Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 20-09-2017
Executado por Luiza (administrador) em LUIZA-PC (20-09-2017 21:41:40)
Executando a partir de C:\Users\Luiza\Downloads
Perfis Carregados: Luiza (Perfis Disponíveis: Luiza)
Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(BitTorrent Inc.) C:\Users\Luiza\AppData\Roaming\BitTorrent\BitTorrent.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(BitTorrent Inc.) C:\Users\Luiza\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(BitTorrent Inc.) C:\Users\Luiza\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(wj32) C:\Program Files\Process Hacker 2\ProcessHacker.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKU\S-1-5-21-2107777054-1435129246-652785034-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7658200 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-2107777054-1435129246-652785034-1001\...\Run: [BitTorrent] => C:\Users\Luiza\AppData\Roaming\BitTorrent\BitTorrent.exe [2408648 2017-09-16] (BitTorrent Inc.)
GroupPolicy: Restrição - Chrome <==== ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{61769842-5876-4AD2-88CC-21CF2A642706}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{66C3A736-5236-4BA1-8AF3-D51A899A1D31}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2107777054-1435129246-652785034-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-09-20] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-20] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-20] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\pe3wQNgk.default [2017-08-23]
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-20] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-20] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-26] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-26] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com.br/
CHR StartupUrls: Default -> "hxxp://br.hao123.com/?tn=ultra_pay_hp_02_hao123_br","hxxp://search.certified-toolbar.com?si=43168&st=home&tid=3830&ver=3.2&ts=1369618046465&tguid=43168-3830-1369618046465-2F10B917ECF4D9958BD4582529C62840","hxxp://www.sweet-page.com/?type=hp&ts=1405538863&from=cor&uid=ST3250318AS_9VY1TKFYXXXX9VY1TKFY","hxxp://br.hao123.com/?tn=incore_pay_hp_05_hao123_br","hxxp://www.mylucky123.com/?type=hp&ts=1205118125&z=6d86e559681e02cb9cd595bgbzbm3zfcbg8e1w2cbe&from=qks0914&uid=FUJITSUXMHZ2080BHXG2_K60ZT86285YST86285YSX"
CHR NewTab: Default -> Not-active:"chrome-extension://iinglghmhcgdgjjlafobajghjamdchik/newtab.html"
CHR Profile: C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default [2017-09-20]
CHR Extension: (Google Apresentações) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-26]
CHR Extension: (Google Docs) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-26]
CHR Extension: (Google Drive) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-26]
CHR Extension: (Plugins Button) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfkmdpfljdpopbemfaelnflapafbflgn [2017-07-29]
CHR Extension: (YouTube) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-26]
CHR Extension: (Dropbox para Gmail) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2017-07-26]
CHR Extension: (Bob Marley New Tab) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpfgjcpidniabmmhoebdcgmcookpoebo [2017-07-26]
CHR Extension: (Planilhas do Google) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-26]
CHR Extension: (Documentos Google off-line) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-26]
CHR Extension: (Bitmotion - New Tab) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\iinglghmhcgdgjjlafobajghjamdchik [2017-09-05]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2008-03-10]
CHR Extension: (Gmail) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-26]
CHR Extension: (Chrome Media Router) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-26]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iinglghmhcgdgjjlafobajghjamdchik] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [1289224 2017-08-02] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2840776 2017-09-08] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [380456 2017-04-26] (EasyAntiCheat Ltd)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI) [Arquivo não assinado]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 CEDRIVER60; C:\Program Files\Cheat Engine 6.4\dbk32.sys [82880 2014-06-20] ()
R4 KProcessHacker3; C:\Program Files\Process Hacker 2\kprocesshacker.sys [41624 2016-03-29] (wj32)
S3 EasyAntiCheatSys; \??\C:\Windows\system32\drivers\EasyAntiCheat.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-09-20 21:41 - 2017-09-20 21:42 - 000010119 _____ C:\Users\Luiza\Downloads\FRST.txt
2017-09-20 21:40 - 2017-09-20 21:41 - 000000000 ____D C:\FRST
2017-09-20 21:40 - 2017-09-20 21:40 - 001796096 _____ (Farbar) C:\Users\Luiza\Downloads\FRST.exe
2017-09-20 21:35 - 2017-05-16 08:43 - 001978880 _____ (master131) C:\Users\Luiza\Desktop\ExtremeInjector.exe
2017-09-20 21:34 - 2017-09-20 21:35 - 001365493 _____ C:\Users\Luiza\Downloads\Extreme Injector v3.7.zip
2017-09-20 21:29 - 2017-09-20 21:36 - 000002360 _____ C:\Users\Luiza\Desktop\settings.xml
2017-09-18 23:07 - 2017-09-18 23:08 - 001632208 _____ (Skype Technologies S.A.) C:\Users\Luiza\Downloads\SkypeSetup.exe
2017-09-18 21:56 - 2017-09-18 21:57 - 000000000 ____D C:\Program Files\TeamViewer
2017-09-18 21:56 - 2017-09-18 21:56 - 000001001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-18 21:56 - 2017-09-18 21:56 - 000000989 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-09-18 21:53 - 2017-09-18 21:55 - 015756368 _____ (TeamViewer GmbH) C:\Users\Luiza\Downloads\TeamViewer_Setup.exe
2017-09-18 21:24 - 2017-09-18 21:24 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-09-17 02:38 - 2017-09-17 02:38 - 159676122 _____ C:\Users\Luiza\Downloads\DRIVER VÍDEO_64bit_NP300E5K-KF1BR.rar
2017-09-17 00:56 - 2017-09-17 00:56 - 004814927 _____ C:\Users\Luiza\Downloads\Driver de LAN_NP300E5K-KF1BR.rar
2017-09-17 00:50 - 2017-09-17 00:50 - 040600632 _____ C:\Users\Luiza\Downloads\Driver de LAN Sem Fio_NP300E5K-KF1BR.rar
2017-09-17 00:48 - 2017-09-17 00:48 - 000000000 ___HD C:\$Windows.~WS
2017-09-17 00:00 - 2017-09-17 08:13 - 001615751 _____ C:\Users\Luiza\Downloads\SamsungUpdate_2.2.8.39.ZIP.crdownload
2017-09-16 22:44 - 2017-09-17 06:08 - 3193767936 ____R C:\Users\Luiza\Downloads\Win7_Ult_SP1_BrazilianPortuguese_x64 - PHDowns.iso
2017-09-16 22:43 - 2008-03-10 00:01 - 000000000 ____D C:\Users\Luiza\AppData\LocalLow\BitTorrent
2017-09-16 22:42 - 2017-09-20 21:41 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\BitTorrent
2017-09-16 22:42 - 2017-09-16 22:42 - 000000871 _____ C:\Users\Luiza\Desktop\BitTorrent.lnk
2017-09-16 22:36 - 2017-09-16 22:36 - 001733104 _____ (BitTorrent Inc.) C:\Users\Luiza\Downloads\uTorrent.exe
2017-09-16 13:16 - 2017-09-16 13:22 - 000000000 ____D C:\Users\Luiza\Desktop\PENDRIVE DIEGO
2017-09-16 12:33 - 2017-09-17 03:07 - 000000000 ____D C:\ESD
2017-09-16 12:31 - 2017-09-16 12:31 - 000000000 ____D C:\$WINDOWS.~BT
2017-09-05 14:30 - 2017-02-11 20:28 - 000000000 ____D C:\Users\Luiza\Desktop\Ativador Office 2016
2017-09-05 14:28 - 2017-09-05 14:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-09-05 14:28 - 2017-09-05 14:30 - 000000000 ____D C:\Program Files\KMSpico
2017-09-05 14:28 - 2010-12-05 23:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2017-09-05 13:58 - 2017-09-16 12:46 - 000002162 _____ C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-09-05 13:58 - 2017-09-16 12:46 - 000000000 ___RD C:\Users\Luiza\OneDrive
2017-09-05 13:58 - 2017-09-05 13:58 - 000002064 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-09-05 13:58 - 2017-09-05 13:58 - 000002064 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-09-05 13:58 - 2017-09-05 13:58 - 000002064 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-09-05 13:58 - 2017-09-05 13:58 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2017-09-05 13:56 - 2017-09-05 13:56 - 000000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2017-09-05 13:56 - 2017-09-05 13:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-09-05 13:54 - 2017-09-05 13:54 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2017-09-05 13:53 - 2017-09-18 21:25 - 000000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2017-09-05 13:53 - 2017-09-18 21:25 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-05 13:53 - 2017-09-05 13:10 - 001804512 _____ C:\Windows\GABRIOLA.tt2
2017-09-05 12:41 - 2017-09-20 21:24 - 000000000 ____D C:\Program Files\Microsoft Office
2017-09-05 12:40 - 2017-09-05 12:40 - 000000000 ____D C:\Program Files\Microsoft Office 15
2017-09-05 12:24 - 2017-09-05 14:17 - 062022792 _____ C:\Users\Luiza\Desktop\Office 2016 Online.rar
2017-08-30 17:29 - 2016-08-10 12:43 - 000421200 _____ (Microsoft Corporation) C:\Windows\msvcp100.dll
2017-08-30 17:27 - 2017-08-30 17:33 - 000000000 ____D C:\Users\Luiza\Desktop\CF
2017-08-27 22:35 - 2017-08-27 22:35 - 000001083 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2017-08-27 22:35 - 2017-08-27 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2017-08-27 22:35 - 2017-08-27 22:35 - 000000000 ____D C:\Program Files\CPUID
2017-08-27 22:10 - 2017-08-27 22:27 - 000000000 ____D C:\Program Files\SpeedFan
2017-08-27 22:10 - 2017-08-27 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2017-08-27 22:09 - 2017-08-27 22:10 - 000000045 _____ C:\Windows\system32\initdebug.nfo
2017-08-25 22:41 - 2017-08-29 23:54 - 000000000 ____D C:\Users\Luiza\Desktop\Nova pasta
2017-08-25 22:32 - 2017-08-25 22:32 - 001155188 _____ C:\Users\Luiza\Desktop\Hacker Combat Arms.rar
2017-08-24 16:12 - 2017-08-26 11:15 - 000120320 _____ C:\Users\Luiza\Desktop\VIP PRIVADO DIEGOZENDEM_Scrambled.dll
2017-08-23 23:57 - 2017-08-23 23:57 - 000000000 ____H C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2017-08-23 23:57 - 2017-08-23 23:57 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-08-23 23:57 - 2012-07-26 00:39 - 000526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2017-08-23 23:57 - 2012-07-26 00:39 - 000047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2017-08-23 23:57 - 2012-07-25 23:46 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2017-08-23 23:57 - 2012-06-02 11:34 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2017-08-23 23:03 - 2017-08-23 23:03 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Mozilla
2017-08-23 23:01 - 2017-08-24 16:24 - 000000000 ____D C:\Users\Todos os Usuários\Avira
2017-08-23 23:01 - 2017-08-24 16:24 - 000000000 ____D C:\ProgramData\Avira
2017-08-23 22:47 - 2017-08-23 22:48 - 001335749 _____ C:\Users\Luiza\Desktop\DIEGO.rar
2017-08-22 22:01 - 2017-08-22 22:02 - 000000000 ____D C:\Users\Luiza\Desktop\Nerd Tetudo
2017-08-22 22:01 - 2013-05-24 15:08 - 551778421 _____ (www.nerdtetudo.com.br) C:\Users\Luiza\Desktop\Portable CorelDRAW X6.exe
2017-08-22 21:00 - 2017-08-22 21:00 - 000000000 ____D C:\Windows\XSxS
2017-08-22 21:00 - 2017-08-22 21:00 - 000000000 ____D C:\Program Files\Xenocode
2017-08-22 19:01 - 2017-08-22 19:01 - 000000000 ____D C:\Users\Luiza\AppData\Local\Xenocode
2017-08-17 17:00 - 2017-08-17 17:00 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\EasyAntiCheat
2017-08-17 16:12 - 2017-08-17 16:12 - 000000000 ____D C:\Windows\system32\appmgmt
2017-08-17 12:58 - 2017-08-17 12:58 - 000000000 ____D C:\Users\Luiza\.android
2017-08-17 12:15 - 2017-08-17 12:15 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Motorola Mobility
2017-08-17 12:15 - 2017-08-17 12:15 - 000000000 ____D C:\Temp
2017-08-17 12:14 - 2017-08-17 16:12 - 000000000 ____D C:\Program Files\Motorola Mobility
2017-08-17 12:14 - 2017-08-17 12:14 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2017-08-17 12:14 - 2017-08-17 12:14 - 000000000 ____D C:\Program Files\Motorola
2017-08-17 12:13 - 2017-08-17 12:13 - 000000000 ____D C:\Program Files\Common Files\Motorola Shared
2017-08-17 12:12 - 2017-08-17 12:12 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Motorola
2017-08-16 09:03 - 2017-08-16 09:03 - 000001185 _____ C:\Users\Luiza\Desktop\BlackShot.lnk
2017-08-16 09:03 - 2017-08-16 09:03 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlackShot
2017-08-16 08:50 - 2017-08-16 09:03 - 000000000 ____D C:\Program Files\BlackShot
2017-08-15 22:11 - 2017-08-25 23:20 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-08-15 22:11 - 2017-08-25 23:20 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-11 00:08 - 2017-08-30 17:20 - 000000000 ____D C:\CFLog
2017-08-08 21:07 - 2017-08-08 21:07 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2017-08-08 21:01 - 2017-08-08 21:01 - 000064000 _____ C:\Users\Luiza\Desktop\VIP PRIVADO DIEGOZENDEM.dll
2017-08-04 03:01 - 2016-08-10 10:54 - 000773968 _____ (Microsoft Corporation) C:\Windows\msvcr100.dll
2017-08-04 00:02 - 2017-08-15 22:20 - 000000000 ____D C:\Windows\Minidump
2017-08-03 14:42 - 2009-12-16 18:27 - 000015872 _____ (NONE) C:\Users\Luiza\Desktop\BYPASS EACcombat arms.exe
2017-08-03 14:23 - 2017-08-14 20:19 - 000000000 ____D C:\Users\Luiza\Documents\BlackshotScreenshot
2017-08-03 13:37 - 2017-08-03 13:37 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-08-03 13:37 - 2017-08-03 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-08-03 13:37 - 2017-08-03 13:37 - 000000000 ____D C:\Program Files\CCleaner
2017-08-03 12:15 - 2017-08-03 12:15 - 000015136 _____ C:\Windows\system32\results.xml
2017-08-03 12:15 - 2017-08-03 12:15 - 000000000 ____D C:\Program Files\Intel
2017-08-03 12:15 - 2009-09-23 11:50 - 000398336 _____ (Intel(R) Corporation) C:\Windows\system32\TVWizudlg.exe
2017-08-03 12:15 - 2009-09-23 11:49 - 000140288 _____ () C:\Windows\system32\igfxtvcx.dll
2017-08-03 12:15 - 2009-09-23 11:47 - 000121232 _____ C:\Windows\system32\IScrNB.bmp
2017-08-03 12:12 - 2017-08-03 12:15 - 000000000 ____D C:\Windows\system32\Lang
2017-08-03 12:12 - 2009-10-19 15:57 - 001002008 _____ (Intel Corporation) C:\Windows\system32\igxpun.exe
2017-08-03 12:11 - 2017-08-03 12:11 - 000000000 ____D C:\Intel
2017-08-03 00:09 - 2017-08-03 00:09 - 000000000 ____D C:\Users\Luiza\AppData\Local\CrashRpt
2017-08-03 00:08 - 2017-08-16 19:19 - 000000000 ____D C:\Program Files\Common Files\BattlEye
2017-08-01 20:46 - 2017-08-01 20:47 - 000000000 ____D C:\Users\Luiza\Desktop\EAC
2017-08-01 20:00 - 2017-08-01 20:00 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Process Hacker 2
2017-08-01 19:36 - 2016-10-12 09:09 - 000001983 _____ C:\Windows\system32\README.txt
2017-08-01 19:36 - 2016-08-10 10:59 - 001998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2017-08-01 18:58 - 2017-08-01 18:58 - 000002077 _____ C:\Users\Luiza\Desktop\Process Hacker 2.lnk
2017-08-01 18:58 - 2017-08-01 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
2017-08-01 18:58 - 2017-08-01 18:58 - 000000000 ____D C:\Program Files\Process Hacker 2
2017-08-01 18:56 - 2017-09-18 23:10 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\TeamViewer
2017-08-01 18:54 - 2017-08-01 18:54 - 000000000 ____D C:\Users\Luiza\Desktop\d
2017-08-01 18:39 - 2017-08-01 18:45 - 000036864 _____ (dwn) C:\Windows\system32\UInject.ime
2017-08-01 18:36 - 2017-05-07 17:55 - 000060928 _____ C:\inject.dll
2017-08-01 18:36 - 2017-04-06 16:57 - 000021504 _____ C:\UInjectIME.dll
2017-08-01 18:19 - 2017-08-01 18:45 - 000021504 _____ C:\Windows\system32\UInject.tmp
2017-07-31 17:34 - 2017-09-16 22:52 - 000002561 _____ C:\Windows\diagwrn.xml
2017-07-31 17:34 - 2017-09-16 22:52 - 000001908 _____ C:\Windows\diagerr.xml
2017-07-31 17:01 - 2017-07-31 17:01 - 000000000 ____D C:\Users\Luiza\Desktop\MYLINK
2017-07-31 16:54 - 2017-07-31 16:54 - 000000000 ____D C:\Users\Luiza\Desktop\Windows Diego
2017-07-31 16:52 - 2017-07-31 16:53 - 000000000 ____D C:\Users\Luiza\Desktop\Windows 7 Ultimate SP1 (32 Bit)
2017-07-29 23:44 - 2017-07-30 00:10 - 000000000 ____D C:\Users\Luiza\Documents\Cross Fire
2017-07-29 23:39 - 2017-07-29 23:42 - 000000000 ___HD C:\Users\Public\system
2017-07-29 23:02 - 2017-07-29 23:02 - 000002040 _____ C:\Users\Luiza\Desktop\CrossFire BR.lnk
2017-07-29 23:02 - 2017-07-29 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games
2017-07-29 22:49 - 2017-07-29 22:49 - 000000000 ____D C:\Program Files\Z8Games
2017-07-29 16:23 - 2017-08-24 16:24 - 000000000 ____D C:\Users\Luiza\AppData\LocalLow\uTorrent
2017-07-29 15:53 - 2017-07-29 23:53 - 000000000 ____D C:\Users\Todos os Usuários\Solid State Networks
2017-07-29 15:53 - 2017-07-29 23:53 - 000000000 ____D C:\ProgramData\Solid State Networks
2017-07-29 15:24 - 2017-08-25 23:26 - 000000588 __RSH C:\Users\Todos os Usuários\ntuser.pol
2017-07-29 15:24 - 2017-08-25 23:26 - 000000588 __RSH C:\ProgramData\ntuser.pol
2017-07-29 14:06 - 2017-07-29 14:06 - 000001043 _____ C:\Users\Luiza\Desktop\Cheat Engine.lnk
2017-07-29 14:06 - 2017-07-29 14:06 - 000000000 ____D C:\Users\Luiza\Documents\My Cheat Tables
2017-07-29 14:06 - 2017-07-29 14:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2017-07-29 14:06 - 2017-07-29 14:06 - 000000000 ____D C:\Program Files\Cheat Engine 6.4
2017-07-29 12:53 - 2010-03-04 01:04 - 000146304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2017-07-29 12:53 - 2010-03-04 00:57 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2017-07-28 19:23 - 2017-07-28 19:23 - 000000000 ____D C:\Windows\CheckSur
2017-07-26 10:33 - 2017-07-26 10:33 - 000000000 ____D C:\Users\Todos os Usuários\Nexon
2017-07-26 10:33 - 2017-07-26 10:33 - 000000000 ____D C:\ProgramData\Nexon
2017-07-26 10:32 - 2017-07-26 10:32 - 000000016 _____ C:\Users\Todos os Usuários\mntemp
2017-07-26 10:32 - 2017-07-26 10:32 - 000000016 _____ C:\ProgramData\mntemp
2017-07-26 10:31 - 2017-04-26 16:10 - 000380456 _____ (EasyAntiCheat Ltd) C:\Windows\system32\EasyAntiCheat.exe
2017-07-26 09:31 - 2017-09-05 13:56 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Skype
2017-07-26 09:31 - 2017-08-24 16:25 - 000000000 ____D C:\Users\Todos os Usuários\Skype
2017-07-26 09:31 - 2017-08-24 16:25 - 000000000 ____D C:\ProgramData\Skype
2017-07-26 09:23 - 2017-07-26 09:23 - 000436014 __RSH C:\VMYCX
2017-07-26 09:21 - 2017-07-26 09:21 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\WinRAR
2017-07-26 09:20 - 2017-07-26 09:20 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-26 09:20 - 2017-07-26 09:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-26 09:20 - 2017-07-26 09:20 - 000000000 ____D C:\Program Files\WinRAR
2017-07-26 09:18 - 2017-08-22 20:21 - 000000000 ____D C:\Users\Luiza\Desktop\Programas Backup
2017-07-26 03:47 - 2008-03-10 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Level Up
2017-07-26 03:44 - 2017-07-26 03:44 - 000000000 ____D C:\Users\Todos os Usuários\Level Up! Games
2017-07-26 03:44 - 2017-07-26 03:44 - 000000000 ____D C:\ProgramData\Level Up! Games
2017-07-26 03:44 - 2008-03-10 00:13 - 000000000 ____D C:\Level Up
2017-07-26 03:32 - 2011-04-09 02:56 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-07-26 03:16 - 2016-06-25 12:43 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2017-07-26 03:16 - 2015-03-18 23:57 - 003963320 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-07-26 03:16 - 2015-03-18 23:57 - 003908024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-07-26 03:16 - 2014-09-14 21:42 - 002377216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-07-26 03:16 - 2013-03-19 01:54 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-07-26 03:16 - 2013-03-18 23:50 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-07-26 03:16 - 2010-12-18 02:29 - 000541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-26 03:13 - 2017-07-26 03:13 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Google
2017-07-26 03:07 - 2017-08-28 17:23 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-26 03:01 - 2017-09-16 23:42 - 001633534 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-26 03:00 - 2017-07-29 17:01 - 000000000 ____D C:\Users\Luiza\AppData\Local\Deployment
2017-07-26 03:00 - 2017-07-26 03:34 - 000000000 ____D C:\Users\Luiza\AppData\Local\Google
2017-07-26 03:00 - 2017-07-26 03:07 - 000000000 ____D C:\Program Files\Google
2017-07-26 03:00 - 2017-07-26 03:00 - 000000000 ____D C:\Users\Luiza\AppData\Local\Apps\2.0
2017-07-26 03:00 - 2008-03-10 00:01 - 000116000 _____ C:\Users\Luiza\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-26 02:57 - 2017-07-26 02:57 - 000001389 _____ C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-07-26 02:57 - 2012-06-02 19:19 - 001933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-07-26 02:57 - 2012-06-02 19:19 - 000577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-07-26 02:57 - 2012-06-02 19:19 - 000053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-07-26 02:57 - 2012-06-02 19:19 - 000045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-07-26 02:57 - 2012-06-02 19:19 - 000035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-07-26 02:57 - 2012-06-02 19:12 - 002422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-07-26 02:57 - 2012-06-02 19:12 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-07-26 02:57 - 2012-06-02 15:19 - 000171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-07-26 02:57 - 2012-06-02 15:12 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-07-26 02:56 - 2017-09-05 13:58 - 000000000 ____D C:\Users\Luiza
2017-07-26 02:56 - 2017-08-22 19:01 - 000000000 ____D C:\Users\Luiza\AppData\Local\VirtualStore
2017-07-26 02:56 - 2017-07-26 02:56 - 000000020 ___SH C:\Users\Luiza\ntuser.ini
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Usuário Padrão
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Todos os Usuários\Modelos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Todos os Usuários\Documentos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Todos os Usuários
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Modelos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Meus documentos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Menu Iniciar
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Documents\Minhas músicas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Documents\Minhas imagens
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Documents\Meus vídeos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Configurações locais
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\AppData\Local\Histórico
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\AppData\Local\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Ambiente de rede
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Ambiente de impressão
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Modelos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Meus documentos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Menu Iniciar
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Configurações locais
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Ambiente de rede
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Ambiente de impressão
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\ProgramData\Modelos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\ProgramData\Menu Iniciar
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\ProgramData\Favoritos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\ProgramData\Documentos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\ProgramData\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Program Files\Common Files\Sistema
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Program Files\Arquivos Comuns
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Arquivos de Programas
2017-07-26 02:56 - 2009-07-14 04:48 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Media Center Programs
2017-07-11 04:50 - 2017-07-11 05:39 - 000000083 _____ C:\Users\Luiza\Desktop\chaves bypass eac.txt
2017-06-22 19:52 - 2017-07-08 00:06 - 000010615 _____ C:\Users\Luiza\Desktop\endereços CAaa.txt
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-09-20 21:06 - 2009-07-14 01:34 - 000017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-20 21:06 - 2009-07-14 01:34 - 000017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-18 21:24 - 2009-07-13 23:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-09-18 20:56 - 2008-03-10 00:04 - 000000000 ____D C:\Windows\system32\MRT
2017-09-17 03:07 - 2008-03-10 08:32 - 000000000 ____D C:\Windows\Panther
2017-09-16 23:42 - 2009-07-17 15:48 - 000705268 _____ C:\Windows\system32\prfh0416.dat
2017-09-16 23:42 - 2009-07-17 15:48 - 000147108 _____ C:\Windows\system32\prfc0416.dat
2017-09-16 23:42 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2017-09-16 14:36 - 2008-03-10 00:04 - 135337392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-08-30 14:16 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\rescache
==================== Arquivos na raiz de alguns diretórios =======
2017-07-26 10:32 - 2017-07-26 10:32 - 000000016 _____ () C:\ProgramData\mntemp
Alguns arquivos em TEMP:
====================
2017-09-16 22:34 - 2017-09-16 22:34 - 002089208 _____ ( ) C:\Users\Luiza\AppData\Local\Temp\ICReinstall_Baixaki_utorrent.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-09-17 02:31
==================== Fim de FRST.txt ============================
Executado por Luiza (administrador) em LUIZA-PC (20-09-2017 21:41:40)
Executando a partir de C:\Users\Luiza\Downloads
Perfis Carregados: Luiza (Perfis Disponíveis: Luiza)
Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(BitTorrent Inc.) C:\Users\Luiza\AppData\Roaming\BitTorrent\BitTorrent.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(BitTorrent Inc.) C:\Users\Luiza\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(BitTorrent Inc.) C:\Users\Luiza\AppData\Roaming\BitTorrent\updates\7.10.0_43917\bittorrentie.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(wj32) C:\Program Files\Process Hacker 2\ProcessHacker.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKU\S-1-5-21-2107777054-1435129246-652785034-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7658200 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-2107777054-1435129246-652785034-1001\...\Run: [BitTorrent] => C:\Users\Luiza\AppData\Roaming\BitTorrent\BitTorrent.exe [2408648 2017-09-16] (BitTorrent Inc.)
GroupPolicy: Restrição - Chrome <==== ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{61769842-5876-4AD2-88CC-21CF2A642706}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{66C3A736-5236-4BA1-8AF3-D51A899A1D31}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2107777054-1435129246-652785034-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-09-20] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-20] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-20] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Luiza\AppData\Roaming\Mozilla\Firefox\Profiles\pe3wQNgk.default [2017-08-23]
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-20] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-20] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-26] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-26] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com.br/
CHR StartupUrls: Default -> "hxxp://br.hao123.com/?tn=ultra_pay_hp_02_hao123_br","hxxp://search.certified-toolbar.com?si=43168&st=home&tid=3830&ver=3.2&ts=1369618046465&tguid=43168-3830-1369618046465-2F10B917ECF4D9958BD4582529C62840","hxxp://www.sweet-page.com/?type=hp&ts=1405538863&from=cor&uid=ST3250318AS_9VY1TKFYXXXX9VY1TKFY","hxxp://br.hao123.com/?tn=incore_pay_hp_05_hao123_br","hxxp://www.mylucky123.com/?type=hp&ts=1205118125&z=6d86e559681e02cb9cd595bgbzbm3zfcbg8e1w2cbe&from=qks0914&uid=FUJITSUXMHZ2080BHXG2_K60ZT86285YST86285YSX"
CHR NewTab: Default -> Not-active:"chrome-extension://iinglghmhcgdgjjlafobajghjamdchik/newtab.html"
CHR Profile: C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default [2017-09-20]
CHR Extension: (Google Apresentações) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-26]
CHR Extension: (Google Docs) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-26]
CHR Extension: (Google Drive) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-26]
CHR Extension: (Plugins Button) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfkmdpfljdpopbemfaelnflapafbflgn [2017-07-29]
CHR Extension: (YouTube) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-26]
CHR Extension: (Dropbox para Gmail) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2017-07-26]
CHR Extension: (Bob Marley New Tab) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpfgjcpidniabmmhoebdcgmcookpoebo [2017-07-26]
CHR Extension: (Planilhas do Google) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-26]
CHR Extension: (Documentos Google off-line) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-26]
CHR Extension: (Bitmotion - New Tab) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\iinglghmhcgdgjjlafobajghjamdchik [2017-09-05]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2008-03-10]
CHR Extension: (Gmail) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-26]
CHR Extension: (Chrome Media Router) - C:\Users\Luiza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-26]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iinglghmhcgdgjjlafobajghjamdchik] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [1289224 2017-08-02] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2840776 2017-09-08] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [380456 2017-04-26] (EasyAntiCheat Ltd)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI) [Arquivo não assinado]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 CEDRIVER60; C:\Program Files\Cheat Engine 6.4\dbk32.sys [82880 2014-06-20] ()
R4 KProcessHacker3; C:\Program Files\Process Hacker 2\kprocesshacker.sys [41624 2016-03-29] (wj32)
S3 EasyAntiCheatSys; \??\C:\Windows\system32\drivers\EasyAntiCheat.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-09-20 21:41 - 2017-09-20 21:42 - 000010119 _____ C:\Users\Luiza\Downloads\FRST.txt
2017-09-20 21:40 - 2017-09-20 21:41 - 000000000 ____D C:\FRST
2017-09-20 21:40 - 2017-09-20 21:40 - 001796096 _____ (Farbar) C:\Users\Luiza\Downloads\FRST.exe
2017-09-20 21:35 - 2017-05-16 08:43 - 001978880 _____ (master131) C:\Users\Luiza\Desktop\ExtremeInjector.exe
2017-09-20 21:34 - 2017-09-20 21:35 - 001365493 _____ C:\Users\Luiza\Downloads\Extreme Injector v3.7.zip
2017-09-20 21:29 - 2017-09-20 21:36 - 000002360 _____ C:\Users\Luiza\Desktop\settings.xml
2017-09-18 23:07 - 2017-09-18 23:08 - 001632208 _____ (Skype Technologies S.A.) C:\Users\Luiza\Downloads\SkypeSetup.exe
2017-09-18 21:56 - 2017-09-18 21:57 - 000000000 ____D C:\Program Files\TeamViewer
2017-09-18 21:56 - 2017-09-18 21:56 - 000001001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-18 21:56 - 2017-09-18 21:56 - 000000989 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-09-18 21:53 - 2017-09-18 21:55 - 015756368 _____ (TeamViewer GmbH) C:\Users\Luiza\Downloads\TeamViewer_Setup.exe
2017-09-18 21:24 - 2017-09-18 21:24 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-09-17 02:38 - 2017-09-17 02:38 - 159676122 _____ C:\Users\Luiza\Downloads\DRIVER VÍDEO_64bit_NP300E5K-KF1BR.rar
2017-09-17 00:56 - 2017-09-17 00:56 - 004814927 _____ C:\Users\Luiza\Downloads\Driver de LAN_NP300E5K-KF1BR.rar
2017-09-17 00:50 - 2017-09-17 00:50 - 040600632 _____ C:\Users\Luiza\Downloads\Driver de LAN Sem Fio_NP300E5K-KF1BR.rar
2017-09-17 00:48 - 2017-09-17 00:48 - 000000000 ___HD C:\$Windows.~WS
2017-09-17 00:00 - 2017-09-17 08:13 - 001615751 _____ C:\Users\Luiza\Downloads\SamsungUpdate_2.2.8.39.ZIP.crdownload
2017-09-16 22:44 - 2017-09-17 06:08 - 3193767936 ____R C:\Users\Luiza\Downloads\Win7_Ult_SP1_BrazilianPortuguese_x64 - PHDowns.iso
2017-09-16 22:43 - 2008-03-10 00:01 - 000000000 ____D C:\Users\Luiza\AppData\LocalLow\BitTorrent
2017-09-16 22:42 - 2017-09-20 21:41 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\BitTorrent
2017-09-16 22:42 - 2017-09-16 22:42 - 000000871 _____ C:\Users\Luiza\Desktop\BitTorrent.lnk
2017-09-16 22:36 - 2017-09-16 22:36 - 001733104 _____ (BitTorrent Inc.) C:\Users\Luiza\Downloads\uTorrent.exe
2017-09-16 13:16 - 2017-09-16 13:22 - 000000000 ____D C:\Users\Luiza\Desktop\PENDRIVE DIEGO
2017-09-16 12:33 - 2017-09-17 03:07 - 000000000 ____D C:\ESD
2017-09-16 12:31 - 2017-09-16 12:31 - 000000000 ____D C:\$WINDOWS.~BT
2017-09-05 14:30 - 2017-02-11 20:28 - 000000000 ____D C:\Users\Luiza\Desktop\Ativador Office 2016
2017-09-05 14:28 - 2017-09-05 14:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-09-05 14:28 - 2017-09-05 14:30 - 000000000 ____D C:\Program Files\KMSpico
2017-09-05 14:28 - 2010-12-05 23:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2017-09-05 13:58 - 2017-09-16 12:46 - 000002162 _____ C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-09-05 13:58 - 2017-09-16 12:46 - 000000000 ___RD C:\Users\Luiza\OneDrive
2017-09-05 13:58 - 2017-09-05 13:58 - 000002064 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-09-05 13:58 - 2017-09-05 13:58 - 000002064 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-09-05 13:58 - 2017-09-05 13:58 - 000002064 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-09-05 13:58 - 2017-09-05 13:58 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2017-09-05 13:56 - 2017-09-05 13:56 - 000000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2017-09-05 13:56 - 2017-09-05 13:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-09-05 13:54 - 2017-09-05 13:54 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-09-05 13:54 - 2017-09-05 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2017-09-05 13:53 - 2017-09-18 21:25 - 000000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2017-09-05 13:53 - 2017-09-18 21:25 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-05 13:53 - 2017-09-05 13:10 - 001804512 _____ C:\Windows\GABRIOLA.tt2
2017-09-05 12:41 - 2017-09-20 21:24 - 000000000 ____D C:\Program Files\Microsoft Office
2017-09-05 12:40 - 2017-09-05 12:40 - 000000000 ____D C:\Program Files\Microsoft Office 15
2017-09-05 12:24 - 2017-09-05 14:17 - 062022792 _____ C:\Users\Luiza\Desktop\Office 2016 Online.rar
2017-08-30 17:29 - 2016-08-10 12:43 - 000421200 _____ (Microsoft Corporation) C:\Windows\msvcp100.dll
2017-08-30 17:27 - 2017-08-30 17:33 - 000000000 ____D C:\Users\Luiza\Desktop\CF
2017-08-27 22:35 - 2017-08-27 22:35 - 000001083 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2017-08-27 22:35 - 2017-08-27 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2017-08-27 22:35 - 2017-08-27 22:35 - 000000000 ____D C:\Program Files\CPUID
2017-08-27 22:10 - 2017-08-27 22:27 - 000000000 ____D C:\Program Files\SpeedFan
2017-08-27 22:10 - 2017-08-27 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2017-08-27 22:09 - 2017-08-27 22:10 - 000000045 _____ C:\Windows\system32\initdebug.nfo
2017-08-25 22:41 - 2017-08-29 23:54 - 000000000 ____D C:\Users\Luiza\Desktop\Nova pasta
2017-08-25 22:32 - 2017-08-25 22:32 - 001155188 _____ C:\Users\Luiza\Desktop\Hacker Combat Arms.rar
2017-08-24 16:12 - 2017-08-26 11:15 - 000120320 _____ C:\Users\Luiza\Desktop\VIP PRIVADO DIEGOZENDEM_Scrambled.dll
2017-08-23 23:57 - 2017-08-23 23:57 - 000000000 ____H C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2017-08-23 23:57 - 2017-08-23 23:57 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-08-23 23:57 - 2012-07-26 00:39 - 000526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2017-08-23 23:57 - 2012-07-26 00:39 - 000047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2017-08-23 23:57 - 2012-07-25 23:46 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2017-08-23 23:57 - 2012-06-02 11:34 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2017-08-23 23:03 - 2017-08-23 23:03 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Mozilla
2017-08-23 23:01 - 2017-08-24 16:24 - 000000000 ____D C:\Users\Todos os Usuários\Avira
2017-08-23 23:01 - 2017-08-24 16:24 - 000000000 ____D C:\ProgramData\Avira
2017-08-23 22:47 - 2017-08-23 22:48 - 001335749 _____ C:\Users\Luiza\Desktop\DIEGO.rar
2017-08-22 22:01 - 2017-08-22 22:02 - 000000000 ____D C:\Users\Luiza\Desktop\Nerd Tetudo
2017-08-22 22:01 - 2013-05-24 15:08 - 551778421 _____ (www.nerdtetudo.com.br) C:\Users\Luiza\Desktop\Portable CorelDRAW X6.exe
2017-08-22 21:00 - 2017-08-22 21:00 - 000000000 ____D C:\Windows\XSxS
2017-08-22 21:00 - 2017-08-22 21:00 - 000000000 ____D C:\Program Files\Xenocode
2017-08-22 19:01 - 2017-08-22 19:01 - 000000000 ____D C:\Users\Luiza\AppData\Local\Xenocode
2017-08-17 17:00 - 2017-08-17 17:00 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\EasyAntiCheat
2017-08-17 16:12 - 2017-08-17 16:12 - 000000000 ____D C:\Windows\system32\appmgmt
2017-08-17 12:58 - 2017-08-17 12:58 - 000000000 ____D C:\Users\Luiza\.android
2017-08-17 12:15 - 2017-08-17 12:15 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Motorola Mobility
2017-08-17 12:15 - 2017-08-17 12:15 - 000000000 ____D C:\Temp
2017-08-17 12:14 - 2017-08-17 16:12 - 000000000 ____D C:\Program Files\Motorola Mobility
2017-08-17 12:14 - 2017-08-17 12:14 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2017-08-17 12:14 - 2017-08-17 12:14 - 000000000 ____D C:\Program Files\Motorola
2017-08-17 12:13 - 2017-08-17 12:13 - 000000000 ____D C:\Program Files\Common Files\Motorola Shared
2017-08-17 12:12 - 2017-08-17 12:12 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Motorola
2017-08-16 09:03 - 2017-08-16 09:03 - 000001185 _____ C:\Users\Luiza\Desktop\BlackShot.lnk
2017-08-16 09:03 - 2017-08-16 09:03 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlackShot
2017-08-16 08:50 - 2017-08-16 09:03 - 000000000 ____D C:\Program Files\BlackShot
2017-08-15 22:11 - 2017-08-25 23:20 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-08-15 22:11 - 2017-08-25 23:20 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-11 00:08 - 2017-08-30 17:20 - 000000000 ____D C:\CFLog
2017-08-08 21:07 - 2017-08-08 21:07 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2017-08-08 21:01 - 2017-08-08 21:01 - 000064000 _____ C:\Users\Luiza\Desktop\VIP PRIVADO DIEGOZENDEM.dll
2017-08-04 03:01 - 2016-08-10 10:54 - 000773968 _____ (Microsoft Corporation) C:\Windows\msvcr100.dll
2017-08-04 00:02 - 2017-08-15 22:20 - 000000000 ____D C:\Windows\Minidump
2017-08-03 14:42 - 2009-12-16 18:27 - 000015872 _____ (NONE) C:\Users\Luiza\Desktop\BYPASS EACcombat arms.exe
2017-08-03 14:23 - 2017-08-14 20:19 - 000000000 ____D C:\Users\Luiza\Documents\BlackshotScreenshot
2017-08-03 13:37 - 2017-08-03 13:37 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-08-03 13:37 - 2017-08-03 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-08-03 13:37 - 2017-08-03 13:37 - 000000000 ____D C:\Program Files\CCleaner
2017-08-03 12:15 - 2017-08-03 12:15 - 000015136 _____ C:\Windows\system32\results.xml
2017-08-03 12:15 - 2017-08-03 12:15 - 000000000 ____D C:\Program Files\Intel
2017-08-03 12:15 - 2009-09-23 11:50 - 000398336 _____ (Intel(R) Corporation) C:\Windows\system32\TVWizudlg.exe
2017-08-03 12:15 - 2009-09-23 11:49 - 000140288 _____ () C:\Windows\system32\igfxtvcx.dll
2017-08-03 12:15 - 2009-09-23 11:47 - 000121232 _____ C:\Windows\system32\IScrNB.bmp
2017-08-03 12:12 - 2017-08-03 12:15 - 000000000 ____D C:\Windows\system32\Lang
2017-08-03 12:12 - 2009-10-19 15:57 - 001002008 _____ (Intel Corporation) C:\Windows\system32\igxpun.exe
2017-08-03 12:11 - 2017-08-03 12:11 - 000000000 ____D C:\Intel
2017-08-03 00:09 - 2017-08-03 00:09 - 000000000 ____D C:\Users\Luiza\AppData\Local\CrashRpt
2017-08-03 00:08 - 2017-08-16 19:19 - 000000000 ____D C:\Program Files\Common Files\BattlEye
2017-08-01 20:46 - 2017-08-01 20:47 - 000000000 ____D C:\Users\Luiza\Desktop\EAC
2017-08-01 20:00 - 2017-08-01 20:00 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Process Hacker 2
2017-08-01 19:36 - 2016-10-12 09:09 - 000001983 _____ C:\Windows\system32\README.txt
2017-08-01 19:36 - 2016-08-10 10:59 - 001998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2017-08-01 18:58 - 2017-08-01 18:58 - 000002077 _____ C:\Users\Luiza\Desktop\Process Hacker 2.lnk
2017-08-01 18:58 - 2017-08-01 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
2017-08-01 18:58 - 2017-08-01 18:58 - 000000000 ____D C:\Program Files\Process Hacker 2
2017-08-01 18:56 - 2017-09-18 23:10 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\TeamViewer
2017-08-01 18:54 - 2017-08-01 18:54 - 000000000 ____D C:\Users\Luiza\Desktop\d
2017-08-01 18:39 - 2017-08-01 18:45 - 000036864 _____ (dwn) C:\Windows\system32\UInject.ime
2017-08-01 18:36 - 2017-05-07 17:55 - 000060928 _____ C:\inject.dll
2017-08-01 18:36 - 2017-04-06 16:57 - 000021504 _____ C:\UInjectIME.dll
2017-08-01 18:19 - 2017-08-01 18:45 - 000021504 _____ C:\Windows\system32\UInject.tmp
2017-07-31 17:34 - 2017-09-16 22:52 - 000002561 _____ C:\Windows\diagwrn.xml
2017-07-31 17:34 - 2017-09-16 22:52 - 000001908 _____ C:\Windows\diagerr.xml
2017-07-31 17:01 - 2017-07-31 17:01 - 000000000 ____D C:\Users\Luiza\Desktop\MYLINK
2017-07-31 16:54 - 2017-07-31 16:54 - 000000000 ____D C:\Users\Luiza\Desktop\Windows Diego
2017-07-31 16:52 - 2017-07-31 16:53 - 000000000 ____D C:\Users\Luiza\Desktop\Windows 7 Ultimate SP1 (32 Bit)
2017-07-29 23:44 - 2017-07-30 00:10 - 000000000 ____D C:\Users\Luiza\Documents\Cross Fire
2017-07-29 23:39 - 2017-07-29 23:42 - 000000000 ___HD C:\Users\Public\system
2017-07-29 23:02 - 2017-07-29 23:02 - 000002040 _____ C:\Users\Luiza\Desktop\CrossFire BR.lnk
2017-07-29 23:02 - 2017-07-29 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games
2017-07-29 22:49 - 2017-07-29 22:49 - 000000000 ____D C:\Program Files\Z8Games
2017-07-29 16:23 - 2017-08-24 16:24 - 000000000 ____D C:\Users\Luiza\AppData\LocalLow\uTorrent
2017-07-29 15:53 - 2017-07-29 23:53 - 000000000 ____D C:\Users\Todos os Usuários\Solid State Networks
2017-07-29 15:53 - 2017-07-29 23:53 - 000000000 ____D C:\ProgramData\Solid State Networks
2017-07-29 15:24 - 2017-08-25 23:26 - 000000588 __RSH C:\Users\Todos os Usuários\ntuser.pol
2017-07-29 15:24 - 2017-08-25 23:26 - 000000588 __RSH C:\ProgramData\ntuser.pol
2017-07-29 14:06 - 2017-07-29 14:06 - 000001043 _____ C:\Users\Luiza\Desktop\Cheat Engine.lnk
2017-07-29 14:06 - 2017-07-29 14:06 - 000000000 ____D C:\Users\Luiza\Documents\My Cheat Tables
2017-07-29 14:06 - 2017-07-29 14:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2017-07-29 14:06 - 2017-07-29 14:06 - 000000000 ____D C:\Program Files\Cheat Engine 6.4
2017-07-29 12:53 - 2010-03-04 01:04 - 000146304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2017-07-29 12:53 - 2010-03-04 00:57 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2017-07-28 19:23 - 2017-07-28 19:23 - 000000000 ____D C:\Windows\CheckSur
2017-07-26 10:33 - 2017-07-26 10:33 - 000000000 ____D C:\Users\Todos os Usuários\Nexon
2017-07-26 10:33 - 2017-07-26 10:33 - 000000000 ____D C:\ProgramData\Nexon
2017-07-26 10:32 - 2017-07-26 10:32 - 000000016 _____ C:\Users\Todos os Usuários\mntemp
2017-07-26 10:32 - 2017-07-26 10:32 - 000000016 _____ C:\ProgramData\mntemp
2017-07-26 10:31 - 2017-04-26 16:10 - 000380456 _____ (EasyAntiCheat Ltd) C:\Windows\system32\EasyAntiCheat.exe
2017-07-26 09:31 - 2017-09-05 13:56 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Skype
2017-07-26 09:31 - 2017-08-24 16:25 - 000000000 ____D C:\Users\Todos os Usuários\Skype
2017-07-26 09:31 - 2017-08-24 16:25 - 000000000 ____D C:\ProgramData\Skype
2017-07-26 09:23 - 2017-07-26 09:23 - 000436014 __RSH C:\VMYCX
2017-07-26 09:21 - 2017-07-26 09:21 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\WinRAR
2017-07-26 09:20 - 2017-07-26 09:20 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-26 09:20 - 2017-07-26 09:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-26 09:20 - 2017-07-26 09:20 - 000000000 ____D C:\Program Files\WinRAR
2017-07-26 09:18 - 2017-08-22 20:21 - 000000000 ____D C:\Users\Luiza\Desktop\Programas Backup
2017-07-26 03:47 - 2008-03-10 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Level Up
2017-07-26 03:44 - 2017-07-26 03:44 - 000000000 ____D C:\Users\Todos os Usuários\Level Up! Games
2017-07-26 03:44 - 2017-07-26 03:44 - 000000000 ____D C:\ProgramData\Level Up! Games
2017-07-26 03:44 - 2008-03-10 00:13 - 000000000 ____D C:\Level Up
2017-07-26 03:32 - 2011-04-09 02:56 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-07-26 03:16 - 2016-06-25 12:43 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2017-07-26 03:16 - 2015-03-18 23:57 - 003963320 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-07-26 03:16 - 2015-03-18 23:57 - 003908024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-07-26 03:16 - 2014-09-14 21:42 - 002377216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-07-26 03:16 - 2013-03-19 01:54 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-07-26 03:16 - 2013-03-18 23:50 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-07-26 03:16 - 2010-12-18 02:29 - 000541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-26 03:13 - 2017-07-26 03:13 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Google
2017-07-26 03:07 - 2017-08-28 17:23 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-26 03:01 - 2017-09-16 23:42 - 001633534 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-26 03:00 - 2017-07-29 17:01 - 000000000 ____D C:\Users\Luiza\AppData\Local\Deployment
2017-07-26 03:00 - 2017-07-26 03:34 - 000000000 ____D C:\Users\Luiza\AppData\Local\Google
2017-07-26 03:00 - 2017-07-26 03:07 - 000000000 ____D C:\Program Files\Google
2017-07-26 03:00 - 2017-07-26 03:00 - 000000000 ____D C:\Users\Luiza\AppData\Local\Apps\2.0
2017-07-26 03:00 - 2008-03-10 00:01 - 000116000 _____ C:\Users\Luiza\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-26 02:57 - 2017-07-26 02:57 - 000001389 _____ C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-07-26 02:57 - 2012-06-02 19:19 - 001933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-07-26 02:57 - 2012-06-02 19:19 - 000577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-07-26 02:57 - 2012-06-02 19:19 - 000053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-07-26 02:57 - 2012-06-02 19:19 - 000045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-07-26 02:57 - 2012-06-02 19:19 - 000035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-07-26 02:57 - 2012-06-02 19:12 - 002422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-07-26 02:57 - 2012-06-02 19:12 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-07-26 02:57 - 2012-06-02 15:19 - 000171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-07-26 02:57 - 2012-06-02 15:12 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-07-26 02:56 - 2017-09-05 13:58 - 000000000 ____D C:\Users\Luiza
2017-07-26 02:56 - 2017-08-22 19:01 - 000000000 ____D C:\Users\Luiza\AppData\Local\VirtualStore
2017-07-26 02:56 - 2017-07-26 02:56 - 000000020 ___SH C:\Users\Luiza\ntuser.ini
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Usuário Padrão
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Todos os Usuários\Modelos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Todos os Usuários\Documentos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Todos os Usuários
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Modelos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Meus documentos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Menu Iniciar
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Documents\Minhas músicas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Documents\Minhas imagens
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Documents\Meus vídeos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Configurações locais
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\AppData\Local\Histórico
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\AppData\Local\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Ambiente de rede
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Luiza\Ambiente de impressão
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Modelos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Meus documentos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Menu Iniciar
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Configurações locais
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Ambiente de rede
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default\Ambiente de impressão
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\ProgramData\Modelos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\ProgramData\Menu Iniciar
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\ProgramData\Favoritos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\ProgramData\Documentos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\ProgramData\Dados de aplicativos
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Program Files\Common Files\Sistema
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Program Files\Arquivos Comuns
2017-07-26 02:56 - 2017-07-26 02:56 - 000000000 _SHDL C:\Arquivos de Programas
2017-07-26 02:56 - 2009-07-14 04:48 - 000000000 ____D C:\Users\Luiza\AppData\Roaming\Media Center Programs
2017-07-11 04:50 - 2017-07-11 05:39 - 000000083 _____ C:\Users\Luiza\Desktop\chaves bypass eac.txt
2017-06-22 19:52 - 2017-07-08 00:06 - 000010615 _____ C:\Users\Luiza\Desktop\endereços CAaa.txt
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-09-20 21:06 - 2009-07-14 01:34 - 000017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-20 21:06 - 2009-07-14 01:34 - 000017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-18 21:24 - 2009-07-13 23:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-09-18 20:56 - 2008-03-10 00:04 - 000000000 ____D C:\Windows\system32\MRT
2017-09-17 03:07 - 2008-03-10 08:32 - 000000000 ____D C:\Windows\Panther
2017-09-16 23:42 - 2009-07-17 15:48 - 000705268 _____ C:\Windows\system32\prfh0416.dat
2017-09-16 23:42 - 2009-07-17 15:48 - 000147108 _____ C:\Windows\system32\prfc0416.dat
2017-09-16 23:42 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2017-09-16 14:36 - 2008-03-10 00:04 - 135337392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-08-30 14:16 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\rescache
==================== Arquivos na raiz de alguns diretórios =======
2017-07-26 10:32 - 2017-07-26 10:32 - 000000016 _____ () C:\ProgramData\mntemp
Alguns arquivos em TEMP:
====================
2017-09-16 22:34 - 2017-09-16 22:34 - 002089208 _____ ( ) C:\Users\Luiza\AppData\Local\Temp\ICReinstall_Baixaki_utorrent.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-09-17 02:31
==================== Fim de FRST.txt ============================