Utilities, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
========================== MD5 dos Drivers =======================
C:\Windows\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1
C:\Windows\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1
C:\Windows\System32\drivers\ACPI.sys E19D921EBBD1A2CA4C48D7B5F1685B30
C:\Windows\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813
C:\Windows\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F
C:\Windows\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65
C:\Windows\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7
C:\Windows\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD
C:\Windows\system32\drivers\afd.sys 239268BAB58EAE9A3FF4E08334C00451
C:\Windows\System32\drivers\agp440.sys 7DFAEBA9AD62D20102B576D5CAC45EC8
C:\Windows\System32\DRIVERS\ahcache.sys 8E8E34B7BA059050EED827410D0697A2
C:\Windows\System32\drivers\amdk8.sys 7589DE749DB6F71A68489DCE04158729
C:\Windows\System32\drivers\amdppm.sys B46D2D89AFF8A9490FA8C98C7A5616E3
C:\Windows\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2
C:\Windows\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E
C:\Windows\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50
C:\Windows\system32\drivers\appid.sys 04951A9A937CBE28A2D3FEEA360B6D1F
C:\Windows\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B
C:\Windows\system32\drivers\aswHwid.sys 9B480B472D6826E7257C90E2D0EE2954
C:\Windows\system32\drivers\aswMonFlt.sys 1BB00571CC2C78463ABD7E9C32970758
C:\Windows\system32\drivers\aswRdr2.sys 7010B57D708DA5C9686A5923EE621776
C:\Windows\System32\Drivers\aswRvrt.sys 937885085BFE5BD08EC1BC0245DD203B
C:\Windows\system32\drivers\aswSnx.sys 0B6352251C5D84130DF4252D33D266C2
C:\Windows\system32\drivers\aswSP.sys 28213B34725B18387CC1B8C3D73858A1
C:\Windows\system32\drivers\aswStm.sys 9C58B6E9663D0A76D00D83E43C765BDF
C:\Windows\System32\Drivers\aswVmm.sys D60D9201739400F0FBDB9E36A3212D91
C:\Windows\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD
C:\Windows\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF
C:\Windows\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68
C:\Windows\System32\drivers\BasicRender.sys 2748E116F8621A4DB0D39FCDD7318C01
C:\Windows\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21
C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6
C:\Windows\System32\DRIVERS\bowser.sys 6B4FFFDDC618FCF64473CAA86E305697
C:\Windows\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7
C:\Windows\System32\drivers\bthhfenum.sys 746B9F94214915AECDE4B7FEA5FF9664
C:\Windows\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07
C:\Windows\System32\drivers\bthmodem.sys 07E33226AD218A2A162662A05CAFB52F
C:\Windows\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9
C:\Windows\System32\drivers\cdrom.sys C6796EA22B513E3457514D92DCDB1A3D
C:\Windows\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B
C:\Windows\System32\drivers\CLFS.sys B8B663BE41827211737F627473D6D192
C:\Windows\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB
C:\Windows\System32\Drivers\cng.sys 825BE21E6395E00698D8A23955A87972
C:\Windows\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905
C:\Windows\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2
C:\Windows\System32\drivers\csc.sys EE2F3C0D6ADBC975D6B621EC15ACF4E2
C:\Windows\System32\drivers\dam.sys 315BA4BC19316D72B2E037534E048B93
C:\Windows\System32\Drivers\dfsc.sys 5DB26D7E0216D0BF364A81D3829AD7B9
C:\Windows\System32\drivers\disk.sys 4D40C9B33F738797CF50E77CB7C53E85
C:\Windows\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F
C:\Windows\system32\drivers\drmkaud.sys DDC11A202207C0400CBE07315B8FDE5E
C:\Windows\System32\drivers\dxgkrnl.sys AEAB1924098DB538784C1D2B268FF0C9
C:\Windows\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D
C:\Windows\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9
C:\Windows\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B
C:\Windows\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3
C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4
C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B
C:\Windows\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B
C:\Windows\System32\drivers\fileinfo.sys 957A7A8F5ACCAF23DD9DFF6DAA393CE5
C:\Windows\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF
C:\Windows\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A
C:\Windows\System32\drivers\fltmgr.sys 60D5067FCE6D9433D35E04C01D8538B3
C:\Windows\System32\drivers\FsDepends.sys 35005534E600E993A90B036E4E599F2B
C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42
C:\Windows\System32\DRIVERS\fvevol.sys 83E1F0983B02A6F8EC764D18E24ECF10
C:\Windows\System32\drivers\fxppm.sys 9591D0B9351ED489EAFD9D1CE52A8015
C:\Windows\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA
C:\Windows\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1
C:\Windows\System32\Drivers\msgpioclx.sys FDA72810CA2F8409D9B31E833C448E34
C:\Windows\system32\drivers\HdAudio.sys 56F69F7C25FB67C970997D7066DBC593
C:\Windows\System32\drivers\HDAudBus.sys 03909BDBFF0DCACCABF2B2D4ADEE44DC
C:\Windows\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906
C:\Windows\System32\drivers\hidbth.sys 1EA1B4FABB8CC348E73CA90DBA22E104
C:\Windows\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17
C:\Windows\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95
C:\Windows\System32\drivers\hidusb.sys F31397220D9687E11EB448649AA6E038
C:\Windows\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D
C:\Windows\System32\drivers\HTTP.sys 3502776E366C913D49C0DA928AE3E6CB
C:\Windows\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F
C:\Windows\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1
C:\Windows\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25
C:\Windows\System32\drivers\i8042prt.sys 84CFC5EFA97D0C965EDE1D56F116A541
C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05
C:\Windows\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C
C:\Windows\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC
C:\Windows\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2
C:\Windows\system32\DRIVERS\igdkmd64.sys 79AE3CC82CA1563A4B392207997ACE7C
C:\Windows\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157
C:\Windows\System32\drivers\intelpep.sys A2B6215E54075A936E5B424ABCD1323E
C:\Windows\System32\drivers\intelppm.sys 47E74A8E53C7C24DCE38311E1451C1D9
C:\Windows\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514
C:\Windows\System32\drivers\IPMIDrv.sys 9949A3C7590B8C536C05312205079A82
C:\Windows\System32\drivers\ipnat.sys E23D32BAF152FBE35F18C6A2AB8EF271
C:\Windows\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97
C:\Windows\System32\drivers\isapnp.sys 8AFEEA3955AA43616A60F133B1D25F21
C:\Windows\System32\drivers\msiscsi.sys 034D4BD9DC67C64F3A4C8A049B5173BF
C:\Windows\System32\drivers\kbdclass.sys 8BE92376799B6B44D543E8D07CDCF885
C:\Windows\System32\drivers\kbdhid.sys FB6E47E569D4872ABEB506BE03A45FBA
C:\Windows\System32\drivers\kbldfltr.sys DB7A09BC90DF20F44F16F8B0F9ED3491
C:\Windows\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05
C:\Windows\System32\Drivers\ksecdd.sys ADDECBCC777665BD113BED437E602AB0
C:\Windows\System32\Drivers\ksecpkg.sys 7296EA420134EAC390798B3232D066A4
C:\Windows\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F
C:\Windows\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8
C:\Windows\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC
C:\Windows\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141
C:\Windows\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191
C:\Windows\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C
C:\Windows\system32\drivers\luafv.sys 5EF604B0698F4FA962778285E8C5F1F2
C:\Windows\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F
C:\Windows\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363
C:\Windows\system32\DRIVERS\TeeDriverx64.sys EB1D78140D6634C32A46AB1006105EDC
C:\Windows\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378
C:\Windows\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9
C:\Windows\System32\drivers\mouclass.sys CEAC6D40FE887CE8406C2393CF97DE06
C:\Windows\System32\drivers\mouhid.sys 02D98BF804084E9A0D69D1C69B02CCA9
C:\Windows\System32\drivers\mountmgr.sys 515549560D481138E6E21AF7C6998E56
C:\Windows\System32\drivers\mpsdrv.sys F170510BE94CF45E3C6274578F6204B2
C:\Windows\system32\drivers\mrxdav.sys 59DCEC7499095DE5AED741358037AE2D
C:\Windows\System32\DRIVERS\mrxsmb.sys 6129EDB793A4255B1E2FB41773AC9D9A
C:\Windows\System32\DRIVERS\mrxsmb10.sys 295771B092D4F7FCF2B62F80CCD14320
C:\Windows\System32\DRIVERS\mrxsmb20.sys AAF56E4E84D35411B4E446C445732DFE
C:\Windows\system32\DRIVERS\bridge.sys 4E888019078AC363076A5433E89AA4F8
C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08
C:\Windows\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD
C:\Windows\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31
C:\Windows\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA
C:\Windows\System32\drivers\msisadrv.sys 36D92AF3343C3A3E57FEF11C449AEA4C
C:\Windows\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D
C:\Windows\system32\DRIVERS\mslldp.sys 375E44168F2DFB91A68B8A3F619C5A7C
C:\Windows\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6
C:\Windows\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8
C:\Windows\System32\Drivers\MsRPC.sys BBE2A455053E63BECBF42C2F9B21FAE0
C:\Windows\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E
C:\Windows\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2
C:\Windows\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E
C:\Windows\System32\Drivers\mup.sys 619CA29326B82372621DB2C0964D8365
C:\Windows\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F
C:\Windows\system32\DRIVERS\nwifi.sys CF8B989D89D6807B887690F2CF24EFD9
C:\Windows\System32\drivers\ndis.sys AD9086052A5E5153AF43FE74138A4B27
C:\Windows\system32\DRIVERS\ndiscap.sys C6BB12BC35D1637CA17AE16D3A4725EB
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 9F1DA20E943BE7AA4ED5F3E1EBA78B37
C:\Windows\system32\DRIVERS\ndistapi.sys 9423421E735BD5394351E0C47C76BB92
C:\Windows\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59
C:\Windows\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\System32\Drivers\NDProxy.sys A5BD69A8812FA79D1A487691DD3FB244
C:\Windows\System32\drivers\Ndu.sys 5A072F0B90C29C5233D78BE33EF5ED78
C:\Windows\System32\DRIVERS\netbios.sys A83D67D347A684F10B7D3019C8A6380C
C:\Windows\System32\DRIVERS\netbt.sys 0217532E19A748F0E5D569307363D5FD
C:\Windows\system32\DRIVERS\netr28ux.sys 91307C4F3AA4E42404BC4F513CCD5430
C:\Windows\system32\DRIVERS\netvsc63.sys 70414DB660BFBB7BD58FCE8EA4364E1B
C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351
C:\Windows\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC
C:\Windows\System32\drivers\nsiproxy.sys E490B459978CB87779E84C761D22B827
C:\Windows\System32\Drivers\Ntfs.sys 725EF69B2DBEB7B33280019A556201BC
C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904
C:\Windows\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8
C:\Windows\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E
C:\Windows\System32\drivers\nv_agp.sys 6934A936A7369DFE37B7DBA93F5E5E49
C:\Windows\System32\drivers\parport.sys 764B1121867B2D9B31C491668AC72B2B
C:\Windows\System32\drivers\partmgr.sys EF0C1749C9A8CEE9A457473D433CC00F
C:\Windows\System32\drivers\pci.sys C0D3F3BC1C84B4BA746D9847314C1164
C:\Windows\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4
C:\Windows\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397
C:\Windows\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D
C:\Windows\System32\drivers\pdc.sys E170103E68329E9154A5EC383CD253ED
C:\Windows\System32\drivers\peauth.sys BA50CC0BD19004AAB88BE37338B6FA0D
C:\Windows\System32\drivers\processr.sys ECD373F9571C745894367CC2635EA44F
C:\Windows\system32\DRIVERS\pacer.sys 8528BB05E4D4E25945F78B00B2555FB7
C:\Windows\system32\drivers\qwavedrv.sys 3FB466684609A4329858CF2EBD62E0FD
C:\Windows\System32\DRIVERS\rasacd.sys 2C56F0EE27E4EF70CA4B4983D3638905
C:\Windows\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A
C:\Windows\System32\DRIVERS\rdbss.sys B939A2A0F9D6C6C186721E268EB6FA93
C:\Windows\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32
C:\Windows\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF
C:\Windows\System32\drivers\rdpvideominiport.sys 858776908AF838E3790F3261B799CDA6
C:\Windows\System32\drivers\rdyboost.sys 06250FF7F8E5F98DAA6F2D6251B1694E
C:\Windows\System32\Drivers\ReFS.sys 036746D54347FD2D0385668E2A4064E4
C:\Windows\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC
C:\Windows\system32\DRIVERS\Rt630x64.sys 19764658C1468C2C0CEF133D28414A6B
C:\Windows\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0
C:\Windows\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7
C:\Windows\System32\DRIVERS\scfilter.sys ABD0237B15DBD2B4695F4B7D734A58F7
C:\Windows\System32\drivers\sdbus.sys 2F9A3380B8C0380E5608E29C7AA66899
C:\Windows\System32\drivers\sdstor.sys 4EAF4DCF9DBD9A56952A58F56D61C005
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 é legítimo
C:\Windows\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89
C:\Windows\System32\drivers\SerCx2.sys 53BDBF04ECAF943CBF6359E3BCB2445E
C:\Windows\System32\drivers\serenum.sys 3CD600C089C1251BEEB4CD4CD5164F9E
C:\Windows\System32\drivers\serial.sys D864381BC9C725FAB01D94C060660166
C:\Windows\System32\drivers\sermouse.sys 0BD2B65DCE756FDE95A2E5CCCBF7705D
C:\Windows\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764
C:\Windows\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F
C:\Windows\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F
C:\Windows\System32\drivers\spaceport.sys 2150AAB8CD16876AE6DBDDDCC9ED740C
C:\Windows\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34
C:\Windows\System32\DRIVERS\srv.sys CD7534BA5BA92086B1BC10ADF880FC49
C:\Windows\System32\DRIVERS\srv2.sys C1AE59C0B0817236EC083A91C396005A
C:\Windows\System32\DRIVERS\srvnet.sys 77195C32175FC63D6054EBA5A066D727
C:\Windows\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B
C:\Windows\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90
C:\Windows\System32\DRIVERS\vmstorfl.sys 7A08CEE1535F5A448215634C5EA74E50
C:\Windows\System32\drivers\stornvme.sys D57AEE34C7C0DD1DC8B6B54B7A89649C
C:\Windows\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F
C:\Windows\System32\drivers\storvsp.sys 03618F935379614837F915D04C45FC0E
C:\Windows\system32\DRIVERS\SWDUMon.sys 98E8C921F7F17F113AAA128EC7310213
C:\Windows\System32\drivers\swenum.sys 84E0F5D41C138C5CC975137A2A98F6D3
C:\Windows\System32\drivers\Synth3dVsc.sys 25F0DA8E7F26416FDB5D77592B5C1A8B
C:\Windows\System32\drivers\tcpip.sys ECC68BD5347BDE9631EE68274858A41F
C:\Windows\system32\DRIVERS\tcpip.sys ECC68BD5347BDE9631EE68274858A41F
C:\Windows\System32\drivers\tcpipreg.sys 33A7D83EEB15431773A6E186CFAABA21
C:\Windows\system32\DRIVERS\tdx.sys FFF28F9F6823EB1756C60F1649560BBF
C:\Windows\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431
C:\Windows\system32\drivers\tpm.sys 82F909359600D3603FE852DB7F135626
C:\Windows\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93
C:\Windows\System32\drivers\TsUsbGD.sys E0088068DCE2EE82897027DDB8E05254
C:\Windows\System32\drivers\tsusbhub.sys 4A445D5E44CD996D18E128EF321D54B2
C:\Windows\system32\DRIVERS\tunnel.sys C8E0E78B5D284C2FF59BDFFDAF997242
C:\Windows\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54
C:\Windows\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B
C:\Windows\System32\drivers\ucx01000.sys 5D1B430EA11064C56E7C8F84B90DEB6A
C:\Windows\System32\DRIVERS\udfs.sys 1EC649F112896FAE33250F0B97AC5D0B
C:\Windows\System32\drivers\UEFI.sys 9578691F297E1B1F519970FE6D47CB21
C:\Windows\System32\drivers\uliagpkx.sys 5EAB5117DDB24FC4D39E6FFFCF1837B9
C:\Windows\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034
C:\Windows\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E
C:\Windows\System32\drivers\usbccgp.sys 3432E857B8EC1C1316AB098F2BCCDFB6
C:\Windows\System32\drivers\usbcir.sys B3D6457D841A0CAEF4C52D88621715F2
C:\Windows\System32\drivers\usbehci.sys 5477D6E27C7D266EF8C152B9A25ADE5E
C:\Windows\System32\drivers\usbhub.sys DF56C2C04EFA328D7A66B69007130266
C:\Windows\System32\drivers\UsbHub3.sys C0E33820326199CE3CFD3B9F27F81D99
C:\Windows\System32\drivers\usbohci.sys 3019097FB6C985EF24C058090FF3BDBD
C:\Windows\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C
C:\Windows\system32\DRIVERS\usbscan.sys F04D164C4168701A4E7835607722E5F1
C:\Windows\System32\drivers\USBSTOR.SYS B1230E9813B5C7E762DF27756AA23917
C:\Windows\System32\drivers\usbuhci.sys BA4FA655E0FC577DB7436FC963932CE4
C:\Windows\System32\drivers\USBXHCI.SYS BCD8FC0A47AA31889C94168A4E56BB26
C:\Windows\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562
C:\Windows\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD
C:\Windows\System32\drivers\vhdmp.sys 041D3EF364E624DBB2703A64A5AADF89
C:\Windows\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199
C:\Windows\System32\drivers\Vid.sys 3CE922E34DB12D9F3C0EA856BC09687C
C:\Windows\System32\drivers\vmbus.sys C6305BDFC4F7CE51F72BB072C03D4ACE
C:\Windows\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F
C:\Windows\System32\drivers\vmbusr.sys 68F8C26DEA2D42E8DEC0778943433C80
C:\Windows\System32\drivers\volmgr.sys 55D7D963DE85162F1C49721E502F9744
C:\Windows\System32\drivers\volmgrx.sys CCB9E901F7254BF96D28EB1B0E5329B7
C:\Windows\System32\drivers\volsnap.sys C85C075DE5B6D0FE116043054DE8EE02
C:\Windows\System32\drivers\vpci.sys 01355C98B5C3ED1EC446743CDA848FCE
C:\Windows\System32\drivers\vpcivsp.sys ADBE96C33D1A5BB1BBAF90B4BC84F523
C:\Windows\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07
C:\Windows\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B
C:\Windows\System32\drivers\vwifibus.sys BE970C369E43B509C1EDA2B8FA7CECB0
C:\Windows\system32\DRIVERS\vwififlt.sys 6B26AD573CCDD5209DF4397438B76354
C:\Windows\system32\DRIVERS\vwifimp.sys 0B48E0DFB44EE475F4FD8A8EE599AF30
C:\Windows\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B
C:\Windows\system32\drivers\WdBoot.sys 694B28DE12AD47031FFB4B052662131A
C:\Windows\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D
C:\Windows\system32\drivers\WdFilter.sys 0B99529A3BECC3528D865DDECB62503B
C:\Windows\System32\Drivers\WdNisDrv.sys 282E7D46310338FF4A6B7680440EB0DA
C:\Windows\System32\DRIVERS\wfplwfs.sys 2E3E82D7B1076B90F4E228A8EF17B261
C:\Windows\System32\drivers\wimmount.sys 867BCC69ED9C31C501465EB0E8BA9DFA
C:\Windows\system32\DRIVERS\WinUsb.sys AC263C2F66405589528995AA41040599
C:\Windows\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128
C:\Windows\System32\DRIVERS\wpcfltr.sys E746BCDBA2E02CF6B8D6B26FB167FBE0
C:\Windows\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A
C:\Windows\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572
C:\Windows\System32\drivers\WSDPrint.sys F586F3F1BF962FE9AE4316E0D896B22F
C:\Windows\System32\drivers\WSDScan.sys D38297814FB6E33655342D869996E617
C:\Windows\System32\drivers\WudfPf.sys 2FEAE33E9B2B56104596E1BA444405A9
C:\Windows\System32\drivers\WUDFRd.sys 19240C13F526125554B5370566F21A0A
C:\Windows\System32\drivers\WUDFRd.sys 19240C13F526125554B5370566F21A0A
C:\Windows\system32\DRIVERS\WUDFRd.sys 19240C13F526125554B5370566F21A0A
C:\Windows\system32\DRIVERS\WUDFRd.sys 19240C13F526125554B5370566F21A0A
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-24 13:05 - 2017-01-24 13:07 - 00017657 _____ C:\Users\Windows\Downloads\Addition.txt
2017-01-24 13:04 - 2017-01-24 13:09 - 00041147 _____ C:\Users\Windows\Downloads\FRST.txt
2017-01-24 13:04 - 2017-01-24 13:09 - 00000000 ____D C:\FRST
2017-01-24 13:03 - 2017-01-24 13:04 - 02420736 _____ (Farbar) C:\Users\Windows\Downloads\FRST64.exe
2017-01-24 13:00 - 2017-01-24 13:01 - 01762816 _____ (Farbar) C:\Users\Windows\Downloads\FRST.exe
2017-01-24 12:56 - 2017-01-24 12:56 - 02729024 _____ (DLL-Files.com Client ) C:\Users\Windows\Downloads\clientsetup_d-0.exe
2017-01-24 12:54 - 2017-01-24 12:54 - 00001142 _____ C:\Users\Windows\Desktop\TweakBit FixMyPC.lnk
2017-01-24 12:54 - 2017-01-24 12:54 - 00000000 ____D C:\Windows\System32\Tasks\TweakBit
2017-01-24 12:54 - 2017-01-24 12:54 - 00000000 ____D C:\Users\Todos os Usuários\TweakBit
2017-01-24 12:54 - 2017-01-24 12:54 - 00000000 ____D C:\ProgramData\TweakBit
2017-01-24 12:54 - 2017-01-24 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2017-01-24 12:54 - 2017-01-24 12:54 - 00000000 ____D C:\Program Files (x86)\TweakBit
2017-01-24 12:51 - 2017-01-24 12:51 - 00407784 _____ (TweakBit) C:\Users\Windows\Downloads\fix_api-ms-win-crt-runtime-l1-1-0.dll-setup.exe
2017-01-24 11:33 - 2017-01-24 11:34 - 00000000 ____D C:\Users\Windows\Desktop\ACERTOS NO COMUPADOR 03 A-L
2017-01-24 11:21 - 2017-01-24 11:21 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-01-23 19:01 - 2017-01-23 19:01 - 00185910 _____ C:\Users\Windows\Downloads\TRANSP. ADALBERTO.PDF
2017-01-23 18:59 - 2017-01-23 18:59 - 00185326 _____ C:\Users\Windows\Downloads\TRANSP. OUMIRANDO (1).PDF
2017-01-23 18:57 - 2017-01-23 18:57 - 00241436 _____ C:\Users\Windows\Downloads\AVULSA OUMIRANDO.PDF
2017-01-23 18:57 - 2017-01-23 18:57 - 00184424 _____ C:\Users\Windows\Downloads\TRANSP. ANTONIO.PDF
2017-01-23 18:56 - 2017-01-23 18:56 - 00185326 _____ C:\Users\Windows\Downloads\TRANSP. OUMIRANDO.PDF
2017-01-23 18:53 - 2017-01-23 18:53 - 01016421 _____ C:\Users\Windows\Downloads\fwdnotasavulsasedetransportecarretojuniorembarque.zip
2017-01-23 18:44 - 2017-01-23 18:44 - 00000042 _____ C:\Users\Windows\AppData\Roaming\WB.CFG
2017-01-21 13:13 - 2017-01-24 12:32 - 00000294 _____ C:\Windows\Tasks\{2552C55B-39EB-4E65-860D-FE6BEAF34C28}.job
2017-01-21 13:13 - 2017-01-21 13:13 - 00003118 _____ C:\Windows\System32\Tasks\{2552C55B-39EB-4E65-860D-FE6BEAF34C28}
2017-01-21 10:35 - 2017-01-21 10:35 - 00021495 _____ C:\Users\Windows\Downloads\ENDEREÇO DAS FAZENDAS.xlsx
2017-01-21 09:51 - 2017-01-21 10:32 - 00000000 ____D C:\Users\Windows\Desktop\Fernanda
2017-01-18 15:41 - 2017-01-18 15:41 - 00002479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2017-01-18 15:36 - 2017-01-24 11:20 - 00000000 ____D C:\Program Files\Microsoft Office
2017-01-18 15:36 - 2017-01-18 15:36 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-01-06 19:41 - 2017-01-06 19:41 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-01-06 15:28 - 2017-01-06 15:28 - 00252534 _____ C:\Users\Windows\Downloads\k29434 (1).pdf
2017-01-06 15:22 - 2017-01-06 15:23 - 00252534 _____ C:\Users\Windows\Downloads\k29434.pdf
2016-12-27 11:55 - 2016-12-27 11:55 - 00001214 _____ C:\Users\Windows\Downloads\rar.rar
2016-12-26 19:10 - 2016-12-26 19:10 - 00000165 ____H C:\Users\Windows\Desktop\~$RELATÓRIO DE EMBARQUE - 26-12-2016.xlsx
2016-12-26 14:30 - 2016-12-26 14:30 - 00000000 ____D C:\Users\Windows\AppData\Local\Microsoft Help
2016-12-24 14:13 - 2016-12-24 14:13 - 00000000 ____D C:\Users\Windows\AppData\Local\Diagnostics
2016-12-23 16:09 - 2016-12-23 16:09 - 00000165 ____H C:\Users\Windows\Desktop\~$RELATÓRIO DE EMBARQUE - 22-12-2016.xlsx
2016-12-23 15:56 - 2016-12-23 15:56 - 00034217 _____ C:\Users\Windows\Downloads\RELATÓRIO DE EMBARQUE 19-12-2016.xlsx
2016-12-21 19:05 - 2017-01-20 18:11 - 00015872 ___SH C:\Users\Windows\Desktop\Thumbs.db
2016-12-21 19:03 - 2016-12-21 19:04 - 01579550 _____ C:\Users\Windows\Downloads\Scanner_20161207 (2).png
2016-12-21 19:01 - 2016-12-21 19:01 - 01579550 _____ C:\Users\Windows\Downloads\Scanner_20161207 (1).png
2016-12-21 18:54 - 2016-12-21 18:54 - 01578786 _____ C:\Users\Windows\Downloads\Scanner_20161207.png
2016-12-17 11:18 - 2016-12-17 11:18 - 00093104 _____ C:\Users\Windows\Downloads\IMG-20161217-WA0006.jpg
2016-12-17 00:12 - 2017-01-23 18:44 - 00000000 ____D C:\Users\Windows\AppData\Local\Dafeceka
2016-12-17 00:12 - 2016-12-17 00:12 - 00019428 _____ C:\Users\Windows\AppData\Roaming\Sebetacan
2016-12-17 00:11 - 2016-12-17 00:12 - 00000000 ____D C:\Users\Windows\AppData\Local\{9D37AB6B-B99F-C7D3-D407-E23BF06F1EA3}
2016-12-16 23:35 - 2016-12-16 23:36 - 07849791 _____ C:\Users\Windows\Downloads\notasfiscaiseplanilhaatualizada (1).zip
2016-12-16 23:31 - 2016-12-16 23:33 - 07849791 _____ C:\Users\Windows\Downloads\notasfiscaiseplanilhaatualizada.zip
2016-12-16 22:32 - 2016-12-16 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com
2016-12-16 22:32 - 2016-12-16 22:32 - 00000000 ____D C:\Program Files (x86)\Booking.com
2016-12-16 22:30 - 2016-12-16 22:30 - 00033088 _____ C:\Users\Windows\Desktop\gr.docx
2016-12-16 22:26 - 2016-12-16 22:26 - 44622552 _____ C:\Users\Windows\Downloads\Baixaki_mozilla-firefox.0-SSL
2016-12-16 22:16 - 2017-01-24 13:01 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{88BB3570-2B96-4EBD-BC43-4A51262EE3F9}
2016-12-16 22:13 - 2017-01-24 12:12 - 00000998 _____ C:\Windows\Tasks\Yahoo! Powered saret.job
2016-12-16 22:13 - 2017-01-24 10:12 - 00000000 ____D C:\Users\Todos os Usuários\{064CC32F-8C0E-49E9-0AC8-D7AB908A5C65}
2016-12-16 22:13 - 2017-01-24 10:12 - 00000000 ____D C:\ProgramData\{064CC32F-8C0E-49E9-0AC8-D7AB908A5C65}
2016-12-16 22:13 - 2016-12-17 00:12 - 00004004 _____ C:\Windows\System32\Tasks\Yahoo! Powered saret
2016-12-16 22:10 - 2016-12-17 00:11 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-12-16 22:10 - 2016-12-17 00:11 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-12-16 22:04 - 2016-12-16 22:05 - 01838568 _____ ( ) C:\Users\Windows\Downloads\Baixaki_mozilla-firefox (1).exe
2016-12-16 18:12 - 2017-01-24 12:04 - 00003174 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-16 17:58 - 2016-12-16 17:58 - 00000000 ____D C:\Users\Windows\AppData\LocalLow\Temp
2016-12-15 12:11 - 2017-01-24 12:04 - 00002351 _____ C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-12-15 12:00 - 2016-12-15 12:00 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2016-12-15 09:59 - 2016-12-15 09:59 - 00048811 _____ C:\Users\Windows\Downloads\gr-2.pdf
2016-12-15 09:58 - 2016-12-15 09:58 - 00049266 _____ C:\Users\Windows\Downloads\IMG-20161215-WA0026.jpg
2016-12-15 04:17 - 2016-12-15 04:19 - 00000000 ____D C:\Windows\system32\MRT
2016-12-15 04:17 - 2016-12-15 04:17 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 12:54 - 2014-01-07 03:00 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-12-14 12:54 - 2014-01-07 02:30 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-12-14 12:54 - 2014-01-04 18:50 - 01462216 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2016-12-14 12:54 - 2014-01-04 17:22 - 01202888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2016-12-14 12:54 - 2014-01-04 12:30 - 13209088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-12-14 12:54 - 2014-01-04 12:23 - 11702272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-12-14 12:54 - 2014-01-04 12:03 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-12-14 12:54 - 2014-01-04 11:47 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2016-12-14 12:54 - 2014-01-04 11:42 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2016-12-14 12:54 - 2014-01-04 11:40 - 07416832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-12-14 12:54 - 2014-01-04 11:36 - 00830976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2016-12-14 12:54 - 2014-01-04 11:28 - 04961792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-12-14 12:54 - 2013-12-21 00:10 - 00009701 _____ C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2016-12-14 12:54 - 2013-12-21 00:10 - 00009701 _____ C:\Windows\system32\connectedsearch-results.searchconnector-ms
2016-12-14 12:54 - 2013-11-21 04:42 - 04604416 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-12-14 12:54 - 2013-11-21 03:44 - 03936256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-12-14 12:52 - 2014-04-19 09:15 - 21186352 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-12-14 12:52 - 2014-04-19 04:49 - 18644072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-12-14 12:50 - 2016-12-14 12:50 - 00000000 _____ C:\Users\Windows\Downloads\{C94E6249-1A46-4A62-9C12-489A9500F2D4}
2016-12-14 12:49 - 2016-12-14 12:49 - 00080568 _____ C:\Users\Windows\Downloads\IMG-20161109-WA0105 (2).jpg
2016-12-14 12:43 - 2016-12-14 12:43 - 00087194 _____ C:\Users\Windows\Downloads\15161204249431000490550010000012131312100001-NFe.pdf
2016-12-14 12:38 - 2016-12-14 12:38 - 00080568 _____ C:\Users\Windows\Downloads\IMG-20161109-WA0105 (1).jpg
2016-12-14 12:36 - 2016-12-14 12:36 - 00080568 _____ C:\Users\Windows\Downloads\IMG-20161109-WA0105.jpg
2016-12-14 12:36 - 2013-10-03 12:07 - 01537880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-12-14 12:36 - 2013-10-03 12:07 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-12-14 12:36 - 2013-10-03 12:05 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-12-14 12:36 - 2013-10-03 12:05 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-12-14 12:36 - 2013-10-03 10:53 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-12-14 12:36 - 2013-10-03 10:53 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-12-14 12:36 - 2013-10-03 07:29 - 02144768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-12-14 12:36 - 2013-10-03 07:16 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2016-12-14 12:36 - 2013-10-03 07:07 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-12-14 12:36 - 2013-10-03 07:02 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2016-12-14 12:36 - 2013-10-02 09:00 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-14 12:36 - 2013-10-02 07:47 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-12-14 12:36 - 2013-10-01 01:42 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-12-14 12:36 - 2013-10-01 01:36 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-12-14 12:33 - 2013-12-20 08:18 - 01643584 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 12:33 - 2013-12-20 08:18 - 01507704 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 12:33 - 2013-12-08 22:19 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2016-12-14 12:33 - 2013-12-08 21:55 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2016-12-14 12:33 - 2013-10-30 22:33 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 12:33 - 2013-10-30 22:33 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-12-14 12:33 - 2013-10-19 06:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-12-14 12:33 - 2013-10-19 05:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2016-12-14 12:32 - 2014-10-30 20:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-12-14 12:32 - 2014-10-30 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-12-14 12:30 - 2013-12-08 22:27 - 02152448 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-12-14 12:30 - 2013-12-08 21:54 - 01317376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-12-14 12:30 - 2013-11-23 02:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-12-14 12:30 - 2013-11-23 02:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-12-14 12:30 - 2013-10-13 00:48 - 00136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2016-12-14 12:30 - 2013-10-12 19:48 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-12-14 12:30 - 2013-10-12 19:34 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-12-14 12:29 - 2014-03-06 07:19 - 01287576 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 12:29 - 2014-03-06 07:02 - 01109424 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 12:29 - 2014-03-06 04:17 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 12:29 - 2014-03-06 04:10 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 12:29 - 2014-01-31 14:15 - 00311640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-12-14 12:29 - 2014-01-31 14:07 - 00233920 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-12-14 12:29 - 2014-01-31 14:06 - 02133208 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-12-14 12:29 - 2014-01-31 11:47 - 02143960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-12-14 12:29 - 2014-01-31 07:06 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2016-12-14 12:29 - 2014-01-29 06:53 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2016-12-14 12:29 - 2014-01-29 06:53 - 00407024 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2016-12-14 12:29 - 2014-01-29 06:49 - 01928144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-12-14 12:29 - 2014-01-29 06:47 - 02543960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-12-14 12:29 - 2014-01-29 05:44 - 01371824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-12-14 12:29 - 2014-01-29 05:44 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2016-12-14 12:29 - 2014-01-29 05:44 - 00369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2016-12-14 12:29 - 2014-01-29 04:41 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2016-12-14 12:29 - 2014-01-28 22:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2016-12-14 12:29 - 2014-01-27 17:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2016-12-14 12:29 - 2014-01-27 17:06 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-12-14 12:29 - 2014-01-27 17:04 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2016-12-14 12:29 - 2014-01-27 16:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2016-12-14 12:29 - 2014-01-27 16:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-12-14 12:29 - 2014-01-27 16:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2016-12-14 12:29 - 2014-01-27 16:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-12-14 12:29 - 2014-01-27 15:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-12-14 12:29 - 2014-01-27 15:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2016-12-14 12:29 - 2014-01-27 15:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2016-12-14 12:29 - 2014-01-27 13:58 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-12-14 12:29 - 2014-01-27 13:50 - 06640640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-12-14 12:29 - 2014-01-27 09:45 - 00386722 _____ C:\Windows\system32\ApnDatabase.xml
2016-12-14 12:29 - 2014-01-17 21:04 - 00764864 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2016-12-14 12:29 - 2014-01-17 19:54 - 00669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2016-12-14 12:29 - 2013-12-21 12:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-12-14 12:29 - 2013-12-21 06:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2016-12-14 12:29 - 2013-10-05 12:21 - 01341288 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 12:29 - 2013-10-05 06:39 - 01067008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 12:24 - 2014-03-10 08:35 - 02008408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-12-14 12:24 - 2014-03-10 08:35 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-12-14 12:24 - 2013-11-27 13:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2016-12-14 12:24 - 2013-11-27 09:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2016-12-14 12:24 - 2013-11-27 08:34 - 00138240 _____ C:\Windows\system32\OEMLicense.dll
2016-12-14 12:24 - 2013-11-27 07:54 - 00103936 _____ C:\Windows\SysWOW64\OEMLicense.dll
2016-12-14 12:24 - 2013-11-27 06:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-14 12:24 - 2013-11-27 06:45 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2016-12-14 12:24 - 2013-11-27 06:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-14 12:24 - 2013-11-27 06:38 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2016-12-14 12:24 - 2013-11-27 06:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2016-12-14 12:24 - 2013-11-27 06:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2016-12-14 12:06 - 2014-02-11 01:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 12:06 - 2014-02-11 00:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-12-14 12:06 - 2014-02-11 00:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-12-14 12:06 - 2014-01-07 05:03 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe
2016-12-14 12:06 - 2014-01-07 03:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2016-12-14 12:05 - 2013-10-15 06:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-12-14 12:05 - 2013-10-15 06:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-12-14 12:02 - 2016-12-14 12:03 - 00186660 _____ C:\Users\Windows\Downloads\GR EM 07 DE NOV4.jpg
2016-12-14 12:02 - 2016-12-14 12:02 - 00190510 _____ C:\Users\Windows\Downloads\GR EM 07 DE NOV2.jpg
2016-12-14 12:02 - 2016-12-14 12:02 - 00184400 _____ C:\Users\Windows\Downloads\GR EM 07 DE NOV3 (1).jpg
2016-12-14 11:58 - 2016-12-14 11:58 - 00184400 _____ C:\Users\Windows\Downloads\GR EM 07 DE NOV3.jpg
2016-12-14 11:58 - 2016-12-14 11:58 - 00183467 _____ C:\Users\Windows\Downloads\GR EM 07 DE NOV.jpg
2016-12-14 11:57 - 2016-12-14 11:57 - 00191352 _____ C:\Users\Windows\Downloads\GR EM 12 DEZ1.jpg
2016-12-14 11:57 - 2016-12-14 11:57 - 00186298 _____ C:\Users\Windows\Downloads\GR EM 12 DEZ.jpg
2016-12-14 11:54 - 2013-12-08 22:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2016-12-14 11:54 - 2013-11-09 04:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2016-12-14 11:54 - 2013-11-09 04:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-12-14 11:54 - 2013-11-09 03:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-12-14 11:54 - 2013-10-16 13:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 11:54 - 2013-10-16 11:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 11:53 - 2016-12-14 11:53 - 00190187 _____ C:\Users\Windows\Downloads\GR EM 21 NOV1.jpg
2016-12-14 11:53 - 2016-12-14 11:53 - 00185571 _____ C:\Users\Windows\Downloads\GR EM 21 NOV.jpg
2016-12-14 11:50 - 2016-12-14 11:50 - 00192001 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ6.jpg
2016-12-14 11:50 - 2016-12-14 11:50 - 00181490 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ7.jpg
2016-12-14 11:49 - 2016-12-14 11:50 - 00178723 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ5.jpg
2016-12-14 11:49 - 2016-12-14 11:49 - 00181630 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ4.jpg
2016-12-14 11:49 - 2016-12-14 11:49 - 00179302 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ2.jpg
2016-12-14 11:49 - 2016-12-14 11:49 - 00122639 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ3.jpg
2016-12-14 11:48 - 2017-01-18 16:27 - 00274432 ___SH C:\Users\Windows\Downloads\Thumbs.db
2016-12-14 11:45 - 2016-12-14 11:45 - 00119558 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ1.jpg
2016-12-14 11:44 - 2016-12-14 11:45 - 00181739 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ.jpg
2016-12-14 09:43 - 2016-12-14 09:43 - 00000000 ____D C:\Users\Windows\Documents\Modelos Personalizados do Office
2016-12-12 18:00 - 2016-12-12 18:00 - 00000000 ____D C:\Users\Windows\AppData\Local\CEF
2016-12-12 17:56 - 2016-12-12 17:56 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-12 17:52 - 2016-12-12 17:52 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-12-12 17:52 - 2016-12-12 17:51 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-12-12 17:52 - 2016-12-12 17:51 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-12-12 17:51 - 2016-12-12 17:51 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-12-12 17:50 - 2016-12-12 17:50 - 00000000 ____D C:\Users\Windows\Tracing
2016-12-12 17:44 - 2016-12-12 17:52 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-12 17:44 - 2016-12-12 17:44 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-12-12 17:44 - 2016-12-12 17:44 - 00000000 ____D C:\Users\Todos os Usuários\Intel
2016-12-12 17:44 - 2016-12-12 17:44 - 00000000 ____D C:\ProgramData\Intel
2016-12-12 17:44 - 2016-12-12 17:44 - 00000000 ____D C:\Program Files\Intel
2016-12-12 17:44 - 2016-12-12 17:44 - 00000000 ____D C:\Intel
2016-12-12 17:44 - 1999-12-31 22:00 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-12-12 17:44 - 1999-12-31 22:00 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2016-12-12 17:44 - 1999-12-31 22:00 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2016-12-12 17:43 - 2016-12-12 17:43 - 00000000 ____D C:\Users\Todos os Usuários\SlimWare Utilities, Inc
2016-12-12 17:43 - 2016-12-12 17:43 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc
2016-12-12 17:42 - 2016-12-12 17:42 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-12-12 17:42 - 2016-12-12 17:42 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-12 17:41 - 2016-12-12 17:41 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2016-12-12 17:41 - 2016-12-12 17:41 - 00000000 ____D C:\Users\Windows\AppData\Local\SlimWare Utilities Inc
2016-12-12 17:40 - 2016-12-12 17:40 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2016-12-12 17:39 - 2016-12-16 22:10 - 00000000 ___SD C:\Users\Windows\AppData\LocalLow\Microsoft
2016-12-12 17:34 - 2017-01-20 18:11 - 00000000 ____D C:\Users\Windows\Desktop\RAIANNY
2016-12-12 17:34 - 2016-12-12 17:35 - 00000000 ____D C:\Users\Windows\Desktop\bkp gleybson
2016-12-12 17:20 - 2016-12-12 17:20 - 00000000 ____D C:\Users\Windows\AppData\Roaming\MPC-HC
2016-12-12 17:15 - 2016-12-12 17:15 - 00001938 _____ C:\Users\Public\Desktop\Avast Premier.lnk
2016-12-12 17:15 - 2016-12-12 17:15 - 00000000 ____D C:\Users\Windows\AppData\Roaming\AVAST Software
2016-12-12 17:15 - 2016-12-12 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-12-12 17:15 - 2016-12-12 16:20 - 00000000 ____D C:\Windows\Panther
2016-12-12 17:14 - 2017-01-20 18:54 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-12-12 17:14 - 2016-12-12 17:53 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-12-12 17:14 - 2016-12-12 17:53 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-12-12 17:14 - 2016-12-12 17:53 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-12-12 17:14 - 2016-12-12 17:52 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148157240200010
2016-12-12 17:14 - 2016-12-12 17:52 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148157240320312
2016-12-12 17:14 - 2016-12-12 17:52 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-12-12 17:14 - 2016-12-12 17:52 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-12-12 17:14 - 2016-12-12 17:52 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-12-12 17:14 - 2016-12-12 17:52 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-12-12 17:14 - 2016-12-12 17:52 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-12-12 17:14 - 2016-12-12 17:50 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.148157240004607
2016-12-12 17:14 - 2016-12-12 17:14 - 00000000 ____D C:\Program Files\AVAST Software
2016-12-12 17:13 - 2016-12-12 17:13 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-12-12 17:13 - 2016-12-12 17:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-12 17:12 - 2016-12-12 17:12 - 00001714 _____ C:\Users\Windows\Desktop\MPC-HC x64.lnk
2016-12-12 17:12 - 2016-12-12 17:12 - 00000000 ____D C:\Users\Windows\AppData\Local\Programs
2016-12-12 17:12 - 2016-12-12 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2016-12-12 17:12 - 2016-12-12 17:12 - 00000000 ____D C:\Program Files\MPC-HC
2016-12-12 17:10 - 2017-01-24 12:22 - 00000000 ____D C:\Users\Windows\AppData\Roaming\Skype
2016-12-12 17:10 - 2017-01-21 11:50 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-12-12 17:10 - 2017-01-21 11:50 - 00000000 ____D C:\ProgramData\Skype
2016-12-12 17:10 - 2016-12-15 06:46 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-12 17:10 - 2016-12-12 17:10 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2016-12-12 17:10 - 2016-12-12 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-12-12 17:09 - 2016-12-16 18:15 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-12 17:09 - 2016-12-16 18:15 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-12 17:09 - 2016-12-14 13:25 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-12 17:09 - 2016-12-12 17:09 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-12 17:08 - 2016-12-14 18:17 - 00000000 ____D C:\Users\Windows\AppData\Local\Google
2016-12-12 17:07 - 2016-12-12 17:08 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-12-12 17:07 - 2016-12-12 17:08 - 00000000 ____D C:\ProgramData\Adobe
2016-12-12 17:07 - 2016-12-12 17:07 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2016-12-12 17:07 - 2016-12-12 17:07 - 00002034 _____ C:\Users\Public\Desktop\Adobe Reader 9.lnk
2016-12-12 17:07 - 2016-12-12 17:07 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-12 17:05 - 2016-12-12 17:05 - 00000000 ____D C:\Users\Windows\AppData\Local\mpress
2016-12-12 17:01 - 2016-12-12 17:01 - 00026112 _____ C:\Windows\KMS-R@1n.exe
2016-12-12 17:01 - 2016-12-12 17:01 - 00004608 _____ C:\Windows\KMS-R@1nhook.exe
2016-12-12 17:01 - 2016-12-12 17:01 - 00003584 _____ C:\Windows\KMS-QADhook.dll
2016-12-12 17:01 - 2016-12-12 17:01 - 00000000 ____D C:\Windows\System32\Tasks\R@1n-KMS
2016-12-12 17:00 - 2016-12-12 17:00 - 00000000 ____D C:\Users\Windows\AppData\Roaming\WinRAR
2016-12-12 17:00 - 2016-12-12 17:00 - 00000000 ____D C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-12 17:00 - 2016-12-12 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-12 17:00 - 2016-12-12 17:00 - 00000000 ____D C:\Program Files\WinRAR
2016-12-12 16:54 - 2017-01-24 12:04 - 00003182 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2417617235-4106719252-2122872377-1001
2016-12-12 16:54 - 2016-12-12 16:54 - 00000000 ___RD C:\Users\Windows\OneDrive
2016-12-12 16:54 - 2016-12-12 16:54 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-12-12 16:54 - 2016-12-12 16:54 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-12-12 16:43 - 2017-01-18 15:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-12 16:40 - 2017-01-24 11:51 - 06291456 ____H C:\Users\Windows\AppData\Local\IconCache.db
2016-12-12 16:32 - 2016-12-12 16:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-12-12 16:25 - 2017-01-24 12:13 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2417617235-4106719252-2122872377-1001
2016-12-12 16:20 - 2017-01-24 13:09 - 00000000 ____D C:\Users\Windows\AppData\Local\Temp
2016-12-12 16:20 - 2017-01-24 13:05 - 00000000 ___RD C:\Users\Windows\Downloads
2016-12-12 16:20 - 2017-01-24 12:54 - 00000000 ___RD C:\Users\Windows\Desktop
2016-12-12 16:20 - 2017-01-24 12:04 - 00000000 ___RD C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-12 16:20 - 2017-01-24 11:51 - 01572864 ___SH C:\Users\Windows\NTUSER.DAT
2016-12-12 16:20 - 2017-01-24 10:00 - 00000000 ____D C:\Users\Windows\AppData\Local
2016-12-12 16:20 - 2017-01-23 18:44 - 00000000 ____D C:\Users\Windows\AppData\Roaming
2016-12-12 16:20 - 2017-01-21 10:35 - 00000000 ____D C:\Users\Windows\AppData\Local\Packages
2016-12-12 16:20 - 2017-01-18 15:24 - 00000000 ____D C:\Users\Windows
2016-12-12 16:20 - 2016-12-24 14:04 - 00000000 ____D C:\Users\Windows\AppData\Local\Microsoft
2016-12-12 16:20 - 2016-12-16 23:46 - 00000000 ___SD C:\Users\Windows\AppData\Roaming\Microsoft
2016-12-12 16:20 - 2016-12-16 17:58 - 00000000 ____D C:\Users\Windows\AppData\LocalLow
2016-12-12 16:20 - 2016-12-15 12:06 - 00000000 ___RD C:\Users\Windows\Documents
2016-12-12 16:20 - 2016-12-15 11:59 - 00000402 ___SH C:\Users\Windows\Documents\desktop.ini
2016-12-12 16:20 - 2016-12-15 11:59 - 00000334 ___SH C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-12 16:20 - 2016-12-15 11:59 - 00000282 ___SH C:\Users\Windows\Downloads\desktop.ini
2016-12-12 16:20 - 2016-12-15 11:59 - 00000282 ___SH C:\Users\Windows\Desktop\desktop.ini
2016-12-12 16:20 - 2016-12-15 11:59 - 00000174 ___SH C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Videos
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Searches
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Saved Games
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Pictures
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Music
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Links
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Favorites
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Contacts
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-12 16:20 - 2016-12-12 16:20 - 01007616 ___SH C:\Users\Windows\ntuser.dat.LOG1
2016-12-12 16:20 - 2016-12-12 16:20 - 00524288 ___SH C:\Users\Windows\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TMContainer00000000000000000002.regtrans-ms
2016-12-12 16:20 - 2016-12-12 16:20 - 00524288 ___SH C:\Users\Windows\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TMContainer00000000000000000001.regtrans-ms
2016-12-12 16:20 - 2016-12-12 16:20 - 00065536 ___SH C:\Users\Windows\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TM.blf
2016-12-12 16:20 - 2016-12-12 16:20 - 00053248 ___SH C:\Users\Windows\ntuser.dat.LOG2
2016-12-12 16:20 - 2016-12-12 16:20 - 00001422 _____ C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-12 16:20 - 2016-12-12 16:20 - 00000020 ___SH C:\Users\Windows\ntuser.ini
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\SendTo
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Recent
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Modelos
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Meus Documentos
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Menu Iniciar
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Documents\Minhas Músicas
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Documents\Minhas Imagens
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Documents\Meus Vídeos
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Dados de Aplicativos
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Cookies
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Configurações Locais
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\AppData\Local\Temporary Internet Files
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\AppData\Local\Histórico
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\AppData\Local\Dados de Aplicativos
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Ambiente de Rede
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Ambiente de Impressão
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 ___HD C:\Users\Windows\AppData
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 ____D C:\Windows\CSC
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 ____D C:\Users\Windows\AppData\Roaming\Adobe
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 ____D C:\Users\Windows\AppData\Local\VirtualStore
2016-12-12 16:20 - 2013-08-22 13:36 - 00000000 ___RD C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-12-12 16:20 - 2013-08-22 13:36 - 00000000 ___RD C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-12 16:20 - 2013-08-22 13:36 - 00000000 ___RD C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-12-12 16:20 - 2013-08-22 13:36 - 00000000 ____D C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-12-12 16:19 - 2017-01-24 12:13 - 01166838 _____ C:\Windows\WindowsUpdate.log
2016-12-12 16:19 - 2016-12-12 17:53 - 00000000 ____D C:\Windows\SoftwareDistribution
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Músicas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Imagens
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus Vídeos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de Aplicativos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Usuário Padrão
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de Aplicativos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Todos os Usuários
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Public\Documents\Minhas Músicas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Public\Documents\Minhas Imagens
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Public\Documents\Meus Vídeos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Modelos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Meus Documentos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Músicas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Imagens
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Documents\Meus Vídeos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Dados de Aplicativos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Configurações Locais
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Ambiente de Rede
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Ambiente de Impressão
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Músicas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Imagens
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default User\Documents\Meus Vídeos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de Aplicativos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\ProgramData\Modelos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\ProgramData\Documentos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\ProgramData\Dados de Aplicativos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Arquivos de Programas
2016-12-12 16:17 - 2017-01-24 11:51 - 3346944000 ___SH C:\hiberfil.sys
2016-12-12 16:17 - 2016-12-19 14:12 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{42b82173-0b2e-11e3-93f4-90b11c2eb9f2}.TMContainer00000000000000000002.regtrans-ms
2016-12-12 16:17 - 2016-12-19 14:12 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{42b82173-0b2e-11e3-93f4-90b11c2eb9f2}.TMContainer00000000000000000001.regtrans-ms
2016-12-12 16:17 - 2016-12-19 14:12 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{42b82173-0b2e-11e3-93f4-90b11c2eb9f2}.TM.blf
2016-12-12 16:16 - 2017-01-24 13:07 - 00000000 ____D C:\Windows\Prefetch
2016-12-12 16:16 - 2017-01-24 12:58 - 00000000 __SHD C:\System Volume Information
2016-12-12 16:16 - 2017-01-24 11:51 - 738197504 ___SH C:\pagefile.sys
2016-12-12 16:16 - 2017-01-24 11:51 - 268435456 ___SH C:\swapfile.sys
2016-12-12 16:16 - 2016-12-16 09:35 - 00524288 ___SH C:\Windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TMContainer00000000000000000001.regtrans-ms
2016-12-12 16:16 - 2016-12-16 09:35 - 00065536 ___SH C:\Windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TM.blf
2016-12-12 16:16 - 2016-12-12 16:17 - 00524288 ___SH C:\Windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TMContainer00000000000000000002.regtrans-ms
2016-12-12 16:16 - 2016-12-12 16:16 - 00524288 ___SH C:\Users\Default\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TMContainer00000000000000000002.regtrans-ms
2016-12-12 16:16 - 2016-12-12 16:16 - 00524288 ___SH C:\Users\Default\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TMContainer00000000000000000001.regtrans-ms
2016-12-12 16:16 - 2016-12-12 16:16 - 00065536 ___SH C:\Users\Default\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TM.blf
2016-12-08 17:04 - 2016-12-21 18:57 - 00000000 ____D C:\Users\Windows\Desktop\DAE
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-24 13:07 - 2013-08-22 13:20 - 00000000 ____D C:\Windows\CbsTemp
2017-01-24 12:50 - 2013-09-30 02:14 - 01707228 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-24 12:50 - 2013-09-30 01:56 - 00737880 _____ C:\Windows\system32\prfh0416.dat
2017-01-24 12:50 - 2013-09-30 01:56 - 00150516 _____ C:\Windows\system32\prfc0416.dat
2017-01-24 12:50 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\Inf
2017-01-24 11:51 - 2013-08-22 12:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-24 11:51 - 2013-08-22 11:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-01-24 11:22 - 2013-08-22 13:36 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2017-01-24 11:22 - 2013-08-22 13:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-24 11:21 - 2013-08-22 13:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-01-21 10:44 - 2016-07-13 19:26 - 00000000 ____D C:\Users\Windows\Desktop\FRAN LIMA
2017-01-18 15:08 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\AppReadiness
==================== Arquivos na raiz de alguns diretórios =======
2016-12-17 00:12 - 2016-12-17 00:12 - 0019428 _____ () C:\Users\Windows\AppData\Roaming\Sebetacan
2017-01-23 18:44 - 2017-01-23 18:44 - 0000042 _____ () C:\Users\Windows\AppData\Roaming\WB.CFG
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{2552C55B-39EB-4E65-860D-FE6BEAF34C28}.job
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
==================== BCD ================================
Gerenciador de Inicializa‡Æo do Windows
---------------------------------------
identificador {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale pt-BR
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {5b90eb1c-c09f-11e6-b067-ecaf73a30350}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Carregador de Inicializa‡Æo do Windows
--------------------------------------
identificador {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 8.1
locale pt-BR
inherit {bootloadersettings}
recoverysequence {5b90eb1e-c09f-11e6-b067-ecaf73a30350}
integrityservices Enable
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {5b90eb1c-c09f-11e6-b067-ecaf73a30350}
nx OptIn
bootmenupolicy Standard
Carregador de Inicializa‡Æo do Windows
--------------------------------------
identificador {5b90eb1e-c09f-11e6-b067-ecaf73a30350}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{5b90eb1f-c09f-11e6-b067-ecaf73a30350}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale pt-BR
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{5b90eb1f-c09f-11e6-b067-ecaf73a30350}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Continuar da Hiberna‡Æo
-----------------------
identificador {5b90eb1c-c09f-11e6-b067-ecaf73a30350}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale pt-BR
inherit {resumeloadersettings}
recoverysequence {5b90eb1e-c09f-11e6-b067-ecaf73a30350}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testador de Mem¢ria do Windows
------------------------------
identificador {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagn¢stico de Mem¢ria do Windows
locale pt-BR
inherit {globalsettings}
badmemoryaccess Yes
Configura‡äes de EMS
--------------------
identificador {emssettings}
bootems No
Configura‡äes do Depurador
--------------------------
identificador {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Defeitos de RAM
---------------
identificador {badmemory}
Configura‡äes Globais
---------------------
identificador {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Configura‡äes do Carregador de Inicializa‡Æo
--------------------------------------------
identificador {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Configura‡äes do Hypervisor
---------------------------
identificador {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Configura‡äes do Carregador de Retorno
--------------------------------------
identificador {resumeloadersettings}
inherit {globalsettings}
Op‡äes de dispositivo
---------------------
identificador {5b90eb1f-c09f-11e6-b067-ecaf73a30350}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi
LastRegBack: 2017-01-20 12:50
==================== Fim de FRST.txt ============================
Executado por Windows (administrador) em CLIENTE (24-01-2017 13:09:02)
Executando a partir de C:\Users\Windows\Downloads
Perfis Carregados: Windows (Perfis Disponíveis: Windows)
Platform: Windows 8.1 Enterprise (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\KMS-R@1n.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TweakBit) C:\Program Files (x86)\TweakBit\FixMyPC\FixMyPC.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(DLL-Files.com Client ) C:\Users\Windows\Downloads\clientsetup_d-0.exe
() C:\Users\Windows\AppData\Local\Temp\is-2MOP4.tmp\clientsetup_d-0.tmp
(DLL-Files.com Client ) C:\Users\Windows\Downloads\clientsetup_d-0.exe
() C:\Users\Windows\AppData\Local\Temp\is-4SIH9.tmp\clientsetup_d-0.tmp
(Microsoft Corporation) C:\Windows\System32\Dism.exe
(Microsoft Corporation) C:\Users\Windows\AppData\Local\Temp\F32CEF20-D822-42E7-BB83-CA446C2CD9C4\DismHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-12] (AVAST Software)
HKLM-x32\...\RunOnce: [Fafagefirife] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Windows\AppData\Roaming\Sebetacan"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2417617235-4106719252-2122872377-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-2417617235-4106719252-2122872377-1001\...\Run: [Chromium] => c:\users\windows\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-12] (AVAST Software)
GroupPolicy: Restrição <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{C56EF7A1-612C-4AF2-AD0F-D4AE2CFC6E8C}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{C90CE4AE-50A2-4106-9559-10E9762EB9E6}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise
HKU\S-1-5-21-2417617235-4106719252-2122872377-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2417617235-4106719252-2122872377-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2417617235-4106719252-2122872377-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_50¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtDyEzzzytCtAtC0AyEtN0D0Tzu0StCzztCtCtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCyDyD0B0A0DyB0DtGyC0AyD0FtGtDyDyEtCtGyDzzyD0DtG0E0AtDtAtC0A0AtA0EyEtCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyCtAtBtAyDtAtGtAzyyBtDtGyE0D0ByEtGzyyDyE0CtGtAyBtCzytAzy0E0FzytDtAtB2QtN0A0LzuyE%26cr%3D2091755201%26a%3Dwbf_bxinw_16_50%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-01-24] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-01-21] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-01-24] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-12-12] (AVAST Software)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-24] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-24] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-24] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-24] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-24] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-12]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-21] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [1999-12-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [1999-12-31] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-01-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-01-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default [2017-01-24]
CHR Extension: (Google Docs) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-12]
CHR Extension: (Google Drive) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-12]
CHR Extension: (YouTube) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-12]
CHR Extension: (Documentos Google off-line) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-12]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-23]
CHR Extension: (Search Manager) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2017-01-24]
CHR Extension: (Gmail) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-12]
CHR Extension: (Chrome Media Router) - C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2417617235-4106719252-2122872377-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-12] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3020992 2016-12-28] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 1999-12-31] (Intel Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-12-12] () [Arquivo não assinado]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-12-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-12-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-12-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-12-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-12-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-12-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-12-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-12-12] (AVAST Software)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 1999-12-31] (Intel Corporation)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16056 2016-12-12] (SlimWare Utilities, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
========================== MD5 dos Drivers =======================
C:\Windows\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1
C:\Windows\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1
C:\Windows\System32\drivers\ACPI.sys E19D921EBBD1A2CA4C48D7B5F1685B30
C:\Windows\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813
C:\Windows\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F
C:\Windows\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65
C:\Windows\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7
C:\Windows\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD
C:\Windows\system32\drivers\afd.sys 239268BAB58EAE9A3FF4E08334C00451
C:\Windows\System32\drivers\agp440.sys 7DFAEBA9AD62D20102B576D5CAC45EC8
C:\Windows\System32\DRIVERS\ahcache.sys 8E8E34B7BA059050EED827410D0697A2
C:\Windows\System32\drivers\amdk8.sys 7589DE749DB6F71A68489DCE04158729
C:\Windows\System32\drivers\amdppm.sys B46D2D89AFF8A9490FA8C98C7A5616E3
C:\Windows\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2
C:\Windows\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E
C:\Windows\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50
C:\Windows\system32\drivers\appid.sys 04951A9A937CBE28A2D3FEEA360B6D1F
C:\Windows\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B
C:\Windows\system32\drivers\aswHwid.sys 9B480B472D6826E7257C90E2D0EE2954
C:\Windows\system32\drivers\aswMonFlt.sys 1BB00571CC2C78463ABD7E9C32970758
C:\Windows\system32\drivers\aswRdr2.sys 7010B57D708DA5C9686A5923EE621776
C:\Windows\System32\Drivers\aswRvrt.sys 937885085BFE5BD08EC1BC0245DD203B
C:\Windows\system32\drivers\aswSnx.sys 0B6352251C5D84130DF4252D33D266C2
C:\Windows\system32\drivers\aswSP.sys 28213B34725B18387CC1B8C3D73858A1
C:\Windows\system32\drivers\aswStm.sys 9C58B6E9663D0A76D00D83E43C765BDF
C:\Windows\System32\Drivers\aswVmm.sys D60D9201739400F0FBDB9E36A3212D91
C:\Windows\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD
C:\Windows\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF
C:\Windows\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68
C:\Windows\System32\drivers\BasicRender.sys 2748E116F8621A4DB0D39FCDD7318C01
C:\Windows\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21
C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6
C:\Windows\System32\DRIVERS\bowser.sys 6B4FFFDDC618FCF64473CAA86E305697
C:\Windows\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7
C:\Windows\System32\drivers\bthhfenum.sys 746B9F94214915AECDE4B7FEA5FF9664
C:\Windows\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07
C:\Windows\System32\drivers\bthmodem.sys 07E33226AD218A2A162662A05CAFB52F
C:\Windows\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9
C:\Windows\System32\drivers\cdrom.sys C6796EA22B513E3457514D92DCDB1A3D
C:\Windows\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B
C:\Windows\System32\drivers\CLFS.sys B8B663BE41827211737F627473D6D192
C:\Windows\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB
C:\Windows\System32\Drivers\cng.sys 825BE21E6395E00698D8A23955A87972
C:\Windows\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905
C:\Windows\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2
C:\Windows\System32\drivers\csc.sys EE2F3C0D6ADBC975D6B621EC15ACF4E2
C:\Windows\System32\drivers\dam.sys 315BA4BC19316D72B2E037534E048B93
C:\Windows\System32\Drivers\dfsc.sys 5DB26D7E0216D0BF364A81D3829AD7B9
C:\Windows\System32\drivers\disk.sys 4D40C9B33F738797CF50E77CB7C53E85
C:\Windows\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F
C:\Windows\system32\drivers\drmkaud.sys DDC11A202207C0400CBE07315B8FDE5E
C:\Windows\System32\drivers\dxgkrnl.sys AEAB1924098DB538784C1D2B268FF0C9
C:\Windows\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D
C:\Windows\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9
C:\Windows\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B
C:\Windows\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3
C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4
C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B
C:\Windows\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B
C:\Windows\System32\drivers\fileinfo.sys 957A7A8F5ACCAF23DD9DFF6DAA393CE5
C:\Windows\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF
C:\Windows\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A
C:\Windows\System32\drivers\fltmgr.sys 60D5067FCE6D9433D35E04C01D8538B3
C:\Windows\System32\drivers\FsDepends.sys 35005534E600E993A90B036E4E599F2B
C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42
C:\Windows\System32\DRIVERS\fvevol.sys 83E1F0983B02A6F8EC764D18E24ECF10
C:\Windows\System32\drivers\fxppm.sys 9591D0B9351ED489EAFD9D1CE52A8015
C:\Windows\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA
C:\Windows\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1
C:\Windows\System32\Drivers\msgpioclx.sys FDA72810CA2F8409D9B31E833C448E34
C:\Windows\system32\drivers\HdAudio.sys 56F69F7C25FB67C970997D7066DBC593
C:\Windows\System32\drivers\HDAudBus.sys 03909BDBFF0DCACCABF2B2D4ADEE44DC
C:\Windows\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906
C:\Windows\System32\drivers\hidbth.sys 1EA1B4FABB8CC348E73CA90DBA22E104
C:\Windows\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17
C:\Windows\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95
C:\Windows\System32\drivers\hidusb.sys F31397220D9687E11EB448649AA6E038
C:\Windows\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D
C:\Windows\System32\drivers\HTTP.sys 3502776E366C913D49C0DA928AE3E6CB
C:\Windows\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F
C:\Windows\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1
C:\Windows\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25
C:\Windows\System32\drivers\i8042prt.sys 84CFC5EFA97D0C965EDE1D56F116A541
C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05
C:\Windows\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C
C:\Windows\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC
C:\Windows\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2
C:\Windows\system32\DRIVERS\igdkmd64.sys 79AE3CC82CA1563A4B392207997ACE7C
C:\Windows\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157
C:\Windows\System32\drivers\intelpep.sys A2B6215E54075A936E5B424ABCD1323E
C:\Windows\System32\drivers\intelppm.sys 47E74A8E53C7C24DCE38311E1451C1D9
C:\Windows\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514
C:\Windows\System32\drivers\IPMIDrv.sys 9949A3C7590B8C536C05312205079A82
C:\Windows\System32\drivers\ipnat.sys E23D32BAF152FBE35F18C6A2AB8EF271
C:\Windows\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97
C:\Windows\System32\drivers\isapnp.sys 8AFEEA3955AA43616A60F133B1D25F21
C:\Windows\System32\drivers\msiscsi.sys 034D4BD9DC67C64F3A4C8A049B5173BF
C:\Windows\System32\drivers\kbdclass.sys 8BE92376799B6B44D543E8D07CDCF885
C:\Windows\System32\drivers\kbdhid.sys FB6E47E569D4872ABEB506BE03A45FBA
C:\Windows\System32\drivers\kbldfltr.sys DB7A09BC90DF20F44F16F8B0F9ED3491
C:\Windows\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05
C:\Windows\System32\Drivers\ksecdd.sys ADDECBCC777665BD113BED437E602AB0
C:\Windows\System32\Drivers\ksecpkg.sys 7296EA420134EAC390798B3232D066A4
C:\Windows\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F
C:\Windows\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8
C:\Windows\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC
C:\Windows\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141
C:\Windows\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191
C:\Windows\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C
C:\Windows\system32\drivers\luafv.sys 5EF604B0698F4FA962778285E8C5F1F2
C:\Windows\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F
C:\Windows\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363
C:\Windows\system32\DRIVERS\TeeDriverx64.sys EB1D78140D6634C32A46AB1006105EDC
C:\Windows\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378
C:\Windows\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9
C:\Windows\System32\drivers\mouclass.sys CEAC6D40FE887CE8406C2393CF97DE06
C:\Windows\System32\drivers\mouhid.sys 02D98BF804084E9A0D69D1C69B02CCA9
C:\Windows\System32\drivers\mountmgr.sys 515549560D481138E6E21AF7C6998E56
C:\Windows\System32\drivers\mpsdrv.sys F170510BE94CF45E3C6274578F6204B2
C:\Windows\system32\drivers\mrxdav.sys 59DCEC7499095DE5AED741358037AE2D
C:\Windows\System32\DRIVERS\mrxsmb.sys 6129EDB793A4255B1E2FB41773AC9D9A
C:\Windows\System32\DRIVERS\mrxsmb10.sys 295771B092D4F7FCF2B62F80CCD14320
C:\Windows\System32\DRIVERS\mrxsmb20.sys AAF56E4E84D35411B4E446C445732DFE
C:\Windows\system32\DRIVERS\bridge.sys 4E888019078AC363076A5433E89AA4F8
C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08
C:\Windows\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD
C:\Windows\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31
C:\Windows\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA
C:\Windows\System32\drivers\msisadrv.sys 36D92AF3343C3A3E57FEF11C449AEA4C
C:\Windows\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D
C:\Windows\system32\DRIVERS\mslldp.sys 375E44168F2DFB91A68B8A3F619C5A7C
C:\Windows\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6
C:\Windows\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8
C:\Windows\System32\Drivers\MsRPC.sys BBE2A455053E63BECBF42C2F9B21FAE0
C:\Windows\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E
C:\Windows\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2
C:\Windows\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E
C:\Windows\System32\Drivers\mup.sys 619CA29326B82372621DB2C0964D8365
C:\Windows\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F
C:\Windows\system32\DRIVERS\nwifi.sys CF8B989D89D6807B887690F2CF24EFD9
C:\Windows\System32\drivers\ndis.sys AD9086052A5E5153AF43FE74138A4B27
C:\Windows\system32\DRIVERS\ndiscap.sys C6BB12BC35D1637CA17AE16D3A4725EB
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 9F1DA20E943BE7AA4ED5F3E1EBA78B37
C:\Windows\system32\DRIVERS\ndistapi.sys 9423421E735BD5394351E0C47C76BB92
C:\Windows\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59
C:\Windows\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\System32\Drivers\NDProxy.sys A5BD69A8812FA79D1A487691DD3FB244
C:\Windows\System32\drivers\Ndu.sys 5A072F0B90C29C5233D78BE33EF5ED78
C:\Windows\System32\DRIVERS\netbios.sys A83D67D347A684F10B7D3019C8A6380C
C:\Windows\System32\DRIVERS\netbt.sys 0217532E19A748F0E5D569307363D5FD
C:\Windows\system32\DRIVERS\netr28ux.sys 91307C4F3AA4E42404BC4F513CCD5430
C:\Windows\system32\DRIVERS\netvsc63.sys 70414DB660BFBB7BD58FCE8EA4364E1B
C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351
C:\Windows\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC
C:\Windows\System32\drivers\nsiproxy.sys E490B459978CB87779E84C761D22B827
C:\Windows\System32\Drivers\Ntfs.sys 725EF69B2DBEB7B33280019A556201BC
C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904
C:\Windows\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8
C:\Windows\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E
C:\Windows\System32\drivers\nv_agp.sys 6934A936A7369DFE37B7DBA93F5E5E49
C:\Windows\System32\drivers\parport.sys 764B1121867B2D9B31C491668AC72B2B
C:\Windows\System32\drivers\partmgr.sys EF0C1749C9A8CEE9A457473D433CC00F
C:\Windows\System32\drivers\pci.sys C0D3F3BC1C84B4BA746D9847314C1164
C:\Windows\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4
C:\Windows\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397
C:\Windows\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D
C:\Windows\System32\drivers\pdc.sys E170103E68329E9154A5EC383CD253ED
C:\Windows\System32\drivers\peauth.sys BA50CC0BD19004AAB88BE37338B6FA0D
C:\Windows\System32\drivers\processr.sys ECD373F9571C745894367CC2635EA44F
C:\Windows\system32\DRIVERS\pacer.sys 8528BB05E4D4E25945F78B00B2555FB7
C:\Windows\system32\drivers\qwavedrv.sys 3FB466684609A4329858CF2EBD62E0FD
C:\Windows\System32\DRIVERS\rasacd.sys 2C56F0EE27E4EF70CA4B4983D3638905
C:\Windows\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A
C:\Windows\System32\DRIVERS\rdbss.sys B939A2A0F9D6C6C186721E268EB6FA93
C:\Windows\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32
C:\Windows\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF
C:\Windows\System32\drivers\rdpvideominiport.sys 858776908AF838E3790F3261B799CDA6
C:\Windows\System32\drivers\rdyboost.sys 06250FF7F8E5F98DAA6F2D6251B1694E
C:\Windows\System32\Drivers\ReFS.sys 036746D54347FD2D0385668E2A4064E4
C:\Windows\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC
C:\Windows\system32\DRIVERS\Rt630x64.sys 19764658C1468C2C0CEF133D28414A6B
C:\Windows\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0
C:\Windows\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7
C:\Windows\System32\DRIVERS\scfilter.sys ABD0237B15DBD2B4695F4B7D734A58F7
C:\Windows\System32\drivers\sdbus.sys 2F9A3380B8C0380E5608E29C7AA66899
C:\Windows\System32\drivers\sdstor.sys 4EAF4DCF9DBD9A56952A58F56D61C005
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 é legítimo
C:\Windows\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89
C:\Windows\System32\drivers\SerCx2.sys 53BDBF04ECAF943CBF6359E3BCB2445E
C:\Windows\System32\drivers\serenum.sys 3CD600C089C1251BEEB4CD4CD5164F9E
C:\Windows\System32\drivers\serial.sys D864381BC9C725FAB01D94C060660166
C:\Windows\System32\drivers\sermouse.sys 0BD2B65DCE756FDE95A2E5CCCBF7705D
C:\Windows\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764
C:\Windows\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F
C:\Windows\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F
C:\Windows\System32\drivers\spaceport.sys 2150AAB8CD16876AE6DBDDDCC9ED740C
C:\Windows\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34
C:\Windows\System32\DRIVERS\srv.sys CD7534BA5BA92086B1BC10ADF880FC49
C:\Windows\System32\DRIVERS\srv2.sys C1AE59C0B0817236EC083A91C396005A
C:\Windows\System32\DRIVERS\srvnet.sys 77195C32175FC63D6054EBA5A066D727
C:\Windows\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B
C:\Windows\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90
C:\Windows\System32\DRIVERS\vmstorfl.sys 7A08CEE1535F5A448215634C5EA74E50
C:\Windows\System32\drivers\stornvme.sys D57AEE34C7C0DD1DC8B6B54B7A89649C
C:\Windows\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F
C:\Windows\System32\drivers\storvsp.sys 03618F935379614837F915D04C45FC0E
C:\Windows\system32\DRIVERS\SWDUMon.sys 98E8C921F7F17F113AAA128EC7310213
C:\Windows\System32\drivers\swenum.sys 84E0F5D41C138C5CC975137A2A98F6D3
C:\Windows\System32\drivers\Synth3dVsc.sys 25F0DA8E7F26416FDB5D77592B5C1A8B
C:\Windows\System32\drivers\tcpip.sys ECC68BD5347BDE9631EE68274858A41F
C:\Windows\system32\DRIVERS\tcpip.sys ECC68BD5347BDE9631EE68274858A41F
C:\Windows\System32\drivers\tcpipreg.sys 33A7D83EEB15431773A6E186CFAABA21
C:\Windows\system32\DRIVERS\tdx.sys FFF28F9F6823EB1756C60F1649560BBF
C:\Windows\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431
C:\Windows\system32\drivers\tpm.sys 82F909359600D3603FE852DB7F135626
C:\Windows\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93
C:\Windows\System32\drivers\TsUsbGD.sys E0088068DCE2EE82897027DDB8E05254
C:\Windows\System32\drivers\tsusbhub.sys 4A445D5E44CD996D18E128EF321D54B2
C:\Windows\system32\DRIVERS\tunnel.sys C8E0E78B5D284C2FF59BDFFDAF997242
C:\Windows\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54
C:\Windows\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B
C:\Windows\System32\drivers\ucx01000.sys 5D1B430EA11064C56E7C8F84B90DEB6A
C:\Windows\System32\DRIVERS\udfs.sys 1EC649F112896FAE33250F0B97AC5D0B
C:\Windows\System32\drivers\UEFI.sys 9578691F297E1B1F519970FE6D47CB21
C:\Windows\System32\drivers\uliagpkx.sys 5EAB5117DDB24FC4D39E6FFFCF1837B9
C:\Windows\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034
C:\Windows\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E
C:\Windows\System32\drivers\usbccgp.sys 3432E857B8EC1C1316AB098F2BCCDFB6
C:\Windows\System32\drivers\usbcir.sys B3D6457D841A0CAEF4C52D88621715F2
C:\Windows\System32\drivers\usbehci.sys 5477D6E27C7D266EF8C152B9A25ADE5E
C:\Windows\System32\drivers\usbhub.sys DF56C2C04EFA328D7A66B69007130266
C:\Windows\System32\drivers\UsbHub3.sys C0E33820326199CE3CFD3B9F27F81D99
C:\Windows\System32\drivers\usbohci.sys 3019097FB6C985EF24C058090FF3BDBD
C:\Windows\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C
C:\Windows\system32\DRIVERS\usbscan.sys F04D164C4168701A4E7835607722E5F1
C:\Windows\System32\drivers\USBSTOR.SYS B1230E9813B5C7E762DF27756AA23917
C:\Windows\System32\drivers\usbuhci.sys BA4FA655E0FC577DB7436FC963932CE4
C:\Windows\System32\drivers\USBXHCI.SYS BCD8FC0A47AA31889C94168A4E56BB26
C:\Windows\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562
C:\Windows\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD
C:\Windows\System32\drivers\vhdmp.sys 041D3EF364E624DBB2703A64A5AADF89
C:\Windows\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199
C:\Windows\System32\drivers\Vid.sys 3CE922E34DB12D9F3C0EA856BC09687C
C:\Windows\System32\drivers\vmbus.sys C6305BDFC4F7CE51F72BB072C03D4ACE
C:\Windows\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F
C:\Windows\System32\drivers\vmbusr.sys 68F8C26DEA2D42E8DEC0778943433C80
C:\Windows\System32\drivers\volmgr.sys 55D7D963DE85162F1C49721E502F9744
C:\Windows\System32\drivers\volmgrx.sys CCB9E901F7254BF96D28EB1B0E5329B7
C:\Windows\System32\drivers\volsnap.sys C85C075DE5B6D0FE116043054DE8EE02
C:\Windows\System32\drivers\vpci.sys 01355C98B5C3ED1EC446743CDA848FCE
C:\Windows\System32\drivers\vpcivsp.sys ADBE96C33D1A5BB1BBAF90B4BC84F523
C:\Windows\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07
C:\Windows\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B
C:\Windows\System32\drivers\vwifibus.sys BE970C369E43B509C1EDA2B8FA7CECB0
C:\Windows\system32\DRIVERS\vwififlt.sys 6B26AD573CCDD5209DF4397438B76354
C:\Windows\system32\DRIVERS\vwifimp.sys 0B48E0DFB44EE475F4FD8A8EE599AF30
C:\Windows\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B
C:\Windows\system32\drivers\WdBoot.sys 694B28DE12AD47031FFB4B052662131A
C:\Windows\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D
C:\Windows\system32\drivers\WdFilter.sys 0B99529A3BECC3528D865DDECB62503B
C:\Windows\System32\Drivers\WdNisDrv.sys 282E7D46310338FF4A6B7680440EB0DA
C:\Windows\System32\DRIVERS\wfplwfs.sys 2E3E82D7B1076B90F4E228A8EF17B261
C:\Windows\System32\drivers\wimmount.sys 867BCC69ED9C31C501465EB0E8BA9DFA
C:\Windows\system32\DRIVERS\WinUsb.sys AC263C2F66405589528995AA41040599
C:\Windows\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128
C:\Windows\System32\DRIVERS\wpcfltr.sys E746BCDBA2E02CF6B8D6B26FB167FBE0
C:\Windows\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A
C:\Windows\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572
C:\Windows\System32\drivers\WSDPrint.sys F586F3F1BF962FE9AE4316E0D896B22F
C:\Windows\System32\drivers\WSDScan.sys D38297814FB6E33655342D869996E617
C:\Windows\System32\drivers\WudfPf.sys 2FEAE33E9B2B56104596E1BA444405A9
C:\Windows\System32\drivers\WUDFRd.sys 19240C13F526125554B5370566F21A0A
C:\Windows\System32\drivers\WUDFRd.sys 19240C13F526125554B5370566F21A0A
C:\Windows\system32\DRIVERS\WUDFRd.sys 19240C13F526125554B5370566F21A0A
C:\Windows\system32\DRIVERS\WUDFRd.sys 19240C13F526125554B5370566F21A0A
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-24 13:05 - 2017-01-24 13:07 - 00017657 _____ C:\Users\Windows\Downloads\Addition.txt
2017-01-24 13:04 - 2017-01-24 13:09 - 00041147 _____ C:\Users\Windows\Downloads\FRST.txt
2017-01-24 13:04 - 2017-01-24 13:09 - 00000000 ____D C:\FRST
2017-01-24 13:03 - 2017-01-24 13:04 - 02420736 _____ (Farbar) C:\Users\Windows\Downloads\FRST64.exe
2017-01-24 13:00 - 2017-01-24 13:01 - 01762816 _____ (Farbar) C:\Users\Windows\Downloads\FRST.exe
2017-01-24 12:56 - 2017-01-24 12:56 - 02729024 _____ (DLL-Files.com Client ) C:\Users\Windows\Downloads\clientsetup_d-0.exe
2017-01-24 12:54 - 2017-01-24 12:54 - 00001142 _____ C:\Users\Windows\Desktop\TweakBit FixMyPC.lnk
2017-01-24 12:54 - 2017-01-24 12:54 - 00000000 ____D C:\Windows\System32\Tasks\TweakBit
2017-01-24 12:54 - 2017-01-24 12:54 - 00000000 ____D C:\Users\Todos os Usuários\TweakBit
2017-01-24 12:54 - 2017-01-24 12:54 - 00000000 ____D C:\ProgramData\TweakBit
2017-01-24 12:54 - 2017-01-24 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2017-01-24 12:54 - 2017-01-24 12:54 - 00000000 ____D C:\Program Files (x86)\TweakBit
2017-01-24 12:51 - 2017-01-24 12:51 - 00407784 _____ (TweakBit) C:\Users\Windows\Downloads\fix_api-ms-win-crt-runtime-l1-1-0.dll-setup.exe
2017-01-24 11:33 - 2017-01-24 11:34 - 00000000 ____D C:\Users\Windows\Desktop\ACERTOS NO COMUPADOR 03 A-L
2017-01-24 11:21 - 2017-01-24 11:21 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-01-23 19:01 - 2017-01-23 19:01 - 00185910 _____ C:\Users\Windows\Downloads\TRANSP. ADALBERTO.PDF
2017-01-23 18:59 - 2017-01-23 18:59 - 00185326 _____ C:\Users\Windows\Downloads\TRANSP. OUMIRANDO (1).PDF
2017-01-23 18:57 - 2017-01-23 18:57 - 00241436 _____ C:\Users\Windows\Downloads\AVULSA OUMIRANDO.PDF
2017-01-23 18:57 - 2017-01-23 18:57 - 00184424 _____ C:\Users\Windows\Downloads\TRANSP. ANTONIO.PDF
2017-01-23 18:56 - 2017-01-23 18:56 - 00185326 _____ C:\Users\Windows\Downloads\TRANSP. OUMIRANDO.PDF
2017-01-23 18:53 - 2017-01-23 18:53 - 01016421 _____ C:\Users\Windows\Downloads\fwdnotasavulsasedetransportecarretojuniorembarque.zip
2017-01-23 18:44 - 2017-01-23 18:44 - 00000042 _____ C:\Users\Windows\AppData\Roaming\WB.CFG
2017-01-21 13:13 - 2017-01-24 12:32 - 00000294 _____ C:\Windows\Tasks\{2552C55B-39EB-4E65-860D-FE6BEAF34C28}.job
2017-01-21 13:13 - 2017-01-21 13:13 - 00003118 _____ C:\Windows\System32\Tasks\{2552C55B-39EB-4E65-860D-FE6BEAF34C28}
2017-01-21 10:35 - 2017-01-21 10:35 - 00021495 _____ C:\Users\Windows\Downloads\ENDEREÇO DAS FAZENDAS.xlsx
2017-01-21 09:51 - 2017-01-21 10:32 - 00000000 ____D C:\Users\Windows\Desktop\Fernanda
2017-01-18 15:41 - 2017-01-18 15:41 - 00002479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-01-18 15:41 - 2017-01-18 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2017-01-18 15:36 - 2017-01-24 11:20 - 00000000 ____D C:\Program Files\Microsoft Office
2017-01-18 15:36 - 2017-01-18 15:36 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-01-06 19:41 - 2017-01-06 19:41 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-01-06 15:28 - 2017-01-06 15:28 - 00252534 _____ C:\Users\Windows\Downloads\k29434 (1).pdf
2017-01-06 15:22 - 2017-01-06 15:23 - 00252534 _____ C:\Users\Windows\Downloads\k29434.pdf
2016-12-27 11:55 - 2016-12-27 11:55 - 00001214 _____ C:\Users\Windows\Downloads\rar.rar
2016-12-26 19:10 - 2016-12-26 19:10 - 00000165 ____H C:\Users\Windows\Desktop\~$RELATÓRIO DE EMBARQUE - 26-12-2016.xlsx
2016-12-26 14:30 - 2016-12-26 14:30 - 00000000 ____D C:\Users\Windows\AppData\Local\Microsoft Help
2016-12-24 14:13 - 2016-12-24 14:13 - 00000000 ____D C:\Users\Windows\AppData\Local\Diagnostics
2016-12-23 16:09 - 2016-12-23 16:09 - 00000165 ____H C:\Users\Windows\Desktop\~$RELATÓRIO DE EMBARQUE - 22-12-2016.xlsx
2016-12-23 15:56 - 2016-12-23 15:56 - 00034217 _____ C:\Users\Windows\Downloads\RELATÓRIO DE EMBARQUE 19-12-2016.xlsx
2016-12-21 19:05 - 2017-01-20 18:11 - 00015872 ___SH C:\Users\Windows\Desktop\Thumbs.db
2016-12-21 19:03 - 2016-12-21 19:04 - 01579550 _____ C:\Users\Windows\Downloads\Scanner_20161207 (2).png
2016-12-21 19:01 - 2016-12-21 19:01 - 01579550 _____ C:\Users\Windows\Downloads\Scanner_20161207 (1).png
2016-12-21 18:54 - 2016-12-21 18:54 - 01578786 _____ C:\Users\Windows\Downloads\Scanner_20161207.png
2016-12-17 11:18 - 2016-12-17 11:18 - 00093104 _____ C:\Users\Windows\Downloads\IMG-20161217-WA0006.jpg
2016-12-17 00:12 - 2017-01-23 18:44 - 00000000 ____D C:\Users\Windows\AppData\Local\Dafeceka
2016-12-17 00:12 - 2016-12-17 00:12 - 00019428 _____ C:\Users\Windows\AppData\Roaming\Sebetacan
2016-12-17 00:11 - 2016-12-17 00:12 - 00000000 ____D C:\Users\Windows\AppData\Local\{9D37AB6B-B99F-C7D3-D407-E23BF06F1EA3}
2016-12-16 23:35 - 2016-12-16 23:36 - 07849791 _____ C:\Users\Windows\Downloads\notasfiscaiseplanilhaatualizada (1).zip
2016-12-16 23:31 - 2016-12-16 23:33 - 07849791 _____ C:\Users\Windows\Downloads\notasfiscaiseplanilhaatualizada.zip
2016-12-16 22:32 - 2016-12-16 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com
2016-12-16 22:32 - 2016-12-16 22:32 - 00000000 ____D C:\Program Files (x86)\Booking.com
2016-12-16 22:30 - 2016-12-16 22:30 - 00033088 _____ C:\Users\Windows\Desktop\gr.docx
2016-12-16 22:26 - 2016-12-16 22:26 - 44622552 _____ C:\Users\Windows\Downloads\Baixaki_mozilla-firefox.0-SSL
2016-12-16 22:16 - 2017-01-24 13:01 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{88BB3570-2B96-4EBD-BC43-4A51262EE3F9}
2016-12-16 22:13 - 2017-01-24 12:12 - 00000998 _____ C:\Windows\Tasks\Yahoo! Powered saret.job
2016-12-16 22:13 - 2017-01-24 10:12 - 00000000 ____D C:\Users\Todos os Usuários\{064CC32F-8C0E-49E9-0AC8-D7AB908A5C65}
2016-12-16 22:13 - 2017-01-24 10:12 - 00000000 ____D C:\ProgramData\{064CC32F-8C0E-49E9-0AC8-D7AB908A5C65}
2016-12-16 22:13 - 2016-12-17 00:12 - 00004004 _____ C:\Windows\System32\Tasks\Yahoo! Powered saret
2016-12-16 22:10 - 2016-12-17 00:11 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-12-16 22:10 - 2016-12-17 00:11 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-12-16 22:04 - 2016-12-16 22:05 - 01838568 _____ ( ) C:\Users\Windows\Downloads\Baixaki_mozilla-firefox (1).exe
2016-12-16 18:12 - 2017-01-24 12:04 - 00003174 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-16 17:58 - 2016-12-16 17:58 - 00000000 ____D C:\Users\Windows\AppData\LocalLow\Temp
2016-12-15 12:11 - 2017-01-24 12:04 - 00002351 _____ C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-12-15 12:00 - 2016-12-15 12:00 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2016-12-15 09:59 - 2016-12-15 09:59 - 00048811 _____ C:\Users\Windows\Downloads\gr-2.pdf
2016-12-15 09:58 - 2016-12-15 09:58 - 00049266 _____ C:\Users\Windows\Downloads\IMG-20161215-WA0026.jpg
2016-12-15 04:17 - 2016-12-15 04:19 - 00000000 ____D C:\Windows\system32\MRT
2016-12-15 04:17 - 2016-12-15 04:17 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 12:54 - 2014-01-07 03:00 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-12-14 12:54 - 2014-01-07 02:30 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-12-14 12:54 - 2014-01-04 18:50 - 01462216 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2016-12-14 12:54 - 2014-01-04 17:22 - 01202888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2016-12-14 12:54 - 2014-01-04 12:30 - 13209088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-12-14 12:54 - 2014-01-04 12:23 - 11702272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-12-14 12:54 - 2014-01-04 12:03 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-12-14 12:54 - 2014-01-04 11:47 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2016-12-14 12:54 - 2014-01-04 11:42 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2016-12-14 12:54 - 2014-01-04 11:40 - 07416832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-12-14 12:54 - 2014-01-04 11:36 - 00830976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2016-12-14 12:54 - 2014-01-04 11:28 - 04961792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-12-14 12:54 - 2013-12-21 00:10 - 00009701 _____ C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2016-12-14 12:54 - 2013-12-21 00:10 - 00009701 _____ C:\Windows\system32\connectedsearch-results.searchconnector-ms
2016-12-14 12:54 - 2013-11-21 04:42 - 04604416 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-12-14 12:54 - 2013-11-21 03:44 - 03936256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-12-14 12:52 - 2014-04-19 09:15 - 21186352 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-12-14 12:52 - 2014-04-19 04:49 - 18644072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-12-14 12:50 - 2016-12-14 12:50 - 00000000 _____ C:\Users\Windows\Downloads\{C94E6249-1A46-4A62-9C12-489A9500F2D4}
2016-12-14 12:49 - 2016-12-14 12:49 - 00080568 _____ C:\Users\Windows\Downloads\IMG-20161109-WA0105 (2).jpg
2016-12-14 12:43 - 2016-12-14 12:43 - 00087194 _____ C:\Users\Windows\Downloads\15161204249431000490550010000012131312100001-NFe.pdf
2016-12-14 12:38 - 2016-12-14 12:38 - 00080568 _____ C:\Users\Windows\Downloads\IMG-20161109-WA0105 (1).jpg
2016-12-14 12:36 - 2016-12-14 12:36 - 00080568 _____ C:\Users\Windows\Downloads\IMG-20161109-WA0105.jpg
2016-12-14 12:36 - 2013-10-03 12:07 - 01537880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-12-14 12:36 - 2013-10-03 12:07 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-12-14 12:36 - 2013-10-03 12:05 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-12-14 12:36 - 2013-10-03 12:05 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-12-14 12:36 - 2013-10-03 10:53 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-12-14 12:36 - 2013-10-03 10:53 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-12-14 12:36 - 2013-10-03 07:29 - 02144768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-12-14 12:36 - 2013-10-03 07:16 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2016-12-14 12:36 - 2013-10-03 07:07 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-12-14 12:36 - 2013-10-03 07:02 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2016-12-14 12:36 - 2013-10-02 09:00 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-14 12:36 - 2013-10-02 07:47 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-12-14 12:36 - 2013-10-01 01:42 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-12-14 12:36 - 2013-10-01 01:36 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-12-14 12:33 - 2013-12-20 08:18 - 01643584 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 12:33 - 2013-12-20 08:18 - 01507704 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 12:33 - 2013-12-08 22:19 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2016-12-14 12:33 - 2013-12-08 21:55 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2016-12-14 12:33 - 2013-10-30 22:33 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 12:33 - 2013-10-30 22:33 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-12-14 12:33 - 2013-10-19 06:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-12-14 12:33 - 2013-10-19 05:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2016-12-14 12:32 - 2014-10-30 20:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-12-14 12:32 - 2014-10-30 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-12-14 12:30 - 2013-12-08 22:27 - 02152448 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-12-14 12:30 - 2013-12-08 21:54 - 01317376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-12-14 12:30 - 2013-11-23 02:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-12-14 12:30 - 2013-11-23 02:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-12-14 12:30 - 2013-10-13 00:48 - 00136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2016-12-14 12:30 - 2013-10-12 19:48 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-12-14 12:30 - 2013-10-12 19:34 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-12-14 12:29 - 2014-03-06 07:19 - 01287576 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 12:29 - 2014-03-06 07:02 - 01109424 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 12:29 - 2014-03-06 04:17 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 12:29 - 2014-03-06 04:10 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 12:29 - 2014-01-31 14:15 - 00311640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-12-14 12:29 - 2014-01-31 14:07 - 00233920 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-12-14 12:29 - 2014-01-31 14:06 - 02133208 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-12-14 12:29 - 2014-01-31 11:47 - 02143960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-12-14 12:29 - 2014-01-31 07:06 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2016-12-14 12:29 - 2014-01-29 06:53 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2016-12-14 12:29 - 2014-01-29 06:53 - 00407024 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2016-12-14 12:29 - 2014-01-29 06:49 - 01928144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-12-14 12:29 - 2014-01-29 06:47 - 02543960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-12-14 12:29 - 2014-01-29 05:44 - 01371824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-12-14 12:29 - 2014-01-29 05:44 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2016-12-14 12:29 - 2014-01-29 05:44 - 00369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2016-12-14 12:29 - 2014-01-29 04:41 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2016-12-14 12:29 - 2014-01-28 22:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2016-12-14 12:29 - 2014-01-27 17:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2016-12-14 12:29 - 2014-01-27 17:06 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-12-14 12:29 - 2014-01-27 17:04 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2016-12-14 12:29 - 2014-01-27 16:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2016-12-14 12:29 - 2014-01-27 16:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-12-14 12:29 - 2014-01-27 16:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2016-12-14 12:29 - 2014-01-27 16:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-12-14 12:29 - 2014-01-27 15:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-12-14 12:29 - 2014-01-27 15:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2016-12-14 12:29 - 2014-01-27 15:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2016-12-14 12:29 - 2014-01-27 13:58 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-12-14 12:29 - 2014-01-27 13:50 - 06640640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-12-14 12:29 - 2014-01-27 09:45 - 00386722 _____ C:\Windows\system32\ApnDatabase.xml
2016-12-14 12:29 - 2014-01-17 21:04 - 00764864 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2016-12-14 12:29 - 2014-01-17 19:54 - 00669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2016-12-14 12:29 - 2013-12-21 12:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-12-14 12:29 - 2013-12-21 06:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2016-12-14 12:29 - 2013-10-05 12:21 - 01341288 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 12:29 - 2013-10-05 06:39 - 01067008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 12:24 - 2014-03-10 08:35 - 02008408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-12-14 12:24 - 2014-03-10 08:35 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-12-14 12:24 - 2013-11-27 13:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2016-12-14 12:24 - 2013-11-27 09:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2016-12-14 12:24 - 2013-11-27 08:34 - 00138240 _____ C:\Windows\system32\OEMLicense.dll
2016-12-14 12:24 - 2013-11-27 07:54 - 00103936 _____ C:\Windows\SysWOW64\OEMLicense.dll
2016-12-14 12:24 - 2013-11-27 06:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-14 12:24 - 2013-11-27 06:45 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2016-12-14 12:24 - 2013-11-27 06:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-14 12:24 - 2013-11-27 06:38 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2016-12-14 12:24 - 2013-11-27 06:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2016-12-14 12:24 - 2013-11-27 06:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2016-12-14 12:06 - 2014-02-11 01:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 12:06 - 2014-02-11 00:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-12-14 12:06 - 2014-02-11 00:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-12-14 12:06 - 2014-01-07 05:03 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe
2016-12-14 12:06 - 2014-01-07 03:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2016-12-14 12:05 - 2013-10-15 06:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-12-14 12:05 - 2013-10-15 06:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-12-14 12:02 - 2016-12-14 12:03 - 00186660 _____ C:\Users\Windows\Downloads\GR EM 07 DE NOV4.jpg
2016-12-14 12:02 - 2016-12-14 12:02 - 00190510 _____ C:\Users\Windows\Downloads\GR EM 07 DE NOV2.jpg
2016-12-14 12:02 - 2016-12-14 12:02 - 00184400 _____ C:\Users\Windows\Downloads\GR EM 07 DE NOV3 (1).jpg
2016-12-14 11:58 - 2016-12-14 11:58 - 00184400 _____ C:\Users\Windows\Downloads\GR EM 07 DE NOV3.jpg
2016-12-14 11:58 - 2016-12-14 11:58 - 00183467 _____ C:\Users\Windows\Downloads\GR EM 07 DE NOV.jpg
2016-12-14 11:57 - 2016-12-14 11:57 - 00191352 _____ C:\Users\Windows\Downloads\GR EM 12 DEZ1.jpg
2016-12-14 11:57 - 2016-12-14 11:57 - 00186298 _____ C:\Users\Windows\Downloads\GR EM 12 DEZ.jpg
2016-12-14 11:54 - 2013-12-08 22:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2016-12-14 11:54 - 2013-11-09 04:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2016-12-14 11:54 - 2013-11-09 04:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-12-14 11:54 - 2013-11-09 03:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-12-14 11:54 - 2013-10-16 13:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 11:54 - 2013-10-16 11:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 11:53 - 2016-12-14 11:53 - 00190187 _____ C:\Users\Windows\Downloads\GR EM 21 NOV1.jpg
2016-12-14 11:53 - 2016-12-14 11:53 - 00185571 _____ C:\Users\Windows\Downloads\GR EM 21 NOV.jpg
2016-12-14 11:50 - 2016-12-14 11:50 - 00192001 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ6.jpg
2016-12-14 11:50 - 2016-12-14 11:50 - 00181490 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ7.jpg
2016-12-14 11:49 - 2016-12-14 11:50 - 00178723 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ5.jpg
2016-12-14 11:49 - 2016-12-14 11:49 - 00181630 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ4.jpg
2016-12-14 11:49 - 2016-12-14 11:49 - 00179302 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ2.jpg
2016-12-14 11:49 - 2016-12-14 11:49 - 00122639 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ3.jpg
2016-12-14 11:48 - 2017-01-18 16:27 - 00274432 ___SH C:\Users\Windows\Downloads\Thumbs.db
2016-12-14 11:45 - 2016-12-14 11:45 - 00119558 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ1.jpg
2016-12-14 11:44 - 2016-12-14 11:45 - 00181739 _____ C:\Users\Windows\Downloads\GR EM 05 DEZ.jpg
2016-12-14 09:43 - 2016-12-14 09:43 - 00000000 ____D C:\Users\Windows\Documents\Modelos Personalizados do Office
2016-12-12 18:00 - 2016-12-12 18:00 - 00000000 ____D C:\Users\Windows\AppData\Local\CEF
2016-12-12 17:56 - 2016-12-12 17:56 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-12 17:52 - 2016-12-12 17:52 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-12-12 17:52 - 2016-12-12 17:51 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-12-12 17:52 - 2016-12-12 17:51 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-12-12 17:51 - 2016-12-12 17:51 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-12-12 17:50 - 2016-12-12 17:50 - 00000000 ____D C:\Users\Windows\Tracing
2016-12-12 17:44 - 2016-12-12 17:52 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-12 17:44 - 2016-12-12 17:44 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-12-12 17:44 - 2016-12-12 17:44 - 00000000 ____D C:\Users\Todos os Usuários\Intel
2016-12-12 17:44 - 2016-12-12 17:44 - 00000000 ____D C:\ProgramData\Intel
2016-12-12 17:44 - 2016-12-12 17:44 - 00000000 ____D C:\Program Files\Intel
2016-12-12 17:44 - 2016-12-12 17:44 - 00000000 ____D C:\Intel
2016-12-12 17:44 - 1999-12-31 22:00 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-12-12 17:44 - 1999-12-31 22:00 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2016-12-12 17:44 - 1999-12-31 22:00 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2016-12-12 17:43 - 2016-12-12 17:43 - 00000000 ____D C:\Users\Todos os Usuários\SlimWare Utilities, Inc
2016-12-12 17:43 - 2016-12-12 17:43 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc
2016-12-12 17:42 - 2016-12-12 17:42 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-12-12 17:42 - 2016-12-12 17:42 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-12 17:41 - 2016-12-12 17:41 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2016-12-12 17:41 - 2016-12-12 17:41 - 00000000 ____D C:\Users\Windows\AppData\Local\SlimWare Utilities Inc
2016-12-12 17:40 - 2016-12-12 17:40 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2016-12-12 17:39 - 2016-12-16 22:10 - 00000000 ___SD C:\Users\Windows\AppData\LocalLow\Microsoft
2016-12-12 17:34 - 2017-01-20 18:11 - 00000000 ____D C:\Users\Windows\Desktop\RAIANNY
2016-12-12 17:34 - 2016-12-12 17:35 - 00000000 ____D C:\Users\Windows\Desktop\bkp gleybson
2016-12-12 17:20 - 2016-12-12 17:20 - 00000000 ____D C:\Users\Windows\AppData\Roaming\MPC-HC
2016-12-12 17:15 - 2016-12-12 17:15 - 00001938 _____ C:\Users\Public\Desktop\Avast Premier.lnk
2016-12-12 17:15 - 2016-12-12 17:15 - 00000000 ____D C:\Users\Windows\AppData\Roaming\AVAST Software
2016-12-12 17:15 - 2016-12-12 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-12-12 17:15 - 2016-12-12 16:20 - 00000000 ____D C:\Windows\Panther
2016-12-12 17:14 - 2017-01-20 18:54 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-12-12 17:14 - 2016-12-12 17:53 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-12-12 17:14 - 2016-12-12 17:53 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-12-12 17:14 - 2016-12-12 17:53 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-12-12 17:14 - 2016-12-12 17:52 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148157240200010
2016-12-12 17:14 - 2016-12-12 17:52 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148157240320312
2016-12-12 17:14 - 2016-12-12 17:52 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-12-12 17:14 - 2016-12-12 17:52 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-12-12 17:14 - 2016-12-12 17:52 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-12-12 17:14 - 2016-12-12 17:52 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-12-12 17:14 - 2016-12-12 17:52 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-12-12 17:14 - 2016-12-12 17:50 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.148157240004607
2016-12-12 17:14 - 2016-12-12 17:14 - 00000000 ____D C:\Program Files\AVAST Software
2016-12-12 17:13 - 2016-12-12 17:13 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-12-12 17:13 - 2016-12-12 17:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-12 17:12 - 2016-12-12 17:12 - 00001714 _____ C:\Users\Windows\Desktop\MPC-HC x64.lnk
2016-12-12 17:12 - 2016-12-12 17:12 - 00000000 ____D C:\Users\Windows\AppData\Local\Programs
2016-12-12 17:12 - 2016-12-12 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2016-12-12 17:12 - 2016-12-12 17:12 - 00000000 ____D C:\Program Files\MPC-HC
2016-12-12 17:10 - 2017-01-24 12:22 - 00000000 ____D C:\Users\Windows\AppData\Roaming\Skype
2016-12-12 17:10 - 2017-01-21 11:50 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-12-12 17:10 - 2017-01-21 11:50 - 00000000 ____D C:\ProgramData\Skype
2016-12-12 17:10 - 2016-12-15 06:46 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-12 17:10 - 2016-12-12 17:10 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2016-12-12 17:10 - 2016-12-12 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-12-12 17:09 - 2016-12-16 18:15 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-12 17:09 - 2016-12-16 18:15 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-12 17:09 - 2016-12-14 13:25 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-12 17:09 - 2016-12-12 17:09 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-12 17:08 - 2016-12-14 18:17 - 00000000 ____D C:\Users\Windows\AppData\Local\Google
2016-12-12 17:07 - 2016-12-12 17:08 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-12-12 17:07 - 2016-12-12 17:08 - 00000000 ____D C:\ProgramData\Adobe
2016-12-12 17:07 - 2016-12-12 17:07 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2016-12-12 17:07 - 2016-12-12 17:07 - 00002034 _____ C:\Users\Public\Desktop\Adobe Reader 9.lnk
2016-12-12 17:07 - 2016-12-12 17:07 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-12 17:05 - 2016-12-12 17:05 - 00000000 ____D C:\Users\Windows\AppData\Local\mpress
2016-12-12 17:01 - 2016-12-12 17:01 - 00026112 _____ C:\Windows\KMS-R@1n.exe
2016-12-12 17:01 - 2016-12-12 17:01 - 00004608 _____ C:\Windows\KMS-R@1nhook.exe
2016-12-12 17:01 - 2016-12-12 17:01 - 00003584 _____ C:\Windows\KMS-QADhook.dll
2016-12-12 17:01 - 2016-12-12 17:01 - 00000000 ____D C:\Windows\System32\Tasks\R@1n-KMS
2016-12-12 17:00 - 2016-12-12 17:00 - 00000000 ____D C:\Users\Windows\AppData\Roaming\WinRAR
2016-12-12 17:00 - 2016-12-12 17:00 - 00000000 ____D C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-12 17:00 - 2016-12-12 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-12 17:00 - 2016-12-12 17:00 - 00000000 ____D C:\Program Files\WinRAR
2016-12-12 16:54 - 2017-01-24 12:04 - 00003182 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2417617235-4106719252-2122872377-1001
2016-12-12 16:54 - 2016-12-12 16:54 - 00000000 ___RD C:\Users\Windows\OneDrive
2016-12-12 16:54 - 2016-12-12 16:54 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-12-12 16:54 - 2016-12-12 16:54 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-12-12 16:43 - 2017-01-18 15:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-12 16:40 - 2017-01-24 11:51 - 06291456 ____H C:\Users\Windows\AppData\Local\IconCache.db
2016-12-12 16:32 - 2016-12-12 16:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-12-12 16:25 - 2017-01-24 12:13 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2417617235-4106719252-2122872377-1001
2016-12-12 16:20 - 2017-01-24 13:09 - 00000000 ____D C:\Users\Windows\AppData\Local\Temp
2016-12-12 16:20 - 2017-01-24 13:05 - 00000000 ___RD C:\Users\Windows\Downloads
2016-12-12 16:20 - 2017-01-24 12:54 - 00000000 ___RD C:\Users\Windows\Desktop
2016-12-12 16:20 - 2017-01-24 12:04 - 00000000 ___RD C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-12 16:20 - 2017-01-24 11:51 - 01572864 ___SH C:\Users\Windows\NTUSER.DAT
2016-12-12 16:20 - 2017-01-24 10:00 - 00000000 ____D C:\Users\Windows\AppData\Local
2016-12-12 16:20 - 2017-01-23 18:44 - 00000000 ____D C:\Users\Windows\AppData\Roaming
2016-12-12 16:20 - 2017-01-21 10:35 - 00000000 ____D C:\Users\Windows\AppData\Local\Packages
2016-12-12 16:20 - 2017-01-18 15:24 - 00000000 ____D C:\Users\Windows
2016-12-12 16:20 - 2016-12-24 14:04 - 00000000 ____D C:\Users\Windows\AppData\Local\Microsoft
2016-12-12 16:20 - 2016-12-16 23:46 - 00000000 ___SD C:\Users\Windows\AppData\Roaming\Microsoft
2016-12-12 16:20 - 2016-12-16 17:58 - 00000000 ____D C:\Users\Windows\AppData\LocalLow
2016-12-12 16:20 - 2016-12-15 12:06 - 00000000 ___RD C:\Users\Windows\Documents
2016-12-12 16:20 - 2016-12-15 11:59 - 00000402 ___SH C:\Users\Windows\Documents\desktop.ini
2016-12-12 16:20 - 2016-12-15 11:59 - 00000334 ___SH C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-12 16:20 - 2016-12-15 11:59 - 00000282 ___SH C:\Users\Windows\Downloads\desktop.ini
2016-12-12 16:20 - 2016-12-15 11:59 - 00000282 ___SH C:\Users\Windows\Desktop\desktop.ini
2016-12-12 16:20 - 2016-12-15 11:59 - 00000174 ___SH C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Videos
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Searches
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Saved Games
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Pictures
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Music
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Links
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Favorites
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\Contacts
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-12 16:20 - 2016-12-15 11:59 - 00000000 ___RD C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-12 16:20 - 2016-12-12 16:20 - 01007616 ___SH C:\Users\Windows\ntuser.dat.LOG1
2016-12-12 16:20 - 2016-12-12 16:20 - 00524288 ___SH C:\Users\Windows\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TMContainer00000000000000000002.regtrans-ms
2016-12-12 16:20 - 2016-12-12 16:20 - 00524288 ___SH C:\Users\Windows\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TMContainer00000000000000000001.regtrans-ms
2016-12-12 16:20 - 2016-12-12 16:20 - 00065536 ___SH C:\Users\Windows\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TM.blf
2016-12-12 16:20 - 2016-12-12 16:20 - 00053248 ___SH C:\Users\Windows\ntuser.dat.LOG2
2016-12-12 16:20 - 2016-12-12 16:20 - 00001422 _____ C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-12 16:20 - 2016-12-12 16:20 - 00000020 ___SH C:\Users\Windows\ntuser.ini
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\SendTo
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Recent
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Modelos
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Meus Documentos
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Menu Iniciar
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Documents\Minhas Músicas
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Documents\Minhas Imagens
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Documents\Meus Vídeos
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Dados de Aplicativos
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Cookies
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Configurações Locais
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\AppData\Local\Temporary Internet Files
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\AppData\Local\Histórico
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\AppData\Local\Dados de Aplicativos
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Ambiente de Rede
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 _SHDL C:\Users\Windows\Ambiente de Impressão
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 ___HD C:\Users\Windows\AppData
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 ____D C:\Windows\CSC
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 ____D C:\Users\Windows\AppData\Roaming\Adobe
2016-12-12 16:20 - 2016-12-12 16:20 - 00000000 ____D C:\Users\Windows\AppData\Local\VirtualStore
2016-12-12 16:20 - 2013-08-22 13:36 - 00000000 ___RD C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-12-12 16:20 - 2013-08-22 13:36 - 00000000 ___RD C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-12 16:20 - 2013-08-22 13:36 - 00000000 ___RD C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-12-12 16:20 - 2013-08-22 13:36 - 00000000 ____D C:\Users\Windows\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-12-12 16:19 - 2017-01-24 12:13 - 01166838 _____ C:\Windows\WindowsUpdate.log
2016-12-12 16:19 - 2016-12-12 17:53 - 00000000 ____D C:\Windows\SoftwareDistribution
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Músicas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Imagens
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus Vídeos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de Aplicativos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Usuário Padrão
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de Aplicativos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Todos os Usuários
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Public\Documents\Minhas Músicas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Public\Documents\Minhas Imagens
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Public\Documents\Meus Vídeos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Modelos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Meus Documentos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Músicas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Imagens
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Documents\Meus Vídeos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Dados de Aplicativos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Configurações Locais
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Ambiente de Rede
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default\Ambiente de Impressão
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Músicas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Imagens
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default User\Documents\Meus Vídeos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de Aplicativos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\ProgramData\Modelos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\ProgramData\Documentos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\ProgramData\Dados de Aplicativos
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-12-12 16:18 - 2016-12-12 16:18 - 00000000 _SHDL C:\Arquivos de Programas
2016-12-12 16:17 - 2017-01-24 11:51 - 3346944000 ___SH C:\hiberfil.sys
2016-12-12 16:17 - 2016-12-19 14:12 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{42b82173-0b2e-11e3-93f4-90b11c2eb9f2}.TMContainer00000000000000000002.regtrans-ms
2016-12-12 16:17 - 2016-12-19 14:12 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{42b82173-0b2e-11e3-93f4-90b11c2eb9f2}.TMContainer00000000000000000001.regtrans-ms
2016-12-12 16:17 - 2016-12-19 14:12 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{42b82173-0b2e-11e3-93f4-90b11c2eb9f2}.TM.blf
2016-12-12 16:16 - 2017-01-24 13:07 - 00000000 ____D C:\Windows\Prefetch
2016-12-12 16:16 - 2017-01-24 12:58 - 00000000 __SHD C:\System Volume Information
2016-12-12 16:16 - 2017-01-24 11:51 - 738197504 ___SH C:\pagefile.sys
2016-12-12 16:16 - 2017-01-24 11:51 - 268435456 ___SH C:\swapfile.sys
2016-12-12 16:16 - 2016-12-16 09:35 - 00524288 ___SH C:\Windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TMContainer00000000000000000001.regtrans-ms
2016-12-12 16:16 - 2016-12-16 09:35 - 00065536 ___SH C:\Windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TM.blf
2016-12-12 16:16 - 2016-12-12 16:17 - 00524288 ___SH C:\Windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TMContainer00000000000000000002.regtrans-ms
2016-12-12 16:16 - 2016-12-12 16:16 - 00524288 ___SH C:\Users\Default\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TMContainer00000000000000000002.regtrans-ms
2016-12-12 16:16 - 2016-12-12 16:16 - 00524288 ___SH C:\Users\Default\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TMContainer00000000000000000001.regtrans-ms
2016-12-12 16:16 - 2016-12-12 16:16 - 00065536 ___SH C:\Users\Default\NTUSER.DAT{bbed3e3b-0b41-11e3-8249-d6927d06400b}.TM.blf
2016-12-08 17:04 - 2016-12-21 18:57 - 00000000 ____D C:\Users\Windows\Desktop\DAE
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-24 13:07 - 2013-08-22 13:20 - 00000000 ____D C:\Windows\CbsTemp
2017-01-24 12:50 - 2013-09-30 02:14 - 01707228 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-24 12:50 - 2013-09-30 01:56 - 00737880 _____ C:\Windows\system32\prfh0416.dat
2017-01-24 12:50 - 2013-09-30 01:56 - 00150516 _____ C:\Windows\system32\prfc0416.dat
2017-01-24 12:50 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\Inf
2017-01-24 11:51 - 2013-08-22 12:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-24 11:51 - 2013-08-22 11:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-01-24 11:22 - 2013-08-22 13:36 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2017-01-24 11:22 - 2013-08-22 13:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-24 11:21 - 2013-08-22 13:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-01-21 10:44 - 2016-07-13 19:26 - 00000000 ____D C:\Users\Windows\Desktop\FRAN LIMA
2017-01-18 15:08 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\AppReadiness
==================== Arquivos na raiz de alguns diretórios =======
2016-12-17 00:12 - 2016-12-17 00:12 - 0019428 _____ () C:\Users\Windows\AppData\Roaming\Sebetacan
2017-01-23 18:44 - 2017-01-23 18:44 - 0000042 _____ () C:\Users\Windows\AppData\Roaming\WB.CFG
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{2552C55B-39EB-4E65-860D-FE6BEAF34C28}.job
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
==================== BCD ================================
Gerenciador de Inicializa‡Æo do Windows
---------------------------------------
identificador {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale pt-BR
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {5b90eb1c-c09f-11e6-b067-ecaf73a30350}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Carregador de Inicializa‡Æo do Windows
--------------------------------------
identificador {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 8.1
locale pt-BR
inherit {bootloadersettings}
recoverysequence {5b90eb1e-c09f-11e6-b067-ecaf73a30350}
integrityservices Enable
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {5b90eb1c-c09f-11e6-b067-ecaf73a30350}
nx OptIn
bootmenupolicy Standard
Carregador de Inicializa‡Æo do Windows
--------------------------------------
identificador {5b90eb1e-c09f-11e6-b067-ecaf73a30350}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{5b90eb1f-c09f-11e6-b067-ecaf73a30350}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale pt-BR
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{5b90eb1f-c09f-11e6-b067-ecaf73a30350}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Continuar da Hiberna‡Æo
-----------------------
identificador {5b90eb1c-c09f-11e6-b067-ecaf73a30350}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale pt-BR
inherit {resumeloadersettings}
recoverysequence {5b90eb1e-c09f-11e6-b067-ecaf73a30350}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testador de Mem¢ria do Windows
------------------------------
identificador {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagn¢stico de Mem¢ria do Windows
locale pt-BR
inherit {globalsettings}
badmemoryaccess Yes
Configura‡äes de EMS
--------------------
identificador {emssettings}
bootems No
Configura‡äes do Depurador
--------------------------
identificador {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Defeitos de RAM
---------------
identificador {badmemory}
Configura‡äes Globais
---------------------
identificador {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Configura‡äes do Carregador de Inicializa‡Æo
--------------------------------------------
identificador {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Configura‡äes do Hypervisor
---------------------------
identificador {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Configura‡äes do Carregador de Retorno
--------------------------------------
identificador {resumeloadersettings}
inherit {globalsettings}
Op‡äes de dispositivo
---------------------
identificador {5b90eb1f-c09f-11e6-b067-ecaf73a30350}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi
LastRegBack: 2017-01-20 12:50
==================== Fim de FRST.txt ============================