Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:18-04-2016 Executado por VozesFacil (administrador) em VOZESFACIL-PC (24-04-2016 09:46:20) Executando a partir de C:\Users\VozesFacil\Desktop Perfis Carregados: VozesFacil & (Perfis Disponíveis: VozesFacil) Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil) Internet Explorer Versão 8 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe (Microsoft Corporation) C:\Users\VozesFacil\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (SurfRight B.V.) C:\Down\hitmanpro.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal) HKU\S-1-5-21-3698717709-2749432152-3893599215-1001\...\Run: [SkyDrive] => C:\Users\VozesFacil\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2016-04-19] (Microsoft Corporation) HKU\S-1-5-21-3698717709-2749432152-3893599215-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3369152 2016-04-04] (Disc Soft Ltd) HKU\S-1-5-21-3698717709-2749432152-3893599215-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-13] (Microsoft Corporation) HKU\S-1-5-21-3698717709-2749432152-3893599215-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6699800 2015-01-22] (SUPERAntiSpyware) HKU\S-1-5-21-3698717709-2749432152-3893599215-1001\...\MountPoints2: {0ff550b6-06d3-11e6-bb7f-001bb9ebdf24} - J:\SETUP.EXE HKU\S-1-5-21-3698717709-2749432152-3893599215-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SkyDrive] => C:\Users\VozesFacil\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2016-04-19] (Microsoft Corporation) HKU\S-1-5-21-3698717709-2749432152-3893599215-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3369152 2016-04-04] (Disc Soft Ltd) HKU\S-1-5-21-3698717709-2749432152-3893599215-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-13] (Microsoft Corporation) HKU\S-1-5-21-3698717709-2749432152-3893599215-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6699800 2015-01-22] (SUPERAntiSpyware) HKU\S-1-5-21-3698717709-2749432152-3893599215-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0ff550b6-06d3-11e6-bb7f-001bb9ebdf24} - J:\SETUP.EXE ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 189.7.8.36 189.7.8.39 189.7.8.34 Tcpip\..\Interfaces\{8B5B710F-5F2E-4091-B1B2-EC170C07512E}: [DhcpNameServer] 189.7.8.36 189.7.8.39 189.7.8.34 ManualProxies: 0hxxp://unstops.net/wpad.dat?bc82c6efca5030c85b9ebdebbc0ba2129122691 Internet Explorer: ================== HKU\S-1-5-21-3698717709-2749432152-3893599215-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3698717709-2749432152-3893599215-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal) FireFox: ======== FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-19] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-19] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-26] (Adobe Systems Inc.) Chrome: ======= CHR Session Restore: Default -> está habilitado. CHR Profile: C:\Users\VozesFacil\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Apresentações) - C:\Users\VozesFacil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-19] CHR Extension: (Google Docs) - C:\Users\VozesFacil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-19] CHR Extension: (Google Drive) - C:\Users\VozesFacil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-19] CHR Extension: (YouTube) - C:\Users\VozesFacil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-19] CHR Extension: (Planilhas do Google) - C:\Users\VozesFacil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-19] CHR Extension: (Documentos Google off-line) - C:\Users\VozesFacil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-19] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\VozesFacil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19] CHR Extension: (Piano Virtual) - C:\Users\VozesFacil\AppData\Local\Google\Chrome\User Data\Default\Extensions\oanofegliaibpfkffbpjniogdgmelija [2016-04-19] CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\VozesFacil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2016-04-19] CHR Extension: (Gmail) - C:\Users\VozesFacil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-19] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1125568 2016-04-04] (Disc Soft Ltd) R2 GbpSv; C:\Program Files\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia) R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security, S.L.) R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [73464 2015-10-28] (Panda Security, S.L.) R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security, S.L.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation) S2 Lnspmekiingcachesrv; "C:\Program Files\Lnspmekiing\Lnspmekiingcachesrv.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X] S2 Ugokcogq; "C:\Users\VozesFacil\AppData\Roaming\YbunhhRowpa\Piotkelj.exe" -cms [X] ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2016-04-20] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-04-20] (Disc Soft Ltd) R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [5248 2010-01-27] () [Arquivo não assinado] R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [49496 2015-12-08] (GAS Tecnologia) R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43376 2016-04-24] () R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-04-24] (Malwarebytes) R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2016-04-19] (GAS Tecnologia) R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [87032 2015-07-09] (Panda Security, S.L.) R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202104 2015-07-09] (Panda Security, S.L.) R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [109688 2015-07-09] (Panda Security, S.L.) R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [121720 2015-07-09] (Panda Security, S.L.) R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [50992 2015-05-20] (Panda Security, S.L.) R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [102264 2015-07-09] (Panda Security, S.L.) R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [65272 2015-08-31] (Panda Security, S.L.) R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [120568 2015-07-09] (Panda Security, S.L.) R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [281720 2015-07-09] (Panda Security, S.L.) R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [209016 2015-07-09] (Panda Security, S.L.) R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [108408 2015-07-09] (Panda Security, S.L.) R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [240376 2015-07-09] (Panda Security, S.L.) R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [94968 2015-07-09] (Panda Security, S.L.) R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [140024 2015-07-19] (Panda Security, S.L.) R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [105208 2015-07-19] (Panda Security, S.L.) R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [168696 2015-07-19] (Panda Security, S.L.) R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [113912 2015-07-19] (Panda Security, S.L.) R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [124664 2015-07-19] (Panda Security, S.L.) R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [100600 2015-07-19] (Panda Security, S.L.) R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50832 2015-05-22] (Panda Security, S.L.) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 ZAM; C:\Windows\System32\drivers\zam32.sys [211872 2016-04-21] (Zemana Ltd.) R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard32.sys [211872 2016-04-21] (Zemana Ltd.) S0 gbpddreg; system32\drivers\gbpddreg32.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-04-24 09:46 - 2016-04-24 09:46 - 00013863 _____ C:\Users\VozesFacil\Desktop\FRST.txt 2016-04-24 09:45 - 2016-04-24 09:46 - 00000000 ____D C:\FRST 2016-04-24 09:44 - 2016-04-24 09:44 - 01726464 _____ (Farbar) C:\Users\VozesFacil\Desktop\FRST.exe 2016-04-24 09:40 - 2016-04-24 09:40 - 00043376 _____ C:\Windows\system32\Drivers\hitmanpro37.sys 2016-04-24 09:40 - 2016-04-24 09:40 - 00001897 _____ C:\Users\Public\Desktop\HitmanPro.lnk 2016-04-24 09:40 - 2016-04-24 09:40 - 00000000 ____D C:\Users\Todos os Usuários\HitmanPro 2016-04-24 09:40 - 2016-04-24 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2016-04-24 09:40 - 2016-04-24 09:40 - 00000000 ____D C:\ProgramData\HitmanPro 2016-04-24 09:40 - 2016-04-24 09:40 - 00000000 ____D C:\Program Files\HitmanPro 2016-04-24 09:37 - 2016-04-24 09:39 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-04-24 09:36 - 2016-04-24 09:36 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-04-24 09:36 - 2016-04-24 09:36 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes 2016-04-24 09:36 - 2016-04-24 09:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-04-24 09:36 - 2016-04-24 09:36 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-04-24 09:36 - 2016-04-24 09:36 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2016-04-24 09:36 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-04-24 09:36 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-04-24 09:36 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-04-24 09:33 - 2016-04-24 09:33 - 00003074 _____ C:\Users\VozesFacil\Desktop\Rkill.txt 2016-04-24 08:01 - 2016-04-24 08:01 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\IsolatedStorage 2016-04-24 08:01 - 2016-04-24 08:01 - 00000000 ____D C:\Users\VozesFacil\AppData\Local\FileViewPro 2016-04-24 08:01 - 2016-04-24 08:01 - 00000000 ____D C:\Users\Todos os Usuários\IsolatedStorage 2016-04-24 08:01 - 2016-04-24 08:01 - 00000000 ____D C:\ProgramData\IsolatedStorage 2016-04-24 07:58 - 2016-04-24 07:58 - 00000000 ____D C:\Spacekace 2016-04-22 16:19 - 2016-04-22 16:19 - 00000000 ____D C:\Program Files\ESET 2016-04-22 16:18 - 2016-04-22 16:24 - 00000000 ____D C:\AdwCleaner 2016-04-22 14:06 - 2016-04-24 09:32 - 00001725 _____ C:\Users\VozesFacil\Desktop\chrome - Atalho.lnk 2016-04-22 13:05 - 2016-04-22 13:05 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\Panda Security 2016-04-22 13:05 - 2015-05-22 05:45 - 00050832 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys 2016-04-22 13:04 - 2016-04-22 13:05 - 00000000 ____D C:\Program Files\Panda Security 2016-04-22 13:04 - 2016-04-22 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Internet Security 2016 2016-04-22 11:23 - 2016-04-22 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2016-04-22 11:23 - 2016-04-22 11:23 - 00000000 ____D C:\Program Files\K-Lite Codec Pack 2016-04-22 11:23 - 2015-11-04 14:00 - 00655872 _____ C:\Windows\system32\xvidcore.dll 2016-04-22 11:23 - 2015-11-04 14:00 - 00240128 _____ C:\Windows\system32\xvidvfw.dll 2016-04-22 11:23 - 2015-10-24 14:00 - 00112128 _____ C:\Windows\system32\ff_vfw.dll 2016-04-22 11:23 - 2015-02-28 13:21 - 03591680 _____ (x264vfw project) C:\Windows\system32\x264vfw.dll 2016-04-22 11:23 - 2012-07-21 08:54 - 00122880 _____ (fccHandler) C:\Windows\system32\ac3acm.acm 2016-04-22 11:23 - 2011-12-07 15:32 - 00216064 _____ ( ) C:\Windows\system32\lagarith.dll 2016-04-22 11:09 - 2016-04-22 11:09 - 00388293 __RSH C:\SEQBZ 2016-04-22 08:28 - 2016-04-22 08:28 - 00001727 _____ C:\Users\VozesFacil\Desktop\SpyHunter4 - Atalho.lnk 2016-04-21 11:30 - 2016-04-21 11:30 - 00000000 ____D C:\Users\VozesFacil\AppData\Local\CEF 2016-04-21 11:29 - 2016-04-21 11:29 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\WinRAR 2016-04-21 11:29 - 2016-04-21 11:29 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-04-21 11:29 - 2016-04-21 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-04-21 11:29 - 2016-04-21 11:29 - 00000000 ____D C:\Program Files\WinRAR 2016-04-21 08:45 - 2016-04-24 09:40 - 00029841 _____ C:\Windows\ZAM.krnl.trace 2016-04-21 08:45 - 2016-04-24 07:01 - 00000119 _____ C:\Windows\ZAM_Guard.krnl.trace 2016-04-21 08:45 - 2016-04-21 08:45 - 00211872 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard32.sys 2016-04-21 08:45 - 2016-04-21 08:45 - 00211872 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam32.sys 2016-04-21 08:45 - 2016-04-21 08:45 - 00000000 ____D C:\Users\VozesFacil\AppData\Local\Zemana 2016-04-21 07:39 - 2016-04-22 13:05 - 00000000 ____D C:\Users\Todos os Usuários\Panda Security 2016-04-21 07:39 - 2016-04-22 13:05 - 00000000 ____D C:\ProgramData\Panda Security 2016-04-21 07:03 - 2016-04-24 07:02 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2016-04-21 07:03 - 2016-04-21 07:03 - 00001965 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2016-04-21 07:03 - 2016-04-21 07:03 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\SUPERAntiSpyware.com 2016-04-21 07:03 - 2016-04-21 07:03 - 00000000 ____D C:\Users\Todos os Usuários\SUPERAntiSpyware.com 2016-04-21 07:03 - 2016-04-21 07:03 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2016-04-21 07:03 - 2016-04-21 07:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2016-04-21 06:42 - 2016-04-21 06:42 - 00042848 _____ C:\Windows\ntbtlog.txt 2016-04-21 06:23 - 2016-04-21 06:23 - 00000000 ____D C:\sh4ldr 2016-04-20 09:55 - 2016-04-20 12:48 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\Adobe 2016-04-20 09:55 - 2016-04-20 09:55 - 00000000 ____D C:\Users\VozesFacil\AppData\LocalLow\Adobe 2016-04-20 09:31 - 2016-04-20 09:31 - 00000000 ____D C:\Windows\system32\ula 2016-04-20 09:16 - 2016-04-20 09:18 - 00000000 ____D C:\Users\VozesFacil\AppData\Local\Setup Wizard 2016-04-20 09:06 - 2016-04-20 09:06 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\MCorp 2016-04-20 09:02 - 2016-04-24 09:32 - 00001030 _____ C:\Users\VozesFacil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-04-20 08:58 - 2016-04-20 08:58 - 00001634 _____ C:\Users\Todos os Usuários\webad.xml 2016-04-20 08:58 - 2016-04-20 08:58 - 00001634 _____ C:\ProgramData\webad.xml 2016-04-20 08:58 - 2016-04-20 08:58 - 00000000 __RSH C:\MSDOS.SYS 2016-04-20 08:58 - 2016-04-20 08:58 - 00000000 __RSH C:\IO.SYS 2016-04-20 08:57 - 2016-04-20 08:57 - 00001163 _____ C:\Users\VozesFacil\AppData\Roaming\svrupg.exe 2016-04-20 08:57 - 2016-04-20 08:57 - 00000030 _____ C:\Windows\system32\${LOGFILE} 2016-04-20 08:55 - 2016-04-21 06:23 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2016-04-20 08:55 - 2016-04-20 08:55 - 00000000 ____D C:\Program Files\Enigma Software Group 2016-04-20 08:54 - 2016-04-20 08:55 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP 2016-04-20 08:53 - 2016-04-20 08:53 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard 2016-04-20 08:50 - 2016-04-20 08:46 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak 2016-04-20 08:45 - 2016-04-20 08:45 - 00000000 ____D C:\Users\VozesFacil\AppData\LocalLow\Company 2016-04-20 08:45 - 2016-04-20 08:45 - 00000000 ____D C:\Users\VozesFacil\AppData\Local\Tempfolder 2016-04-20 08:44 - 2016-04-20 08:45 - 00000000 ____D C:\Users\Public\Documents\dmp 2016-04-20 08:03 - 2016-04-20 08:03 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\East West EWQLSO PRO XP Silver 2016-04-20 08:03 - 2016-04-20 08:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\East West EWQLSO PRO XP Silver 2016-04-20 08:01 - 2016-04-20 08:01 - 00000000 ____D C:\Program Files\Common Files\Digidesign 2016-04-20 08:00 - 2016-04-20 08:00 - 00000000 ____D C:\Program Files\East West 2016-04-20 07:20 - 2016-04-20 12:50 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-04-20 07:20 - 2016-04-20 09:19 - 00000000 ____D C:\Users\Todos os Usuários\Adobe 2016-04-20 07:20 - 2016-04-20 09:19 - 00000000 ____D C:\ProgramData\Adobe 2016-04-20 07:20 - 2016-04-20 07:20 - 00002017 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-04-20 07:20 - 2016-04-20 07:20 - 00000000 ____D C:\Program Files\Common Files\Adobe 2016-04-20 07:20 - 2016-04-20 07:20 - 00000000 ____D C:\Program Files\Adobe 2016-04-20 07:17 - 2016-04-20 09:55 - 00000000 ____D C:\Users\VozesFacil\AppData\Local\Adobe 2016-04-20 07:17 - 2016-04-20 07:17 - 00001823 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk 2016-04-20 07:17 - 2016-04-20 07:17 - 00001803 _____ C:\Users\Public\Desktop\PDF24 Fax.lnk 2016-04-20 07:17 - 2016-04-20 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2016-04-20 07:16 - 2016-04-20 07:17 - 00000000 ____D C:\Program Files\PDF24 2016-04-20 07:13 - 2016-04-20 07:13 - 00000000 ____D C:\Users\VozesFacil\AppData\Local\Disc_Soft_Ltd 2016-04-20 06:35 - 2016-04-20 06:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-04-20 06:35 - 2016-04-20 06:35 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services 2016-04-20 06:35 - 2016-04-20 06:35 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition 2016-04-20 06:35 - 2016-04-20 06:35 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2016-04-20 06:33 - 2016-04-20 06:33 - 00000000 ____D C:\Program Files\Microsoft Analysis Services 2016-04-20 06:32 - 2016-04-20 07:55 - 00000000 ____D C:\Users\VozesFacil\AppData\Local\Microsoft Help 2016-04-20 06:32 - 2016-04-20 06:37 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help 2016-04-20 06:32 - 2016-04-20 06:35 - 00000000 ____D C:\Program Files\Microsoft Office 2016-04-20 06:31 - 2016-04-20 06:31 - 00000000 __RHD C:\MSOCache 2016-04-20 06:29 - 2016-04-20 06:29 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images 2016-04-20 06:28 - 2016-04-20 06:28 - 00040504 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys 2016-04-20 06:27 - 2016-04-20 06:29 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\DAEMON Tools Lite 2016-04-20 06:27 - 2016-04-20 06:28 - 00000000 ____D C:\Program Files\DAEMON Tools Lite 2016-04-20 06:27 - 2016-04-20 06:27 - 00026168 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2016-04-20 06:27 - 2016-04-20 06:27 - 00001930 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2016-04-20 06:27 - 2016-04-20 06:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2016-04-20 06:26 - 2016-04-20 06:26 - 00000000 ____D C:\Users\Todos os Usuários\DAEMON Tools Lite 2016-04-20 06:26 - 2016-04-20 06:26 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2016-04-19 17:36 - 2016-04-19 17:36 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\Stellarium 2016-04-19 17:36 - 2016-04-19 17:36 - 00000000 ____D C:\Users\VozesFacil\AppData\Local\stellarium 2016-04-19 17:28 - 2016-04-19 17:29 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\MakeMusic 2016-04-19 17:28 - 2016-04-19 17:28 - 00000978 _____ C:\Users\Public\Desktop\Finale 2014.lnk 2016-04-19 17:28 - 2016-04-19 17:28 - 00000000 ____D C:\Users\VozesFacil\Documents\Finale Files 2016-04-19 17:28 - 2016-04-19 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Finale 2014 2016-04-19 17:26 - 2016-04-19 17:28 - 00000000 ____D C:\Program Files\Finale 2014 2016-04-19 17:26 - 2016-04-19 17:26 - 00000000 ____D C:\Users\Todos os Usuários\MakeMusic 2016-04-19 17:26 - 2016-04-19 17:26 - 00000000 ____D C:\ProgramData\MakeMusic 2016-04-19 17:06 - 2016-04-19 17:06 - 00001877 _____ C:\Users\Public\Desktop\Stellarium.lnk 2016-04-19 17:06 - 2016-04-19 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium 2016-04-19 17:06 - 2016-04-19 17:06 - 00000000 ____D C:\Program Files\Stellarium 2016-04-19 17:03 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2016-04-19 17:03 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2016-04-19 17:03 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2016-04-19 17:03 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2016-04-19 17:03 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2016-04-19 17:03 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2016-04-19 17:03 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2016-04-19 17:03 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2016-04-19 17:03 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2016-04-19 17:03 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2016-04-19 17:03 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2016-04-19 17:03 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2016-04-19 17:03 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2016-04-19 17:03 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2016-04-19 17:03 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2016-04-19 17:03 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2016-04-19 17:03 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2016-04-19 17:03 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2016-04-19 17:03 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2016-04-19 17:03 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2016-04-19 17:03 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2016-04-19 17:03 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2016-04-19 17:03 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2016-04-19 17:03 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2016-04-19 17:03 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2016-04-19 17:03 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2016-04-19 17:03 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2016-04-19 17:03 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2016-04-19 17:03 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2016-04-19 17:03 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2016-04-19 17:03 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2016-04-19 17:03 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2016-04-19 17:03 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2016-04-19 17:03 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2016-04-19 17:03 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2016-04-19 17:03 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2016-04-19 17:03 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2016-04-19 17:03 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2016-04-19 17:03 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2016-04-19 17:03 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2016-04-19 17:03 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2016-04-19 17:03 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2016-04-19 17:03 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2016-04-19 17:03 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2016-04-19 17:03 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2016-04-19 17:03 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2016-04-19 17:03 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2016-04-19 17:03 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2016-04-19 17:03 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2016-04-19 17:03 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2016-04-19 17:03 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2016-04-19 17:03 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2016-04-19 17:03 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2016-04-19 17:03 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2016-04-19 17:03 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2016-04-19 17:03 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2016-04-19 17:03 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2016-04-19 17:03 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2016-04-19 17:03 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2016-04-19 17:03 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2016-04-19 17:03 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2016-04-19 17:03 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2016-04-19 17:03 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2016-04-19 17:03 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2016-04-19 17:03 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2016-04-19 17:03 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2016-04-19 17:03 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2016-04-19 17:03 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2016-04-19 17:03 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2016-04-19 17:03 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2016-04-19 17:03 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2016-04-19 17:03 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2016-04-19 17:03 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2016-04-19 17:03 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2016-04-19 17:03 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2016-04-19 17:03 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2016-04-19 17:03 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2016-04-19 17:03 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2016-04-19 17:03 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2016-04-19 17:03 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2016-04-19 17:03 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2016-04-19 17:03 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2016-04-19 17:03 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2016-04-19 17:01 - 2016-04-21 05:18 - 00000000 ____D C:\Program Files\realtech VR 2016-04-19 17:01 - 2016-04-19 17:03 - 00000000 ____D C:\Windows\system32\directx 2016-04-19 17:01 - 2016-04-19 17:03 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\realtech VR 2016-04-19 17:01 - 2016-04-19 17:01 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR 2016-04-19 17:01 - 2016-04-19 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\realtech VR 2016-04-19 17:00 - 2016-04-19 17:00 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk 2016-04-19 17:00 - 2016-04-19 17:00 - 00000000 ____D C:\Users\VozesFacil\AppData\LocalLow\Google 2016-04-19 15:10 - 2016-04-19 15:10 - 00008192 __RSH C:\BOOTSECT.BAK 2016-04-19 15:10 - 2016-04-19 10:20 - 00000000 ____D C:\Windows\Panther 2016-04-19 15:10 - 2009-07-13 22:38 - 00383562 _____ C:\bootmgr 2016-04-19 15:09 - 2016-04-24 07:07 - 00702882 _____ C:\Windows\system32\prfh0416.dat 2016-04-19 15:09 - 2016-04-24 07:07 - 00145668 _____ C:\Windows\system32\prfc0416.dat 2016-04-19 15:09 - 2016-04-19 15:09 - 00323154 _____ C:\Windows\system32\prfi0416.dat 2016-04-19 15:09 - 2016-04-19 15:09 - 00038536 _____ C:\Windows\system32\prfd0416.dat 2016-04-19 15:09 - 2016-04-19 15:09 - 00000000 ____D C:\Windows\system32\XPSViewer 2016-04-19 14:44 - 2016-04-20 09:00 - 00000000 ____D C:\Program Files\GbPlugin 2016-04-19 14:44 - 2016-04-19 14:44 - 00029400 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpndisrdn.sys 2016-04-19 14:44 - 2016-04-19 14:44 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin 2016-04-19 14:44 - 2016-04-19 14:44 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia 2016-04-19 14:44 - 2016-04-19 14:44 - 00000000 ____D C:\ProgramData\GbPlugin 2016-04-19 14:44 - 2016-04-19 14:44 - 00000000 ____D C:\ProgramData\GAS Tecnologia 2016-04-19 14:44 - 2015-12-08 13:13 - 00049496 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpkm.sys 2016-04-19 12:50 - 2016-04-24 09:46 - 00000000 ____D C:\Down 2016-04-19 12:47 - 2016-04-24 07:03 - 00000000 ___RD C:\SkyDrive 2016-04-19 12:38 - 2016-04-19 14:27 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\Windows Live Writer 2016-04-19 12:38 - 2016-04-19 12:38 - 00000000 ____D C:\Users\VozesFacil\Documents\My Weblog Posts 2016-04-19 12:38 - 2016-04-19 12:38 - 00000000 ____D C:\Users\VozesFacil\AppData\Local\Windows Live Writer 2016-04-19 11:20 - 2012-06-02 19:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-04-19 11:20 - 2012-06-02 19:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-04-19 11:20 - 2012-06-02 19:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-04-19 11:20 - 2012-06-02 19:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-04-19 11:20 - 2012-06-02 19:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-04-19 11:20 - 2012-06-02 19:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-04-19 11:20 - 2012-06-02 19:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-04-19 11:20 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-04-19 11:20 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-04-19 11:19 - 2016-04-19 11:19 - 00001404 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2016-04-19 11:19 - 2016-04-19 11:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2016-04-19 11:19 - 2016-04-19 11:19 - 00000000 ____D C:\Windows\PCHEALTH 2016-04-19 11:18 - 2016-04-19 11:19 - 00000000 ____D C:\Program Files\Windows Live 2016-04-19 11:18 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2016-04-19 11:18 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2016-04-19 11:18 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2016-04-19 11:18 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2016-04-19 11:17 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2016-04-19 11:17 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2016-04-19 11:14 - 2009-11-25 16:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2016-04-19 11:14 - 2009-11-25 16:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll 2016-04-19 11:14 - 2009-11-25 16:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe 2016-04-19 11:14 - 2009-11-25 16:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll 2016-04-19 11:14 - 2009-11-25 16:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll 2016-04-19 11:12 - 2016-04-19 11:12 - 00002204 _____ C:\Users\VozesFacil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-04-19 11:12 - 2016-04-19 11:12 - 00002068 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-04-19 11:12 - 2016-04-19 11:12 - 00002068 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-04-19 11:12 - 2016-04-19 11:12 - 00002068 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-04-19 11:12 - 2016-04-19 11:12 - 00000000 ___RD C:\Users\VozesFacil\OneDrive 2016-04-19 11:12 - 2016-04-19 11:12 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive 2016-04-19 11:12 - 2016-04-19 11:12 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-04-19 11:12 - 2016-04-19 11:12 - 00000000 ____D C:\Program Files\Microsoft OneDrive 2016-04-19 11:11 - 2010-08-11 01:44 - 02983424 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll 2016-04-19 11:11 - 2010-08-11 01:35 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll 2016-04-19 11:11 - 2010-05-23 07:15 - 01619456 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-04-19 11:11 - 2010-05-23 07:11 - 03181568 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-04-19 11:11 - 2010-05-23 07:11 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll 2016-04-19 11:10 - 2016-04-22 06:38 - 00000000 ____D C:\Users\VozesFacil\AppData\Local\Windows Live 2016-04-19 11:09 - 2016-04-19 11:09 - 00000000 ____D C:\Program Files\Common Files\Windows Live 2016-04-19 10:37 - 2016-04-06 10:18 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-04-19 10:32 - 2016-04-24 09:32 - 00001172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-19 10:31 - 2016-04-22 16:30 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-04-19 10:31 - 2016-04-22 16:30 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-19 10:31 - 2016-04-22 13:05 - 00096432 _____ C:\Users\VozesFacil\AppData\Local\GDIPFONTCACHEV1.DAT 2016-04-19 10:31 - 2016-04-19 17:00 - 00000000 ____D C:\Program Files\Google 2016-04-19 10:31 - 2016-04-19 11:09 - 00000000 ____D C:\Users\VozesFacil\AppData\Local\Google 2016-04-19 10:31 - 2016-04-19 10:31 - 00000000 ____D C:\Users\VozesFacil\AppData\Local\Deployment 2016-04-19 10:31 - 2016-04-19 10:31 - 00000000 ____D C:\Users\VozesFacil\AppData\Local\Apps\2.0 2016-04-19 10:24 - 2016-04-24 07:07 - 01626900 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-19 10:20 - 2016-04-19 14:50 - 00000000 ____D C:\Users\VozesFacil\AppData\Local\VirtualStore 2016-04-19 10:20 - 2016-04-19 11:12 - 00000000 ____D C:\Users\VozesFacil 2016-04-19 10:20 - 2016-04-19 10:20 - 00000020 ___SH C:\Users\VozesFacil\ntuser.ini 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\VozesFacil\Modelos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\VozesFacil\Meus documentos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\VozesFacil\Menu Iniciar 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\VozesFacil\Documents\Minhas músicas 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\VozesFacil\Documents\Minhas imagens 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\VozesFacil\Documents\Meus vídeos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\VozesFacil\Dados de aplicativos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\VozesFacil\Configurações locais 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\VozesFacil\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\VozesFacil\AppData\Local\Histórico 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\VozesFacil\AppData\Local\Dados de aplicativos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\VozesFacil\Ambiente de rede 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\VozesFacil\Ambiente de impressão 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Usuário Padrão 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Todos os Usuários 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default\Modelos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default\Meus documentos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default\Menu Iniciar 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default\Configurações locais 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default\Ambiente de rede 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\ProgramData\Modelos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\ProgramData\Menu Iniciar 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\ProgramData\Favoritos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\ProgramData\Documentos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Program Files\Common Files\Sistema 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Program Files\Arquivos Comuns 2016-04-19 10:20 - 2016-04-19 10:20 - 00000000 _SHDL C:\Arquivos de Programas 2016-04-19 10:20 - 2009-07-14 04:48 - 00000000 ____D C:\Users\VozesFacil\AppData\Roaming\Media Center Programs 2016-04-19 10:16 - 2016-04-19 10:16 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2016-04-19 10:15 - 2016-04-19 10:15 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-04-24 07:10 - 2009-07-14 01:34 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-04-24 07:10 - 2009-07-14 01:34 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-04-24 07:07 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf 2016-04-24 07:02 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-22 16:30 - 2009-07-14 01:33 - 00395248 _____ C:\Windows\system32\FNTCACHE.DAT 2016-04-21 08:57 - 2009-07-13 20:12 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2016-04-20 06:35 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-04-20 06:33 - 2009-07-14 04:49 - 00000000 ____D C:\Windows\ShellNew 2016-04-19 15:10 - 2009-07-14 01:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template 2016-04-19 15:09 - 2009-07-14 04:50 - 00000000 ____D C:\Program Files\Windows Journal 2016-04-19 15:09 - 2009-07-14 01:56 - 00000000 ____D C:\Windows\system32\winrm 2016-04-19 15:09 - 2009-07-14 01:56 - 00000000 ____D C:\Windows\system32\WCN 2016-04-19 15:09 - 2009-07-14 01:56 - 00000000 ____D C:\Windows\system32\slmgr 2016-04-19 15:09 - 2009-07-14 01:56 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts 2016-04-19 15:09 - 2009-07-14 01:52 - 00000000 ____D C:\Program Files\Windows Sidebar 2016-04-19 15:09 - 2009-07-14 01:52 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-04-19 15:09 - 2009-07-14 01:52 - 00000000 ____D C:\Program Files\Windows Defender 2016-04-19 15:09 - 2009-07-14 01:52 - 00000000 ____D C:\Program Files\DVD Maker 2016-04-19 15:09 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\oobe 2016-04-19 15:09 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\MUI 2016-04-19 15:09 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\migwiz 2016-04-19 15:09 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\Dism 2016-04-19 15:09 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\com 2016-04-19 15:09 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\servicing 2016-04-19 15:09 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\PolicyDefinitions 2016-04-19 15:09 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\IME 2016-04-19 15:09 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\System 2016-04-19 13:43 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\rescache 2016-04-19 10:20 - 2009-07-13 23:37 - 00000000 __RHD C:\Users\Public\Libraries 2016-04-19 10:20 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Windows NT 2016-04-19 10:16 - 2009-07-14 01:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-04-19 10:15 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\sysprep 2016-04-19 10:13 - 2009-07-14 04:49 - 00000000 ____D C:\Windows\CSC ==================== Arquivos na raiz de alguns diretórios ======= 2016-04-20 08:57 - 2016-04-20 08:57 - 0001163 _____ () C:\Users\VozesFacil\AppData\Roaming\svrupg.exe 2016-04-20 08:58 - 2016-04-20 08:58 - 0001634 _____ () C:\ProgramData\webad.xml Alguns arquivos em TEMP: ==================== C:\Users\VozesFacil\AppData\Local\Temp\Browser_V5.6.11815.13_r_4736_(Build1604131623).exe C:\Users\VozesFacil\AppData\Local\Temp\HimdjdmiO8.exe C:\Users\VozesFacil\AppData\Local\Temp\libeay32.dll C:\Users\VozesFacil\AppData\Local\Temp\msvcr120.dll C:\Users\VozesFacil\AppData\Local\Temp\ose00000.exe C:\Users\VozesFacil\AppData\Local\Temp\sqlite3.dll C:\Users\VozesFacil\AppData\Local\Temp\vbXtnl5g1g.exe ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-04-19 11:57 ==================== Fim de FRST.txt ============================