FRST.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 23-04-2017 01
Executado por Marcelo (administrador) em MARCELO-PC (25-04-2017 08:17:04)
Executando a partir de C:\Users\Marcelo\Desktop
Perfis Carregados: Marcelo & Lima Trab (Perfis Disponíveis: Marcelo & Lima Trab & Franciely & Luciene & Matheus)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Brother Industries, Ltd.) C:\Windows\System32\BrmfRsmg.exe
(Brother Industries, Ltd.) C:\Windows\System32\BrmfRsmg.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.5\EMP_UDSA.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(GAS Tecnologia LTDA) C:\Program Files (x86)\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Akamai Technologies, Inc.) C:\Users\Lima Trab\AppData\Local\Akamai\netsession_win.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(GAS Tecnologia LTDA) C:\Program Files (x86)\Diebold\Warsaw\core.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Akamai Technologies, Inc.) C:\Users\Lima Trab\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(GAS Tecnologia LTDA) C:\Program Files (x86)\Diebold\Warsaw\core.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2024800 2014-06-04] (Wondershare)
HKLM-x32\...\Run: [syshost32] => C:\Windows\Installer\{DA1CA9EB-1382-CBC5-8A33-53E9685C33AD}\syshost.exe
HKLM-x32\...\Run: [Diebold - Warsaw] => C:\Program Files (x86)\Diebold\Warsaw\core.exe [518968 2014-07-12] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [688184 2012-02-15] (Sony Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28344776 2017-04-17] (Dropbox, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-03-10] (Autodesk, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-4018499716-600952987-1379959307-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-4018499716-600952987-1379959307-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4018499716-600952987-1379959307-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4018499716-600952987-1379959307-1000\...\Policies\Explorer: []
HKU\S-1-5-21-4018499716-600952987-1379959307-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4018499716-600952987-1379959307-1000\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-4018499716-600952987-1379959307-1000\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-4018499716-600952987-1379959307-1000\...\MountPoints2: {5bbd5fde-11be-11e5-8ac4-902b34f73ca8} - F:\EMP_UDSe.exe /autorun
HKU\S-1-5-21-4018499716-600952987-1379959307-1000\...\MountPoints2: {662eead5-f417-11e5-b22a-902b34f73ca8} - F:\LGAutoRun.exe
HKU\S-1-5-21-4018499716-600952987-1379959307-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-4018499716-600952987-1379959307-1003\...\Run: [GoogleChromeAutoLaunch_C7A082F4FF879337EA53046532ECF732] => C:\Users\Lima Trab\AppData\Local\chromium\Application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-4018499716-600952987-1379959307-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-4018499716-600952987-1379959307-1003\...\Run: [{CE0DD124-DF40-41BF-AA9B-710C77C31F29}] => powershell.exe -noprofile -windowstyle hidden -executionpolicy bypass iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\Rypiy').DCNEVPBGX)));
HKU\S-1-5-21-4018499716-600952987-1379959307-1003\...\Run: [Akamai NetSession Interface] => C:\Users\Lima Trab\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4018499716-600952987-1379959307-1003\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc.)
HKU\S-1-5-21-4018499716-600952987-1379959307-1003\...\Policies\system: [DisableLockWorkstationMythBackup] 0
HKU\S-1-5-21-4018499716-600952987-1379959307-1003\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-4018499716-600952987-1379959307-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4018499716-600952987-1379959307-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4018499716-600952987-1379959307-1003\...\Policies\Explorer: []
HKU\S-1-5-21-4018499716-600952987-1379959307-1003\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-4018499716-600952987-1379959307-1003\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-17] (Dropbox, Inc.)
Startup: C:\Users\Lima Trab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.lnk [2017-04-17]
ShortcutTarget: 0.lnk -> C:\Users\Marcelo\AppData\Roaming\iiBd8XFCC9.exe (Nenhum Arquivo)
Startup: C:\Users\Lima Trab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\f.lnk [2017-04-17]
ShortcutTarget: f.lnk -> C:\Users\Marcelo\AppData\Roaming\iimBg5kkhh.exe (Nenhum Arquivo)
Startup: C:\Users\Lima Trab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\W.lnk [2017-03-13]
ShortcutTarget: W.lnk -> C:\Users\Marcelo\AppData\Roaming\iiOI46keQA.exe (Nenhum Arquivo)
Startup: C:\Users\Lima Trab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\x.vbs [2017-04-05] ()
Startup: C:\Users\Marcelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\Monitorar alertas de tinta - HP Deskjet 3540 series.lnk [2017-04-25]
ShortcutTarget: Monitorar alertas de tinta - HP Deskjet 3540 series.lnk -> C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheckautochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
GroupPolicy\User: Restrição <======= ATENÇÃO
GroupPolicyUsers\S-1-5-21-4018499716-600952987-1379959307-1006\User: Restrição - Chrome <======= ATENÇÃO
GroupPolicyUsers\S-1-5-21-4018499716-600952987-1379959307-1005\User: Restrição - Chrome <======= ATENÇÃO
GroupPolicyUsers\S-1-5-21-4018499716-600952987-1379959307-1004\User: Restrição <======= ATENÇÃO
GroupPolicyUsers\S-1-5-21-4018499716-600952987-1379959307-1000\User: Restrição <======= ATENÇÃO
GroupPolicyScripts-x32: Restrição <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
CHR HKU\S-1-5-21-4018499716-600952987-1379959307-1000\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B4B4B1F4-9456-4365-B552-D0AD31F8F9CA}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKU\S-1-5-21-4018499716-600952987-1379959307-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4018499716-600952987-1379959307-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: [S-1-5-21-4018499716-600952987-1379959307-1003] ATENÇÃO => A URLSearchHook Padrão está ausente
URLSearchHook: HKU\S-1-5-21-4018499716-600952987-1379959307-1003 - (Sem Nome) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - Nenhum Arquivo
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-4018499716-600952987-1379959307-1003 -> DefaultScope {0633ee93-d776-472f-a0ff-e1416b8b2e3a} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wnf_bxinw_16_42¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FyBtA0C0AzzzzyByEyDtN0D0Tzu0StCyByDyEtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2StC0EyC0DyB0E0B0CtGtB0D0EyBtG0DtC0EtBtGtB0FtC0AtGzyyD0EzztCzztCzytCtCzz0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtB0D0C0CzzyE0FtG0Fzy0EyDtGyE0A0DzytG0BtDyCtCtGtAtB0E0DyCyCtDyBtDtB0DtC2QtN0A0LzuyE%26cr%3D79084309%26a%3Dwnf_bxinw_16_42%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4018499716-600952987-1379959307-1003 -> {0633ee93-d776-472f-a0ff-e1416b8b2e3a} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wnf_bxinw_16_42¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FyBtA0C0AzzzzyByEyDtN0D0Tzu0StCyByDyEtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2StC0EyC0DyB0E0B0CtGtB0D0EyBtG0DtC0EtBtGtB0FtC0AtGzyyD0EzztCzztCzytCtCzz0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtB0D0C0CzzyE0FtG0Fzy0EyDtGyE0A0DzytG0BtDyCtCtGtAtB0E0DyCyCtDyBtDtB0DtC2QtN0A0LzuyE%26cr%3D79084309%26a%3Dwnf_bxinw_16_42%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-20] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-20] (Oracle Corporation)
BHO: Sem Nome -> {f5c156f3-8853-4b9e-8852-8bd2ecec6e05} -> Nenhum Arquivo
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-4018499716-600952987-1379959307-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-4018499716-600952987-1379959307-1000 -> Sem Nome - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Nenhum Arquivo
Toolbar: HKU\S-1-5-21-4018499716-600952987-1379959307-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2017-02-22] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2017-02-22] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [Nenhum Arquivo]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Nenhum Arquivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.istartsurf.com/?type=hp&ts=1442441925&z=32117c5f5a14bcf018f0c7dgezezfo8zezcgcmeqbb&from=cornl&uid=WDCXWD5000AAKS-00V1A0_WD-WCAWF122029220292
CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1442441925&z=32117c5f5a14bcf018f0c7dgezezfo8zezcgcmeqbb&from=cornl&uid=WDCXWD5000AAKS-00V1A0_WD-WCAWF122029220292"
CHR NewTab: Default -> Active:"chrome-extension://bahkljhhdeciiaodlkppoonappfnheoi/index.html", Not-active:"chrome-extension://bahkljhhdeciiaodlkppoonappfnheoi/content/newtab.html", Active:"chrome-extension://lfiajgogjgiodfbcdddocnkbapjphfla/redirect.html"
CHR DefaultSearchURL: Default -> hxxp://www.default-search.net/search?sid=476&aid=10000&itype=u&src=ds&p={searchTerms}
CHR DefaultSearchKeyword: Default -> Default-Search
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default [2017-04-25]
CHR Extension: (Duolingo na Web) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-03-09]
CHR Extension: (Google Docs) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-09]
CHR Extension: (Google Drive) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01]
CHR Extension: (Search Manager) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi [2017-04-25]
CHR Extension: (YouTube) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Adblock Plus) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-24]
CHR Extension: (Google Search) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01]
CHR Extension: (Documentos Google off-line) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (PSafe Segurança Online) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\higfhiimhkcmfppmdckdpkdcdolcjooo [2016-02-06]
CHR Extension: (Media-Newtab) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfiajgogjgiodfbcdddocnkbapjphfla [2016-10-14]
CHR Extension: (Iomods) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjgdbihpkphlammdaeicdemggagfbdo [2016-04-21]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
CHR Extension: (Gmail) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-25]
CHR Profile: C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-01-24]
CHR Profile: C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-24]
CHR Extension: (Sem Nome) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-17]
CHR Extension: (Default-Search) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\akfphecggdoefopaooikpjihabjbmjea [2015-04-17]
CHR Extension: (Docs) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-17]
CHR Extension: (Sem Nome) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-17]
CHR Extension: (Sem Nome) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-17]
CHR Extension: (Sem Nome) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-17]
CHR Extension: (Astromenda New Tab) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae [2015-04-17]
CHR Extension: (Sem Nome) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-17]
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4018499716-600952987-1379959307-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4018499716-600952987-1379959307-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [akfphecggdoefopaooikpjihabjbmjea] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nbljechdpodpbchbmjcoamidppmpnmlc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

"4ff2de07aa53a9d3" => serviço não pode ser desbloqueado. <===== ATENÇÃO

S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1309176 2017-03-10] (Autodesk Inc.)
S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1452040 2016-12-30] ()
R2 brmfrsmg; C:\Windows\system32\BrmfRsmg.exe [52736 2009-07-13] (Brother Industries, Ltd.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-18] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-18] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-04-17] (Dropbox, Inc.)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.5\EMP_UDSA.exe [98304 2011-01-06] (SEIKO EPSON CORPORATION) [Arquivo não assinado]
S3 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [547384 2014-08-12] (GAS Tecnologia)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319080 2015-06-04] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S3 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-11-04] () [Arquivo não assinado]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [459832 2012-02-15] (Sony Corporation)
S3 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7743472 2015-08-19] (Reimage®)
R2 Warsaw Technology; C:\Program Files (x86)\Diebold\Warsaw\core.exe [518968 2014-07-12] (GAS Tecnologia LTDA)
S3 BavSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.118812.0\bavsvc.exe" [X]
S3 BHipsSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.118812.0\bhipssvc.exe" [X]

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 1394ohci; C:\Windows\system32\DRIVERS\1394ohci.sys [227840 2009-07-13] () [Arquivo não assinado]
U5 4ff2de07aa53a9d3; C:\Windows\System32\Drivers\4ff2de07aa53a9d3.sys [72144 2016-08-03] () <===== ATENÇÃO Necurs Rootkit?
R0 ACPI; C:\Windows\System32\DRIVERS\ACPI.sys [334416 2009-07-13] () [Arquivo não assinado]
S3 AcpiPmi; C:\Windows\system32\DRIVERS\acpipmi.sys [12288 2009-07-13] () [Arquivo não assinado]
S3 adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [491088 2009-07-13] () [Arquivo não assinado]
S3 adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [339536 2009-07-13] () [Arquivo não assinado]
S3 adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [182864 2009-07-13] () [Arquivo não assinado]
R1 AFD; C:\Windows\system32\drivers\afd.sys [499200 2011-12-28] () [Arquivo não assinado]
S3 agp440; C:\Windows\system32\DRIVERS\agp440.sys [61008 2009-07-13] () [Arquivo não assinado]
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [77912 2015-09-23] () [Arquivo não assinado]
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [81368 2015-09-23] () [Arquivo não assinado]
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [18688 2006-12-04] () [Arquivo não assinado]
S3 aliide; C:\Windows\system32\DRIVERS\aliide.sys [15440 2009-07-13] () [Arquivo não assinado]
S3 amdide; C:\Windows\system32\DRIVERS\amdide.sys [15440 2009-07-13] () [Arquivo não assinado]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-13] () [Arquivo não assinado]
S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [21659136 2015-10-12] () [Arquivo não assinado]
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [666112 2015-10-12] () [Arquivo não assinado]
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-13] () [Arquivo não assinado]
S3 amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [106576 2009-07-13] () [Arquivo não assinado]
S3 amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [194128 2009-07-13] () [Arquivo não assinado]
R0 amdxata; C:\Windows\System32\DRIVERS\amdxata.sys [28752 2009-07-13] () [Arquivo não assinado]
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2009-07-13] () [Arquivo não assinado]
S3 arc; C:\Windows\system32\DRIVERS\arc.sys [87632 2009-07-13] () [Arquivo não assinado]
S3 arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [97856 2009-07-13] () [Arquivo não assinado]
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] () [Arquivo não assinado]
R0 atapi; C:\Windows\System32\DRIVERS\atapi.sys [24128 2009-07-13] () [Arquivo não assinado]
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104984 2015-08-19] () [Arquivo não assinado]
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] () [Arquivo não assinado]
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] () [Arquivo não assinado]
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [178776 2016-02-29] () [Arquivo não assinado]
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-13] () [Arquivo não assinado]
S3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-04-20] () [Arquivo não assinado]
S3 BdSandbox; C:\Windows\System32\drivers\BdSandbox.sys [236920 2015-03-05] () [Arquivo não assinado]
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] () [Arquivo não assinado]
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2015-05-15] () [Arquivo não assinado]
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2015-05-15] () [Arquivo não assinado]
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-13] () [Arquivo não assinado]
R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2015-05-15] () [Arquivo não assinado]
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2015-05-15] () [Arquivo não assinado]
S3 BNmon; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.118812.0\Bnmon64.sys [82376 2015-05-15] () [Arquivo não assinado]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] () [Arquivo não assinado]
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [169416 2015-05-15] () [Arquivo não assinado]
S3 brfilt; C:\Windows\System32\Drivers\Brfilt.sys [6144 2009-06-10] (Brother Industries Ltd.)
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] () [Arquivo não assinado]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] () [Arquivo não assinado]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] () [Arquivo não assinado]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] () [Arquivo não assinado]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] () [Arquivo não assinado]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] () [Arquivo não assinado]
S4 bsrbc; C:\Windows\System32\drivers\bsrbc64.sys [65808 2015-04-13] () [Arquivo não assinado]
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-13] () [Arquivo não assinado]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] () [Arquivo não assinado]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2009-07-13] () [Arquivo não assinado]
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-13] () [Arquivo não assinado]
R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-13] () [Arquivo não assinado]
S3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [17664 2009-07-13] () [Arquivo não assinado]
S3 cmdide; C:\Windows\system32\DRIVERS\cmdide.sys [17488 2009-07-13] () [Arquivo não assinado]
R0 CNG; C:\Windows\System32\Drivers\cng.sys [459216 2012-06-02] () [Arquivo não assinado]
S3 Compbatt; C:\Windows\system32\DRIVERS\compbatt.sys [21584 2009-07-13] () [Arquivo não assinado]
R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2009-07-13] () [Arquivo não assinado]
S4 crcdisk; C:\Windows\system32\DRIVERS\crcdisk.sys [24144 2009-07-13] () [Arquivo não assinado]
R1 CSC; C:\Windows\System32\drivers\csc.sys [514048 2009-07-13] () [Arquivo não assinado]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2011-04-26] () [Arquivo não assinado]
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] () [Arquivo não assinado]
R0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-13] () [Arquivo não assinado]
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-13] () [Arquivo não assinado]
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [982600 2009-10-02] () [Arquivo não assinado]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] () [Arquivo não assinado]
S3 elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [530496 2009-07-13] () [Arquivo não assinado]
R3 eppvad_simple; C:\Windows\System32\drivers\EMP_UDAU.sys [23040 2011-01-06] () [Arquivo não assinado]
S3 ErrDev; C:\Windows\system32\DRIVERS\errdev.sys [9728 2009-07-13] () [Arquivo não assinado]
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2017-02-24] ()
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] () [Arquivo não assinado]
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] () [Arquivo não assinado]
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-13] () [Arquivo não assinado]
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] () [Arquivo não assinado]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] () [Arquivo não assinado]
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-13] () [Arquivo não assinado]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [290368 2009-07-13] () [Arquivo não assinado]
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-13] () [Arquivo não assinado]
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [22896 2012-03-01] () [Arquivo não assinado]
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223448 2009-07-13] () [Arquivo não assinado]
S3 gagp30kx; C:\Windows\system32\DRIVERS\gagp30kx.sys [65088 2009-07-13] () [Arquivo não assinado]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] () [Arquivo não assinado]
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2009-07-13] () [Arquivo não assinado]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2009-07-13] () [Arquivo não assinado]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-13] () [Arquivo não assinado]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-13] () [Arquivo não assinado]
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-13] () [Arquivo não assinado]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2009-07-13] () [Arquivo não assinado]
S3 HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [77888 2009-07-13] () [Arquivo não assinado]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-13] () [Arquivo não assinado]
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14416 2009-07-13] () [Arquivo não assinado]
R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-13] () [Arquivo não assinado]
S3 iaStorV; C:\Windows\system32\DRIVERS\iaStorV.sys [410688 2009-07-13] () [Arquivo não assinado]
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [3788728 2015-05-25] () [Arquivo não assinado]
S3 iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [44112 2009-07-13] () [Arquivo não assinado]
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [4065296 2012-06-19] () [Arquivo não assinado]
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [454416 2014-09-09] () [Arquivo não assinado]
S3 intelide; C:\Windows\system32\DRIVERS\intelide.sys [16960 2009-07-13] () [Arquivo não assinado]
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] () [Arquivo não assinado]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-13] () [Arquivo não assinado]
S3 IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [78848 2009-07-13] () [Arquivo não assinado]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] () [Arquivo não assinado]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] () [Arquivo não assinado]
S3 isapnp; C:\Windows\system32\DRIVERS\isapnp.sys [20544 2009-07-13] () [Arquivo não assinado]
S3 iScsiPrt; C:\Windows\system32\DRIVERS\msiscsi.sys [224832 2009-07-13] () [Arquivo não assinado]
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [19224 2012-03-27] () [Arquivo não assinado]
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [356632 2012-03-27] () [Arquivo não assinado]
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [789272 2012-03-27] () [Arquivo não assinado]
R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-13] () [Arquivo não assinado]
S3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2009-07-13] () [Arquivo não assinado]
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95088 2012-06-02] () [Arquivo não assinado]
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [152432 2012-06-02] () [Arquivo não assinado]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-13] () [Arquivo não assinado]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] () [Arquivo não assinado]
S3 LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [114752 2009-07-13] () [Arquivo não assinado]
S3 LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [106560 2009-07-13] () [Arquivo não assinado]
S3 LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [65600 2009-07-13] () [Arquivo não assinado]
S3 LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [115776 2009-07-13] () [Arquivo não assinado]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-13] () [Arquivo não assinado]
S3 megasas; C:\Windows\system32\DRIVERS\megasas.sys [35392 2009-07-13] () [Arquivo não assinado]
S3 MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [284736 2009-07-13] () [Arquivo não assinado]
S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-28] () [Arquivo não assinado]
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] () [Arquivo não assinado]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] () [Arquivo não assinado]
R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-13] () [Arquivo não assinado]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] () [Arquivo não assinado]
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94784 2009-07-13] () [Arquivo não assinado]
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 mpio; C:\Windows\system32\DRIVERS\mpio.sys [155216 2009-07-13] () [Arquivo não assinado]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] () [Arquivo não assinado]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2009-07-13] () [Arquivo não assinado]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157696 2011-05-03] () [Arquivo não assinado]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [287744 2011-07-08] () [Arquivo não assinado]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [126464 2011-05-03] () [Arquivo não assinado]
S3 msahci; C:\Windows\system32\DRIVERS\msahci.sys [30272 2009-07-13] () [Arquivo não assinado]
S3 msdsm; C:\Windows\system32\DRIVERS\msdsm.sys [140352 2009-07-13] () [Arquivo não assinado]
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] ()
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] () [Arquivo não assinado]
R0 msisadrv; C:\Windows\System32\DRIVERS\msisadrv.sys [15424 2009-07-13] () [Arquivo não assinado]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] () [Arquivo não assinado]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] () [Arquivo não assinado]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] () [Arquivo não assinado]
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [367168 2009-07-13] () [Arquivo não assinado]
R1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-13] () [Arquivo não assinado]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] () [Arquivo não assinado]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-13] () [Arquivo não assinado]
R2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [76040 2013-05-12] () [Arquivo não assinado]
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] () [Arquivo não assinado]
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] () [Arquivo não assinado]
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [947776 2009-07-13] () [Arquivo não assinado]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] () [Arquivo não assinado]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] () [Arquivo não assinado]
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-13] () [Arquivo não assinado]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-13] () [Arquivo não assinado]
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-13] () [Arquivo não assinado]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] () [Arquivo não assinado]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-13] () [Arquivo não assinado]
S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [51264 2009-07-13] () [Arquivo não assinado]
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] () [Arquivo não assinado]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] () [Arquivo não assinado]
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1653096 2013-04-12] ()
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] () [Arquivo não assinado]
S3 nvraid; C:\Windows\system32\DRIVERS\nvraid.sys [149056 2009-07-13] () [Arquivo não assinado]
S3 nvstor; C:\Windows\system32\DRIVERS\nvstor.sys [167488 2009-07-13] () [Arquivo não assinado]
S3 nv_agp; C:\Windows\system32\DRIVERS\nv_agp.sys [122960 2009-07-13] () [Arquivo não assinado]
S3 ohci1394; C:\Windows\system32\DRIVERS\ohci1394.sys [72832 2009-07-13] () [Arquivo não assinado]
R3 Parport; C:\Windows\System32\DRIVERS\parport.sys [97280 2009-07-13] () [Arquivo não assinado]
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75632 2012-03-17] () [Arquivo não assinado]
S3 PCFApiUtil; não ImagePath
R0 pci; C:\Windows\System32\DRIVERS\pci.sys [183872 2009-07-13] () [Arquivo não assinado]
R0 pciide; C:\Windows\System32\DRIVERS\pciide.sys [12352 2009-07-13] () [Arquivo não assinado]
S3 pcmcia; C:\Windows\system32\DRIVERS\pcmcia.sys [220752 2009-07-13] () [Arquivo não assinado]
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] () [Arquivo não assinado]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-13] () [Arquivo não assinado]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-13] () [Arquivo não assinado]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-13] () [Arquivo não assinado]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-13] () [Arquivo não assinado]
S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1524816 2009-07-13] () [Arquivo não assinado]
S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [128592 2009-07-13] () [Arquivo não assinado]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-13] () [Arquivo não assinado]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] () [Arquivo não assinado]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] () [Arquivo não assinado]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-13] () [Arquivo não assinado]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] () [Arquivo não assinado]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] () [Arquivo não assinado]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-13] () [Arquivo não assinado]
R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-13] () [Arquivo não assinado]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] () [Arquivo não assinado]
R3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165376 2009-07-13] () [Arquivo não assinado]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] () [Arquivo não assinado]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] () [Arquivo não assinado]
R3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [204800 2012-04-28] () [Arquivo não assinado]
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [214096 2009-07-13] () [Arquivo não assinado]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] () [Arquivo não assinado]
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIVX.sys [239208 2011-12-02] () [Arquivo não assinado]
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [646248 2011-09-29] () [Arquivo não assinado]
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [32544 2011-06-15] () [Arquivo não assinado]
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] () [Arquivo não assinado]
S3 RTVLANPT; C:\Windows\System32\DRIVERS\RtVlan620.sys [32400 2012-08-31] () [Arquivo não assinado]
S3 s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [6656 2009-07-13] () [Arquivo não assinado]
S3 sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys [104016 2009-07-13] () [Arquivo não assinado]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-13] () [Arquivo não assinado]
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] () [Arquivo não assinado]
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] () [Arquivo não assinado]
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-13] () [Arquivo não assinado]
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] () [Arquivo não assinado]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-13] () [Arquivo não assinado]
S3 sffdisk; C:\Windows\system32\DRIVERS\sffdisk.sys [14336 2009-07-13] () [Arquivo não assinado]
S3 sffp_mmc; C:\Windows\system32\DRIVERS\sffp_mmc.sys [13824 2009-07-13] () [Arquivo não assinado]
S3 sffp_sd; C:\Windows\system32\DRIVERS\sffp_sd.sys [14336 2009-07-13] () [Arquivo não assinado]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-13] () [Arquivo não assinado]
S3 SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [43584 2009-07-13] () [Arquivo não assinado]
S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [80464 2009-07-13] () [Arquivo não assinado]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] () [Arquivo não assinado]
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] () [Arquivo não assinado]
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [461312 2011-04-29] () [Arquivo não assinado]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [399872 2011-04-29] () [Arquivo não assinado]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [161792 2011-04-29] () [Arquivo não assinado]
S1 staport; não ImagePath
S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [24656 2009-07-13] () [Arquivo não assinado]
R3 StillCam; C:\Windows\System32\DRIVERS\serscan.sys [12288 2009-07-13] () [Arquivo não assinado]
R0 storflt; C:\Windows\System32\DRIVERS\vmstorfl.sys [46672 2009-07-13] () [Arquivo não assinado]
S3 storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [34896 2009-07-13] () [Arquivo não assinado]
R3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-13] () [Arquivo não assinado]
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1893224 2013-01-04] () [Arquivo não assinado]
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1893224 2013-01-04] () [Arquivo não assinado]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-13] () [Arquivo não assinado]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] () [Arquivo não assinado]
R3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-15] () [Arquivo não assinado]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-13] () [Arquivo não assinado]
R1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [62544 2009-07-13] () [Arquivo não assinado]
R3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-13] () [Arquivo não assinado]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-13] () [Arquivo não assinado]
S3 uagp35; C:\Windows\system32\DRIVERS\uagp35.sys [64080 2009-07-13] () [Arquivo não assinado]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-13] () [Arquivo não assinado]
S3 uliagpkx; C:\Windows\system32\DRIVERS\uliagpkx.sys [64592 2009-07-13] () [Arquivo não assinado]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2009-07-13] () [Arquivo não assinado]
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-13] () [Arquivo não assinado]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2009-07-13] () [Arquivo não assinado]
S3 usbcir; C:\Windows\system32\DRIVERS\usbcir.sys [100352 2009-07-13] () [Arquivo não assinado]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [51200 2009-07-13] () [Arquivo não assinado]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2009-07-13] () [Arquivo não assinado]
S3 usbohci; C:\Windows\system32\DRIVERS\usbohci.sys [25600 2009-07-13] () [Arquivo não assinado]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] () [Arquivo não assinado]
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-13] () [Arquivo não assinado]
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [89600 2009-07-13] () [Arquivo não assinado]
S3 usbuhci; C:\Windows\system32\DRIVERS\usbuhci.sys [30720 2009-07-13] () [Arquivo não assinado]
R0 vdrvroot; C:\Windows\System32\DRIVERS\vdrvroot.sys [36432 2009-07-13] () [Arquivo não assinado]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] () [Arquivo não assinado]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] () [Arquivo não assinado]
S3 vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [217680 2009-07-13] () [Arquivo não assinado]
S3 viaide; C:\Windows\system32\DRIVERS\viaide.sys [17488 2009-07-13] () [Arquivo não assinado]
S3 vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [200272 2009-07-13] () [Arquivo não assinado]
S3 VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [21760 2009-07-13] () [Arquivo não assinado]
R0 volmgr; C:\Windows\System32\DRIVERS\volmgr.sys [71760 2009-07-13] () [Arquivo não assinado]
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363584 2009-07-13] () [Arquivo não assinado]
R0 volsnap; C:\Windows\System32\DRIVERS\volsnap.sys [294992 2009-07-13] () [Arquivo não assinado]
S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [161872 2009-07-13] () [Arquivo não assinado]
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2009-07-13] () [Arquivo não assinado]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-13] () [Arquivo não assinado]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] () [Arquivo não assinado]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] () [Arquivo não assinado]
S3 Wd; C:\Windows\system32\DRIVERS\wd.sys [21056 2009-07-13] () [Arquivo não assinado]
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785512 2012-07-26] () [Arquivo não assinado]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] () [Arquivo não assinado]
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-13] () [Arquivo não assinado]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [40448 2009-07-13] () [Arquivo não assinado]
S3 WmiAcpi; C:\Windows\system32\DRIVERS\wmiacpi.sys [14336 2009-07-13] () [Arquivo não assinado]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-13] () [Arquivo não assinado]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2009-07-13] () [Arquivo não assinado]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2009-07-13] () [Arquivo não assinado]
U5 4ff2de07aa53a9d3; <===== ATENÇÃO: Serviço Bloqueado
U3 aswbdisk; não ImagePath
S3 AtiDCM; \??\C:\Users\Marcelo\AppData\Local\Temp\atdcm64a.sys [X] <==== ATENÇÃO
S1 bbslkhun; \??\C:\Windows\system32\drivers\bbslkhun.sys [X]
S1 bnyvlcom; \??\C:\Windows\system32\drivers\bnyvlcom.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S1 bzezzsyn; \??\C:\Windows\system32\drivers\bzezzsyn.sys [X]
S1 ckwuipfm; \??\C:\Windows\system32\drivers\ckwuipfm.sys [X]
S3 cpuz134; \??\C:\Users\Marcelo\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATENÇÃO
S1 daecytxf; \??\C:\Windows\system32\drivers\daecytxf.sys [X]
S1 dagawcdw; \??\C:\Windows\system32\drivers\dagawcdw.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 drbdvjnc; \??\C:\Windows\system32\drivers\drbdvjnc.sys [X]
S1 fbqttifr; \??\C:\Windows\system32\drivers\fbqttifr.sys [X]
S1 fcswwpcf; \??\C:\Windows\system32\drivers\fcswwpcf.sys [X]
S1 gletgoxj; \??\C:\Windows\system32\drivers\gletgoxj.sys [X]
S1 hjmlntww; \??\C:\Windows\system32\drivers\hjmlntww.sys [X]
S1 hkidbljo; \??\C:\Windows\system32\drivers\hkidbljo.sys [X]
S1 jfuvybks; \??\C:\Windows\system32\drivers\jfuvybks.sys [X]
S1 jpkgockt; \??\C:\Windows\system32\drivers\jpkgockt.sys [X]
S1 mxzliglj; \??\C:\Windows\system32\drivers\mxzliglj.sys [X]
S1 mynlsmss; \??\C:\Windows\system32\drivers\mynlsmss.sys [X]
S1 ncbfiukr; \??\C:\Windows\system32\drivers\ncbfiukr.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S1 obnoyfro; \??\C:\Windows\system32\drivers\obnoyfro.sys [X]
S1 oqrwjpry; \??\C:\Windows\system32\drivers\oqrwjpry.sys [X]
S1 pcqglsmj; \??\C:\Windows\system32\drivers\pcqglsmj.sys [X]
S1 pxoalhox; \??\C:\Windows\system32\drivers\pxoalhox.sys [X]
S1 qnnqqvhw; \??\C:\Windows\system32\drivers\qnnqqvhw.sys [X]
S1 qrehjqmv; \??\C:\Windows\system32\drivers\qrehjqmv.sys [X]
S1 royydhed; \??\C:\Windows\system32\drivers\royydhed.sys [X]
S1 rqianmgm; \??\C:\Windows\system32\drivers\rqianmgm.sys [X]
S1 rwsoebqb; \??\C:\Windows\system32\drivers\rwsoebqb.sys [X]
S1 shlzbxkb; \??\C:\Windows\system32\drivers\shlzbxkb.sys [X]
S1 smrtqivp; \??\C:\Windows\system32\drivers\smrtqivp.sys [X]
S1 tfreedop; \??\C:\Windows\system32\drivers\tfreedop.sys [X]
S1 tqtozgaf; \??\C:\Windows\system32\drivers\tqtozgaf.sys [X]
S1 txnraudq; \??\C:\Windows\system32\drivers\txnraudq.sys [X]
S1 vqsdounj; \??\C:\Windows\system32\drivers\vqsdounj.sys [X]
S1 vrawdeju; \??\C:\Windows\system32\drivers\vrawdeju.sys [X]
S1 vuuioytf; \??\C:\Windows\system32\drivers\vuuioytf.sys [X]
S1 vzznrfbx; \??\C:\Windows\system32\drivers\vzznrfbx.sys [X]
S1 ydpkwkre; \??\C:\Windows\system32\drivers\ydpkwkre.sys [X]
S1 zkquofko; \??\C:\Windows\system32\drivers\zkquofko.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-04-25 08:06 - 2017-04-25 08:09 - 00000000 ____D C:\Users\Marcelo\AppData\Roaming\DFXCT
2017-04-25 08:05 - 2017-04-25 08:06 - 00000000 ____D C:\Program Files (x86)\DLL-Files.com Client
2017-04-25 08:05 - 2017-04-25 08:05 - 00001125 _____ C:\Users\Public\Desktop\DLL-Files.com Client.lnk
2017-04-25 08:05 - 2017-04-25 08:05 - 00000000 ____D C:\Users\Marcelo\AppData\Roaming\DLL-files.com
2017-04-25 08:05 - 2017-04-25 08:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client
2017-04-25 08:04 - 2017-04-25 08:04 - 02786824 _____ (DLL-Files.com Client ) C:\Users\Marcelo\Desktop\clientsetup_d-0.exe
2017-04-25 08:03 - 2017-04-25 08:16 - 00067933 _____ C:\Users\Marcelo\Desktop\Addition.txt
2017-04-25 08:01 - 2017-04-25 08:17 - 00062086 _____ C:\Users\Marcelo\Desktop\FRST.txt
2017-04-25 08:00 - 2017-04-25 08:17 - 00000000 ___DC C:\FRST
2017-04-25 07:56 - 2017-04-25 07:56 - 02426368 _____ (Farbar) C:\Users\Marcelo\Desktop\FRST64.exe
2017-04-25 07:46 - 2017-04-25 07:46 - 00000000 ____D C:\Windows\system32\MpEngineStore
2017-04-25 00:30 - 2017-04-25 00:30 - 27215820 _____ C:\Users\Lima Trab\Downloads\Como Baixar e Instalar o AutoCAD 2017 Gratuitamente.mp4
2017-04-25 00:13 - 2017-04-25 00:13 - 00001527 _____ C:\Users\Public\Desktop\Aplicativo da área de trabalho Autodesk.lnk
2017-04-25 00:11 - 2017-04-25 00:11 - 00001963 _____ C:\Users\Public\Desktop\A360 Desktop.lnk
2017-04-25 00:06 - 2017-04-25 00:06 - 00001694 _____ C:\Users\Public\Desktop\Autodesk ReCap.lnk
2017-04-25 00:00 - 2017-04-25 00:00 - 00001759 _____ C:\Users\Public\Desktop\AutoCAD 2018 - English.lnk
2017-04-24 23:14 - 2017-04-24 23:15 - 00000000 ____D C:\Users\Lima Trab\AppData\Local\Akamai
2017-04-24 23:13 - 2017-04-25 00:30 - 13882200 _____ C:\Users\Lima Trab\Downloads\AutoCAD_2018_English_Win_32_64bit_Trial_en-us_Setup.exe
2017-04-24 23:12 - 2017-04-24 23:12 - 00377840 _____ (Autodesk Inc.) C:\Users\Lima Trab\Downloads\AutoCAD_2018_English_Win_32_64bit_Trial_en-us_Setup_webinstall.exe
2017-04-23 11:33 - 2017-04-23 11:33 - 00074500 _____ C:\Users\Lima Trab\Downloads\152-442-1-PB.pdf
2017-04-23 10:27 - 2017-04-23 10:27 - 00864852 _____ C:\Users\Lima Trab\Downloads\13. PPC Agronomia.pdf
2017-04-22 04:23 - 2017-04-22 04:33 - 56528775 _____ C:\Users\Lima Trab\Downloads\xvideos.com_a2279e66283cfb31f75c4d6d86acddbb.mp4
2017-04-21 12:49 - 2017-04-21 12:49 - 00498974 _____ C:\Users\Lima Trab\Downloads\259-263-1-PB.pdf
2017-04-21 12:08 - 2017-04-21 12:08 - 00046592 _____ C:\Users\Lima Trab\Downloads\avaliacao_pulverizadores (2).ppt
2017-04-21 11:46 - 2017-04-21 11:46 - 00046592 _____ C:\Users\Lima Trab\Downloads\avaliacao_pulverizadores (1).ppt
2017-04-20 20:18 - 2017-04-20 20:18 - 02606184 _____ C:\Users\Lima Trab\Downloads\videoplayback (6).m4a
2017-04-20 20:17 - 2017-04-20 20:18 - 03484121 _____ C:\Users\Lima Trab\Downloads\videoplayback (5).m4a
2017-04-20 20:16 - 2017-04-20 20:17 - 03962458 _____ C:\Users\Lima Trab\Downloads\videoplayback (4).m4a
2017-04-20 20:14 - 2017-04-20 20:15 - 04015456 _____ C:\Users\Lima Trab\Downloads\videoplayback (3).m4a
2017-04-20 20:13 - 2017-04-20 20:14 - 04276997 _____ C:\Users\Lima Trab\Downloads\videoplayback (2).m4a
2017-04-20 20:11 - 2017-04-20 20:12 - 03095811 _____ C:\Users\Lima Trab\Downloads\videoplayback (1).m4a
2017-04-20 20:11 - 2017-04-20 20:12 - 02918756 _____ C:\Users\Lima Trab\Downloads\videoplayback.m4a
2017-04-20 16:05 - 2017-04-20 16:05 - 00046592 _____ C:\Users\Lima Trab\Downloads\avaliacao_pulverizadores.ppt
2017-04-20 15:04 - 2017-04-20 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-20 10:37 - 2017-04-20 10:37 - 58592448 _____ C:\Users\Lima Trab\Downloads\PMSantarm_VersoPreliminar.pdf
2017-04-20 10:30 - 2017-04-20 10:30 - 00582723 _____ C:\Users\Lima Trab\Downloads\ITEM_15.11_-_MARCOS_SOARES_REZENDE.pdf
2017-04-18 17:42 - 2017-04-18 17:42 - 00271360 _____ C:\Users\Lima Trab\Downloads\Cloro e Flúor.ppt
2017-04-18 17:15 - 2017-04-18 17:15 - 00180715 _____ C:\Users\Lima Trab\Downloads\Fascículo 8 - Ferro e Manganês e Metais Pesados.pdf
2017-04-18 16:25 - 2017-04-18 16:25 - 00217877 _____ C:\Users\Lima Trab\Downloads\Fascículo 5 - Características Físicas das Águas (2).pdf
2017-04-17 19:02 - 2017-04-17 19:02 - 89403008 __RSH C:\Users\Lima Trab\AppData\Roaming\iimBg5kkhh.exe
2017-04-17 19:00 - 2017-04-17 19:00 - 89037824 __RSH C:\Users\Lima Trab\AppData\Roaming\iiBd8XFCC9.exe
2017-04-17 17:09 - 2017-04-17 17:09 - 00268328 _____ C:\Users\Lima Trab\Downloads\VARI (1).pdf
2017-04-17 16:06 - 2017-04-17 16:06 - 00217877 _____ C:\Users\Lima Trab\Downloads\Fascículo 5 - Características Físicas das Águas (1).pdf
2017-04-17 13:09 - 2017-04-17 13:09 - 00033792 _____ C:\Users\Lima Trab\Downloads\272.xls
2017-04-17 12:35 - 2017-04-17 12:35 - 00217877 _____ C:\Users\Lima Trab\Downloads\Fascículo 5 - Características Físicas das Águas.pdf
2017-04-17 12:14 - 2017-04-17 12:14 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-04-17 10:30 - 2017-04-17 10:30 - 00268328 _____ C:\Users\Lima Trab\Downloads\VARI.pdf
2017-04-16 03:08 - 2017-04-16 03:08 - 00031744 _____ C:\Users\Lima Trab\Documents\Rescue1.asd
2017-04-15 14:24 - 2017-04-15 14:27 - 00953320 _____ C:\Users\Lima Trab\Downloads\Barragem de Contenção (1).rar
2017-04-15 14:21 - 2017-04-15 14:21 - 00442014 _____ C:\Users\Lima Trab\Downloads\Layout _ Propostas _ 3d Michel.rar
2017-04-15 14:19 - 2017-04-15 14:19 - 03152744 _____ C:\Users\Lima Trab\Downloads\Planta Situação Cidade Itapirapuã..rar
2017-04-15 14:19 - 2017-04-15 14:19 - 00523490 _____ C:\Users\Lima Trab\Downloads\Barragem de Contenção.rar
2017-04-15 14:16 - 2017-04-15 14:16 - 00472216 _____ C:\Users\Lima Trab\Downloads\Barragem de Contenção.dwg
2017-04-13 17:02 - 2017-04-13 17:02 - 02157488 _____ C:\Users\Lima Trab\Downloads\Apresentacao_ASSEMAE_BETE_VERS.pptx
2017-04-13 11:48 - 2017-04-13 11:48 - 00180108 _____ C:\Users\Lima Trab\Desktop\Calculo venda do lote.xlsx
2017-04-13 08:59 - 2017-04-13 08:59 - 00031744 _____ C:\Users\Lima Trab\Documents\Rescue.asd
2017-04-12 21:38 - 2017-04-20 07:52 - 00000000 ____D C:\Users\Lima Trab\Desktop\Projeto Marcia
2017-04-12 10:05 - 2017-04-12 10:05 - 03221019 _____ C:\Users\Lima Trab\Downloads\ANEXO_OF_1409_06_SEL06_MTUR_20_12_06.zip
2017-04-12 07:41 - 2017-04-12 07:41 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-12 07:41 - 2017-04-12 07:41 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-11 19:45 - 2017-04-11 19:45 - 00000838 _____ C:\Users\Public\Desktop\Halo .lnk
2017-04-11 19:45 - 2017-04-11 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Halo Combat Evolved
2017-04-10 11:32 - 2017-04-10 11:32 - 00048823 _____ C:\Users\Lima Trab\Downloads\WhatsApp Image 2017-04-10 at 10.05.06.jpeg
2017-04-08 17:20 - 2017-04-08 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios
2017-04-07 15:26 - 2017-04-07 15:26 - 08549992 _____ C:\Users\Lima Trab\Downloads\Não confirmado 749945.crdownload
2017-04-07 15:26 - 2017-04-07 15:26 - 00003160 _____ C:\Windows\System32\Tasks\{22D2153E-20EB-4EC9-A4A8-C1FB57C92351}
2017-04-07 15:25 - 2017-04-07 15:25 - 01631704 _____ (Skype Technologies S.A.) C:\Users\Lima Trab\Downloads\SkypeSetup.exe
2017-04-07 15:20 - 2017-04-07 15:27 - 00000000 ____D C:\Users\Lima Trab\AppData\Roaming\Skype
2017-04-06 23:29 - 2017-04-06 23:29 - 00003304 _____ C:\Windows\System32\Tasks\xh
2017-04-06 23:21 - 2017-04-06 23:21 - 00003310 _____ C:\Windows\System32\Tasks\asdfghjk
2017-04-06 23:12 - 2017-04-06 23:12 - 00006472 _____ C:\Windows\System32\Tasks\Marcelo
2017-04-04 19:50 - 2017-04-04 19:50 - 00976189 _____ C:\Users\Lima Trab\Downloads\medieval 2.rar
2017-03-31 18:13 - 2017-03-31 18:13 - 00000000 ____D C:\Users\Lima Trab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Falcom Total War 3
2017-03-31 15:03 - 2017-03-31 15:29 - 961864132 _____ () C:\Users\Lima Trab\Downloads\falcomtotalwar3_1.4 (1).exe
2017-03-31 10:01 - 2017-04-13 08:47 - 00000000 ____D C:\Users\Lima Trab\Desktop\José
2017-03-30 21:20 - 2017-04-19 20:09 - 00000000 ____D C:\Users\Lima Trab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Third Age - Total War 3.0 (Part 2of2)
2017-03-30 21:12 - 2017-03-30 21:12 - 00000000 ____D C:\Users\Lima Trab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Third Age - Total War 3.0 (Part 1of2)
2017-03-30 20:19 - 2017-03-30 20:51 - 2138558080 _____ () C:\Users\Lima Trab\Downloads\TATW_3.0_Part2of2.exe
2017-03-30 19:49 - 2017-03-30 20:17 - 1706125838 _____ () C:\Users\Lima Trab\Downloads\TATW_3.0_Part1of2 (1).exe
2017-03-30 19:21 - 2017-03-30 19:41 - 961864132 _____ () C:\Users\Lima Trab\Downloads\falcomtotalwar3_1.4.exe
2017-03-30 19:17 - 2017-03-30 19:49 - 206244702 _____ () C:\Users\Lima Trab\Downloads\Não confirmado 407002.crdownload
2017-03-30 18:47 - 2017-03-30 18:53 - 228349212 _____ () C:\Users\Lima Trab\Downloads\TATW_3.2_Patch.exe
2017-03-28 20:50 - 2017-03-28 20:50 - 00000214 _____ C:\Users\Franciely\Downloads\acad.err
2017-03-28 20:12 - 2017-03-28 20:12 - 00000066 ____H C:\Users\Franciely\Downloads\IMPLANTAÇÃO com curvas 1 em 1.dwl
2017-03-28 20:04 - 2017-03-28 20:04 - 01639965 _____ C:\Users\Franciely\Downloads\IMPLANTAÇÃO com curvas 1 em 1 (1).dwg
2017-03-28 19:04 - 2017-03-28 20:04 - 01984357 _____ C:\Users\Franciely\Downloads\IMPLANTAÇÃO com curvas 1 em 1.dwg
2017-03-28 19:03 - 2017-03-28 19:03 - 08662448 _____ C:\Users\Franciely\Downloads\PROJETAO.cdr
2017-03-28 18:58 - 2017-03-28 18:58 - 01056892 _____ C:\Users\Franciely\Downloads\plantas.dwg
2017-03-28 18:55 - 2017-03-28 20:05 - 04734837 _____ C:\Users\Franciely\Downloads\PR todas as plantas%2c quaseeee.dwg
2017-03-28 18:49 - 2017-03-28 20:07 - 01091364 _____ C:\Users\Franciely\Downloads\maquete.dwg
2017-03-28 18:49 - 2017-03-28 18:49 - 00837067 _____ C:\Users\Franciely\Downloads\FIIIIIIIIIIIIM.dwg
2017-03-28 10:36 - 2017-03-28 10:36 - 00420058 _____ C:\Users\Lima Trab\Downloads\8.3 _ Declaração IML - Toxicológico - Alcool _ Luiz Henrique. fl 05.pdf
2017-03-27 11:25 - 2017-03-27 11:39 - 230504440 _____ C:\Users\Lima Trab\Downloads\Anexo I - Especificacao Tecnica - Projetos - Obras - 17-01-00012-CC.rar
2017-03-24 16:26 - 2017-03-24 16:26 - 14863776 _____ C:\Users\Lima Trab\Downloads\Myth2_180.zip
2017-03-24 16:17 - 2017-03-24 16:17 - 01208269 _____ (AdworldInternet) C:\Users\Lima Trab\Downloads\Myth_2_Soulblighter_Full_Game_4043969024.exe
2017-03-24 16:17 - 2017-03-24 16:17 - 00001320 _____ C:\Users\Lima Trab\Desktop\Continuar a Instalação de aimp.lnk
2017-03-24 16:15 - 2017-03-24 16:16 - 00000000 ____D C:\Program Files (x86)\AIMP Classic
2017-03-24 16:13 - 2017-03-24 16:13 - 02599473 _____ (AIMP DevTeam) C:\Users\Lima Trab\Downloads\Myth_2_Soulblighter_Full_Game.exe
2017-03-24 16:13 - 2017-03-24 16:13 - 01208269 _____ (AdworldInternet) C:\Users\Lima Trab\Downloads\Myth_2_Soulblighter_Full_Game_3128697155.exe
2017-03-24 15:46 - 2017-03-24 16:00 - 301606382 _____ C:\Users\Lima Trab\Downloads\Myth II - Soulblighter.rar
2017-03-24 15:36 - 2017-03-24 15:36 - 00000000 ____D C:\Users\Todos os Usuários\LogMeIn
2017-03-24 15:36 - 2017-03-24 15:36 - 00000000 ____D C:\Users\Lima Trab\AppData\Local\LogMeIn
2017-03-24 15:36 - 2017-03-24 15:36 - 00000000 ____D C:\ProgramData\LogMeIn
2017-03-24 13:46 - 2017-03-24 15:36 - 00000000 ____D C:\Users\Lima Trab\AppData\Local\LogMeIn Hamachi
2017-03-24 13:42 - 2017-03-24 13:43 - 09777152 _____ C:\Users\Lima Trab\Downloads\hamachi.msi
2017-03-22 18:21 - 2017-03-22 18:21 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-03-22 18:21 - 2017-03-22 18:21 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-03-22 18:21 - 2017-03-22 18:21 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-03-21 18:08 - 2017-03-21 18:08 - 00234839 _____ C:\Users\Lima Trab\Downloads\materialparaavaliao21demaro.zip
2017-03-16 11:27 - 2017-03-16 11:27 - 00333367 _____ C:\Users\Lima Trab\Downloads\ANEXO_I__ED_00917__Elaboracao_de_Projetos__SESI_Clube.pdf
2017-03-16 11:24 - 2017-03-16 11:24 - 00414160 _____ C:\Users\Lima Trab\Downloads\EDITAL_00917__Elaboracao_de_Projetos__SESI_Clube_MGC.pdf
2017-03-13 15:00 - 2017-03-13 15:00 - 01964399 _____ C:\Users\Lima Trab\Downloads\PAR_SP_Recanto_dos_Pinheiros_v2.zip
2017-03-13 15:00 - 2017-03-13 15:00 - 00917960 _____ C:\Users\Lima Trab\Downloads\ANEXO_OF_1395_06_SEL06_MI_20_12_06.zip
2017-03-13 09:25 - 2017-03-13 09:25 - 96534144 __RSH C:\Users\Lima Trab\AppData\Roaming\iiOI46keQA.exe
2017-03-12 19:10 - 2017-03-31 21:48 - 00000200 _____ C:\Users\Lima Trab\Desktop\Medieval II Total War.url
2017-03-12 14:03 - 2017-03-12 14:03 - 00000000 __RHD C:\Users\Lima Trab\AppData\Roaming\SecuROM
2017-03-06 16:19 - 2017-03-06 16:20 - 04121760 _____ (Husdawg, LLC) C:\Users\Lima Trab\Downloads\Detection.exe
2017-03-02 13:26 - 2017-03-02 13:26 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys
2017-03-01 10:37 - 2017-03-01 10:44 - 00000000 ____D C:\Users\Lima Trab\Documents\Sony PMB
2017-03-01 10:37 - 2017-03-01 10:38 - 00000000 ____D C:\Users\Todos os Usuários\Sony Corporation
2017-03-01 10:37 - 2017-03-01 10:38 - 00000000 ____D C:\ProgramData\Sony Corporation
2017-03-01 10:37 - 2017-03-01 10:37 - 00002099 _____ C:\Users\Public\Desktop\Ajuda do PlayMemories Home.lnk
2017-03-01 10:37 - 2017-03-01 10:37 - 00001301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk
2017-03-01 10:37 - 2017-03-01 10:37 - 00001289 _____ C:\Users\Public\Desktop\PlayMemories Home.lnk
2017-03-01 10:37 - 2017-03-01 10:37 - 00000000 ____D C:\Users\Lima Trab\AppData\Roaming\Sony Corporation
2017-03-01 10:37 - 2017-03-01 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2017-03-01 10:37 - 2017-03-01 10:37 - 00000000 ____D C:\Program Files (x86)\Sony
2017-02-27 01:01 - 2017-02-27 01:01 - 00002662 _____ C:\Users\Lima Trab\Desktop\GameRanger_Launch_Log.txt
2017-02-25 19:12 - 2017-02-25 19:12 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2017-02-25 18:22 - 2017-02-25 18:22 - 00000000 ____D C:\Users\Todos os Usuários\Age of Empires 3
2017-02-25 18:22 - 2017-02-25 18:22 - 00000000 ____D C:\ProgramData\Age of Empires 3
2017-02-25 17:52 - 2017-02-25 17:52 - 00001076 _____ C:\Users\Lima Trab\Desktop\GameRanger.lnk
2017-02-25 17:52 - 2017-02-25 17:52 - 00001062 _____ C:\Users\Lima Trab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk
2017-02-25 17:47 - 2017-02-25 17:52 - 00000000 ____D C:\Users\Lima Trab\AppData\Roaming\GameRanger
2017-02-25 17:46 - 2017-02-25 17:46 - 00114352 _____ (GameRanger Technologies) C:\Users\Lima Trab\Downloads\GameRangerSetup.exe
2017-02-25 17:11 - 2017-02-25 17:11 - 00000000 ____D C:\Users\Lima Trab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
2017-02-25 17:11 - 2017-02-25 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameVicio
2017-02-24 15:44 - 2017-02-24 15:44 - 00161321 _____ C:\Users\Lima Trab\Downloads\EDITAL_003_2017_PSSPREFEITURA.pdf
2017-02-24 15:43 - 2017-02-24 15:43 - 00194795 _____ C:\Users\Lima Trab\Downloads\Errata n 02 - Edital 03-2017.doc.pdf
2017-02-24 15:41 - 2017-02-24 15:41 - 00020619 _____ C:\Users\Lima Trab\Downloads\Termo de Anulao.pdf
2017-02-24 14:29 - 2017-02-24 14:29 - 00991496 ____C C:\Windows\system32\Drivers\aswSnx.sys
2017-02-24 14:14 - 2017-02-24 14:14 - 00003346 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2017-02-24 14:14 - 2017-02-24 14:14 - 00000000 ____D C:\Users\Lima Trab\AppData\Roaming\Enigma Software Group
2017-02-24 14:13 - 2017-02-24 14:14 - 00000000 ___DC C:\sh4ldr
2017-02-24 14:12 - 2017-02-24 14:12 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2017-02-24 14:11 - 2017-02-24 14:11 - 04615856 _____ (Enigma Software Group USA, LLC.) C:\Users\Lima Trab\Downloads\SpyHunter-Installer.exe
2017-02-24 09:13 - 2017-02-24 10:11 - 00000000 ____D C:\Users\Lima Trab\Desktop\Face Obra
2017-02-23 22:04 - 2017-02-23 22:04 - 00000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-02-23 22:04 - 2017-02-23 22:04 - 00000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-23 21:59 - 2017-02-23 21:59 - 00000700 _____ C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
2017-02-23 21:43 - 2017-02-23 21:43 - 00001160 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.7.lnk
2017-02-23 21:43 - 2017-02-23 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2017-02-23 21:38 - 2017-02-23 21:38 - 00000000 ____D C:\Users\Lima Trab\Downloads\Temp
2017-02-23 19:10 - 2017-02-23 21:40 - 00000000 ____D C:\Windows\System32\Tasks\Intel
2017-02-23 18:25 - 2017-02-23 18:25 - 00000000 ____D C:\Program Files\Intel Driver Update Utility
2017-02-23 14:37 - 2017-02-23 14:37 - 00000000 ____D C:\Users\Lima Trab\Intel
2017-02-23 14:03 - 2017-02-23 14:10 - 249455386 _____ C:\Users\Lima Trab\Downloads\win64_154510.4542.zip
2017-02-23 13:56 - 2017-02-23 13:56 - 00000196 _____ C:\Users\Lima Trab\acad.err
2017-02-23 13:45 - 2017-02-23 13:45 - 00000071 ____H C:\Users\Lima Trab\Ademir - 3D - Cópia.dwl
2017-02-23 13:30 - 2017-02-22 08:59 - 120934977 _____ C:\Users\Lima Trab\Ademir - 3D - Cópia.dwg
2017-02-23 13:11 - 2017-02-23 13:55 - 247613840 _____ (Intel Corporation) C:\Users\Lima Trab\Downloads\win64_154510.4542.exe
2017-02-23 12:59 - 2017-02-23 13:01 - 132677248 _____ (Intel Corporation) C:\Users\Lima Trab\Downloads\win64_15363.exe
2017-02-23 11:45 - 2017-02-23 11:45 - 00000000 ____D C:\Users\Lima Trab\AppData\Local\PlutoTV
2017-02-23 11:44 - 2017-02-23 11:48 - 02197096 _____ C:\Users\Lima Trab\Downloads\Não confirmado 930804.crdownload
2017-02-23 10:36 - 2017-02-23 10:37 - 03902112 _____ (For Intel powered by System Requirements Lab) C:\Users\Lima Trab\Downloads\Intel Detection (1).exe
2017-02-23 10:27 - 2017-02-23 10:29 - 127664152 _____ (Intel Corporation) C:\Users\Lima Trab\Downloads\win64_153633.4578.exe
2017-02-23 10:07 - 2017-02-23 10:07 - 00000000 ____D C:\Users\Lima Trab\AppData\Roaming\Easeware
2017-02-22 19:38 - 2017-04-22 19:38 - 00000554 _____ C:\Windows\Tasks\Driver Easy Scheduled Scan.job
2017-02-22 19:38 - 2017-02-22 19:38 - 00003964 _____ C:\Windows\System32\Tasks\Driver Easy Scheduled Scan
2017-02-22 19:38 - 2017-02-22 19:38 - 00000931 _____ C:\Users\Public\Desktop\Driver Easy.lnk
2017-02-22 19:38 - 2017-02-22 19:38 - 00000000 ____D C:\Users\Marcelo\AppData\Roaming\Easeware
2017-02-22 19:38 - 2017-02-22 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2017-02-22 19:37 - 2017-02-22 19:37 - 00000000 ____D C:\Users\Marcelo\AppData\Local\PlutoTV
2017-02-22 19:37 - 2017-02-22 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlutoTV
2017-02-22 19:37 - 2017-02-22 19:37 - 00000000 ____D C:\Program Files (x86)\PlutoTV
2017-02-22 19:35 - 2017-02-22 19:35 - 03896560 _____ (Easeware ) C:\Users\Marcelo\Downloads\Baixaki_drivereasy.exe
2017-02-22 19:32 - 2017-02-22 19:32 - 01817200 _____ ( ) C:\Users\Marcelo\Downloads\Baixaki_drivereasy_VfKWWo.exe
2017-02-22 19:05 - 2017-02-22 19:05 - 00234112 _____ C:\Users\Marcelo\Downloads\DriversCloud_Win.exe
2017-02-22 18:52 - 2017-02-22 19:03 - 10021878 _____ C:\Users\Marcelo\Downloads\DriversCloudx64_10_0_3_0 (1).zip
2017-02-22 18:47 - 2017-02-22 18:47 - 01072976 _____ (SafeBytes Software Inc.) C:\Users\Marcelo\Downloads\DriverAssist-Setup.exe
2017-02-22 18:35 - 2017-02-22 18:38 - 02449376 _____ (Megaify Software ) C:\Users\Marcelo\Downloads\DriverToolkitInstaller.exe
2017-02-22 18:20 - 2017-02-22 18:52 - 131775792 _____ (Intel Corporation) C:\Users\Marcelo\Downloads\win64_152824.exe
2017-02-22 17:46 - 2017-02-22 17:55 - 40849704 _____ (Intel Corporation) C:\Users\Marcelo\Downloads\Win7Vista_64_151719.exe
2017-02-22 11:41 - 2017-02-23 14:33 - 00000000 ____D C:\Users\Lima Trab\AppData\Local\IIIQF
2017-02-22 11:40 - 2017-02-22 11:40 - 08932000 _____ (Solvusoft Corporation ) C:\Users\Lima Trab\Downloads\Setup_WinThruster_2016.exe
2017-02-22 10:08 - 2017-02-22 10:11 - 09940072 _____ (Intel) C:\Users\Marcelo\Downloads\Intel Driver Update Utility Installer.exe
2017-02-22 08:59 - 2017-02-23 10:38 - 00000000 ___DC C:\Intel
2017-02-21 09:39 - 2017-02-21 09:39 - 00086038 _____ C:\Users\Lima Trab\Downloads\Certidão_Cível_Trabalhista.pdf
2017-02-21 08:16 - 2017-02-21 08:16 - 00000000 ____D C:\Users\Lima Trab\Documents\HpReg_Backup
2017-02-20 23:11 - 2017-04-07 15:49 - 00000000 ____D C:\Users\Lima Trab\Desktop\Perito
2017-02-19 04:34 - 2017-02-19 04:34 - 00055168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\eugbnsoc.sys
2017-02-18 22:12 - 2017-02-18 22:12 - 00000000 ___DC C:\VIRUS DO ATALHO
2017-02-18 21:55 - 2017-02-18 22:10 - 47683808 _____ (Microsoft Corporation) C:\Users\Franciely\Downloads\Windows-KB890830-x64-V5.44.exe
2017-02-18 21:28 - 2017-02-18 21:28 - 00000000 ____D C:\Users\Franciely\AppData\LocalLow\pandasecuritytb
2017-02-18 21:21 - 2017-02-18 21:21 - 00000000 ____D C:\Users\Franciely\AppData\Roaming\Panda Security
2017-02-15 12:31 - 2017-02-15 12:31 - 08828950 _____ C:\Users\Lima Trab\Downloads\volume iv -tipo e - 04-12-14.pdf
2017-02-15 10:21 - 2017-02-15 10:21 - 00024130 _____ C:\Users\Lima Trab\Downloads\MODELO PROMET - ORDEM DE SERVIÇO.xlsx
2017-02-14 13:47 - 2017-02-14 13:47 - 03674972 _____ C:\Users\Lima Trab\Downloads\NBR 6122-2010.pdf
2017-02-13 16:02 - 2017-02-13 16:02 - 00272032 _____ C:\Users\Lima Trab\Downloads\permissaodetrabalhohss-hs-fr-07-16-parev012-160209210503.pdf
2017-02-13 14:28 - 2017-02-13 14:29 - 00004608 _____ C:\Users\Lima Trab\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-02-10 07:11 - 2017-02-10 07:11 - 00875145 _____ C:\Users\Lima Trab\Downloads\Tutorial_Cadastro_Trabalhador_MTE.pdf
2017-02-09 08:05 - 2017-04-23 10:13 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-09 08:05 - 2017-04-23 10:13 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-09 08:05 - 2017-04-23 10:13 - 00004534 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-02-08 21:18 - 2017-02-08 21:18 - 00054402 _____ C:\Users\Lima Trab\Downloads\Lev. Planialt e As built.xlsx
2017-02-08 21:13 - 2017-02-08 21:13 - 10978816 _____ C:\Users\Lima Trab\Downloads\I_Orç. Plan. Const. Antoniel (Ref.Setor de ProduçãoI)_ Dezembro-2 .xls
2017-02-08 12:01 - 2017-02-08 12:01 - 03609914 _____ C:\Users\Lima Trab\Downloads\1º laudo Marcelo.pdf
2017-02-08 11:37 - 2017-02-08 11:37 - 00848856 _____ (Panda Security ) C:\Users\Lima Trab\Downloads\USBVaccineSetup.exe
2017-02-08 11:18 - 2017-02-08 11:18 - 00013710 _____ C:\Users\Lima Trab\Documents\4.txt
2017-02-08 11:01 - 2016-12-16 07:41 - 00020872 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2017-02-08 11:00 - 2017-02-08 11:01 - 08176144 _____ (383 Media, Inc.) C:\Users\Lima Trab\Downloads\DriverRestore.exe
2017-02-03 01:43 - 2017-02-03 01:43 - 02941400 _____ (Autodesk, Inc.) C:\Windows\system32\styleman.cpl
2017-02-03 01:43 - 2017-02-03 01:43 - 02941400 _____ (Autodesk, Inc.) C:\Windows\system32\plotman.cpl
2017-02-03 01:43 - 2017-02-03 01:43 - 00018392 _____ (Autodesk, Inc.) C:\Windows\system32\AcSignExtRes.dll
2017-02-03 01:42 - 2017-02-03 01:42 - 00440792 _____ (Autodesk, Inc.) C:\Windows\system32\AcSignOpt.exe
2017-02-03 01:42 - 2017-02-03 01:42 - 00053720 _____ (Autodesk, Inc.) C:\Windows\system32\AcSignIcon.dll
2017-02-03 01:42 - 2017-02-03 01:42 - 00041944 _____ (Autodesk, Inc.) C:\Windows\system32\AcSignExt.dll
2017-02-02 19:50 - 2017-02-02 19:50 - 00000000 ____D C:\Users\Lima Trab\AppData\LocalLow\Unity
2017-02-02 19:50 - 2017-02-02 19:50 - 00000000 ____D C:\Users\Lima Trab\AppData\LocalLow\Critical Force Entertainment
2017-02-02 19:47 - 2017-02-02 19:47 - 00000000 ____D C:\Users\Public\Facebook Games
2017-02-02 19:46 - 2017-02-02 20:11 - 00000000 ____D C:\Users\Lima Trab\AppData\Local\Facebook
2017-02-02 18:24 - 2017-02-02 18:25 - 00252144 _____ (Facebook) C:\Users\Lima Trab\Downloads\FacebookGameroom.exe
2017-02-01 13:35 - 2017-02-01 13:35 - 00000000 ____D C:\Users\Lima Trab\AppData\Roaming\Zbshareware Lab
2017-02-01 13:32 - 2017-02-01 13:32 - 00000000 ____D C:\Users\Lima Trab\Downloads\locales
2017-02-01 07:00 - 2017-04-25 07:44 - 00167880 _____ C:\Users\Marcelo\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-31 08:25 - 2017-01-31 08:30 - 00010615 _____ C:\Users\Lima Trab\Downloads\DÉBITOS.xlsx
2017-01-30 17:43 - 2017-01-30 17:43 - 01634856 _____ C:\Users\Lima Trab\Downloads\PW Clean - 2.7.1.exe
2017-01-30 17:43 - 2017-01-30 17:43 - 00000000 ____D C:\Users\Lima Trab\AppData\Roaming\pwclean
2017-01-29 10:01 - 2017-02-03 07:01 - 00001228 _____ C:\Users\Lima Trab\Desktop\Dropbox (CEEST).lnk
2017-01-29 09:37 - 2017-01-29 09:37 - 00002144 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-01-29 09:37 - 2017-01-29 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-01-25 10:26 - 2017-01-25 10:26 - 00000000 ____D C:\Users\Lima Trab\Documents\AutoCAD Sheet Sets
2017-01-25 08:56 - 2017-04-25 07:16 - 00600376 _____ C:\Windows\system32\FNTCACHE.DAT

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-04-25 07:51 - 2016-10-20 14:51 - 00000986 _____ C:\Windows\Tasks\Yahoo! Powered tifam.job
2017-04-25 07:44 - 2017-01-11 19:08 - 00002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-04-25 07:44 - 2016-08-18 10:57 - 00001018 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-04-25 07:44 - 2015-05-08 01:11 - 00001288 __RSH C:\Users\Marcelo\ntuser.pol
2017-04-25 07:44 - 2015-02-21 20:13 - 00000000 __SHD C:\Users\Marcelo\IntelGraphicsProfiles
2017-04-25 07:44 - 2014-07-19 10:33 - 00000000 ____D C:\Users\Marcelo\AppData\Local\Autodesk
2017-04-25 07:44 - 2014-07-19 10:23 - 00000000 ____D C:\Users\Marcelo\AppData\Roaming\Autodesk
2017-04-25 07:44 - 2014-07-18 15:39 - 00000000 ____D C:\Users\Marcelo
2017-04-25 07:37 - 2015-05-08 09:52 - 00000660 __RSH C:\Users\Lima Trab\ntuser.pol
2017-04-25 07:37 - 2015-05-06 08:28 - 00000000 ____D C:\Users\Lima Trab
2017-04-25 07:37 - 2009-07-14 00:20 - 00000000 ___HD C:\Windows\system32\GroupPolicyUsers
2017-04-25 07:28 - 2016-08-29 09:56 - 00000000 ___RD C:\Users\Lima Trab\Dropbox (CEEST)
2017-04-25 07:28 - 2016-08-18 11:04 - 00000000 ___RD C:\Users\Lima Trab\Dropbox (Pessoal)
2017-04-25 07:28 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-04-25 07:27 - 2015-05-06 08:28 - 00000000 __SHD C:\Users\Lima Trab\IntelGraphicsProfiles
2017-04-25 07:25 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-25 07:25 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-25 07:18 - 2016-08-18 10:57 - 00001022 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-04-25 07:16 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-25 00:32 - 2014-07-19 10:28 - 00000000 ____D C:\Program Files\Autodesk
2017-04-25 00:31 - 2015-05-06 08:28 - 00167880 _____ C:\Users\Lima Trab\AppData\Local\GDIPFONTCACHEV1.DAT
2017-04-25 00:14 - 2015-05-07 23:33 - 00000000 ____D C:\Users\Lima Trab\AppData\Roaming\Autodesk
2017-04-25 00:14 - 2015-05-07 23:33 - 00000000 ____D C:\Users\Lima Trab\AppData\Local\Autodesk
2017-04-25 00:13 - 2015-04-10 09:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-04-25 00:13 - 2014-07-19 09:10 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-04-25 00:13 - 2014-07-19 09:10 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-25 00:12 - 2015-02-19 10:09 - 00000000 ____D C:\Program Files (x86)\Autodesk
2017-04-25 00:00 - 2015-04-09 12:19 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2017-04-24 23:58 - 2014-09-03 17:23 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2017-04-24 23:58 - 2014-07-19 10:23 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk
2017-04-24 23:58 - 2014-07-19 10:23 - 00000000 ____D C:\ProgramData\Autodesk
2017-04-24 23:13 - 2015-11-07 08:44 - 00000000 ___DC C:\Autodesk
2017-04-24 23:04 - 2009-07-14 14:55 - 00708378 _____ C:\Windows\system32\prfh0416.dat
2017-04-24 23:04 - 2009-07-14 14:55 - 00148158 _____ C:\Windows\system32\prfc0416.dat
2017-04-24 23:04 - 2009-07-14 02:13 - 01642390 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-24 22:57 - 2016-12-08 13:06 - 00000000 ____D C:\Users\Lima Trab\AppData\Roaming\WhatsApp
2017-04-24 20:31 - 2015-05-11 21:49 - 00167880 _____ C:\Users\Franciely\AppData\Local\GDIPFONTCACHEV1.DAT
2017-04-24 20:31 - 2015-05-11 21:44 - 00000000 __SHD C:\Users\Franciely\IntelGraphicsProfiles
2017-04-24 17:39 - 2015-05-08 10:12 - 00000000 __SHD C:\Users\Matheus\IntelGraphicsProfiles
2017-04-23 10:32 - 2015-05-08 11:52 - 00000000 ____D C:\Users\Lima Trab\AppData\Local\Adobe
2017-04-23 10:13 - 2014-09-11 08:31 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-04-23 10:13 - 2014-09-11 08:31 - 00000000 ____D C:\Windows\system32\Macromed
2017-04-20 17:27 - 2016-10-25 20:50 - 00000000 ___RD C:\Users\Lima Trab\Documents\Trabalho em Trânsito
2017-04-20 15:05 - 2016-08-18 10:57 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-19 20:10 - 2009-07-14 02:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-04-17 13:09 - 2015-07-15 10:15 - 00000000 ____D C:\Users\Lima Trab\AppData\Local\Microsoft Help
2017-04-13 09:22 - 2014-08-23 10:24 - 590263918 _____ C:\Users\Lima Trab\Documents\Controle de epi's.rar
2017-04-13 08:58 - 2016-10-31 10:16 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-13 08:58 - 2016-10-31 10:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-11 19:50 - 2016-08-29 18:22 - 00000000 ____D C:\Users\Lima Trab\Documents\My Games
2017-04-11 19:50 - 2015-07-20 10:23 - 00000000 ____D C:\Users\Lima Trab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-04-11 08:09 - 2014-07-19 09:18 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2017-04-08 17:20 - 2014-07-19 08:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-04-07 15:21 - 2014-07-19 09:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-04-05 22:03 - 2016-03-29 19:44 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-05 22:03 - 2016-03-29 19:44 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-30 14:55 - 2015-05-08 01:33 - 00000000 __SHD C:\Users\Luciene\IntelGraphicsProfiles
2017-03-30 14:54 - 2009-07-14 02:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

==================== Arquivos na raiz de alguns diretórios =======

2016-05-10 20:20 - 2016-05-10 20:20 - 6748160 _____ () C:\Program Files (x86)\GUT4CEE.tmp
2015-06-29 14:32 - 2015-07-04 18:35 - 0000024 _____ () C:\Users\Marcelo\AppData\Roaming\appdataFr25.bin
2014-10-23 09:46 - 2014-12-10 06:41 - 0000187 _____ () C:\Users\Marcelo\AppData\Roaming\WB.CFG
2016-08-10 07:46 - 2016-08-10 07:46 - 0341504 _____ () C:\Users\Marcelo\AppData\Roaming\wsrv_626f8745.dat
2014-10-25 17:41 - 2014-12-09 08:41 - 0000010 _____ () C:\Users\Marcelo\AppData\Local\DSI.DAT
2015-02-18 13:56 - 2016-10-30 23:51 - 0007598 _____ () C:\Users\Marcelo\AppData\Local\resmon.resmoncfg
2014-07-28 16:26 - 2014-07-28 16:26 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-11-04 18:11 - 2014-11-04 18:11 - 0000020 _____ () C:\ProgramData\bc.ini
2014-11-07 21:34 - 2014-11-07 21:34 - 0014304 _____ () C:\ProgramData\Duplicaterecord.js
2014-11-04 07:39 - 2014-11-04 07:39 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\Duplicaterecord.js
C:\Users\Marcelo\adlmdll.dll
C:\Users\Marcelo\lacadp.dll
C:\Users\Todos os Usuários\Duplicaterecord.js

Alguns arquivos em TEMP:
====================
2016-12-10 16:36 - 2009-07-13 22:15 - 0805376 _____ (Microsoft Corporation) C:\Users\Franciely\AppData\Local\Temp\cdo11777949.dll
2017-02-18 21:33 - 2009-07-13 22:15 - 0805376 _____ (Microsoft Corporation) C:\Users\Franciely\AppData\Local\Temp\cdo1913913012.dll
2016-12-10 16:36 - 2009-07-13 22:15 - 0805376 _____ (Microsoft Corporation) C:\Users\Franciely\AppData\Local\Temp\cdo3379439774.dll
2017-04-25 00:16 - 2017-01-18 02:50 - 0066472 _____ (Autodesk, Inc.) C:\Users\Lima Trab\AppData\Local\Temp\AcDeltree.exe
2017-04-24 07:37 - 2009-07-13 22:15 - 0805376 _____ (Microsoft Corporation) C:\Users\Lima Trab\AppData\Local\Temp\cdo2232514802.dll
2017-03-24 16:17 - 2017-03-24 16:17 - 1208269 _____ (AdworldInternet) C:\Users\Lima Trab\AppData\Local\Temp\ICReinstall_Myth_2_Soulblighter_Full_Game_4043969024.exe
2017-01-24 20:10 - 2013-01-18 19:51 - 0015752 _____ (Autodesk, Inc.) C:\Users\Marcelo\AppData\Local\Temp\AcDeltree.exe
2017-01-24 20:01 - 2017-01-24 20:01 - 2017584 _____ (Flexera Software LLC) C:\Users\Marcelo\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
2017-02-23 10:00 - 2007-10-05 12:02 - 0455600 _____ (Macrovision Corporation) C:\Users\Marcelo\AppData\Local\Temp\_is8008.exe
2017-02-22 09:58 - 2007-10-05 12:02 - 0455600 _____ (Macrovision Corporation) C:\Users\Marcelo\AppData\Local\Temp\_is8C95.exe
2017-02-23 09:58 - 2007-10-05 12:02 - 0455600 _____ (Macrovision Corporation) C:\Users\Marcelo\AppData\Local\Temp\_isABE8.exe

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys
[2009-07-13 20:20] - [2009-07-13 22:45] - 0294992 ____A () D41D8CD98F00B204E9800998ECF8427E

C:\Windows\system32\Drivers\volsnap.sys => não Nome Da Empresa <===== ATENÇÃO

testsigning: ==> o 'modo de teste' está configurado. Cheque por possível driver não assinado <===== ATENÇÃO

LastRegBack: 2017-04-23 13:31

==================== Fim de FRST.txt ============================

Signaler le contenu de ce document