Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 13-07-2016 02 Executado por Avell B153 (administrador) em ALLAN-NOTE (14-07-2016 17:38:08) Executando a partir de C:\Users\Avell B153\Downloads Perfis Carregados: Avell B153 (Perfis Disponíveis: Avell B153 & DefaultAppPool) Platform: Windows 8.1 Single Language (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: IE) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe () C:\Program Files (x86)\Hospeda\GerTarefas\gertarefas.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe (Microsoft Corporation) C:\Users\Avell B153\Documents\MSAS10_50.SQLSERVER\OLAP\bin\msmdsrv.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) C:\Users\Avell B153\Documents\MSSQL10_50.SQLSERVER\MSSQL\Binn\sqlservr.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Microsoft Corporation) C:\Users\Avell B153\Documents\MSRS10_50.SQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Users\Avell B153\Documents\MSSQL10_50.SQLSERVER\MSSQL\Binn\fdlauncher.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Corporation) C:\Users\Avell B153\Documents\MSSQL10_50.SQLSERVER\MSSQL\Binn\fdhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (BlueStack Systems, Inc.) C:\ProgramData\BlueStacksGameManager\BlueStacks.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Plus-Frontend.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe (Bluestack System Inc. ) C:\Program Files (x86)\BlueStacks\BstkSVC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe (WebZen) C:\MuJoin\main.exe (X-Team) C:\MuJoin\MHP\MHPDetect.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Windows\System32\UserAccountBroker.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (BinaryNotions.com) C:\Program Files (x86)\Halite\Halite.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12497552 2012-07-30] (Realtek Semiconductor) HKLM\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader.exe [882176 2013-10-12] (Vitzo) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-22] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation) HKLM-x32\...\Run: [WSED] => C:\Program Files (x86)\WSED\WSED.exe [320880 2010-12-02] (TODO: ) HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-08-09] (InstallShield Software Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [418672 2011-06-22] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-06-22] (Egis Technology Inc.) HKLM-x32\...\Run: [VitaKeyTSR] => C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe [384048 2011-10-26] (Egis Technology Inc. ) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard) HKLM-x32\...\Run: [Dell Laser Printer 1100 SM_JB] => C:\Program Files (x86)\DELL\Dell Laser Printer 1100\LocalSM\jbDetect.exe [222088 2007-01-11] () HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation) Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-09-04] (Banco Itaú Unibanco) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] (Atheros Communications) HKU\S-1-5-21-1620071683-2851345101-3265913162-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-05-16] (Nero AG) HKU\S-1-5-21-1620071683-2851345101-3265913162-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-08-09] (InstallShield Software Corporation) HKU\S-1-5-21-1620071683-2851345101-3265913162-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-1620071683-2851345101-3265913162-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.) HKU\S-1-5-21-1620071683-2851345101-3265913162-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office 15\root\office15\lync.exe [24093392 2016-05-17] (Microsoft Corporation) HKU\S-1-5-21-1620071683-2851345101-3265913162-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-29] (Valve Corporation) HKU\S-1-5-21-1620071683-2851345101-3265913162-1001\...\Run: [ProxyGate] => C:\Users\Avell B153\AppData\Roaming\ProxyGate\MainService.exe [1143248 2015-04-01] (Gold Click Ltd) HKU\S-1-5-21-1620071683-2851345101-3265913162-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd) HKU\S-1-5-21-1620071683-2851345101-3265913162-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [957976 2016-04-26] (BlueStack Systems, Inc.) HKU\S-1-5-21-1620071683-2851345101-3265913162-1001\...\Run: [WTFast Tray] => C:\Program Files (x86)\WTFast\WTFast.exe [7572624 2016-06-08] (AAA Internet Publishing, Inc.) HKU\S-1-5-21-1620071683-2851345101-3265913162-1001\...\MountPoints2: {09bac51a-c2fd-11e3-becb-645a04418063} - "E:\setup.exe" Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1896696 2015-09-04] (Banco Itaú Unibanco) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-11-12] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\Avell B153\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive for Business.lnk [2015-08-04] ShortcutTarget: OneDrive for Business.lnk -> C:\Program Files\Microsoft Office 15\root\office15\groove.exe (Microsoft Corporation) BootExecute: autocheck autochk * ROBoot64 \??\C:\WINDOWS\system32\ASOROSet.bin ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{157D9814-6ABD-406E-963C-EF818100FC7A}: [NameServer] 8.8.4.4,8.8.8.9 Tcpip\..\Interfaces\{157D9814-6ABD-406E-963C-EF818100FC7A}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C11ED330-9B83-462B-901C-8E3832F75A8E}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1620071683-2851345101-3265913162-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.orbitdownloader.com HKU\S-1-5-21-1620071683-2851345101-3265913162-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.br.msn.com/ BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation) BHO: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\EgisTec BioExcess\x64\EgisPBIE.dll [2011-10-26] (Egis Technology Inc.) BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-04-15] (Qualcomm Atheros Commnucations) BHO: Sem Nome -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Nenhum Arquivo BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-27] (Oracle Corporation) BHO-x32: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\EgisTec BioExcess\EgisPBIE.dll [2011-10-26] (Egis Technology Inc.) BHO-x32: IEExtension.VDownloaderBHO -> {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} -> C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2015-09-04] (Banco Itaú Unibanco) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-27] (Oracle Corporation) Toolbar: HKU\S-1-5-21-1620071683-2851345101-3265913162-1001 -> Sem Nome - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Nenhum Arquivo Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\Avell B153\AppData\Roaming\Mozilla\Firefox\Profiles\dhpvuqm0.default FF NetworkProxy: "gopher", "" FF NetworkProxy: "gopher_port", 0 FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll [2014-07-22] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll [2014-07-22] () FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-27] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-22] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-22] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1620071683-2851345101-3265913162-1001: vitzo.com/VDownloader -> C:\Program Files\VDownloader\Addons\npVDownloader.dll [2013-03-21] (Vitzo Limited) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2014-07-17] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2014-07-17] FF Extension: Hide IP Easy - C:\Users\Avell B153\AppData\Roaming\Mozilla\Firefox\Profiles\dhpvuqm0.default\extensions\support@easy-hideip.com.xpi [2014-09-25] [não assinado] FF Extension: MEGA - C:\Users\Avell B153\AppData\Roaming\Mozilla\Firefox\Profiles\dhpvuqm0.default\Extensions\firefox@mega.co.nz.xpi [2014-11-17] [não assinado] FF Extension: Adblock Plus - C:\Users\Avell B153\AppData\Roaming\Mozilla\Firefox\Profiles\dhpvuqm0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-12] [não assinado] FF HKLM\...\Firefox\Extensions: [support@vdownloader.com] - C:\Program Files\VDownloader\Addons\FireFox FF Extension: VDownloader - C:\Program Files\VDownloader\Addons\FireFox [2013-11-11] [não assinado] FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\EgisTec BioExcess\FFExt FF Extension: Online Accounts Extension - C:\Program Files (x86)\EgisTec BioExcess\FFExt [2013-01-14] [não assinado] FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files (x86)\EgisTec BioExcess\FFExt20 FF Extension: Online Accounts Extension - C:\Program Files (x86)\EgisTec BioExcess\FFExt20 [2013-01-14] [não assinado] Chrome: ======= CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll => Nenhum Arquivo CHR Plugin: (Shockwave Flash) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.216\pepflashplayer.dll => Nenhum Arquivo CHR Profile: C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (HP Product Detection Plugin) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2013-11-12] CHR Extension: (Google Drive) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Google Search) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2015-03-10] CHR Extension: (EditThisCookie) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2014-10-10] CHR Extension: (Área de trabalho remota do Google Chrome) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-14] CHR Extension: (Documentos Google off-line) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14] CHR Extension: (Vysor) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2016-07-14] CHR Extension: (AdBlock) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-07] CHR Extension: (Desprotetor de Links) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei [2016-06-13] CHR Extension: (Flash® Player for YouTube™) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajdkhdcndkniopfefocbgbkofflagpm [2016-06-03] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (ScriptSafe) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2016-07-11] CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2015-01-16] CHR Extension: (Gmail) - C:\Users\Avell B153\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] CHR HKLM\...\Chrome\Extension: [eoccbpoodnckjdnackiffhjfkogfhnhh] - C:\Program Files\VDownloader\Addons\Chrome.crx [2013-11-11] CHR HKLM-x32\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files (x86)\DAP\DAPChrome\DAPChrome6.crx CHR HKLM-x32\...\Chrome\Extension: [ladimmjldcgbeamniagencjbodhnmgen] - C:\Program Files (x86)\EgisTec BioExcess\ChromeEx\EgisPBChromeExt.crx [2011-10-26] CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations) [Arquivo não assinado] S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1314848 2016-01-19] () S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-04-26] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-26] (BlueStack Systems, Inc.) R3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [437784 2016-04-26] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [921112 2016-04-26] (BlueStack Systems, Inc.) R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe [76616 2016-06-20] (Google Inc.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009776 2016-05-27] (Microsoft Corporation) R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [587576 2015-08-12] (GAS Tecnologia) R2 GerTarefas_SQLSHAREHOTEL; C:\Program Files (x86)\Hospeda\GerTarefas\GerTarefas.exe [1566208 2015-05-21] () [Arquivo não assinado] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-22] (NVIDIA Corporation) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Arquivo não assinado] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Arquivo não assinado] R2 MsDtsServer100; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [210784 2010-04-03] (Microsoft Corporation) R2 MSOLAP$SQLSERVER; C:\Users\Avell B153\Documents\MSAS10_50.SQLSERVER\OLAP\bin\msmdsrv.exe [54568288 2010-04-03] (Microsoft Corporation) R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation) R2 MSSQL$SQLSERVER; C:\Users\Avell B153\Documents\MSSQL10_50.SQLSERVER\MSSQL\Binn\sqlservr.exe [61913952 2010-04-03] (Microsoft Corporation) R3 MSSQLFDLauncher$SQLSERVER; C:\Users\Avell B153\Documents\MSSQL10_50.SQLSERVER\MSSQL\Binn\fdlauncher.exe [32096 2010-04-03] (Microsoft Corporation) S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-07] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado] S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG) S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4763504 2014-01-14] (INCA Internet Co., Ltd.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-22] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-22] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-22] (NVIDIA Corporation) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado] R2 ReportServer$SQLSERVER; C:\Users\Avell B153\Documents\MSRS10_50.SQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2175328 2010-04-03] (Microsoft Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [200808 2012-07-30] (Realtek Semiconductor) S4 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [691480 2013-11-20] () [Arquivo não assinado] S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation) S3 SQLAgent$SQLSERVER; C:\Users\Avell B153\Documents\MSSQL10_50.SQLSERVER\MSSQL\Binn\SQLAGENT.EXE [428384 2010-04-03] (Microsoft Corporation) S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation) S2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [X] S2 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X] ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154168 2016-04-26] (BlueStack Systems) R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-04-06] (Bluestack System Inc. ) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-04-13] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-07-12] (GAS Tecnologia) S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.) R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [44544 2013-01-14] (ManyCam LLC) R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC) R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-26] (CACE Technologies, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-22] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation) S3 ptun0901; C:\Windows\system32\DRIVERS\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project) R3 RadioSwitchHid; C:\Windows\System32\drivers\AirplaneCtrl.sys [25184 2012-09-07] (Compal Electronics, INC.) R3 Sftfs; C:\Windows\system32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation) R3 Sftplay; C:\Windows\system32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation) R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation) R3 Sftvol; C:\Windows\system32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-12-18] (Oracle Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2013-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [236888 2013-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation) R2 WtfEngineDrv; C:\Windows\system32\DRIVERS\WtfEngineDrv.sys [37872 2016-05-20] (AAA Internet Publishing, Inc.) S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X] S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X] S3 Spring; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Spring64.sys [X] S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X] S3 X6va015; \??\C:\WINDOWS\SysWOW64\Drivers\X6va015 [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três Meses Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-07-14 17:38 - 2016-07-14 17:38 - 00031717 _____ C:\Users\Avell B153\Downloads\FRST.txt 2016-07-14 17:37 - 2016-07-14 17:38 - 00000000 ____D C:\FRST 2016-07-14 17:36 - 2016-07-14 17:37 - 02390528 _____ (Farbar) C:\Users\Avell B153\Downloads\FRST64.exe 2016-07-14 17:30 - 2016-07-14 17:31 - 14572000 _____ (Microsoft Corporation) C:\Users\Avell B153\Downloads\vc_redist.x64.exe 2016-07-14 17:28 - 2016-07-14 17:28 - 05718872 _____ (Microsoft Corporation) C:\Users\Avell B153\Downloads\vcredist_x64.exe 2016-07-14 17:11 - 2016-07-14 17:11 - 00003162 _____ C:\WINDOWS\System32\Tasks\DLL-Files Fixer 2016-07-14 17:11 - 2016-07-14 17:11 - 00001680 _____ C:\WINDOWS\system32\ASOROSet.bin 2016-07-14 17:11 - 2016-07-14 17:11 - 00000000 ____D C:\WINDOWS\system32\config\RCCBakup 2016-07-14 17:06 - 2016-07-14 17:06 - 00023232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2016-07-14 17:00 - 2016-07-14 17:00 - 00003058 _____ C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_Updates 2016-07-14 17:00 - 2016-07-14 17:00 - 00003044 _____ C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_MONTHLY 2016-07-14 17:00 - 2016-07-14 17:00 - 00000324 _____ C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job 2016-07-14 17:00 - 2016-07-14 17:00 - 00000308 _____ C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job 2016-07-14 17:00 - 2016-07-14 17:00 - 00000000 ____D C:\Users\Avell B153\AppData\Roaming\dll-files.com 2016-07-14 16:59 - 2016-07-14 16:59 - 00001104 _____ C:\Users\Public\Desktop\Dll-Files Fixer.lnk 2016-07-14 16:59 - 2016-07-14 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer 2016-07-14 16:59 - 2016-07-14 16:59 - 00000000 ____D C:\Program Files (x86)\Dll-Files.com Fixer 2016-07-14 16:54 - 2016-07-14 16:54 - 00047223 _____ C:\Users\Avell B153\Downloads\vcruntime140.zip 2016-07-14 16:48 - 2016-07-14 16:48 - 00018212 _____ C:\Users\Avell B153\Documents\cc_20160714_164836.reg 2016-07-14 16:44 - 2016-07-14 16:44 - 12895119 _____ C:\Users\Avell B153\Downloads\citra-latest-windows-amd64.7z 2016-07-14 16:44 - 2016-07-14 16:44 - 00009864 _____ C:\Users\Avell B153\Downloads\Legend of Zelda - Ocarina of Time 3D The (U)(CONTRAST) [0033].torrent 2016-07-14 16:44 - 2016-07-14 16:44 - 00000000 ____D C:\Users\Avell B153\Desktop\platforms 2016-07-14 16:44 - 2016-07-10 00:47 - 20647936 _____ C:\Users\Avell B153\Desktop\citra-qt.pdb 2016-07-14 16:44 - 2016-07-10 00:47 - 03960832 _____ C:\Users\Avell B153\Desktop\tests.pdb 2016-07-14 16:44 - 2016-07-10 00:47 - 02632704 _____ C:\Users\Avell B153\Desktop\citra-qt.exe 2016-07-14 16:44 - 2016-07-10 00:47 - 00365056 _____ C:\Users\Avell B153\Desktop\tests.exe 2016-07-14 16:44 - 2016-07-10 00:46 - 14249984 _____ C:\Users\Avell B153\Desktop\citra.pdb 2016-07-14 16:44 - 2016-07-10 00:46 - 02055168 _____ C:\Users\Avell B153\Desktop\citra.exe 2016-07-14 16:44 - 2016-07-10 00:42 - 00017987 _____ C:\Users\Avell B153\Desktop\license.txt 2016-07-14 16:44 - 2016-07-10 00:42 - 00002957 _____ C:\Users\Avell B153\Desktop\README.md 2016-07-14 16:44 - 2016-01-02 08:59 - 01230336 _____ () C:\Users\Avell B153\Desktop\SDL2.dll 2016-07-14 16:44 - 2015-08-02 18:05 - 00324096 _____ (The Qt Company Ltd) C:\Users\Avell B153\Desktop\Qt5OpenGL.dll 2016-07-14 16:44 - 2015-08-02 18:04 - 05473792 _____ (The Qt Company Ltd) C:\Users\Avell B153\Desktop\Qt5Widgets.dll 2016-07-14 16:44 - 2015-08-02 18:01 - 06087680 _____ (The Qt Company Ltd) C:\Users\Avell B153\Desktop\Qt5Gui.dll 2016-07-14 16:44 - 2015-08-02 17:57 - 05707776 _____ (The Qt Company Ltd) C:\Users\Avell B153\Desktop\Qt5Core.dll 2016-07-13 17:47 - 2016-07-13 17:47 - 00799490 _____ C:\Users\Avell B153\Desktop\passaportebrasileiro.pdf 2016-07-13 13:14 - 2016-07-13 13:14 - 00794046 _____ C:\Users\Avell B153\Desktop\solicitarPassaporte.do.pdf 2016-07-12 11:18 - 2016-07-12 11:18 - 00026583 _____ C:\Users\Avell B153\Desktop\idc_debug_log.txt 2016-07-12 00:17 - 2016-07-12 00:17 - 00005905 _____ C:\Users\Avell B153\Downloads\LOL_OPGG_Observer_830839686_replay.bat 2016-07-09 16:12 - 2016-07-09 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mu Wonderland 2016-07-09 15:54 - 2016-07-09 16:07 - 440855830 _____ () C:\Users\Avell B153\Downloads\Cliente.exe 2016-07-07 19:32 - 2016-07-07 19:32 - 00000937 _____ C:\Users\Avell B153\Desktop\Launcher.lnk 2016-07-03 12:22 - 2016-03-03 23:19 - 00579072 _____ (X-Team) C:\WINDOWS\SysWOW64\MHPVerify_1011.dll 2016-07-03 12:18 - 2016-07-13 01:14 - 00000000 ____D C:\MuJoin 2016-07-03 12:09 - 2016-07-03 12:10 - 1032571866 _____ C:\Users\Avell B153\Downloads\JoinMU(02.07).rar 2016-07-02 12:22 - 2016-07-02 12:22 - 00000000 ____D C:\Users\Todos os Usuários\WarThunder 2016-07-02 12:22 - 2016-07-02 12:22 - 00000000 ____D C:\ProgramData\WarThunder 2016-07-01 14:56 - 2016-07-01 14:57 - 06112528 _____ (SKOWSAND SERVICOS DE PROVEDORES E INTERNET LTDA ) C:\Users\Avell B153\Downloads\ExitLagV151.exe 2016-07-01 14:05 - 2016-07-01 14:05 - 00000995 _____ C:\Users\Public\Desktop\WTFast.lnk 2016-07-01 14:05 - 2016-07-01 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WTFast 2016-07-01 14:05 - 2016-07-01 14:05 - 00000000 ____D C:\Program Files (x86)\WTFast 2016-07-01 14:05 - 2016-05-20 10:02 - 00037872 _____ (AAA Internet Publishing, Inc.) C:\WINDOWS\system32\Drivers\WtfEngineDrv.sys 2016-07-01 14:04 - 2016-07-01 14:04 - 26074584 _____ (Initex & AAA Internet Publishing ) C:\Users\Avell B153\Downloads\WTFastSetup.4.1.2.761.exe 2016-06-30 21:19 - 2016-06-30 21:19 - 00005905 _____ C:\Users\Avell B153\Downloads\LOL_OPGG_Observer_821361415_replay.bat 2016-06-27 19:21 - 2016-06-27 19:21 - 00737856 _____ (Oracle Corporation) C:\Users\Avell B153\Downloads\chromeinstall-8u91.exe 2016-06-22 12:43 - 2016-06-22 12:43 - 00005905 _____ C:\Users\Avell B153\Downloads\LOL_OPGG_Observer_810821172_replay.bat 2016-06-21 19:05 - 2016-06-21 19:05 - 00002769 _____ C:\Users\Public\Desktop\LIMBO.lnk 2016-06-21 19:05 - 2016-06-21 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\13uzer37 2016-06-21 19:05 - 2016-06-21 19:05 - 00000000 ____D C:\Program Files (x86)\13uzer37 2016-06-21 19:04 - 2016-06-21 19:05 - 00000000 ____D C:\Users\Avell B153\Desktop\LIMBO [Install&Play] 2016-06-20 10:26 - 2016-06-20 10:26 - 01832841 _____ C:\Users\Avell B153\Desktop\COHABSC-ARQ-CasaM~54m2_2qto.dwg 2016-06-20 10:24 - 2015-04-09 12:21 - 00054769 _____ C:\Users\Avell B153\Desktop\Drawing1.dwg 2016-06-20 10:24 - 2004-06-30 16:54 - 01832841 _____ C:\Users\Avell B153\Desktop\COHAB SC - ARQ - Casa Madeira 54m2_2qto.dwg 2016-06-20 10:23 - 2016-06-20 10:23 - 00834928 _____ C:\Users\Avell B153\Downloads\COHAB-SC-ARQ-CasaMadeira-54m2_2qto.zip 2016-06-13 17:36 - 2016-06-13 17:36 - 00000233 _____ C:\Users\Avell B153\Desktop\Prince of Persia Sands of Time.url 2016-06-13 17:34 - 2016-06-13 17:35 - 00000000 ____D C:\Users\Avell B153\AppData\Local\Ubisoft Game Launcher 2016-06-13 17:34 - 2016-06-13 17:34 - 00001221 _____ C:\Users\Avell B153\Desktop\Uplay.lnk 2016-06-13 17:34 - 2016-06-13 17:34 - 00000000 ____D C:\Users\Avell B153\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2016-06-13 17:34 - 2016-06-13 17:34 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2016-06-13 17:32 - 2016-06-13 17:33 - 67022160 _____ (Ubisoft) C:\Users\Avell B153\Downloads\UplayInstaller.exe 2016-06-08 22:38 - 2016-06-08 22:38 - 00493714 _____ C:\Users\Avell B153\Downloads\PORTO DE SÃO FRANCISCO DO SUL.pdf 2016-06-06 09:14 - 2016-06-30 12:47 - 00000000 ____D C:\Users\Avell B153\Desktop\Mu Online Imperio Latino 2016-06-06 09:14 - 2016-06-06 09:14 - 829805854 _____ C:\Users\Avell B153\Downloads\Mu Online Imperio Latino.rar 2016-06-03 13:33 - 2016-06-03 13:33 - 00000000 ____D C:\Users\Todos os Usuários\Gaijin 2016-06-03 13:33 - 2016-06-03 13:33 - 00000000 ____D C:\ProgramData\Gaijin 2016-05-31 20:12 - 2016-05-31 20:15 - 05481892 _____ C:\Users\Avell B153\Downloads\13344391_484416635089971_1276975195_n.mp4 2016-05-31 16:07 - 2016-05-31 16:07 - 00000947 _____ C:\Users\Avell B153\Desktop\Documentos - Atalho.lnk 2016-05-31 13:15 - 2016-05-31 13:15 - 01236004 _____ C:\Users\Avell B153\Downloads\13331313_1761375024147983_870379711_n.mp4 2016-05-31 12:47 - 2016-05-31 12:47 - 00971156 _____ C:\Users\Avell B153\Downloads\13339117_1036867539683060_135686067_n.mp4 2016-05-31 12:26 - 2016-05-31 12:26 - 01609882 _____ C:\Users\Avell B153\Downloads\12226159_990738617634962_100700600_n.mp4 2016-05-31 12:25 - 2016-05-31 12:26 - 05905971 _____ C:\Users\Avell B153\Downloads\12578915_210791925932831_591603249_n.mp4 2016-05-23 11:35 - 2016-05-23 11:35 - 00000848 _____ C:\Users\Public\Desktop\Mu.lnk 2016-05-23 11:35 - 2016-05-23 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mu online 2016-05-23 11:35 - 2016-05-23 11:35 - 00000000 ____D C:\Program Files (x86)\Webzen 2016-05-23 10:07 - 2016-05-23 10:07 - 00000000 _____ C:\WINDOWS\SysWOW64\sho5F25.tmp 2016-05-22 00:44 - 2016-05-22 00:44 - 00856724 _____ C:\Users\Avell B153\Downloads\ZOTAC WinUSB Maker v1.1.zip 2016-05-14 15:56 - 2016-05-14 15:56 - 00832364 _____ C:\Users\Avell B153\Downloads\13078757_1762415797327411_786831400_n.mp4 2016-05-14 14:19 - 2016-05-14 14:19 - 00001713 _____ C:\Users\Avell B153\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk 2016-05-14 14:19 - 2016-05-14 14:19 - 00001689 _____ C:\Users\Public\Desktop\BlueStacks.lnk 2016-05-14 14:19 - 2016-05-14 14:19 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksGameManager 2016-05-14 14:19 - 2016-05-14 14:19 - 00000000 ____D C:\ProgramData\BlueStacksGameManager 2016-05-14 14:18 - 2016-05-14 14:18 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacks 2016-05-14 14:18 - 2016-05-14 14:18 - 00000000 ____D C:\ProgramData\BlueStacks 2016-05-14 14:18 - 2016-05-14 14:18 - 00000000 ____D C:\Program Files (x86)\BlueStacks 2016-05-14 14:17 - 2016-07-14 16:58 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup 2016-05-14 14:17 - 2016-07-14 16:58 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2016-05-14 14:17 - 2016-05-14 14:17 - 00000000 ____D C:\Users\Avell B153\AppData\Local\Bluestacks 2016-05-14 13:30 - 2016-05-14 13:36 - 312530592 _____ (BlueStack Systems Inc.) C:\Users\Avell B153\Downloads\BlueStacks2_native_53537f6263ada9e0c18e6c46a53b6ff4.exe 2016-05-12 12:18 - 2016-05-12 12:18 - 01258700 _____ C:\Users\Avell B153\Downloads\13220227_608712492620019_1329548202_n.mp4 2016-05-12 11:23 - 2016-05-12 11:24 - 04748170 _____ C:\Users\Avell B153\Downloads\13222739_262030570815165_1666630321_n.mp4 2016-05-12 11:22 - 2016-05-12 11:24 - 04636275 _____ C:\Users\Avell B153\Downloads\13220446_526379470820393_1209208453_n.mp4 2016-05-11 19:55 - 2016-05-11 19:55 - 00758421 _____ C:\Users\Avell B153\Downloads\13230650_123433574734622_924959412_n.mp4 2016-05-11 19:54 - 2016-05-11 19:55 - 04398203 _____ C:\Users\Avell B153\Downloads\13205276_861960730614807_1098271137_n.mp4 2016-05-11 09:57 - 2016-05-11 09:57 - 00016219 _____ C:\Users\Avell B153\Downloads\Lista-03-Excell.xlsx 2016-05-10 21:42 - 2016-07-14 16:47 - 00001098 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-10 21:42 - 2016-07-13 21:47 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-10 21:42 - 2016-05-10 21:42 - 00004070 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-05-10 21:42 - 2016-05-10 21:42 - 00003834 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-05-10 12:52 - 2016-05-10 12:53 - 01165681 _____ C:\Users\Avell B153\Downloads\13011762_1779738685591977_1304850182_n.mp4 2016-05-10 12:50 - 2016-05-10 12:50 - 01203985 _____ C:\Users\Avell B153\Downloads\13219396_134251770313903_90073694_n.mp4 2016-05-10 12:47 - 2016-05-10 12:48 - 02837698 _____ C:\Users\Avell B153\Downloads\1615980_10201303004971180_1917923899_n.mp4 2016-05-10 12:36 - 2016-05-10 12:36 - 03586552 _____ C:\Users\Avell B153\Downloads\10836015_1090776710948445_2121551818_n.mp4 2016-05-10 01:42 - 2016-05-10 01:42 - 00068281 _____ C:\Users\Avell B153\Downloads\listagem_final_de_classificados.pdf 2016-05-06 14:25 - 2016-05-06 14:26 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-05-06 14:25 - 2016-05-06 14:25 - 00001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-05-06 14:25 - 2016-05-06 14:25 - 00001047 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-05-05 10:56 - 2016-07-14 16:58 - 00000000 ____D C:\Users\Avell B153\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder 2016-05-05 10:56 - 2016-07-13 19:01 - 00000000 ____D C:\WarThunder 2016-05-05 10:56 - 2016-05-05 10:56 - 00001462 _____ C:\Users\Public\Desktop\WarThunder.lnk 2016-05-05 10:54 - 2016-05-05 10:54 - 05446888 _____ (Gaijin Entertainment ) C:\Users\Avell B153\Downloads\wt_launcher_1.0.1.632.exe 2016-05-02 21:02 - 2016-05-02 22:03 - 00000000 ____D C:\Users\Avell B153\Desktop\Mu Wonderland 2016-05-02 10:10 - 2016-05-02 10:10 - 00037023 _____ C:\Users\Avell B153\Downloads\tutorialcad.com_CT-43 85m2.rar 2016-05-02 10:09 - 2016-05-02 10:09 - 00019337 _____ C:\Users\Avell B153\Downloads\tutorialcad.com_CT-44 87m2.rar 2016-05-02 10:08 - 2016-05-02 10:08 - 00026889 _____ C:\Users\Avell B153\Downloads\tutorialcad.com_CT-45 88m2.rar 2016-05-02 10:08 - 2016-05-02 10:08 - 00023895 _____ C:\Users\Avell B153\Downloads\tutorialcad.com_CT-46 90m2.rar 2016-05-02 10:07 - 2016-05-02 10:07 - 00037117 _____ C:\Users\Avell B153\Downloads\tutorialcad.com_CT-47 92m2 (1).rar 2016-05-02 10:06 - 2016-05-02 10:06 - 00024893 _____ C:\Users\Avell B153\Downloads\tutorialcad.com_CT-49 95m2.rar 2016-05-02 10:06 - 2016-05-02 10:06 - 00019285 _____ C:\Users\Avell B153\Downloads\tutorialcad.com_CT-48 94m2.rar 2016-05-02 10:03 - 2016-05-02 10:03 - 00036566 _____ C:\Users\Avell B153\Downloads\tutorialcad.com_CT-50 97m2.rar 2016-05-02 10:02 - 2016-05-02 10:02 - 00037117 _____ C:\Users\Avell B153\Downloads\tutorialcad.com_CT-47 92m2.rar 2016-05-02 09:12 - 2016-05-02 09:12 - 01130164 _____ C:\Users\Avell B153\Downloads\10-15PLANTABAIXAPAVTECNICO.dwg 2016-05-02 09:12 - 2016-05-02 09:12 - 01130164 _____ C:\Users\Avell B153\Downloads\10-15 PLANTA BAIXA PAV TECNICO.dwg 2016-05-02 09:11 - 2016-05-02 09:11 - 01427540 _____ C:\Users\Avell B153\Downloads\10-15 PLANTA PAV TEC ARQ22.pdf 2016-05-02 09:07 - 2016-05-02 09:08 - 00502177 _____ C:\Users\Avell B153\Downloads\CEF-COMPLETO-Casa_41-16m2_2qtos.rar 2016-05-02 09:06 - 2016-05-02 09:06 - 18000309 _____ C:\Users\Avell B153\Downloads\10-15 PLANTA BAIXA 1deg PAV.dwg 2016-04-26 19:02 - 2016-04-26 19:03 - 13355673 _____ C:\Users\Avell B153\Downloads\MuServer Season 6 Epi 3.rar 2016-04-22 08:46 - 2016-04-22 08:46 - 00296955 _____ C:\Users\Avell B153\Downloads\Boleto-mesa-digital-vinicius-bretas.pdf 2016-04-20 13:50 - 2016-07-09 16:12 - 00001962 _____ C:\Users\Avell B153\Desktop\Jogar MuWonderland.lnk 2016-04-20 13:50 - 2016-04-20 13:50 - 00000000 ____D C:\Users\Avell B153\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mu Wonderland 2016-04-20 13:46 - 2016-07-12 13:08 - 00000000 ____D C:\Program Files (x86)\Mu Wonderland 2016-04-20 13:33 - 2016-04-20 13:45 - 511322498 _____ () C:\Users\Avell B153\Downloads\ClienteSemSom.exe 2016-04-16 11:20 - 2016-04-16 11:20 - 00000000 ____D C:\Users\Todos os Usuários\.mono 2016-04-16 11:20 - 2016-04-16 11:20 - 00000000 ____D C:\Users\Avell B153\AppData\Roaming\.mono 2016-04-16 11:20 - 2016-04-16 11:20 - 00000000 ____D C:\Users\Avell B153\AppData\Local\Blizzard 2016-04-16 11:20 - 2016-04-16 11:20 - 00000000 ____D C:\ProgramData\.mono 2016-04-16 11:00 - 2016-04-16 11:00 - 00001207 _____ C:\Users\Public\Desktop\Hearthstone.lnk 2016-04-16 11:00 - 2016-04-16 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2016-04-16 10:38 - 2016-07-13 18:55 - 00000000 ____D C:\Program Files (x86)\Hearthstone ==================== Três Meses Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-07-14 17:35 - 2013-11-12 12:49 - 00000000 ____D C:\Users\Avell B153\AppData\Local\Halite 2016-07-14 17:25 - 2013-08-26 21:29 - 00000000 ____D C:\Users\Avell B153\AppData\Roaming\Skype 2016-07-14 17:00 - 2013-12-13 08:14 - 03558400 ___SH C:\Users\Avell B153\Desktop\Thumbs.db 2016-07-14 16:58 - 2015-09-13 16:05 - 00000000 ____D C:\Program Files (x86)\Steam 2016-07-14 16:58 - 2015-04-13 02:07 - 00000000 ____D C:\Users\Avell B153\AppData\Roaming\TeamViewer 2016-07-14 16:58 - 2013-11-29 22:14 - 00000000 ____D C:\Users\Avell B153\AppData\Roaming\Media Player Classic 2016-07-14 16:58 - 2013-08-26 21:07 - 00000000 ____D C:\Users\Avell B153\AppData\Local\CrashDumps 2016-07-14 16:58 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Inf 2016-07-14 03:04 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-07-13 18:54 - 2016-04-12 15:40 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-07-13 18:54 - 2013-12-21 00:16 - 00000000 ____D C:\Users\Avell B153\AppData\Local\Battle.net 2016-07-13 11:42 - 2014-12-02 18:24 - 00886272 ___SH C:\Users\Avell B153\Downloads\Thumbs.db 2016-07-13 01:19 - 2016-04-13 16:21 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1620071683-2851345101-3265913162-1001 2016-07-12 11:21 - 2013-09-30 01:12 - 02615592 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-07-12 11:21 - 2013-09-30 00:56 - 01066902 _____ C:\WINDOWS\system32\prfh0416.dat 2016-07-12 11:21 - 2013-09-30 00:56 - 00273428 _____ C:\WINDOWS\system32\prfc0416.dat 2016-07-12 11:15 - 2015-09-13 16:54 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys 2016-07-12 11:15 - 2013-11-09 19:20 - 00000671 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2016-07-12 11:14 - 2013-12-02 23:11 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA 2016-07-12 11:14 - 2013-12-02 23:11 - 00000000 ____D C:\ProgramData\NVIDIA 2016-07-12 11:14 - 2013-08-22 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-07-12 00:25 - 2015-10-21 23:19 - 00000000 ____D C:\Users\Avell B153\AppData\Roaming\TS3Client 2016-07-11 22:09 - 2014-08-26 09:54 - 00000000 ____D C:\Users\Avell B153\AppData\Local\TeamSpeak 3 Client 2016-07-07 11:20 - 2013-12-02 23:16 - 00000000 ____D C:\Users\Avell B153 2016-07-01 04:39 - 2012-12-11 17:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-07-01 04:38 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-06-30 22:51 - 2012-12-11 15:30 - 00000000 ____D C:\Users\Avell B153\AppData\Local\Packages 2016-06-30 14:09 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-06-27 19:42 - 2015-09-23 17:43 - 00000000 ____D C:\Users\Avell B153\.oracle_jre_usage 2016-06-27 19:42 - 2014-03-05 17:37 - 00097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-06-27 19:42 - 2014-01-17 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2016-06-27 19:42 - 2014-01-17 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-06-27 19:42 - 2013-08-26 21:19 - 00000000 ____D C:\Program Files (x86)\Java 2016-06-26 14:25 - 2013-08-22 12:36 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft 2016-06-26 14:25 - 2013-08-22 12:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-06-26 14:24 - 2015-04-08 12:25 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-06-20 10:45 - 2015-08-03 18:09 - 00000000 ____D C:\Users\Avell B153\AppData\Roaming\ZW3D 2015 Eng (x64) 2016-06-20 10:45 - 2014-11-14 23:00 - 00000000 ____D C:\Users\Avell B153\Documents\ZW3D 2016-06-19 02:06 - 2016-02-25 11:14 - 00000000 ____D C:\stremio-cache 2016-06-19 01:49 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps ==================== Arquivos na raiz de alguns diretórios ======= 2014-03-03 12:33 - 2014-03-03 06:39 - 0418349 _____ () C:\Program Files (x86)\POK.dat 2014-03-03 12:33 - 2013-07-13 02:36 - 1362858 _____ () C:\Program Files (x86)\POK.pic 2014-03-03 12:33 - 2014-03-03 06:40 - 72994392 _____ () C:\Program Files (x86)\POK.spr 2014-03-03 12:33 - 2013-07-18 00:01 - 2338816 _____ (PBO) C:\Program Files (x86)\PokeDash.exe 2013-11-11 09:45 - 2010-01-26 10:11 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe 2015-09-12 12:28 - 2015-09-12 12:28 - 0000096 _____ () C:\Users\Avell B153\AppData\Roaming\Camdata.ini 2015-09-12 12:28 - 2015-09-12 12:28 - 0000408 _____ () C:\Users\Avell B153\AppData\Roaming\CamLayout.ini 2015-09-12 12:28 - 2015-09-12 12:28 - 0000408 _____ () C:\Users\Avell B153\AppData\Roaming\CamShapes.ini 2015-09-12 12:28 - 2015-09-12 12:28 - 0004507 _____ () C:\Users\Avell B153\AppData\Roaming\CamStudio.cfg 2014-08-22 15:29 - 2014-12-12 19:49 - 0000040 _____ () C:\Users\Avell B153\AppData\Roaming\cdr.ini 2005-04-07 23:16 - 2014-12-08 21:00 - 8613689 ____H () C:\Users\Avell B153\AppData\Roaming\logs.dat 2014-05-04 15:02 - 2016-05-10 14:03 - 0006144 _____ () C:\Users\Avell B153\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-11-25 13:47 - 2013-11-25 13:47 - 0000733 _____ () C:\Users\Avell B153\AppData\Local\recently-used.xbel 2015-07-16 00:16 - 2015-07-17 00:10 - 0007594 _____ () C:\Users\Avell B153\AppData\Local\Resmon.ResmonCfg 2014-07-06 18:35 - 2014-07-06 18:35 - 0000000 _____ () C:\Users\Avell B153\AppData\Local\{1A0A0477-D657-4177-94C2-EC7BA5DAEDDD} 2014-11-10 08:37 - 2014-11-10 08:37 - 0000000 _____ () C:\Users\Avell B153\AppData\Local\{80F03897-E70F-4560-A55C-4741F68DE1FF} 2014-06-22 20:38 - 2014-06-22 20:38 - 0000000 _____ () C:\Users\Avell B153\AppData\Local\{F2982330-7182-4F35-9244-D480FC118256} 2013-11-22 08:40 - 2013-11-22 08:40 - 0170344 _____ (Baidu, Inc.) C:\ProgramData\FileSplitUpLoad.dll 2013-11-12 12:08 - 2015-08-17 17:29 - 0003832 _____ () C:\ProgramData\hpzinstall.log 2014-12-29 15:38 - 2014-12-29 15:38 - 0000016 _____ () C:\ProgramData\mntemp 2014-02-16 22:13 - 2014-02-16 22:13 - 0004111 _____ () C:\ProgramData\wzjqsyuy.uzg Arquivos para serem movidos ou deletados: ==================== C:\ProgramData\FileSplitUpLoad.dll C:\Users\Todos os Usuários\FileSplitUpLoad.dll ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-07-12 11:47 ==================== Fim de FRST.txt ============================