Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 15-07-2017
Executado por Ciro (administrador) em DESKTOP-G8F6RKP (17-07-2017 23:35:40)
Executando a partir de C:\Users\Ciro\Desktop
Perfis Carregados: Ciro (Perfis Disponíveis: defaultuser0 & Ciro)
Platform: Windows 10 Pro Versão 1607 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794888 2015-06-29] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2406496 2017-06-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-1861854247-3235435846-2387424584-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [26773912 2017-06-21] (Google)
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 201.17.1.185 201.17.1.83
Tcpip\..\Interfaces\{6070a223-efa5-42fd-ab60-214b9bbec5c8}: [DhcpNameServer] 201.17.1.185 201.17.1.83
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-17] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-07-17] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-17] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-17] (Microsoft Corporation)
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-07-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-07-17] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-17] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com.br/
CHR StartupUrls: Default -> "hxxps://www.google.com.br/","hxxps://www.google.com/"
CHR Session Restore: Default -> está habilitado.
CHR Profile: C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default [2017-07-17]
CHR Extension: (Google Apresentações) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-17]
CHR Extension: (Google Docs) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-17]
CHR Extension: (Google Drive) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-17]
CHR Extension: (YouTube) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-17]
CHR Extension: (Planilhas do Google) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-17]
CHR Extension: (Documentos Google off-line) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-17]
CHR Extension: (Headie) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn [2017-07-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-07-17]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-17]
CHR Extension: (Ultimos Torrents) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\onidcjfimideopiecibkenlependfjhf [2017-07-17]
CHR Extension: (Gmail) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-17]
CHR Extension: (Chrome Media Router) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-17]
CHR HKU\S-1-5-21-1861854247-3235435846-2387424584-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-16] (Microsoft Corporation)
S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2017-07-17] () [Arquivo não assinado]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-16] (Microsoft Corporation)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI) [Arquivo não assinado]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 MpKslf85f53e1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FD017172-8557-4D60-B33B-8BCF8361423E}\MpKslf85f53e1.sys [44928 2017-07-17] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-07-17 23:35 - 2017-07-17 23:37 - 00013744 _____ C:\Users\Ciro\Desktop\FRST.txt
2017-07-17 23:34 - 2017-07-17 23:35 - 00000000 ____D C:\FRST
2017-07-17 23:31 - 2017-07-17 23:32 - 02435584 _____ (Farbar) C:\Users\Ciro\Desktop\FRST64.exe
2017-07-17 23:15 - 2017-07-17 23:15 - 469854621 _____ C:\Users\Ciro\Downloads\CorelDraw 2017 - 64 Bits.zip
2017-07-17 22:46 - 2017-07-17 22:47 - 00000000 ____D C:\Program Files\UNP
2017-07-17 22:46 - 2017-07-17 22:46 - 00000000 ____D C:\Windows\system32\UNP
2017-07-17 22:24 - 2017-07-17 22:26 - 15272454 _____ C:\Users\Ciro\Downloads\COREL_DRAW_2017_X9_ATIVAÇÃO.rar
2017-07-17 22:18 - 2017-07-17 22:18 - 00000033 _____ C:\Users\Ciro\AppData\Roaming\AdobeWLCMCache.dat
2017-07-17 22:18 - 2017-07-17 22:18 - 00000000 ____D C:\Users\Ciro\AppData\LocalLow\Adobe
2017-07-17 22:17 - 2017-07-17 22:17 - 00000000 ____D C:\Users\Ciro\AppData\Roaming\NVIDIA
2017-07-17 22:17 - 2017-07-17 22:17 - 00000000 ____D C:\Users\Ciro\AppData\Local\Tempzxpsign5c789ac7c81d5a39
2017-07-17 22:17 - 2017-07-17 22:17 - 00000000 ____D C:\Users\Ciro\AppData\Local\Tempzxpsign30d31d8bba6321c4
2017-07-17 22:04 - 2017-07-17 22:04 - 00002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2017.lnk
2017-07-17 21:58 - 2017-07-17 21:58 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2017-07-17 21:58 - 2017-07-17 21:58 - 00000000 ____D C:\Users\Ciro\Documents\Adobe
2017-07-17 21:46 - 2017-07-17 22:04 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-07-17 21:45 - 2017-07-17 21:59 - 00000000 ____D C:\Program Files\Adobe
2017-07-17 21:38 - 2017-07-17 21:38 - 00000000 ___RD C:\Users\Ciro\Creative Cloud Files
2017-07-17 21:34 - 2017-07-17 21:34 - 00000000 ____D C:\Users\Ciro\AppData\Local\CEF
2017-07-17 21:31 - 2017-07-17 21:31 - 00001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-07-17 21:31 - 2017-07-17 21:31 - 00001290 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2017-07-17 21:30 - 2017-07-17 21:31 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-07-17 21:30 - 2017-07-17 21:31 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-17 21:29 - 2017-07-17 21:49 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2017-07-17 21:29 - 2017-07-17 21:49 - 00000000 ____D C:\ProgramData\Adobe
2017-07-17 21:28 - 2017-07-17 21:28 - 00001098 _____ C:\Users\Public\Desktop\MediBang Paint Pro.lnk
2017-07-17 21:28 - 2017-07-17 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medibang
2017-07-17 21:28 - 2017-07-17 21:28 - 00000000 ____D C:\Program Files\Medibang
2017-07-17 21:28 - 2017-07-17 21:28 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-07-17 21:28 - 2015-12-16 21:12 - 00703656 _____ C:\Windows\system32\MdpThumb64.dll
2017-07-17 21:23 - 2017-07-17 22:17 - 00000000 ____D C:\Users\Ciro\AppData\Local\Adobe
2017-07-17 21:15 - 2017-07-17 20:31 - 00565416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-07-17 20:58 - 2017-07-17 20:58 - 00000000 ___HD C:\OneDriveTemp
2017-07-17 20:44 - 2017-07-17 20:44 - 00000000 ____D C:\Users\Ciro\AppData\Local\mpress
2017-07-17 20:43 - 2017-07-17 20:43 - 00026112 _____ C:\Windows\KMS-R@1n.exe
2017-07-17 20:43 - 2017-07-17 20:43 - 00004608 _____ C:\Windows\KMS-R@1nhook.exe
2017-07-17 20:43 - 2017-07-17 20:43 - 00003584 _____ C:\Windows\KMS-QADhook.dll
2017-07-17 20:43 - 2017-07-17 20:43 - 00000000 ____D C:\Windows\System32\Tasks\R@1n-KMS
2017-07-17 20:43 - 2017-07-17 20:43 - 00000000 ____D C:\Users\Ciro\AppData\Local\PeerDistRepub
2017-07-17 20:20 - 2017-07-17 20:20 - 00003474 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2017-07-17 20:20 - 2017-07-17 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-07-17 20:20 - 2010-12-05 23:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2017-07-17 20:16 - 2017-07-17 20:16 - 00003332 _____ C:\Windows\System32\Tasks\{6484C4AD-A79A-4AA7-8CC6-AD13685BC464}
2017-07-17 20:10 - 2017-07-17 20:20 - 00000000 ____D C:\Program Files\KMSpico
2017-07-17 20:10 - 2017-07-17 20:10 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2017-07-17 20:10 - 2017-07-17 20:10 - 00003584 _____ C:\Windows\SECOH-QAD.dll
2017-07-17 20:01 - 2017-07-17 20:01 - 00002578 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2017-07-17 19:57 - 2017-07-17 20:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-07-17 19:57 - 2017-07-17 19:57 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-07-17 19:56 - 2017-07-17 19:56 - 00000000 ____D C:\Users\Ciro\AppData\Roaming\WinRAR
2017-07-17 19:55 - 2017-07-17 19:55 - 00002370 _____ C:\Users\Ciro\Desktop\OneDrive.lnk
2017-07-17 19:11 - 2017-07-17 19:11 - 00000000 ____D C:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-17 19:11 - 2017-07-17 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-17 19:11 - 2017-07-17 19:11 - 00000000 ____D C:\Program Files\WinRAR
2017-07-17 19:06 - 2017-07-17 21:03 - 00000000 ___RD C:\Users\Ciro\Google Drive
2017-07-17 19:06 - 2017-07-17 19:06 - 00001797 _____ C:\Users\Ciro\Desktop\Google Drive.lnk
2017-07-17 19:00 - 2017-07-17 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-07-17 18:38 - 2017-07-17 18:38 - 00000000 ____D C:\Users\Ciro\AppData\Roaming\Google
2017-07-17 18:37 - 2017-07-17 18:37 - 00002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-17 18:36 - 2017-07-17 19:00 - 00000000 ____D C:\Program Files (x86)\Google
2017-07-17 18:36 - 2017-07-17 18:36 - 00003586 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-17 18:36 - 2017-07-17 18:36 - 00003462 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-17 18:35 - 2017-07-17 19:00 - 00000000 ____D C:\Users\Ciro\AppData\Local\Google
2017-07-17 18:32 - 2017-07-17 18:34 - 00000000 ____D C:\Users\Ciro\AppData\Local\MicrosoftEdge
2017-07-17 18:26 - 2017-07-17 18:26 - 00003288 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-07-17 18:25 - 2017-07-17 18:25 - 00002134 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2017-07-17 18:25 - 2017-07-17 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-07-17 18:24 - 2017-07-17 18:24 - 00000000 ____D C:\Users\Ciro\AppData\Roaming\Skype
2017-07-17 18:24 - 2017-07-17 18:24 - 00000000 ____D C:\Users\Ciro\AppData\Local\NVIDIA
2017-07-17 18:13 - 2016-11-14 06:45 - 00615992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-07-17 17:51 - 2017-07-17 17:51 - 00000000 ____D C:\Users\Ciro\AppData\Local\Comms
2017-07-17 17:47 - 2017-07-17 20:56 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2017-07-17 17:47 - 2017-07-17 20:56 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-17 17:47 - 2017-07-17 17:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-07-17 17:46 - 2017-07-17 18:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-07-17 17:46 - 2017-07-17 17:47 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
2017-07-17 17:46 - 2017-07-17 17:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-07-17 17:46 - 2016-11-14 08:15 - 06789056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-07-17 17:46 - 2016-11-14 08:15 - 03528128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-07-17 17:46 - 2016-11-14 08:15 - 02558512 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-07-17 17:46 - 2016-11-14 08:15 - 00932728 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2017-07-17 17:46 - 2016-11-14 08:15 - 00384888 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-07-17 17:46 - 2016-11-14 08:15 - 00062328 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-07-17 17:46 - 2016-11-14 06:09 - 07513855 _____ C:\Windows\system32\nvcoproc.bin
2017-07-17 17:36 - 2017-07-17 21:30 - 00000000 ___RD C:\Users\Ciro\OneDrive
2017-07-17 17:36 - 2017-07-17 18:26 - 00002370 _____ C:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-17 17:36 - 2017-07-17 17:36 - 00000000 ___HD C:\$GetCurrent
2017-07-17 17:35 - 2017-07-17 17:37 - 00000000 ____D C:\Windows10Upgrade
2017-07-17 17:35 - 2017-07-17 17:35 - 00000817 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistente de Atualização do Windows 10.lnk
2017-07-17 17:35 - 2017-07-17 17:35 - 00000805 _____ C:\Users\Ciro\Desktop\Assistente de Atualização do Windows 10.lnk
2017-07-17 17:35 - 2017-07-17 17:35 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2017-07-17 17:35 - 2017-07-17 17:35 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-07-17 17:34 - 2017-07-17 17:34 - 00000000 ____D C:\Users\Ciro\AppData\Local\Publishers
2017-07-17 17:33 - 2017-07-17 22:18 - 00000000 ____D C:\Users\Ciro\AppData\Roaming\Adobe
2017-07-17 17:33 - 2017-07-17 21:38 - 00000000 ____D C:\Users\Ciro
2017-07-17 17:33 - 2017-07-17 18:58 - 00000000 ____D C:\Users\Ciro\AppData\Local\Packages
2017-07-17 17:33 - 2017-07-17 18:37 - 00000000 ____D C:\Users\Ciro\AppData\Local\ConnectedDevicesPlatform
2017-07-17 17:33 - 2017-07-17 17:33 - 00000020 ___SH C:\Users\Ciro\ntuser.ini
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Modelos
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Meus Documentos
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Menu Iniciar
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Documents\Minhas Músicas
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Documents\Minhas Imagens
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Documents\Meus Vídeos
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Dados de Aplicativos
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Configurações Locais
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\AppData\Local\Histórico
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\AppData\Local\Dados de Aplicativos
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Ambiente de Rede
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Ambiente de Impressão
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 ____D C:\Users\Ciro\AppData\Local\VirtualStore
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 ____D C:\Users\Ciro\AppData\Local\TileDataLayer
2017-07-17 17:31 - 2017-07-17 17:31 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\VirtualStore
2017-07-17 17:31 - 2017-07-17 17:31 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\TileDataLayer
2017-07-17 17:31 - 2017-07-17 17:31 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2017-07-17 17:31 - 2017-07-17 17:31 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform
2017-07-17 17:30 - 2017-07-17 17:30 - 00000000 ___SD C:\Windows\UpdateAssistantV2
2017-07-17 17:29 - 2017-07-17 21:04 - 01276128 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-17 17:29 - 2017-05-25 02:56 - 00038752 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
2017-07-17 17:27 - 2017-07-17 17:27 - 00000020 ___SH C:\Users\defaultuser0\ntuser.ini
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Modelos
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Meus Documentos
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Menu Iniciar
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Documents\Minhas Músicas
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Documents\Minhas Imagens
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Documents\Meus Vídeos
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Dados de Aplicativos
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Configurações Locais
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\AppData\Local\Histórico
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\AppData\Local\Dados de Aplicativos
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Ambiente de Rede
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Ambiente de Impressão
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 ____D C:\Windows\CSC
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 ____D C:\Users\defaultuser0
2017-07-17 17:27 - 2016-07-16 08:41 - 02716672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Músicas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Imagens
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus Vídeos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de Aplicativos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Usuário Padrão
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de Aplicativos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Todos os Usuários
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Public\Documents\Minhas Músicas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Public\Documents\Minhas Imagens
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Public\Documents\Meus Vídeos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Modelos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Meus Documentos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Músicas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Imagens
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Documents\Meus Vídeos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Dados de Aplicativos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Configurações Locais
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Ambiente de Rede
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Ambiente de Impressão
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Músicas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Imagens
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default User\Documents\Meus Vídeos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de Aplicativos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\ProgramData\Modelos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\ProgramData\Documentos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\ProgramData\Dados de Aplicativos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Documents and Settings
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Arquivos de Programas
2017-07-17 17:21 - 2017-07-17 17:21 - 00000000 ____D C:\Users\Todos os Usuários\USOShared
2017-07-17 17:21 - 2017-07-17 17:21 - 00000000 ____D C:\ProgramData\USOShared
2017-07-17 17:20 - 2017-07-17 20:56 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-17 17:20 - 2017-07-17 18:20 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-07-17 17:20 - 2017-07-17 17:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-07-17 17:20 - 2017-07-17 17:20 - 00000000 ____D C:\Windows\ServiceProfiles
2017-07-17 17:19 - 2017-07-17 20:56 - 00340768 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-17 17:19 - 2017-07-17 17:23 - 00000000 ____D C:\Windows\Panther
2017-07-17 17:18 - 2017-07-17 17:18 - 00008192 __RSH C:\BOOTSECT.BAK
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-07-17 22:45 - 2016-07-16 08:36 - 00000000 ____D C:\Windows\CbsTemp
2017-07-17 21:30 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-17 21:04 - 2016-07-16 20:10 - 00348698 _____ C:\Windows\system32\prfh0416.dat
2017-07-17 21:04 - 2016-07-16 20:10 - 00060212 _____ C:\Windows\system32\prfc0416.dat
2017-07-17 20:55 - 2016-07-16 03:04 - 00262144 _____ C:\Windows\system32\config\BBI
2017-07-17 20:05 - 2016-07-16 08:47 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2017-07-17 20:05 - 2016-07-16 08:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-17 20:05 - 2016-07-16 08:45 - 00000000 ____D C:\Windows\INF
2017-07-17 19:05 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\AppReadiness
2017-07-17 18:55 - 2016-07-16 08:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-17 17:46 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\Help
2017-07-17 17:30 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\system32\oobe
2017-07-17 17:27 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\system32\spool
2017-07-17 17:27 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-07-17 17:26 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\rescache
2017-07-17 17:25 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files\Windows NT
2017-07-17 17:23 - 2016-07-16 03:04 - 00000000 ____D C:\Windows\system32\Sysprep
2017-07-17 17:21 - 2016-07-16 08:47 - 00000000 ___RD C:\Windows\PrintDialog
2017-07-17 17:21 - 2016-07-16 08:47 - 00000000 ___RD C:\Windows\MiracastView
2017-07-17 17:21 - 2016-07-16 08:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-07-17 17:21 - 2016-07-16 08:47 - 00000000 ____D C:\Users\Todos os Usuários\USOPrivate
2017-07-17 17:21 - 2016-07-16 08:47 - 00000000 ____D C:\ProgramData\USOPrivate
2017-07-17 17:20 - 2016-07-16 03:04 - 00032768 _____ C:\Windows\system32\config\ELAM
2017-07-17 17:18 - 2016-07-16 08:47 - 00028672 _____ C:\Windows\system32\config\BCD-Template
==================== Arquivos na raiz de alguns diretórios =======
2017-07-17 22:18 - 2017-07-17 22:18 - 0000033 _____ () C:\Users\Ciro\AppData\Roaming\AdobeWLCMCache.dat
Alguns arquivos em TEMP:
====================
2017-07-17 20:33 - 2017-07-17 20:33 - 1521205 _____ (AdworldInternet) C:\Users\Ciro\AppData\Local\Temp\ICReinstall_Ativador_Windows_10_PERMANENTE_DEFINITIVO_PH_Downs_1776627761.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-07-17 17:19
==================== Fim de FRST.txt ============================
Executado por Ciro (administrador) em DESKTOP-G8F6RKP (17-07-2017 23:35:40)
Executando a partir de C:\Users\Ciro\Desktop
Perfis Carregados: Ciro (Perfis Disponíveis: defaultuser0 & Ciro)
Platform: Windows 10 Pro Versão 1607 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794888 2015-06-29] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2406496 2017-06-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-1861854247-3235435846-2387424584-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [26773912 2017-06-21] (Google)
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 201.17.1.185 201.17.1.83
Tcpip\..\Interfaces\{6070a223-efa5-42fd-ab60-214b9bbec5c8}: [DhcpNameServer] 201.17.1.185 201.17.1.83
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-17] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-07-17] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-17] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-17] (Microsoft Corporation)
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-07-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-07-17] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-17] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com.br/
CHR StartupUrls: Default -> "hxxps://www.google.com.br/","hxxps://www.google.com/"
CHR Session Restore: Default -> está habilitado.
CHR Profile: C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default [2017-07-17]
CHR Extension: (Google Apresentações) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-17]
CHR Extension: (Google Docs) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-17]
CHR Extension: (Google Drive) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-17]
CHR Extension: (YouTube) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-17]
CHR Extension: (Planilhas do Google) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-17]
CHR Extension: (Documentos Google off-line) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-17]
CHR Extension: (Headie) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn [2017-07-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-07-17]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-17]
CHR Extension: (Ultimos Torrents) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\onidcjfimideopiecibkenlependfjhf [2017-07-17]
CHR Extension: (Gmail) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-17]
CHR Extension: (Chrome Media Router) - C:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-17]
CHR HKU\S-1-5-21-1861854247-3235435846-2387424584-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-16] (Microsoft Corporation)
S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2017-07-17] () [Arquivo não assinado]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-16] (Microsoft Corporation)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI) [Arquivo não assinado]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 MpKslf85f53e1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FD017172-8557-4D60-B33B-8BCF8361423E}\MpKslf85f53e1.sys [44928 2017-07-17] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-07-17 23:35 - 2017-07-17 23:37 - 00013744 _____ C:\Users\Ciro\Desktop\FRST.txt
2017-07-17 23:34 - 2017-07-17 23:35 - 00000000 ____D C:\FRST
2017-07-17 23:31 - 2017-07-17 23:32 - 02435584 _____ (Farbar) C:\Users\Ciro\Desktop\FRST64.exe
2017-07-17 23:15 - 2017-07-17 23:15 - 469854621 _____ C:\Users\Ciro\Downloads\CorelDraw 2017 - 64 Bits.zip
2017-07-17 22:46 - 2017-07-17 22:47 - 00000000 ____D C:\Program Files\UNP
2017-07-17 22:46 - 2017-07-17 22:46 - 00000000 ____D C:\Windows\system32\UNP
2017-07-17 22:24 - 2017-07-17 22:26 - 15272454 _____ C:\Users\Ciro\Downloads\COREL_DRAW_2017_X9_ATIVAÇÃO.rar
2017-07-17 22:18 - 2017-07-17 22:18 - 00000033 _____ C:\Users\Ciro\AppData\Roaming\AdobeWLCMCache.dat
2017-07-17 22:18 - 2017-07-17 22:18 - 00000000 ____D C:\Users\Ciro\AppData\LocalLow\Adobe
2017-07-17 22:17 - 2017-07-17 22:17 - 00000000 ____D C:\Users\Ciro\AppData\Roaming\NVIDIA
2017-07-17 22:17 - 2017-07-17 22:17 - 00000000 ____D C:\Users\Ciro\AppData\Local\Tempzxpsign5c789ac7c81d5a39
2017-07-17 22:17 - 2017-07-17 22:17 - 00000000 ____D C:\Users\Ciro\AppData\Local\Tempzxpsign30d31d8bba6321c4
2017-07-17 22:04 - 2017-07-17 22:04 - 00002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2017.lnk
2017-07-17 21:58 - 2017-07-17 21:58 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2017-07-17 21:58 - 2017-07-17 21:58 - 00000000 ____D C:\Users\Ciro\Documents\Adobe
2017-07-17 21:46 - 2017-07-17 22:04 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-07-17 21:45 - 2017-07-17 21:59 - 00000000 ____D C:\Program Files\Adobe
2017-07-17 21:38 - 2017-07-17 21:38 - 00000000 ___RD C:\Users\Ciro\Creative Cloud Files
2017-07-17 21:34 - 2017-07-17 21:34 - 00000000 ____D C:\Users\Ciro\AppData\Local\CEF
2017-07-17 21:31 - 2017-07-17 21:31 - 00001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-07-17 21:31 - 2017-07-17 21:31 - 00001290 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2017-07-17 21:30 - 2017-07-17 21:31 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-07-17 21:30 - 2017-07-17 21:31 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-17 21:29 - 2017-07-17 21:49 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2017-07-17 21:29 - 2017-07-17 21:49 - 00000000 ____D C:\ProgramData\Adobe
2017-07-17 21:28 - 2017-07-17 21:28 - 00001098 _____ C:\Users\Public\Desktop\MediBang Paint Pro.lnk
2017-07-17 21:28 - 2017-07-17 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medibang
2017-07-17 21:28 - 2017-07-17 21:28 - 00000000 ____D C:\Program Files\Medibang
2017-07-17 21:28 - 2017-07-17 21:28 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-07-17 21:28 - 2015-12-16 21:12 - 00703656 _____ C:\Windows\system32\MdpThumb64.dll
2017-07-17 21:23 - 2017-07-17 22:17 - 00000000 ____D C:\Users\Ciro\AppData\Local\Adobe
2017-07-17 21:15 - 2017-07-17 20:31 - 00565416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-07-17 20:58 - 2017-07-17 20:58 - 00000000 ___HD C:\OneDriveTemp
2017-07-17 20:44 - 2017-07-17 20:44 - 00000000 ____D C:\Users\Ciro\AppData\Local\mpress
2017-07-17 20:43 - 2017-07-17 20:43 - 00026112 _____ C:\Windows\KMS-R@1n.exe
2017-07-17 20:43 - 2017-07-17 20:43 - 00004608 _____ C:\Windows\KMS-R@1nhook.exe
2017-07-17 20:43 - 2017-07-17 20:43 - 00003584 _____ C:\Windows\KMS-QADhook.dll
2017-07-17 20:43 - 2017-07-17 20:43 - 00000000 ____D C:\Windows\System32\Tasks\R@1n-KMS
2017-07-17 20:43 - 2017-07-17 20:43 - 00000000 ____D C:\Users\Ciro\AppData\Local\PeerDistRepub
2017-07-17 20:20 - 2017-07-17 20:20 - 00003474 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2017-07-17 20:20 - 2017-07-17 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-07-17 20:20 - 2010-12-05 23:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2017-07-17 20:16 - 2017-07-17 20:16 - 00003332 _____ C:\Windows\System32\Tasks\{6484C4AD-A79A-4AA7-8CC6-AD13685BC464}
2017-07-17 20:10 - 2017-07-17 20:20 - 00000000 ____D C:\Program Files\KMSpico
2017-07-17 20:10 - 2017-07-17 20:10 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2017-07-17 20:10 - 2017-07-17 20:10 - 00003584 _____ C:\Windows\SECOH-QAD.dll
2017-07-17 20:01 - 2017-07-17 20:01 - 00002578 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-07-17 20:01 - 2017-07-17 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2017-07-17 19:57 - 2017-07-17 20:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-07-17 19:57 - 2017-07-17 19:57 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-07-17 19:56 - 2017-07-17 19:56 - 00000000 ____D C:\Users\Ciro\AppData\Roaming\WinRAR
2017-07-17 19:55 - 2017-07-17 19:55 - 00002370 _____ C:\Users\Ciro\Desktop\OneDrive.lnk
2017-07-17 19:11 - 2017-07-17 19:11 - 00000000 ____D C:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-17 19:11 - 2017-07-17 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-17 19:11 - 2017-07-17 19:11 - 00000000 ____D C:\Program Files\WinRAR
2017-07-17 19:06 - 2017-07-17 21:03 - 00000000 ___RD C:\Users\Ciro\Google Drive
2017-07-17 19:06 - 2017-07-17 19:06 - 00001797 _____ C:\Users\Ciro\Desktop\Google Drive.lnk
2017-07-17 19:00 - 2017-07-17 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-07-17 18:38 - 2017-07-17 18:38 - 00000000 ____D C:\Users\Ciro\AppData\Roaming\Google
2017-07-17 18:37 - 2017-07-17 18:37 - 00002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-17 18:36 - 2017-07-17 19:00 - 00000000 ____D C:\Program Files (x86)\Google
2017-07-17 18:36 - 2017-07-17 18:36 - 00003586 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-17 18:36 - 2017-07-17 18:36 - 00003462 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-17 18:35 - 2017-07-17 19:00 - 00000000 ____D C:\Users\Ciro\AppData\Local\Google
2017-07-17 18:32 - 2017-07-17 18:34 - 00000000 ____D C:\Users\Ciro\AppData\Local\MicrosoftEdge
2017-07-17 18:26 - 2017-07-17 18:26 - 00003288 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-07-17 18:25 - 2017-07-17 18:25 - 00002134 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2017-07-17 18:25 - 2017-07-17 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-07-17 18:24 - 2017-07-17 18:24 - 00000000 ____D C:\Users\Ciro\AppData\Roaming\Skype
2017-07-17 18:24 - 2017-07-17 18:24 - 00000000 ____D C:\Users\Ciro\AppData\Local\NVIDIA
2017-07-17 18:13 - 2016-11-14 06:45 - 00615992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-07-17 17:51 - 2017-07-17 17:51 - 00000000 ____D C:\Users\Ciro\AppData\Local\Comms
2017-07-17 17:47 - 2017-07-17 20:56 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2017-07-17 17:47 - 2017-07-17 20:56 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-17 17:47 - 2017-07-17 17:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-07-17 17:46 - 2017-07-17 18:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-07-17 17:46 - 2017-07-17 17:47 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
2017-07-17 17:46 - 2017-07-17 17:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-07-17 17:46 - 2016-11-14 08:15 - 06789056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-07-17 17:46 - 2016-11-14 08:15 - 03528128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-07-17 17:46 - 2016-11-14 08:15 - 02558512 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-07-17 17:46 - 2016-11-14 08:15 - 00932728 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2017-07-17 17:46 - 2016-11-14 08:15 - 00384888 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-07-17 17:46 - 2016-11-14 08:15 - 00062328 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-07-17 17:46 - 2016-11-14 06:09 - 07513855 _____ C:\Windows\system32\nvcoproc.bin
2017-07-17 17:36 - 2017-07-17 21:30 - 00000000 ___RD C:\Users\Ciro\OneDrive
2017-07-17 17:36 - 2017-07-17 18:26 - 00002370 _____ C:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-17 17:36 - 2017-07-17 17:36 - 00000000 ___HD C:\$GetCurrent
2017-07-17 17:35 - 2017-07-17 17:37 - 00000000 ____D C:\Windows10Upgrade
2017-07-17 17:35 - 2017-07-17 17:35 - 00000817 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistente de Atualização do Windows 10.lnk
2017-07-17 17:35 - 2017-07-17 17:35 - 00000805 _____ C:\Users\Ciro\Desktop\Assistente de Atualização do Windows 10.lnk
2017-07-17 17:35 - 2017-07-17 17:35 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2017-07-17 17:35 - 2017-07-17 17:35 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-07-17 17:34 - 2017-07-17 17:34 - 00000000 ____D C:\Users\Ciro\AppData\Local\Publishers
2017-07-17 17:33 - 2017-07-17 22:18 - 00000000 ____D C:\Users\Ciro\AppData\Roaming\Adobe
2017-07-17 17:33 - 2017-07-17 21:38 - 00000000 ____D C:\Users\Ciro
2017-07-17 17:33 - 2017-07-17 18:58 - 00000000 ____D C:\Users\Ciro\AppData\Local\Packages
2017-07-17 17:33 - 2017-07-17 18:37 - 00000000 ____D C:\Users\Ciro\AppData\Local\ConnectedDevicesPlatform
2017-07-17 17:33 - 2017-07-17 17:33 - 00000020 ___SH C:\Users\Ciro\ntuser.ini
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Modelos
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Meus Documentos
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Menu Iniciar
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Documents\Minhas Músicas
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Documents\Minhas Imagens
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Documents\Meus Vídeos
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Dados de Aplicativos
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Configurações Locais
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\AppData\Local\Histórico
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\AppData\Local\Dados de Aplicativos
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Ambiente de Rede
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 _SHDL C:\Users\Ciro\Ambiente de Impressão
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 ____D C:\Users\Ciro\AppData\Local\VirtualStore
2017-07-17 17:33 - 2017-07-17 17:33 - 00000000 ____D C:\Users\Ciro\AppData\Local\TileDataLayer
2017-07-17 17:31 - 2017-07-17 17:31 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\VirtualStore
2017-07-17 17:31 - 2017-07-17 17:31 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\TileDataLayer
2017-07-17 17:31 - 2017-07-17 17:31 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2017-07-17 17:31 - 2017-07-17 17:31 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform
2017-07-17 17:30 - 2017-07-17 17:30 - 00000000 ___SD C:\Windows\UpdateAssistantV2
2017-07-17 17:29 - 2017-07-17 21:04 - 01276128 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-17 17:29 - 2017-05-25 02:56 - 00038752 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
2017-07-17 17:27 - 2017-07-17 17:27 - 00000020 ___SH C:\Users\defaultuser0\ntuser.ini
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Modelos
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Meus Documentos
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Menu Iniciar
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Documents\Minhas Músicas
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Documents\Minhas Imagens
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Documents\Meus Vídeos
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Dados de Aplicativos
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Configurações Locais
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\AppData\Local\Histórico
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\AppData\Local\Dados de Aplicativos
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Ambiente de Rede
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 _SHDL C:\Users\defaultuser0\Ambiente de Impressão
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 ____D C:\Windows\CSC
2017-07-17 17:27 - 2017-07-17 17:27 - 00000000 ____D C:\Users\defaultuser0
2017-07-17 17:27 - 2016-07-16 08:41 - 02716672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Músicas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Imagens
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus Vídeos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de Aplicativos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Usuário Padrão
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de Aplicativos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Todos os Usuários
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Public\Documents\Minhas Músicas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Public\Documents\Minhas Imagens
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Public\Documents\Meus Vídeos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Modelos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Meus Documentos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Músicas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Imagens
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Documents\Meus Vídeos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Dados de Aplicativos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Configurações Locais
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Ambiente de Rede
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default\Ambiente de Impressão
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Músicas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Imagens
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default User\Documents\Meus Vídeos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de Aplicativos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\ProgramData\Modelos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\ProgramData\Documentos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\ProgramData\Dados de Aplicativos
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Documents and Settings
2017-07-17 17:25 - 2017-07-17 17:25 - 00000000 _SHDL C:\Arquivos de Programas
2017-07-17 17:21 - 2017-07-17 17:21 - 00000000 ____D C:\Users\Todos os Usuários\USOShared
2017-07-17 17:21 - 2017-07-17 17:21 - 00000000 ____D C:\ProgramData\USOShared
2017-07-17 17:20 - 2017-07-17 20:56 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-17 17:20 - 2017-07-17 18:20 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-07-17 17:20 - 2017-07-17 17:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-07-17 17:20 - 2017-07-17 17:20 - 00000000 ____D C:\Windows\ServiceProfiles
2017-07-17 17:19 - 2017-07-17 20:56 - 00340768 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-17 17:19 - 2017-07-17 17:23 - 00000000 ____D C:\Windows\Panther
2017-07-17 17:18 - 2017-07-17 17:18 - 00008192 __RSH C:\BOOTSECT.BAK
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-07-17 22:45 - 2016-07-16 08:36 - 00000000 ____D C:\Windows\CbsTemp
2017-07-17 21:30 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-17 21:04 - 2016-07-16 20:10 - 00348698 _____ C:\Windows\system32\prfh0416.dat
2017-07-17 21:04 - 2016-07-16 20:10 - 00060212 _____ C:\Windows\system32\prfc0416.dat
2017-07-17 20:55 - 2016-07-16 03:04 - 00262144 _____ C:\Windows\system32\config\BBI
2017-07-17 20:05 - 2016-07-16 08:47 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2017-07-17 20:05 - 2016-07-16 08:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-17 20:05 - 2016-07-16 08:45 - 00000000 ____D C:\Windows\INF
2017-07-17 19:05 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\AppReadiness
2017-07-17 18:55 - 2016-07-16 08:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-17 17:46 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\Help
2017-07-17 17:30 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\system32\oobe
2017-07-17 17:27 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\system32\spool
2017-07-17 17:27 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-07-17 17:26 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\rescache
2017-07-17 17:25 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files\Windows NT
2017-07-17 17:23 - 2016-07-16 03:04 - 00000000 ____D C:\Windows\system32\Sysprep
2017-07-17 17:21 - 2016-07-16 08:47 - 00000000 ___RD C:\Windows\PrintDialog
2017-07-17 17:21 - 2016-07-16 08:47 - 00000000 ___RD C:\Windows\MiracastView
2017-07-17 17:21 - 2016-07-16 08:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-07-17 17:21 - 2016-07-16 08:47 - 00000000 ____D C:\Users\Todos os Usuários\USOPrivate
2017-07-17 17:21 - 2016-07-16 08:47 - 00000000 ____D C:\ProgramData\USOPrivate
2017-07-17 17:20 - 2016-07-16 03:04 - 00032768 _____ C:\Windows\system32\config\ELAM
2017-07-17 17:18 - 2016-07-16 08:47 - 00028672 _____ C:\Windows\system32\config\BCD-Template
==================== Arquivos na raiz de alguns diretórios =======
2017-07-17 22:18 - 2017-07-17 22:18 - 0000033 _____ () C:\Users\Ciro\AppData\Roaming\AdobeWLCMCache.dat
Alguns arquivos em TEMP:
====================
2017-07-17 20:33 - 2017-07-17 20:33 - 1521205 _____ (AdworldInternet) C:\Users\Ciro\AppData\Local\Temp\ICReinstall_Ativador_Windows_10_PERMANENTE_DEFINITIVO_PH_Downs_1776627761.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-07-17 17:19
==================== Fim de FRST.txt ============================