Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:01-05-2016 Executado por Charlão (administrador) em CHARLÃO-PC (01-05-2016 17:43:38) Executando a partir de C:\Users\Charlão\Downloads Perfis Carregados: Charlão (Perfis Disponíveis: Charlão) Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil) Internet Explorer Versão 8 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Qksee Pvt Ltd.) C:\Program Files\qksee\qkseeSvc.exe (GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe (Autodesk Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.362.0\BBSvc.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (tsvr.com) C:\Users\Charlão\AppData\Roaming\TSv\TSvr.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files\BisonCam\Monitor.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe () C:\Windows\System32\srvany.exe () C:\Windows\KMService.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (WFini LIMITED) C:\ProgramData\4winp4\WFini.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Akamai Technologies, Inc.) C:\Users\Charlão\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Charlão\AppData\Local\Akamai\netsession_win.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe (Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe (Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-05-09] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1013616 2014-05-13] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1013616 2014-05-13] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2456304 2014-04-07] (Synaptics Incorporated) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [S_Monitor] => C:\Program Files\BisonCam\Monitor.exe [258936 2011-01-03] () HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-24] (AVAST Software) HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [529632 2015-11-04] (GAS Tecnologia LTDA) HKLM\...\Run: [ADSKAppManager] => C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [716224 2016-03-23] (Autodesk, Inc.) Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal) HKU\S-1-5-21-1550958744-1584773798-748433644-1000\...\Run: [Google Update] => C:\Users\Charlão\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.) HKU\S-1-5-21-1550958744-1584773798-748433644-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Charlão\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-1550958744-1584773798-748433644-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1151016 2016-02-02] (Autodesk, Inc.) HKU\S-1-5-21-1550958744-1584773798-748433644-1000\...\Policies\Explorer: [] HKU\S-1-5-21-1550958744-1584773798-748433644-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2009-07-13] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1151016 2016-02-02] (Autodesk, Inc.) ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-02-17] (AVAST Software) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.) BootExecute: autocheck autochk * aswBoot.exe /M:5590d3d8 /dir:"C:\Program Files\AVAST Software\Avast" ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5369E114-8091-4051-8BD2-41B0A6B985AC}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-1550958744-1584773798-748433644-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-17] (AVAST Software) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\PROGRAM FILES\GBPLUGIN\gbiehcef.dll [2015-09-22] (Caixa Economica Federal) BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.) Toolbar: HKU\S-1-5-21-1550958744-1584773798-748433644-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.) FireFox: ======== FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-09] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1550958744-1584773798-748433644-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Charlão\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.) FF Plugin HKU\S-1-5-21-1550958744-1584773798-748433644-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Charlão\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.) FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-17] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-17] Chrome: ======= CHR HomePage: Default -> hxxp://google.com/ CHR StartupUrls: Default -> "hxxp://www.yessearches.com/?mode=nnnb&ptid=pmr&uid=A2C9859DE82781B5891899351A557621&v=20160415&ts=AHEqAH0nBX4nAk.." CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searchTerms}&ts=AHEqAH0nBX4nAk..&v=20160415&uid=A2C9859DE82781B5891899351A557621&ptid=pmr&mode=nnnb CHR DefaultSearchKeyword: Default -> yessearches CHR Profile: C:\Users\Charlão\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Apresentações) - C:\Users\Charlão\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-08] CHR Extension: (Removedor de publicidade) - C:\Users\Charlão\AppData\Local\Google\Chrome\User Data\Default\Extensions\agepfiffpomipbmhfaegaibnlfjngcpf [2016-05-01] CHR Extension: (Google Docs) - C:\Users\Charlão\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05] CHR Extension: (Google Drive) - C:\Users\Charlão\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\Charlão\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Search) - C:\Users\Charlão\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Planilhas do Google) - C:\Users\Charlão\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-08] CHR Extension: (Documentos Google off-line) - C:\Users\Charlão\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (Avast Online Security) - C:\Users\Charlão\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-07] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Charlão\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Gmail) - C:\Users\Charlão\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-17] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AdAppMgrSvc; C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1231376 2016-03-23] (Autodesk Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-17] (AVAST Software) R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG) S2 BugreportW; C:\Program Files\yesbnd\mbat.exe [988176 2016-04-18] () S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2014-04-08] (Intel Corporation) S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1233376 2016-05-01] (Flexera Software LLC) R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [593120 2015-09-22] (GAS Tecnologia) R2 IhPul; C:\Users\Charlão\AppData\Roaming\TSv\TSvr.exe [376592 2016-04-24] (tsvr.com) S2 jjcscheduleservice; C:\Program Files\Jejochclipasp\jjcscheduleservice.exe [310768 2016-04-18] () R2 KMService; C:\Windows\system32\srvany.exe [8192 2003-04-18] () [Arquivo não assinado] R2 qkseeService; C:\Program Files\qksee\qkseeSvc.exe [706056 2016-04-25] (Qksee Pvt Ltd.) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [251096 2014-01-08] (Realtek Semiconductor) R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [529632 2015-11-04] (GAS Tecnologia LTDA) R2 WdMan; C:\ProgramData\4winp4\WFini.exe [574672 2016-04-25] (WFini LIMITED) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation) S2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [661208 2016-04-24] (Winzipper Pvt Ltd.) <==== ATENÇÃO S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X] ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [27896 2014-04-27] (Lenovo Corporation) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-02-17] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-03-23] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-03-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-02-17] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-02-17] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [816304 2016-03-09] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447848 2016-02-24] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [127432 2016-02-17] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221240 2016-02-17] (AVAST Software) R3 athr; C:\Windows\System32\DRIVERS\athr.sys [3200000 2013-06-25] (Qualcomm Atheros Communications, Inc.) S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [37344 2014-02-19] (IVT Corporation.) R3 cykbfltrService; C:\Windows\System32\DRIVERS\cykbfltr.sys [13824 2012-06-15] (Cypress Semiconductor, Inc.) R0 GbpKm; C:\Windows\System32\drivers\GbpKm.sys [49496 2015-09-03] (GAS Tecnologia) R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [490344 2014-04-02] (Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24424 2014-04-02] (Intel Corporation) R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-02-21] (Intel Corporation) R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2016-01-11] (GAS Tecnologia) S3 RSUSBVSTOR; C:\Windows\System32\Drivers\RtsUVStor.sys [247000 2014-02-27] (Realtek Semiconductor Corp.) S3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [2899312 2014-04-30] (Realtek Semiconductor Corporation ) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [25328 2014-04-07] (Synaptics Incorporated) R3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [146176 2009-07-13] (Microsoft Corporation) R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert32.sys [31448 2015-07-07] (Basil) R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [80728 2016-05-01] (GAS Tecnologia) R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [79064 2015-03-18] (GAS Tecnologia) S0 gbpddreg; system32\drivers\gbpddreg32.sys [X] S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-05-01 17:42 - 2016-05-01 17:43 - 00028411 _____ C:\Users\Charlão\Downloads\Addition.txt 2016-05-01 17:41 - 2016-05-01 17:43 - 00018130 _____ C:\Users\Charlão\Downloads\FRST.txt 2016-05-01 17:41 - 2016-05-01 17:43 - 00000000 ____D C:\FRST 2016-05-01 17:40 - 2016-05-01 17:40 - 01728000 _____ (Farbar) C:\Users\Charlão\Downloads\FRST.exe 2016-05-01 17:38 - 2016-05-01 17:38 - 00008998 _____ C:\Users\Charlão\Downloads\api-ms-win-crt-runtime-l1-1-0.zip 2016-05-01 17:27 - 2016-05-01 17:27 - 00002285 _____ C:\Users\Charlão\Desktop\Instalar agora Autodesk® AutoCAD® 2017.lnk 2016-05-01 17:27 - 2016-05-01 17:27 - 00000000 ____D C:\Users\Charlão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk 2016-05-01 17:26 - 2016-05-01 17:26 - 00001445 _____ C:\Users\Public\Desktop\Aplicativo da área de trabalho Autodesk.lnk 2016-05-01 17:12 - 2016-05-01 17:12 - 00001963 _____ C:\Users\Public\Desktop\A360 Desktop.lnk 2016-05-01 16:45 - 2016-05-01 17:27 - 00000000 ____D C:\Users\Charlão\AppData\Local\Autodesk 2016-05-01 16:45 - 2016-05-01 16:45 - 00002060 _____ C:\Users\Public\Desktop\AutoCAD 2017 - Português - Brasil (Brazilian Portuguese).lnk 2016-05-01 16:45 - 2016-05-01 16:45 - 00000000 ____D C:\Users\Public\Documents\Autodesk 2016-05-01 16:42 - 2016-05-01 16:42 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared 2016-05-01 16:36 - 2016-05-01 17:26 - 00000000 ____D C:\Program Files\Autodesk 2016-05-01 16:10 - 2016-05-01 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2016-05-01 16:10 - 2016-05-01 16:43 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared 2016-05-01 15:30 - 2016-05-01 17:26 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk 2016-05-01 15:30 - 2016-05-01 17:26 - 00000000 ____D C:\Users\Charlão\AppData\Roaming\Autodesk 2016-05-01 15:30 - 2016-05-01 17:26 - 00000000 ____D C:\ProgramData\Autodesk 2016-05-01 15:21 - 2016-05-01 15:23 - 00000000 ____D C:\Users\Charlão\AppData\Local\Akamai 2016-05-01 15:19 - 2016-05-01 15:20 - 18685488 _____ C:\Users\Charlão\Downloads\AutoCAD_2017_Brazilian_Portuguese_Win_32_64bit_wi_pt-BR_Setup.exe 2016-05-01 15:18 - 2016-05-01 15:19 - 00338320 _____ (Autodesk Inc.) C:\Users\Charlão\Downloads\AutoCAD_2017_Brazilian_Portuguese_Win_32_64bit_wi_pt-BR_Setup_webinstall.exe 2016-04-30 12:32 - 2016-04-30 12:32 - 00001046 _____ C:\Users\Charlão\Desktop\The SIMS 4.lnk 2016-04-30 12:32 - 2016-04-30 12:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab 2016-04-30 11:05 - 2016-04-30 12:32 - 00000000 ____D C:\Users\Charlão\Downloads\The SIMS 4 2016-04-27 22:10 - 2016-04-27 23:23 - 00000000 ____D C:\Games 2016-04-27 21:40 - 2016-04-27 22:00 - 00000000 ____D C:\Program Files\Origin 2016-04-27 20:17 - 2016-04-27 20:18 - 00315624 _____ (Microsoft Corporation) C:\Users\Charlão\Downloads\dxwebsetup (1).exe 2016-04-27 20:04 - 2016-04-27 20:04 - 00000000 ____D C:\Windows\system32\appmgmt 2016-04-27 12:16 - 2015-12-14 23:20 - 00000378 _____ C:\Users\Charlão\Desktop\TRADUÇÃO.reg 2016-04-26 22:04 - 2011-01-12 23:31 - 00353792 ____R (awtmk.ts3tools) C:\Windows\-- TROCAR IDIOMA --.exe 2016-04-26 21:54 - 2016-05-01 17:38 - 00000000 ____D C:\Program Files\WinZipper 2016-04-26 21:54 - 2016-05-01 17:35 - 00000001 _____ C:\Windows\system32\br.html 2016-04-26 21:54 - 2016-04-30 20:36 - 00000000 ____D C:\Program Files\qksee 2016-04-26 21:54 - 2016-04-27 23:22 - 00000000 ____D C:\Users\Charlão\AppData\Roaming\eCyber 2016-04-26 21:54 - 2016-04-27 10:10 - 00000000 ____D C:\Users\Charlão\AppData\Roaming\qksee 2016-04-26 21:54 - 2016-04-26 21:54 - 00000000 ____D C:\Users\Todos os Usuários\4winp4 2016-04-26 21:54 - 2016-04-26 21:54 - 00000000 ____D C:\Users\Charlão\AppData\Roaming\WinZiper 2016-04-26 21:54 - 2016-04-26 21:54 - 00000000 ____D C:\Users\Charlão\AppData\Roaming\TSv 2016-04-26 21:54 - 2016-04-26 21:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2016-04-26 21:54 - 2016-04-26 21:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee 2016-04-26 21:54 - 2016-04-26 21:54 - 00000000 ____D C:\ProgramData\4winp4 2016-04-26 21:54 - 2016-04-26 21:54 - 00000000 ____D C:\Program Files\QQBrowser 2016-04-26 21:51 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2016-04-26 21:51 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2016-04-26 21:51 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2016-04-26 21:51 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2016-04-26 21:51 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2016-04-26 21:51 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2016-04-26 21:51 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2016-04-26 21:51 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2016-04-26 21:51 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2016-04-26 21:51 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2016-04-26 21:51 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2016-04-26 21:51 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2016-04-26 21:51 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2016-04-26 21:51 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2016-04-26 21:51 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2016-04-26 21:51 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2016-04-26 21:51 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2016-04-26 21:51 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2016-04-26 21:51 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2016-04-26 21:51 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2016-04-26 21:51 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2016-04-26 21:51 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2016-04-26 21:51 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2016-04-26 21:51 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2016-04-26 21:51 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2016-04-26 21:51 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2016-04-26 21:51 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2016-04-26 21:51 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2016-04-26 21:51 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2016-04-26 21:51 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2016-04-26 21:51 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2016-04-26 21:51 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2016-04-26 21:51 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2016-04-26 21:51 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2016-04-26 21:51 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2016-04-26 21:51 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2016-04-26 21:51 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2016-04-26 21:51 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2016-04-26 21:51 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2016-04-26 21:51 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2016-04-26 21:51 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2016-04-26 21:51 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2016-04-26 21:51 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2016-04-26 21:51 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2016-04-26 21:51 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2016-04-26 21:51 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2016-04-26 21:51 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2016-04-26 21:51 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2016-04-26 21:51 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2016-04-26 21:51 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2016-04-26 21:51 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2016-04-26 21:51 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2016-04-26 21:51 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2016-04-26 21:51 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2016-04-26 21:51 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2016-04-26 21:51 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2016-04-26 21:51 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2016-04-26 21:51 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2016-04-26 21:51 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2016-04-26 21:51 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2016-04-26 21:51 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2016-04-26 21:51 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2016-04-26 21:51 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2016-04-26 21:51 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2016-04-26 21:51 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2016-04-26 21:51 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2016-04-26 21:51 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2016-04-26 21:51 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2016-04-26 21:51 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2016-04-26 21:51 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2016-04-26 21:51 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2016-04-26 21:51 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2016-04-26 21:51 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2016-04-26 21:51 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2016-04-26 21:51 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2016-04-26 21:51 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2016-04-26 21:51 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2016-04-26 21:51 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2016-04-26 21:51 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2016-04-26 21:51 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2016-04-26 21:51 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2016-04-26 21:51 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2016-04-26 21:51 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2016-04-26 21:51 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2016-04-26 21:51 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2016-04-26 21:51 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2016-04-26 21:51 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2016-04-26 21:51 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2016-04-26 21:51 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2016-04-26 21:51 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2016-04-26 21:49 - 2016-04-30 12:33 - 00000000 ____D C:\Windows\system32\directx 2016-04-26 21:49 - 2016-04-26 21:49 - 00292184 _____ (Microsoft Corporation) C:\Users\Charlão\Downloads\dxwebsetup.exe 2016-04-26 21:45 - 2016-04-26 21:46 - 00000000 ____D C:\Users\Charlão\Downloads\d3dx9_31 2016-04-26 18:59 - 2016-04-26 18:59 - 03901072 _____ (solvusoft Corporation ) C:\Users\Charlão\Downloads\WinThruster_2016_Setup (1).exe 2016-04-26 18:58 - 2016-04-26 18:58 - 03901072 _____ (solvusoft Corporation ) C:\Users\Charlão\Downloads\WinThruster_2016_Setup.exe 2016-04-26 18:55 - 2016-04-26 18:55 - 01674156 _____ C:\Users\Charlão\Downloads\d3dx9_31.zip 2016-04-22 13:03 - 2016-04-22 13:06 - 123658320 _____ (Trimble Navigation Limited) C:\Users\Charlão\Downloads\SketchUpPro-pt-BR.exe 2016-04-22 12:59 - 2016-04-22 13:01 - 123669664 _____ (Trimble Navigation Limited) C:\Users\Charlão\Downloads\Não confirmado 183479.crdownload 2016-04-20 12:28 - 2016-04-30 12:41 - 00000000 ____D C:\Users\Charlão\Documents\Electronic Arts 2016-04-20 11:09 - 2016-04-20 11:09 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller 2016-04-20 11:09 - 2014-09-16 18:45 - 00447752 _____ (On2.com) C:\Windows\system32\vp6vfw.dll 2016-04-19 23:50 - 2016-04-20 00:27 - 00000000 ____D C:\Users\Charlão\AppData\Roaming\Origin 2016-04-19 23:50 - 2016-04-19 23:51 - 00000000 ____D C:\Program Files\Origin Games 2016-04-19 23:47 - 2016-04-27 22:00 - 00000000 ____D C:\Users\Todos os Usuários\Origin 2016-04-19 23:47 - 2016-04-27 22:00 - 00000000 ____D C:\ProgramData\Origin 2016-04-19 23:45 - 2016-04-19 23:46 - 31334856 _____ (Electronic Arts, Inc.) C:\Users\Charlão\Downloads\OriginThinSetup.exe 2016-04-19 16:44 - 2016-04-19 16:44 - 00000000 ____D C:\Users\Charlão\Downloads\Correios_Rastreamento_19042016 (1) 2016-04-19 16:39 - 2016-04-19 16:40 - 00499727 _____ C:\Users\Charlão\Downloads\Correios_Rastreamento_19042016 (1).zip 2016-04-19 16:39 - 2016-04-19 16:39 - 00499727 _____ C:\Users\Charlão\Downloads\Correios_Rastreamento_19042016.zip 2016-04-19 16:39 - 2016-04-19 16:39 - 00000000 ____D C:\Users\Charlão\Downloads\Correios_Rastreamento_19042016 2016-04-19 00:23 - 2016-04-19 00:25 - 00000000 ____D C:\Users\Charlão\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 2016-04-19 00:22 - 2016-04-27 22:08 - 00000000 ____D C:\Program Files\yesbnd 2016-04-19 00:22 - 2016-04-19 00:22 - 00000000 ____D C:\Users\Public\Documents\dmp 2016-04-19 00:22 - 2016-04-19 00:22 - 00000000 ____D C:\Program Files\Jejochclipasp 2016-04-19 00:22 - 2016-04-19 00:22 - 00000000 ____D C:\extensions 2016-04-19 00:21 - 2016-04-19 00:21 - 00041087 _____ C:\Users\Charlão\Desktop\Download Promob Plus 2015.zip 2016-04-19 00:16 - 2016-05-01 15:21 - 00000000 ____D C:\Autodesk 2016-04-19 00:15 - 2016-04-19 00:16 - 17150648 _____ C:\Users\Charlão\Downloads\AutoCAD_2016_French_Win_32_64bit_wi_fr-FR_Setup.exe 2016-04-18 22:51 - 2016-04-18 22:51 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2016-04-18 01:08 - 2016-04-18 01:08 - 00350936 _____ (Spotify Ltd) C:\Users\Charlão\Downloads\SpotifySetup (1).exe 2016-04-18 00:55 - 2016-04-18 01:17 - 00000000 ____D C:\Users\Charlão\AppData\Roaming\Spotify 2016-04-18 00:55 - 2016-04-18 00:55 - 00350936 _____ (Spotify Ltd) C:\Users\Charlão\Downloads\SpotifySetup.exe 2016-04-18 00:34 - 2016-04-18 00:36 - 00000948 _____ C:\Users\Public\Desktop\FlvPlayer.lnk 2016-04-18 00:34 - 2016-04-18 00:34 - 00029760 _____ C:\Users\Charlão\Downloads\baixesims.com - The Sims 3 (.ISO) (2).torrent 2016-04-18 00:34 - 2016-04-18 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer 2016-04-18 00:33 - 2016-04-18 00:34 - 01015072 _____ ( ) C:\Users\Charlão\Downloads\FlvPlayerSetup.exe 2016-04-18 00:24 - 2016-04-18 00:24 - 00029760 _____ C:\Users\Charlão\Downloads\baixesims.com - The Sims 3 (.ISO) (1).torrent 2016-04-18 00:23 - 2016-04-18 00:23 - 00029760 _____ C:\Users\Charlão\Downloads\baixesims.com - The Sims 3 (.ISO).torrent 2016-04-16 00:25 - 2016-04-16 00:25 - 00000000 ____D C:\Program Files\eMuleTorrent 2016-04-16 00:21 - 2016-04-16 00:23 - 25498840 _____ C:\Users\Charlão\Downloads\emule.exe 2016-04-04 18:45 - 2016-04-04 18:45 - 00076322 _____ C:\Users\Charlão\Downloads\linha21.pdf ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-05-01 17:43 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-05-01 17:43 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-05-01 17:35 - 2014-07-18 22:38 - 00141632 _____ C:\Users\Charlão\AppData\Local\GDIPFONTCACHEV1.DAT 2016-05-01 17:34 - 2015-12-22 17:40 - 00080728 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys 2016-05-01 17:33 - 2014-07-18 21:59 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-01 17:32 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-05-01 17:32 - 2009-07-14 01:33 - 00482008 _____ C:\Windows\system32\FNTCACHE.DAT 2016-05-01 16:52 - 2014-07-18 21:59 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-01 16:45 - 2014-07-28 09:37 - 00001086 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1550958744-1584773798-748433644-1000UA.job 2016-05-01 16:41 - 2009-07-14 01:52 - 00000000 ____D C:\Windows\Downloaded Program Files 2016-05-01 15:52 - 2014-08-23 21:11 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache 2016-05-01 15:52 - 2014-08-23 21:11 - 00000000 ____D C:\ProgramData\Package Cache 2016-05-01 12:48 - 2014-07-18 15:23 - 01491932 _____ C:\Windows\system32\PerfStringBackup.INI 2016-05-01 12:48 - 2009-07-14 05:31 - 00654470 _____ C:\Windows\system32\prfh0416.dat 2016-05-01 12:48 - 2009-07-14 05:31 - 00124922 _____ C:\Windows\system32\prfc0416.dat 2016-05-01 12:48 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf 2016-04-30 11:00 - 2009-07-14 01:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-04-27 22:06 - 2014-07-18 21:59 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-27 22:06 - 2014-07-18 21:59 - 00001974 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-04-26 22:09 - 2014-07-18 21:59 - 00000000 ____D C:\Users\Charlão\AppData\Local\Google 2016-04-26 22:00 - 2014-07-21 13:41 - 00000000 ____D C:\Program Files\Avira 2016-04-26 21:56 - 2014-07-21 13:42 - 00000000 ____D C:\Users\Charlão\AppData\Roaming\Avira 2016-04-26 21:56 - 2014-07-21 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-04-24 23:13 - 2014-07-28 09:37 - 00001034 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1550958744-1584773798-748433644-1000Core.job 2016-04-19 23:47 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-04-19 16:16 - 2014-07-21 19:21 - 00009216 _____ C:\Users\Charlão\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-04-14 16:42 - 2014-08-21 19:47 - 00000000 ____D C:\Users\Charlão\AppData\Local\Microsoft Games 2016-04-13 11:13 - 2009-07-14 01:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-04-11 21:36 - 2015-12-22 01:53 - 00000000 ___SD C:\Users\Charlão\AppData\LocalLow\Temp ==================== Arquivos na raiz de alguns diretórios ======= 2014-07-21 19:21 - 2016-04-19 16:16 - 0009216 _____ () C:\Users\Charlão\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Alguns arquivos em TEMP: ==================== C:\Users\Charlão\AppData\Local\Temp\AcDeltree.exe C:\Users\Charlão\AppData\Local\Temp\avgnt.exe C:\Users\Charlão\AppData\Local\Temp\BingBarSetup-Partner.exe C:\Users\Charlão\AppData\Local\Temp\Uni000.exe ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-04-19 15:51 ==================== Fim de FRST.txt ============================