Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 17-08-2016 Executado por Frutao (administrador) em FRUTAO-PC (17-08-2016 16:00:02) Executando a partir de C:\Users\Frutao\Desktop Perfis Carregados: Frutao (Perfis Disponíveis: Frutao) Platform: Windows 7 Professional Service Pack 1 (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe (@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe () C:\Filizola\Backup Manager\bkpmanager.exe () C:\Filizola\StatusMonitor\StatusMonitor.exe (Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (TeamViewer GmbH) C:\Users\Frutao\AppData\Local\Temp\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Users\Frutao\AppData\Local\Temp\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Users\Frutao\AppData\Local\Temp\TeamViewer\tv_x64.exe (TeamViewer GmbH) C:\Users\Frutao\AppData\Local\Temp\TeamViewer\TeamViewer_Desktop.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKU\S-1-5-21-1957409096-2134837532-133975074-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Backup Manager.lnk [2016-08-17] ShortcutTarget: Backup Manager.lnk -> C:\Windows\Installer\{00AC729D-6789-4082-B2F9-0710AA6DB19D}\_1980715B952D_45BB_A860_5FAF2D8773B7.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Status Monitor.lnk [2016-08-17] ShortcutTarget: Status Monitor.lnk -> C:\Windows\Installer\{00AC729D-6789-4082-B2F9-0710AA6DB19D}\_1980715B952D_45BB_A860_5FAF2D8773B7.exe () Startup: C:\Users\Frutao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Timer - Atalho.lnk [2016-08-17] ShortcutTarget: Timer - Atalho.lnk -> C:\Timer\Timer.exe () GroupPolicyScripts: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3564FA4D-433E-4417-BCE4-2F238DEB87DD}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1957409096-2134837532-133975074-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-15] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-15] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-08-15] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-15] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-15] (Oracle Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-08-15] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-15] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-08-15] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-15] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-15] (Oracle Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-15] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-15] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-15] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-15] (Microsoft Corporation) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll [2016-08-15] () FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-15] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-15] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll [2016-08-15] () FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-15] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-15] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-15] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-15] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-15] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Frutao\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Frutao\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-15] CHR Extension: (Google Drive) - C:\Users\Frutao\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-15] CHR Extension: (YouTube) - C:\Users\Frutao\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-15] CHR Extension: (Pesquisa do Google) - C:\Users\Frutao\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-08-15] CHR Extension: (Documentos Google off-line) - C:\Users\Frutao\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-15] CHR Extension: (AdBlock) - C:\Users\Frutao\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-15] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Frutao\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-15] CHR Extension: (Gmail) - C:\Users\Frutao\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-15] CHR Extension: (Chrome Media Router) - C:\Users\Frutao\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-17] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-27] () R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-16] (Microsoft Corporation) R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [151040 2015-11-12] (Firebird Project) [Arquivo não assinado] R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [5771776 2015-11-12] (Firebird Project) [Arquivo não assinado] S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319080 2015-12-10] (Intel Corporation) R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI) [Arquivo não assinado] S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 SysDOCServices; C:\Syspdv\Servico\SysDOCServices.exe [X] ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-27] () S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180480 2015-10-08] (Intel Corporation) S2 Proteq; não ImagePath R3 StnPport; C:\Windows\System32\DRIVERS\StnPport.sys [99328 2014-06-24] (ASIX Electronics Corp.) R3 StnSport; C:\Windows\System32\DRIVERS\StnSport.sys [139264 2014-06-24] (ASIX Electronics Corp.) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-08-17 16:00 - 2016-08-17 16:00 - 00011807 _____ C:\Users\Frutao\Desktop\FRST.txt 2016-08-17 15:59 - 2016-08-17 16:00 - 00000000 ____D C:\FRST 2016-08-17 15:56 - 2016-08-17 15:56 - 02394624 _____ (Farbar) C:\Users\Frutao\Desktop\FRST64.exe 2016-08-17 15:44 - 2016-08-17 15:44 - 00003128 _____ C:\Windows\System32\Tasks\Teamviewer-QS-updater-vgcn5wm 2016-08-17 15:44 - 2016-08-17 15:44 - 00001259 _____ C:\Users\Frutao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suporte Remoto.lnk 2016-08-17 15:44 - 2016-08-17 15:44 - 00001251 _____ C:\Users\Frutao\Desktop\Suporte Remoto.lnk 2016-08-17 15:44 - 2016-08-17 15:44 - 00000396 _____ C:\Windows\Tasks\Teamviewer-QS-updater-vgcn5wm.job 2016-08-17 14:33 - 2016-08-17 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Syspdv 2016-08-17 14:33 - 2016-03-21 14:51 - 01122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll 2016-08-17 14:33 - 2016-03-21 14:51 - 00138752 _____ () C:\Windows\SysWOW64\ZipDll.dll 2016-08-17 14:33 - 2016-03-21 14:51 - 00120320 _____ () C:\Windows\SysWOW64\UnzDll.dll 2016-08-17 14:33 - 2016-03-21 14:51 - 00005159 _____ C:\Windows\SysWOW64\smport.vxd 2016-08-17 14:33 - 2016-03-21 14:51 - 00003026 _____ (Logix4u) C:\Windows\SysWOW64\Drivers\hwinterface.sys 2016-08-17 14:33 - 2016-03-21 14:51 - 00002627 _____ C:\Windows\SysWOW64\smport.sys 2016-08-17 14:33 - 2016-03-21 14:51 - 00000390 _____ C:\Windows\SysWOW64\geraip.exe 2016-08-17 14:24 - 2016-08-17 14:33 - 00000000 ____D C:\Syspdv 2016-08-17 14:15 - 2016-08-17 14:15 - 00002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2016-08-17 14:15 - 2016-08-17 14:15 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-08-17 14:15 - 2016-08-17 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-08-17 14:15 - 2016-08-17 14:15 - 00000000 ____D C:\Program Files\CCleaner 2016-08-17 14:10 - 2016-08-17 14:12 - 08227032 _____ (Piriform Ltd) C:\Users\Frutao\Downloads\ccsetup521.exe 2016-08-17 14:05 - 2013-07-03 07:47 - 03161648 _____ (VS Revo Group) C:\Users\Frutao\Desktop\Revouninstaller.exe 2016-08-17 11:05 - 2016-08-17 11:05 - 00000000 ____D C:\Users\Todos os Usuários\AMMYY 2016-08-17 11:05 - 2016-08-17 11:05 - 00000000 ____D C:\ProgramData\AMMYY 2016-08-17 09:48 - 2016-08-17 09:48 - 00000000 ____D C:\BackupManager 2016-08-17 09:16 - 2016-08-17 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TecnoSpeed 2016-08-17 09:16 - 2016-08-17 09:16 - 00000000 ____D C:\Program Files\TecnoSpeed 2016-08-17 09:16 - 2016-08-17 09:16 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0 2016-08-17 09:16 - 2016-02-08 11:11 - 04794880 _____ (Tecnospeed) C:\Windows\system32\NFCeX.ocx 2016-08-17 09:16 - 2016-02-08 11:11 - 04669440 _____ C:\Windows\system32\NFCeDataSetX.dll 2016-08-17 09:16 - 2016-02-08 11:11 - 02964480 _____ (Tecnospeed) C:\Windows\SysWOW64\NFCeX.ocx 2016-08-17 09:16 - 2016-02-08 11:11 - 02889216 _____ C:\Windows\SysWOW64\NFCeDataSetX.dll 2016-08-17 09:16 - 2016-01-20 13:42 - 22690816 _____ C:\Windows\system32\spdGovX2.ocx 2016-08-17 09:16 - 2016-01-20 13:41 - 14338048 _____ C:\Windows\SysWOW64\spdGovX2.ocx 2016-08-17 09:16 - 2015-11-23 13:30 - 02293760 _____ C:\Windows\system32\spdNotaSeguraX.ocx 2016-08-17 09:16 - 2015-11-23 13:30 - 01410048 _____ C:\Windows\SysWOW64\spdNotaSeguraX.ocx 2016-08-17 09:16 - 2015-07-28 14:22 - 00852416 _____ (Embarcadero Technologies, Inc.) C:\Windows\system32\midas.dll 2016-08-17 09:16 - 2015-03-06 11:47 - 00000041 _____ C:\Windows\SysWOW64\spdNotaSeguraX.lic 2016-08-17 09:16 - 2015-03-06 11:47 - 00000041 _____ C:\Windows\system32\spdNotaSeguraX.lic 2016-08-17 09:16 - 2014-10-01 13:02 - 01763328 _____ C:\Windows\SysWOW64\XSDDataSetX.dll 2016-08-17 09:16 - 2014-10-01 13:02 - 01762816 _____ C:\Windows\SysWOW64\spdEmail.dll 2016-08-17 09:16 - 2014-10-01 13:02 - 00511328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capicom.dll 2016-08-17 09:16 - 2014-10-01 13:02 - 00331742 _____ C:\Windows\SysWOW64\ssleay32.dll 2016-08-17 09:16 - 2014-10-01 13:01 - 02224064 _____ (Borland Software Corporation) C:\Windows\SysWOW64\stdvcl40.dll 2016-08-17 09:16 - 2014-10-01 13:01 - 01812480 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libeay32.dll 2016-08-17 09:16 - 2014-10-01 13:01 - 01422088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml5.dll 2016-08-17 09:16 - 2014-10-01 13:01 - 00364544 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\ssleay32.dll 2016-08-17 09:16 - 2014-10-01 13:01 - 00098056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml5r.dll 2016-08-17 09:15 - 2016-08-17 15:45 - 00000000 ____D C:\Users\Todos os Usuários\firebird 2016-08-17 09:15 - 2016-08-17 15:45 - 00000000 ____D C:\ProgramData\firebird 2016-08-17 09:05 - 2016-08-17 09:34 - 00000000 ____D C:\Timer 2016-08-17 09:02 - 2016-08-17 09:02 - 00000000 ____D C:\Users\Frutao\AppData\Local\TeamViewer 2016-08-17 09:02 - 2016-04-20 09:55 - 08404144 _____ (TeamViewer) C:\Users\Frutao\Desktop\Suporte Remoto Solucao.exe 2016-08-17 09:01 - 2016-06-16 13:58 - 00773624 _____ (Ammyy LLC) C:\Users\Frutao\Desktop\AA_v3.5.exe 2016-08-17 09:01 - 2012-12-17 14:18 - 00156496 _____ (Bematech) C:\Windows\system32\BematechMonUI.dll 2016-08-17 09:01 - 2012-12-17 14:17 - 00227152 _____ (Bematech ) C:\Windows\system32\BematechMon.dll 2016-08-17 09:01 - 2012-12-17 13:11 - 00122880 _____ (Silicon Laboratories, Inc.) C:\Windows\system32\SiUSBXp.dll 2016-08-17 09:00 - 2016-08-17 09:00 - 00000000 ____D C:\Users\Frutao\AppData\Roaming\WinRAR 2016-08-17 09:00 - 2016-08-17 09:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.5 (x64) 2016-08-17 09:00 - 2016-08-17 09:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bematech 2016-08-17 09:00 - 2016-08-17 09:00 - 00000000 ____D C:\Program Files\Firebird 2016-08-17 09:00 - 2016-08-17 09:00 - 00000000 ____D C:\Program Files (x86)\Bematech 2016-08-17 09:00 - 2015-11-12 09:14 - 00773632 _____ (IBPhoenix) C:\Windows\system32\Firebird2Control.cpl 2016-08-17 09:00 - 2015-11-12 09:12 - 00867840 _____ (Firebird Project) C:\Windows\system32\GDS32.DLL 2016-08-17 09:00 - 2015-11-12 08:42 - 00548864 _____ (Firebird Project) C:\Windows\SysWOW64\GDS32.DLL 2016-08-17 08:58 - 2016-08-17 08:58 - 00000000 _____ C:\CONFIG.SYS 2016-08-17 08:57 - 2016-08-17 08:57 - 00002683 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Backup Manager.lnk 2016-08-17 08:57 - 2016-08-17 08:57 - 00002675 _____ C:\Users\Public\Desktop\Status Monitor.lnk 2016-08-17 08:57 - 2016-08-17 08:57 - 00002667 _____ C:\Users\Public\Desktop\Smart Editor.lnk 2016-08-17 08:57 - 2016-08-17 08:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filizola 2016-08-17 08:56 - 2016-08-17 10:05 - 00000000 ____D C:\Filizola 2016-08-17 08:53 - 2016-08-17 08:53 - 00000000 ____D C:\Users\Frutao\AppData\Local\CEF 2016-08-15 14:03 - 2016-08-15 14:03 - 00000000 ____D C:\Users\Frutao\AppData\LocalLow\Adblock Plus for IE 2016-08-15 14:03 - 2016-08-15 14:03 - 00000000 ____D C:\Program Files\Adblock Plus for IE 2016-08-15 13:39 - 2014-06-25 01:27 - 00095744 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\system32\StnPorts.dll 2016-08-15 13:39 - 2014-06-25 01:24 - 00023552 _____ C:\Windows\system32\StnCoInst.dll 2016-08-15 13:39 - 2014-06-24 23:29 - 00099328 _____ (ASIX Electronics Corp.) C:\Windows\system32\Drivers\StnPport.sys 2016-08-15 13:39 - 2014-06-24 23:27 - 00139264 _____ (ASIX Electronics Corp.) C:\Windows\system32\Drivers\StnSport.sys 2016-08-15 13:35 - 2016-08-17 09:23 - 00000000 __SHD C:\Users\Frutao\IntelGraphicsProfiles 2016-08-15 13:31 - 2016-08-15 13:31 - 00002448 _____ C:\Users\Frutao\Desktop\Word 2016.lnk 2016-08-15 13:31 - 2016-08-15 13:31 - 00002394 _____ C:\Users\Frutao\Desktop\Excel 2016.lnk 2016-08-15 13:30 - 2016-08-15 13:30 - 00002127 _____ C:\Users\Frutao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-08-15 13:30 - 2016-08-15 13:30 - 00002106 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-08-15 13:30 - 2016-08-15 13:30 - 00002106 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-08-15 13:30 - 2016-08-15 13:30 - 00002106 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-08-15 13:30 - 2016-08-15 13:30 - 00000000 ___RD C:\Users\Frutao\OneDrive 2016-08-15 13:30 - 2016-08-15 13:30 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive 2016-08-15 13:30 - 2016-08-15 13:30 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-08-15 13:30 - 2016-08-15 13:30 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2016-08-15 13:27 - 2016-08-08 08:34 - 00000281 _____ C:\apaga.bat 2016-08-15 13:26 - 2016-08-15 13:26 - 00003366 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart 2016-08-15 13:26 - 2016-08-15 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico 2016-08-15 13:26 - 2016-08-15 13:26 - 00000000 ____D C:\Program Files\KMSpico 2016-08-15 13:26 - 2010-12-05 22:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll 2016-08-15 13:25 - 2016-08-15 13:25 - 00000000 ____D C:\Program Files (x86)\Intel 2016-08-15 13:25 - 2016-08-15 13:25 - 00000000 ____D C:\Intel 2016-08-15 13:25 - 2015-12-10 10:31 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL 2016-08-15 13:25 - 2015-12-10 10:31 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL 2016-08-15 13:24 - 2016-08-15 13:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf 2016-08-15 13:24 - 2016-08-15 13:24 - 00000000 ____D C:\Program Files\Intel 2016-08-15 13:24 - 2016-08-15 13:24 - 00000000 ____D C:\Program Files\ASUS 2016-08-15 13:24 - 2016-08-15 13:24 - 00000000 ____D C:\Program Files (x86)\ASUS 2016-08-15 13:24 - 2014-01-27 23:16 - 00028672 _____ (ASUSTek Computer Inc.) C:\Windows\SysWOW64\AsIO.dll 2016-08-15 13:24 - 2014-01-27 23:16 - 00015232 _____ C:\Windows\SysWOW64\Drivers\AsIO.sys 2016-08-15 13:23 - 2016-08-15 13:23 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2016-08-15 13:22 - 2015-12-22 10:02 - 01026304 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys 2016-08-15 13:22 - 2015-12-22 10:02 - 00116304 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll 2016-08-15 13:22 - 2015-12-22 10:02 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll 2016-08-15 13:22 - 2015-12-10 10:32 - 00190868 __RSH C:\Windows\system32\resTHA.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00183476 __RSH C:\Windows\system32\resELL.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00179252 __RSH C:\Windows\system32\resRUS.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00164932 __RSH C:\Windows\system32\resARA.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00164404 __RSH C:\Windows\system32\resJPN.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00164356 __RSH C:\Windows\system32\resHEB.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00159732 __RSH C:\Windows\system32\resHUN.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00159716 __RSH C:\Windows\system32\resFRA.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00158004 __RSH C:\Windows\system32\resKOR.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00157892 __RSH C:\Windows\system32\resDEU.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00157860 __RSH C:\Windows\system32\resITA.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00157668 __RSH C:\Windows\system32\resROM.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00157572 __RSH C:\Windows\system32\resESN.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00157140 __RSH C:\Windows\system32\resPLK.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00157012 __RSH C:\Windows\system32\resSKY.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00156836 __RSH C:\Windows\system32\resNLD.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00156228 __RSH C:\Windows\system32\resPTB.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00156132 __RSH C:\Windows\system32\resCSY.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00156116 __RSH C:\Windows\system32\resTRK.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00155940 __RSH C:\Windows\system32\resPTG.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00155460 __RSH C:\Windows\system32\resFIN.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00155060 __RSH C:\Windows\system32\resHRV.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00154628 __RSH C:\Windows\system32\resSVE.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00154484 __RSH C:\Windows\system32\resSLV.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00153508 __RSH C:\Windows\system32\resNOR.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00153028 __RSH C:\Windows\system32\resDAN.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00151684 __RSH C:\Windows\system32\resENU.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00149924 __RSH C:\Windows\system32\resCHT.cui 2016-08-15 13:22 - 2015-12-10 10:32 - 00149060 __RSH C:\Windows\system32\resCHS.cui 2016-08-15 13:22 - 2015-12-10 10:31 - 03792272 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys 2016-08-15 13:22 - 2015-12-10 10:31 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa 2016-08-15 13:22 - 2015-12-10 10:31 - 00255488 _____ C:\Windows\system32\igfxCPL.cpl 2016-08-15 13:22 - 2015-12-10 10:31 - 00044025 _____ C:\Windows\system32\iglhxo64.vp 2016-08-15 13:22 - 2015-12-10 10:31 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp 2016-08-15 13:22 - 2015-12-10 10:31 - 00043494 _____ C:\Windows\system32\iglhxc64.vp 2016-08-15 13:22 - 2015-12-10 10:31 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp 2016-08-15 13:22 - 2015-12-10 10:31 - 00043256 _____ C:\Windows\system32\iglhxg64.vp 2016-08-15 13:22 - 2015-12-10 10:31 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp 2016-08-15 13:22 - 2015-12-10 10:31 - 00002582 _____ C:\Windows\system32\iglhxs64.vp 2016-08-15 13:22 - 2015-12-10 10:31 - 00001125 _____ C:\Windows\system32\iglhxa64.vp 2016-08-15 13:22 - 2015-12-10 10:31 - 00000895 _____ C:\Windows\system32\Gfxv2_0.exe.config 2016-08-15 13:22 - 2015-12-10 10:31 - 00000895 _____ C:\Windows\system32\DPTopologyAppv2_0.exe.config 2016-08-15 13:22 - 2015-12-10 10:31 - 00000895 _____ C:\Windows\system32\CustomModeAppv2_0.exe.config 2016-08-15 13:22 - 2015-12-10 10:31 - 00000889 _____ C:\Windows\system32\Gfxv4_0.exe.config 2016-08-15 13:22 - 2015-12-10 10:31 - 00000889 _____ C:\Windows\system32\DPTopologyApp.exe.config 2016-08-15 13:22 - 2015-12-10 10:31 - 00000889 _____ C:\Windows\system32\CustomModeApp.exe.config 2016-08-15 13:22 - 2012-08-16 22:57 - 02356592 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll 2016-08-15 13:21 - 2016-08-15 13:21 - 00002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2016-08-15 13:21 - 2016-08-15 13:21 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk 2016-08-15 13:21 - 2016-08-15 13:21 - 00002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2016-08-15 13:21 - 2016-08-15 13:21 - 00002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2016-08-15 13:21 - 2016-08-15 13:21 - 00002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2016-08-15 13:21 - 2016-08-15 13:21 - 00002394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2016-08-15 13:21 - 2016-08-15 13:21 - 00002384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2016-08-15 13:21 - 2016-08-15 13:21 - 00002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2016-08-15 13:21 - 2016-08-15 13:21 - 00002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2016-08-15 13:21 - 2016-08-15 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016 2016-08-15 13:21 - 2015-12-10 10:31 - 22905344 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 17837568 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 12211696 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 11784216 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 10948400 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 10475064 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 04604624 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 03644664 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 02027008 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 01987072 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 01786368 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 01758208 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 01137120 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 01133000 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00673280 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00609280 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00454760 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00376832 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00371200 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00366680 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00366080 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00321536 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00286720 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00284672 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00252416 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00224256 _____ C:\Windows\system32\igdde64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00218848 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00209408 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00188928 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4338.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00188496 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00185856 _____ C:\Windows\SysWOW64\igdde32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00184832 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00183840 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00162304 _____ C:\Windows\system32\igdail64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00159096 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00155136 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00143872 _____ C:\Windows\SysWOW64\igdail32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00086528 _____ C:\Windows\system32\igfxCUIServicePS.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00069632 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00059904 _____ ( ) C:\Windows\system32\igfxDHLib.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00031448 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00030720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00010752 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00010752 _____ ( ) C:\Windows\system32\igfxDILib.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll 2016-08-15 13:21 - 2015-12-10 10:31 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll 2016-08-15 13:20 - 2016-08-15 13:30 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft 2016-08-15 13:20 - 2016-08-15 13:30 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-08-15 13:20 - 2016-08-15 13:20 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2016-08-15 13:20 - 2015-12-10 10:31 - 08588800 _____ (Intel Corporation) C:\Windows\system32\ig75icd64.dll 2016-08-15 13:20 - 2015-12-10 10:31 - 06585344 _____ (Intel Corporation) C:\Windows\SysWOW64\ig75icd32.dll 2016-08-15 13:20 - 2015-12-10 10:31 - 04382824 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe 2016-08-15 13:20 - 2015-12-10 10:31 - 04379240 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe 2016-08-15 13:20 - 2015-12-10 10:31 - 00959592 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe 2016-08-15 13:20 - 2015-12-10 10:31 - 00545896 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe 2016-08-15 13:20 - 2015-12-10 10:31 - 00545384 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe 2016-08-15 13:20 - 2015-12-10 10:31 - 00530536 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe 2016-08-15 13:20 - 2015-12-10 10:31 - 00399976 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe 2016-08-15 13:20 - 2015-12-10 10:31 - 00399464 _____ (Intel Corporation) C:\Windows\system32\CustomModeAppv2_0.exe 2016-08-15 13:20 - 2015-12-10 10:31 - 00372840 _____ (Intel Corporation) C:\Windows\system32\igfxTray.exe 2016-08-15 13:20 - 2015-12-10 10:31 - 00319080 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe 2016-08-15 13:20 - 2015-12-10 10:31 - 00316245 _____ C:\Windows\system32\DisplayAudiox64.cab 2016-08-15 13:20 - 2015-12-10 10:31 - 00280680 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe 2016-08-15 13:20 - 2015-12-10 10:31 - 00247400 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe 2016-08-15 13:20 - 2015-12-10 10:31 - 00195176 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2016-08-15 13:20 - 2015-12-10 10:31 - 00156264 _____ (Intel Corporation) C:\Windows\system32\difx64.exe 2016-08-15 13:20 - 2015-12-10 10:31 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll 2016-08-15 13:20 - 2015-10-08 15:15 - 00180480 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys 2016-08-15 13:20 - 2012-08-17 04:57 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll 2016-08-15 13:19 - 2016-08-15 13:19 - 00000000 ____D C:\Users\Frutao\AppData\Roaming\TeamViewer 2016-08-15 13:19 - 2016-08-15 13:19 - 00000000 ____D C:\Users\Frutao\AppData\Roaming\DRPSu 2016-08-15 13:18 - 2016-08-15 13:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-08-15 13:18 - 2016-08-15 13:18 - 00000000 ____D C:\Users\Frutao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-08-15 13:18 - 2016-08-15 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-08-15 13:18 - 2016-08-15 13:18 - 00000000 ____D C:\Program Files\WinRAR 2016-08-15 13:18 - 2016-08-15 13:18 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-08-15 13:18 - 2016-07-25 16:33 - 07565832 _____ (TeamViewer) C:\Users\Frutao\Desktop\Team Viewer 11.exe 2016-08-15 13:17 - 2016-08-17 15:30 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-08-15 13:17 - 2016-08-17 15:12 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-15 13:17 - 2016-08-17 12:20 - 00000000 ____D C:\Users\Frutao\AppData\Local\Google 2016-08-15 13:17 - 2016-08-15 14:25 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-08-15 13:17 - 2016-08-15 14:25 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-08-15 13:17 - 2016-08-15 14:00 - 00002265 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-08-15 13:17 - 2016-08-15 13:17 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-08-15 13:17 - 2016-08-15 13:17 - 00000000 ____D C:\Users\Frutao\AppData\LocalLow\Adobe 2016-08-15 13:17 - 2016-08-15 13:17 - 00000000 ____D C:\Users\Frutao\AppData\Local\Adobe 2016-08-15 13:17 - 2016-08-15 13:17 - 00000000 ____D C:\Program Files (x86)\Java 2016-08-15 13:17 - 2016-08-15 13:17 - 00000000 ____D C:\Program Files (x86)\Google 2016-08-15 13:17 - 2016-08-15 13:16 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll 2016-08-15 13:16 - 2016-08-15 13:17 - 00000000 ____D C:\Users\Frutao\.oracle_jre_usage 2016-08-15 13:16 - 2016-08-15 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-08-15 13:16 - 2016-08-15 13:16 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2016-08-15 13:16 - 2016-08-15 13:16 - 00000000 ____D C:\Users\Todos os Usuários\Oracle 2016-08-15 13:16 - 2016-08-15 13:16 - 00000000 ____D C:\Users\Frutao\AppData\Roaming\Sun 2016-08-15 13:16 - 2016-08-15 13:16 - 00000000 ____D C:\Users\Frutao\AppData\Roaming\Macromedia 2016-08-15 13:16 - 2016-08-15 13:16 - 00000000 ____D C:\Users\Frutao\AppData\LocalLow\Sun 2016-08-15 13:16 - 2016-08-15 13:16 - 00000000 ____D C:\ProgramData\Oracle 2016-08-15 13:16 - 2016-08-15 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF 2016-08-15 13:16 - 2016-08-15 13:16 - 00000000 ____D C:\Program Files\Java 2016-08-15 13:16 - 2016-08-15 13:16 - 00000000 ____D C:\Program Files (x86)\GPLGS 2016-08-15 13:16 - 2016-08-15 13:16 - 00000000 ____D C:\Program Files (x86)\Acro Software 2016-08-15 13:16 - 2013-10-23 15:24 - 00087600 _____ C:\Windows\system32\cpwmon64.dll 2016-08-15 13:14 - 2016-08-15 14:24 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-08-15 13:14 - 2016-08-15 13:14 - 00000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 SDK 2016-08-15 13:13 - 2016-08-15 14:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-08-15 13:13 - 2016-08-15 14:18 - 00000000 ____D C:\Users\Todos os Usuários\Adobe 2016-08-15 13:13 - 2016-08-15 14:18 - 00000000 ____D C:\ProgramData\Adobe 2016-08-15 13:13 - 2016-08-15 13:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-08-15 13:13 - 2016-08-15 13:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-08-15 13:13 - 2016-08-15 13:13 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-08-15 13:13 - 2016-08-15 13:13 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-08-15 13:13 - 2016-08-15 13:13 - 00000000 ____D C:\Windows\system32\Macromed 2016-08-15 13:13 - 2016-08-15 13:13 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-08-15 13:12 - 2016-08-15 13:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2016-08-15 13:03 - 2016-08-15 13:26 - 00110176 _____ C:\Users\Frutao\AppData\Local\GDIPFONTCACHEV1.DAT 2016-08-15 13:03 - 2016-08-15 13:03 - 00000970 __RSH C:\Users\Todos os Usuários\ntuser.pol 2016-08-15 13:03 - 2016-08-15 13:03 - 00000970 __RSH C:\ProgramData\ntuser.pol 2016-08-15 13:00 - 2016-08-15 13:00 - 00000000 __SHD C:\Users\Frutao\AppData\LocalLow\EmieUserList 2016-08-15 13:00 - 2016-08-15 13:00 - 00000000 __SHD C:\Users\Frutao\AppData\LocalLow\EmieSiteList 2016-08-15 13:00 - 2016-08-15 13:00 - 00000000 __SHD C:\Users\Frutao\AppData\LocalLow\EmieBrowserModeList 2016-08-15 13:00 - 2016-08-15 13:00 - 00000000 __SHD C:\Users\Frutao\AppData\Local\EmieUserList 2016-08-15 13:00 - 2016-08-15 13:00 - 00000000 __SHD C:\Users\Frutao\AppData\Local\EmieSiteList 2016-08-15 13:00 - 2016-08-15 13:00 - 00000000 __SHD C:\Users\Frutao\AppData\Local\EmieBrowserModeList 2016-08-15 12:54 - 2016-08-15 13:35 - 00000000 ____D C:\Users\Frutao 2016-08-15 12:54 - 2016-08-15 13:17 - 00000000 ____D C:\Users\Frutao\AppData\Roaming\Adobe 2016-08-15 12:54 - 2016-08-15 12:54 - 00001389 _____ C:\Users\Frutao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-08-15 12:54 - 2016-08-15 12:54 - 00000020 ___SH C:\Users\Frutao\ntuser.ini 2016-08-15 12:54 - 2016-08-15 12:54 - 00000000 _SHDL C:\Users\Frutao\Modelos 2016-08-15 12:54 - 2016-08-15 12:54 - 00000000 _SHDL C:\Users\Frutao\Meus documentos 2016-08-15 12:54 - 2016-08-15 12:54 - 00000000 _SHDL C:\Users\Frutao\Menu Iniciar 2016-08-15 12:54 - 2016-08-15 12:54 - 00000000 _SHDL C:\Users\Frutao\Documents\Minhas músicas 2016-08-15 12:54 - 2016-08-15 12:54 - 00000000 _SHDL C:\Users\Frutao\Documents\Minhas imagens 2016-08-15 12:54 - 2016-08-15 12:54 - 00000000 _SHDL C:\Users\Frutao\Documents\Meus vídeos 2016-08-15 12:54 - 2016-08-15 12:54 - 00000000 _SHDL C:\Users\Frutao\Dados de aplicativos 2016-08-15 12:54 - 2016-08-15 12:54 - 00000000 _SHDL C:\Users\Frutao\Configurações locais 2016-08-15 12:54 - 2016-08-15 12:54 - 00000000 _SHDL C:\Users\Frutao\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-08-15 12:54 - 2016-08-15 12:54 - 00000000 _SHDL C:\Users\Frutao\AppData\Local\Histórico 2016-08-15 12:54 - 2016-08-15 12:54 - 00000000 _SHDL C:\Users\Frutao\AppData\Local\Dados de aplicativos 2016-08-15 12:54 - 2016-08-15 12:54 - 00000000 _SHDL C:\Users\Frutao\Ambiente de rede 2016-08-15 12:54 - 2016-08-15 12:54 - 00000000 _SHDL C:\Users\Frutao\Ambiente de impressão 2016-08-15 12:54 - 2016-08-15 12:54 - 00000000 ____D C:\Users\Frutao\AppData\Local\VirtualStore 2016-08-15 12:54 - 2011-04-12 10:20 - 00000000 ____D C:\Users\Frutao\AppData\Roaming\Media Center Programs 2016-08-15 11:51 - 2016-08-15 11:51 - 00000000 ____D C:\Windows\CSC ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-08-17 15:28 - 2009-07-14 00:45 - 00016368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-08-17 15:28 - 2009-07-14 00:45 - 00016368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-08-17 15:19 - 2011-04-12 09:40 - 00705474 _____ C:\Windows\system32\prfh0416.dat 2016-08-17 15:19 - 2011-04-12 09:40 - 00147314 _____ C:\Windows\system32\prfc0416.dat 2016-08-17 15:19 - 2009-07-14 01:13 - 01634498 _____ C:\Windows\system32\PerfStringBackup.INI 2016-08-17 15:19 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf 2016-08-17 15:12 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-08-17 14:16 - 2014-09-15 07:32 - 00000000 ____D C:\Windows\Panther 2016-08-15 13:35 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2016-08-15 13:33 - 2009-07-14 00:45 - 00433104 _____ C:\Windows\system32\FNTCACHE.DAT 2016-08-15 13:20 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2016-08-15 13:01 - 2009-07-13 23:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2016-08-15 12:54 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache 2016-08-15 09:27 - 2009-07-14 01:32 - 00032768 _____ C:\Windows\system32\config\BCD-Template ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-08-17 11:49 ==================== Fim de FRST.txt ============================