Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 07-12-2016 Executado por Weverton (administrador) em WEVERTON-PC (13-12-2016 01:21:18) Executando a partir de C:\Users\Weverton\Downloads Perfis Carregados: Weverton (Perfis Disponíveis: Weverton & Família & Wanderson & Mcx1-WEVERTON-PC) Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil) Internet Explorer Versão 9 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe () C:\Program Files (x86)\Client\client.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files (x86)\Client\client.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\wusa.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registro (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13675736 2014-08-13] (Realtek Semiconductor) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-4294391776-4171377967-4143943055-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 Startup: C:\Users\Wanderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2016-12-10] ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Weverton\AppData\Local\Facebook\Games\FacebookGameroom.exe (Nenhum Arquivo) Startup: C:\Users\Weverton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\corelsetup.exe [2016-12-12] () GroupPolicy: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{485E640C-3D34-4C01-865E-A061B72165DA}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO HKU\S-1-5-21-4294391776-4171377967-4143943055-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.pandion.im/#q=%s HKU\S-1-5-21-4294391776-4171377967-4143943055-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp HKU\S-1-5-21-4294391776-4171377967-4143943055-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?ocid=iehp SearchScopes: HKU\S-1-5-21-4294391776-4171377967-4143943055-1000 -> Google Powered Pandion Search URL = hxxp://search.pandion.im/#q=%s BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-10-30] (IObit) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-08-21] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-08-21] (Oracle Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-07-09] (IObit) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) FireFox: ======== FF HKU\S-1-5-21-4294391776-4171377967-4143943055-1000\...\Firefox\Extensions: [{536ad1d6-d9d9-41e5-8945-864506a1f2fc}] - C:\Users\Weverton\AppData\Local\Pandion\Application\src\..\search\xpi FF Extension: (Google Powered Pandion Search) - C:\Users\Weverton\AppData\Local\Pandion\Application\src\..\search\xpi [2016-10-06] [não assinado] FF Plugin: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-08-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-08-21] (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Weverton\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2016-04-29] (Raidcall) FF Plugin-x32: @raidcall.tw/RCplugin -> C:\Users\Weverton\AppData\Roaming\RCTW\plugins\nprcplugin.dll [2013-06-25] (Raidcall) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-19] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.com.br/ CHR StartupUrls: Default -> "hxxps://www.google.com.br/" CHR Profile: C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default [2016-12-13] CHR Extension: (Google Apresentações) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-18] CHR Extension: (Google Docs) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-18] CHR Extension: (Google Drive) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-18] CHR Extension: (YouTube) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-18] CHR Extension: (Desprotetor.com - Desprotetor de links) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\cocohmmjllchepkjocddkihldoiillkl [2016-08-18] CHR Extension: (Facebook App Launcher) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\dihbebhmaoagdpbcnfedokpfkkgmmpgc [2016-08-21] CHR Extension: (Sketch Toy) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ednofnkligfbacmlfggaccfhpkfopojb [2016-08-18] CHR Extension: (Notícias sociais para Facebook) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\edoadhjjfgeniilpmnoaddaihjkkhheb [2016-08-18] CHR Extension: (Angry Birds Tribute New Tab) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcndonbcofpiipoigklnfgiekngjhaj [2016-10-11] CHR Extension: (Planilhas do Google) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-18] CHR Extension: (Documentos Google off-line) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-18] CHR Extension: (Avast Online Security) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-31] CHR Extension: (Bubble Shooter Balões) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpbhbohcdnlcediiopngchhnnofnhaec [2016-08-18] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-18] CHR Extension: (Gmail) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-18] CHR Extension: (Chrome Media Router) - C:\Users\Weverton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-26] ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit) R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider) R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-10-06] (Anchorfree Inc.) S3 cpuz139; \??\C:\Users\Weverton\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] S3 xspirit; \??\C:\Windows\xspirit.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três Meses Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-12-13 01:17 - 2016-12-13 01:17 - 00036781 _____ C:\Users\Weverton\Downloads\Addition.txt 2016-12-13 01:14 - 2016-12-13 01:21 - 00013908 _____ C:\Users\Weverton\Downloads\FRST.txt 2016-12-13 01:14 - 2016-12-13 01:21 - 00000000 ____D C:\FRST 2016-12-13 01:14 - 2016-12-13 01:14 - 02420224 _____ (Farbar) C:\Users\Weverton\Downloads\FRST64.exe 2016-12-13 01:10 - 2016-12-13 01:10 - 00003630 _____ C:\Users\Weverton\Downloads\api-ms-win-crt-runtime-l1-1-0.zip 2016-12-12 22:53 - 2016-12-12 22:53 - 01034556 _____ C:\Users\Weverton\Downloads\Windows6.1-KB2999226-x64.msu 2016-12-12 22:53 - 2016-12-12 22:53 - 00000000 ___HT C:\Windows\wusa.lock 2016-12-12 22:53 - 2016-12-12 22:53 - 00000000 ____D C:\c4b5f12b55d58f9d30c694d9d1 2016-12-12 22:50 - 2016-12-13 01:14 - 00003060 _____ C:\Users\Public\Desktop\Corel CAPTURE X8 (64-Bit).lnk 2016-12-12 22:50 - 2016-12-13 01:14 - 00002343 _____ C:\Users\Public\Desktop\Corel CONNECT X8 (64-Bit).lnk 2016-12-12 22:50 - 2016-12-13 01:13 - 00003063 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X8 (64-Bit).lnk 2016-12-12 22:50 - 2016-12-13 01:13 - 00003015 _____ C:\Users\Public\Desktop\CorelDRAW X8 (64-Bit).lnk 2016-12-12 22:50 - 2016-12-13 01:13 - 00002256 _____ C:\Users\Public\Desktop\Corel Font Manager X8 (64-Bit).lnk 2016-12-12 22:50 - 2016-12-12 22:50 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Corel 2016-12-12 22:50 - 2016-12-12 22:50 - 00000000 ____D C:\Program Files (x86)\gs 2016-12-12 22:48 - 2016-12-13 01:16 - 00003328 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTaskCore 2016-12-12 22:48 - 2016-12-12 22:48 - 00000000 ____D C:\Users\Todos os Usuários\VsTelemetry 2016-12-12 22:48 - 2016-12-12 22:48 - 00000000 ____D C:\ProgramData\VsTelemetry 2016-12-12 22:48 - 2016-12-12 22:48 - 00000000 ____D C:\Program Files (x86)\Corel 2016-12-12 22:47 - 2016-12-12 22:47 - 00000000 ____D C:\Program Files\Common Files\Corel 2016-12-12 22:45 - 2016-12-12 22:45 - 00000000 ____D C:\Users\Public\Documents\Corel 2016-12-12 22:44 - 2016-12-13 01:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit) 2016-12-12 22:42 - 2016-12-13 01:12 - 00000000 ____D C:\Program Files\Corel 2016-12-12 22:42 - 2016-12-12 22:47 - 00000000 ____D C:\Users\Todos os Usuários\Corel 2016-12-12 22:42 - 2016-12-12 22:47 - 00000000 ____D C:\ProgramData\Corel 2016-12-12 22:35 - 2016-12-12 22:35 - 00003142 _____ C:\Windows\System32\Tasks\{21692552-DB04-4AED-887D-CBA27C5BBB60} 2016-12-12 16:48 - 2016-12-12 16:48 - 00621568 _____ C:\Users\Weverton\AppData\Roaming\repair.exe 2016-12-10 21:33 - 2016-12-10 21:33 - 00001132 _____ C:\Users\Wanderson\Desktop\Facebook Gameroom.lnk 2016-12-10 21:33 - 2016-12-10 21:33 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook 2016-12-10 21:33 - 2016-12-10 21:33 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Facebook 2016-12-10 21:33 - 2016-12-10 21:33 - 00000000 ____D C:\Users\Wanderson\AppData\Local\CEF 2016-12-10 21:30 - 2016-12-10 21:31 - 00249592 _____ (Facebook) C:\Users\Wanderson\Downloads\FacebookGameroom.exe 2016-12-10 10:47 - 2016-12-12 11:01 - 00001591 _____ C:\Users\Todos os Usuários\Client Monitor 2016-12-10 10:47 - 2016-12-12 11:01 - 00001591 _____ C:\ProgramData\Client Monitor 2016-12-10 10:46 - 2016-12-12 11:01 - 00000000 ____D C:\Users\Todos os Usuários\Client 2016-12-10 10:46 - 2016-12-12 11:01 - 00000000 ____D C:\ProgramData\Client 2016-12-09 12:59 - 2016-12-09 13:01 - 00000000 ____D C:\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits 2016-12-09 12:54 - 2016-12-12 19:04 - 00003310 _____ C:\Windows\System32\Tasks\Client Monitor 2016-12-09 12:54 - 2016-12-09 12:54 - 00000000 ____D C:\Windows\System32\Tasks\Update 2016-12-09 12:54 - 2016-12-09 12:54 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Monitor 2016-12-09 12:54 - 2016-12-09 12:54 - 00000000 ____D C:\Program Files (x86)\Client 2016-12-09 12:53 - 2016-04-28 20:30 - 01864704 _____ C:\Users\Weverton\Desktop\keygen.exe 2016-12-09 06:32 - 2016-12-11 19:53 - 00000000 ____D C:\Users\Weverton\AppData\Local\LogMeIn Hamachi 2016-12-09 06:32 - 2016-12-09 06:32 - 00000000 ____D C:\Users\Weverton\AppData\Local\LogMeIn 2016-12-08 22:27 - 2016-12-09 00:02 - 00000000 ____D C:\Users\Wanderson\AppData\Local\LogMeIn Hamachi 2016-12-08 22:27 - 2016-12-08 22:27 - 00000000 ____D C:\Users\Wanderson\AppData\Local\LogMeIn 2016-12-08 22:27 - 2016-12-08 22:27 - 00000000 ____D C:\Users\Todos os Usuários\LogMeIn 2016-12-08 22:27 - 2016-12-08 22:27 - 00000000 ____D C:\ProgramData\LogMeIn 2016-12-08 22:26 - 2016-12-08 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2016-12-08 22:26 - 2016-12-08 22:26 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2016-12-08 22:23 - 2016-12-08 22:24 - 08417280 _____ C:\Users\Wanderson\Downloads\hamachi.msi 2016-12-05 20:45 - 2016-12-05 20:45 - 00000000 _____ C:\Users\Wanderson\Desktop\Novo(a) Apresentação do Microsoft PowerPoint.pptx 2016-12-05 18:40 - 2016-12-05 18:40 - 00000000 _____ C:\Users\Weverton\Downloads\download 2016-12-05 07:49 - 2016-12-05 07:49 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\vlc 2016-12-03 23:35 - 2016-12-03 23:35 - 00002882 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_Wanderson 2016-12-03 23:35 - 2016-12-03 23:35 - 00000000 ____D C:\Users\Wanderson\AppData\LocalLow\IObit 2016-12-01 09:34 - 2016-12-01 09:34 - 00034726 _____ C:\Users\Weverton\Downloads\Atvs_8575602_1.pdf 2016-12-01 09:34 - 2016-12-01 09:34 - 00025243 _____ C:\Users\Weverton\Downloads\CacAtvs_8575602_1.pdf 2016-12-01 09:34 - 2016-12-01 09:34 - 00017538 _____ C:\Users\Weverton\Downloads\NtfAtvs_8575602_1.pdf 2016-11-30 08:26 - 2016-11-30 08:26 - 00168354 _____ C:\Users\Weverton\Desktop\itau2.pdf 2016-11-30 08:25 - 2016-11-30 08:25 - 00168348 _____ C:\Users\Weverton\Desktop\itau.pdf 2016-11-25 13:13 - 2016-11-25 13:13 - 00250593 _____ C:\Users\Weverton\Downloads\FaturaHipercard-11-2016.pdf 2016-11-21 20:28 - 2016-11-21 20:28 - 00090595 _____ C:\Users\Weverton\Downloads\QUADRO DE VAGAS_SAO VICENTE DO SERIDO.pdf 2016-11-20 00:03 - 2016-11-20 00:16 - 103242730 _____ C:\Users\Weverton\Downloads\2005 - Acústico MTV_finalmentedonwload.rar 2016-11-20 00:02 - 2013-10-27 10:18 - 00000000 ____D C:\Users\Weverton\Downloads\O RAPPA - Acústico MTV 2016-11-19 22:10 - 2016-11-19 22:49 - 104531890 _____ C:\Users\Weverton\Downloads\O RAPPA - Acústico MTV.rar 2016-11-18 13:07 - 2016-11-18 13:07 - 00000000 ____D C:\Users\Weverton\Documents\Originals 2016-11-16 11:46 - 2016-11-16 11:46 - 00105889 _____ C:\Users\Weverton\Downloads\noname (1).eml 2016-11-16 11:44 - 2016-11-16 11:44 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Windows Live Writer 2016-11-16 11:44 - 2016-11-16 11:44 - 00000000 ____D C:\Users\Weverton\AppData\Local\Windows Live Writer 2016-11-16 11:43 - 2016-11-16 11:44 - 00105889 _____ C:\Users\Weverton\Downloads\noname.eml 2016-11-11 13:47 - 2016-11-11 13:47 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys 2016-11-11 12:33 - 2016-11-11 12:33 - 00079479 _____ C:\Users\Weverton\Downloads\NovaEstruturaTECINFO2011_2012.xlsx 2016-11-05 09:48 - 2016-11-05 09:48 - 00251747 _____ C:\Users\Wanderson\Downloads\FaturaHipercard-11-2016.pdf 2016-11-05 09:48 - 2016-11-05 09:48 - 00251048 _____ C:\Users\Wanderson\Downloads\FaturaHipercard-10-2016.pdf 2016-11-03 23:37 - 2016-11-04 00:35 - 2047469266 ____R C:\Users\Weverton\Downloads\CorelDraw X8 Graphics Suite X8 Multilanguage 32 e 64 Bits PT-BR.rar 2016-11-01 07:14 - 2016-11-01 07:14 - 55083008 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak 2016-11-01 07:14 - 2016-11-01 07:14 - 00311296 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak 2016-11-01 07:14 - 2016-11-01 07:14 - 00102400 _____ C:\Windows\system32\config\SAM.iodefrag.bak 2016-11-01 07:14 - 2016-11-01 07:14 - 00028672 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak 2016-10-31 22:52 - 2016-10-31 22:52 - 00433308 _____ C:\Users\Weverton\Downloads\WhatsApp Video 2016-10-31 at 22.51.08.mp4 2016-10-27 09:59 - 2016-10-27 09:59 - 00000390 __RSH C:\Users\Todos os Usuários\ntuser.pol 2016-10-27 09:59 - 2016-10-27 09:59 - 00000390 __RSH C:\ProgramData\ntuser.pol 2016-10-27 00:08 - 2016-12-03 23:19 - 00000000 ____D C:\Users\Mcx1-WEVERTON-PC 2016-10-27 00:08 - 2016-10-27 00:08 - 00000020 ___SH C:\Users\Mcx1-WEVERTON-PC\ntuser.ini 2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Modelos 2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Meus documentos 2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Menu Iniciar 2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Documents\Minhas músicas 2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Documents\Minhas imagens 2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Documents\Meus vídeos 2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Dados de aplicativos 2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Configurações locais 2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\AppData\Local\Histórico 2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\AppData\Local\Dados de aplicativos 2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Ambiente de rede 2016-10-27 00:08 - 2016-10-27 00:08 - 00000000 _SHDL C:\Users\Mcx1-WEVERTON-PC\Ambiente de impressão 2016-10-27 00:08 - 2016-10-19 20:32 - 00002110 _____ C:\Users\Mcx1-WEVERTON-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-10-27 00:08 - 2010-11-21 06:47 - 00000000 ____D C:\Users\Mcx1-WEVERTON-PC\AppData\Roaming\Media Center Programs 2016-10-25 21:33 - 2016-10-25 21:34 - 01065376 _____ (Google Inc.) C:\Users\Weverton\Downloads\ChromeSetup.exe 2016-10-25 07:21 - 2016-10-27 00:13 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\vlc 2016-10-25 07:21 - 2016-10-25 07:21 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-10-25 07:21 - 2016-10-25 07:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-10-25 07:19 - 2016-12-03 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-10-25 07:19 - 2016-10-25 07:19 - 00002318 _____ C:\Users\Public\Desktop\Free Video to Xbox Converter.lnk 2016-10-25 07:19 - 2016-10-25 07:19 - 00001243 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2016-10-25 07:19 - 2016-10-25 07:19 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\DVDVideoSoft 2016-10-25 07:15 - 2016-10-25 07:16 - 30533688 _____ C:\Users\Weverton\Downloads\vlc-2.2.4-win32.exe 2016-10-25 07:14 - 2016-10-25 07:16 - 25539712 _____ (DVDVideoSoft Ltd. ) C:\Users\Weverton\Downloads\free-video-to-xbox-converter-5-0-22-128-es-en-win.exe 2016-10-25 07:09 - 2016-10-25 07:09 - 00000000 ____D C:\Users\Weverton\Documents\Apowersoft 2016-10-25 07:09 - 2016-10-25 07:09 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Apowersoft 2016-10-25 07:09 - 2016-10-25 07:09 - 00000000 ____D C:\Users\Todos os Usuários\Apowersoft 2016-10-25 07:09 - 2016-10-25 07:09 - 00000000 ____D C:\ProgramData\Apowersoft 2016-10-25 07:05 - 2016-10-25 07:07 - 21094712 _____ (APOWERSOFT LIMITED ) C:\Users\Weverton\Downloads\mkv-converter-studio.exe 2016-10-19 21:14 - 2016-10-19 21:14 - 00009160 _____ C:\Users\Weverton\Documents\000.wlmp 2016-10-19 20:40 - 2016-10-19 20:40 - 00000000 ____D C:\Users\Weverton\Tracing 2016-10-19 20:37 - 2016-10-19 20:37 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk 2016-10-19 20:37 - 2016-10-19 20:37 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2016-10-19 20:37 - 2016-10-19 20:37 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2016-10-19 20:37 - 2016-10-19 20:37 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2016-10-19 20:36 - 2016-10-19 20:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2016-10-19 20:36 - 2014-03-31 21:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys 2016-10-19 20:33 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2016-10-19 20:33 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2016-10-19 20:33 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2016-10-19 20:33 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2016-10-19 20:33 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2016-10-19 20:32 - 2016-10-19 20:32 - 00002155 _____ C:\Users\Weverton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-10-19 20:32 - 2016-10-19 20:32 - 00002110 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-10-19 20:32 - 2016-10-19 20:32 - 00002110 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-10-19 20:32 - 2016-10-19 20:32 - 00002110 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2016-10-19 20:32 - 2016-10-19 20:32 - 00000000 ___RD C:\Users\Weverton\OneDrive 2016-10-19 20:32 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2016-10-19 20:31 - 2016-10-19 20:31 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive 2016-10-19 20:31 - 2016-10-19 20:31 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-10-19 20:30 - 2016-11-16 11:44 - 00000000 ____D C:\Users\Weverton\AppData\Local\Windows Live 2016-10-19 20:30 - 2016-10-19 20:30 - 01242312 _____ (Microsoft Corporation) C:\Users\Weverton\Downloads\Baixaki_windows-movie-maker [1].exe 2016-10-19 20:28 - 2016-10-19 20:29 - 01816736 _____ ( ) C:\Users\Weverton\Downloads\Baixaki_windows-movie-maker.exe 2016-10-19 20:20 - 2016-10-19 20:20 - 00108144 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.24 (1).jpeg 2016-10-19 20:20 - 2016-10-19 20:20 - 00091741 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.27 (1).jpeg 2016-10-19 20:20 - 2016-10-19 20:20 - 00086489 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.21 (1).jpeg 2016-10-19 20:20 - 2016-10-19 20:20 - 00071042 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.24 (2).jpeg 2016-10-19 20:20 - 2016-10-19 20:20 - 00061437 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.27.jpeg 2016-10-19 20:20 - 2016-10-19 20:20 - 00054399 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.24.jpeg 2016-10-19 20:20 - 2016-10-19 20:20 - 00038575 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.22.jpeg 2016-10-19 20:20 - 2016-10-19 20:20 - 00036436 _____ C:\Users\Weverton\Downloads\WhatsApp Image 2016-10-18 at 03.07.21.jpeg 2016-10-19 19:17 - 2016-10-19 19:17 - 00000000 ____D C:\Users\Todos os Usuários\Vitalwerks 2016-10-19 19:17 - 2016-10-19 19:17 - 00000000 ____D C:\ProgramData\Vitalwerks 2016-10-19 19:15 - 2016-10-19 19:15 - 00000000 ____D C:\Users\Weverton\AppData\Local\Vitalwerks 2016-10-19 19:14 - 2016-10-19 19:14 - 00241736 _____ C:\Users\Weverton\Downloads\DUCSetup_v4_1_1.exe 2016-10-18 10:54 - 2016-12-13 00:54 - 00000282 _____ C:\Windows\Tasks\{3FE401CC-8D92-B6E2-85AE-42DA21CA5C0E}.job 2016-10-18 10:54 - 2016-10-19 08:54 - 00000000 ____D C:\Users\Wanderson\AppData\Local\{B7EB8150-92B9-EC26-F98F-CBF4255D36CA} 2016-10-18 10:54 - 2016-10-18 10:54 - 00003232 _____ C:\Windows\System32\Tasks\{3FE401CC-8D92-B6E2-85AE-42DA21CA5C0E} 2016-10-18 10:53 - 2016-10-18 10:59 - 00000000 ____D C:\Users\Wanderson\AppData\Local\{B7B681EA-931E-ED52-FE86-C8BADAEE3422} 2016-10-17 23:11 - 2016-10-17 23:19 - 00000000 ____D C:\Users\Wanderson\Documents\Músicas só Bonde do Brasil 2016-10-17 22:57 - 2016-10-17 23:11 - 00000000 ____D C:\Users\Wanderson\Documents\Músicas só Breguinha 2016-10-17 22:53 - 2016-10-17 22:56 - 00000000 ____D C:\Users\Wanderson\Documents\Músicas só Sofrência 2016-10-17 08:45 - 2016-12-11 22:24 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\.minecraft 2016-10-17 08:45 - 2016-10-17 08:45 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\java 2016-10-16 22:22 - 2016-10-16 22:22 - 00000000 ____D C:\Users\Weverton\Documents\Electronic Arts 2016-10-16 22:21 - 2016-10-16 22:21 - 00001650 _____ C:\Users\Weverton\Desktop\The Sims 4.lnk 2016-10-16 22:18 - 2016-12-12 22:49 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache 2016-10-16 22:18 - 2016-12-12 22:49 - 00000000 ____D C:\ProgramData\Package Cache 2016-10-16 22:18 - 2014-10-19 14:54 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll 2016-10-16 22:17 - 2016-10-16 22:17 - 00001195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk 2016-10-16 14:05 - 2016-10-16 14:05 - 176302643 _____ C:\Users\Weverton\Downloads\Minecraft 1.8.1.zip 2016-10-16 14:05 - 2016-10-16 14:05 - 00002101 _____ C:\Users\Public\Desktop\Minecraft.lnk 2016-10-16 14:05 - 2016-10-16 14:05 - 00000000 ____D C:\Users\Weverton\Desktop\Minecraft 1.8.1 2016-10-16 14:05 - 2016-10-16 14:05 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft 2016-10-16 13:28 - 2016-10-16 14:05 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\.minecraft 2016-10-16 13:28 - 2016-10-16 13:28 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\java 2016-10-16 13:23 - 2016-10-16 13:23 - 02314240 _____ C:\Users\Weverton\Downloads\MinecraftInstaller.msi 2016-10-16 13:18 - 2016-10-16 13:19 - 09775953 _____ C:\Users\Weverton\Downloads\craftlandia.zip 2016-10-16 13:17 - 2016-10-16 21:55 - 00000000 ____D C:\Users\Weverton\Downloads\[www.tecdowns.com.br] The.Sims.4-RELOADED 2016-10-14 12:38 - 2016-10-14 12:38 - 00852686 _____ C:\Users\Weverton\Downloads\'-'.html 2016-10-14 12:38 - 2016-10-14 12:38 - 00000000 ____D C:\Users\Weverton\Downloads\'-'_files 2016-10-11 13:22 - 2016-10-11 13:23 - 04448979 _____ C:\Users\Weverton\Downloads\manual-acr-1000-20150615143727.pdf 2016-10-10 22:06 - 2016-10-10 22:06 - 00251324 _____ C:\Users\Weverton\Downloads\FaturaHipercard-09-2016 (1).pdf 2016-10-10 22:05 - 2016-10-10 22:05 - 00251281 _____ C:\Users\Weverton\Downloads\FaturaHipercard-10-2016.pdf 2016-10-10 16:03 - 2016-10-10 16:03 - 00000000 ____D C:\Users\Weverton\AppData\Local\CrashRpt 2016-10-10 15:59 - 2016-10-10 16:02 - 13979168 _____ C:\Users\Weverton\Downloads\HSS-6.0.3-install-hss-816-ext.exe 2016-10-08 10:48 - 2016-12-03 23:48 - 00000209 _____ C:\Users\Wanderson\AppData\Roaming\WB.CFG 2016-10-07 23:48 - 2016-10-07 23:48 - 00001138 _____ C:\Users\Weverton\Desktop\Facebook Games Arcade (BETA).lnk 2016-10-07 23:48 - 2016-10-07 23:48 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook 2016-10-07 23:48 - 2016-10-07 23:48 - 00000000 ____D C:\Users\Weverton\AppData\Local\FacebookGames 2016-10-07 23:47 - 2016-10-07 23:47 - 00000000 ____D C:\Users\Weverton\AppData\Local\Facebook 2016-10-07 23:45 - 2016-10-07 23:45 - 00110816 _____ () C:\Users\Weverton\Downloads\FacebookGamesArcadeSetup.exe 2016-10-07 16:54 - 2016-10-07 16:54 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\WinRAR 2016-10-07 16:51 - 2016-10-18 10:58 - 00002243 _____ C:\Users\Wanderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk 2016-10-07 16:51 - 2016-10-18 10:58 - 00000000 ____D C:\Users\Wanderson\AppData\Local\chromium 2016-10-07 16:48 - 2016-12-13 00:48 - 00000284 _____ C:\Windows\Tasks\{7B91D2B7-E887-95F1-F98A-0FE008BE1BAC}.job 2016-10-07 16:48 - 2016-12-03 23:49 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Lamocukodo 2016-10-07 16:48 - 2016-10-18 10:54 - 00002378 _____ C:\Users\Wanderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk 2016-10-07 16:48 - 2016-10-07 16:51 - 00000000 ____D C:\Users\Wanderson\AppData\Local\{C975FF29-EDDD-9391-8045-B679A42D4AE1} 2016-10-07 16:48 - 2016-10-07 16:48 - 00003234 _____ C:\Windows\System32\Tasks\{7B91D2B7-E887-95F1-F98A-0FE008BE1BAC} 2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Setup356618 2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Setup353482 2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Setup352359 2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\Users\Wanderson\AppData\Local\Sarafat 2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\Users\Todos os Usuários\{A0376554-2A75-EF92-ACB3-71D036F1FA1E} 2016-10-07 16:48 - 2016-10-07 16:48 - 00000000 ____D C:\ProgramData\{A0376554-2A75-EF92-ACB3-71D036F1FA1E} 2016-10-07 16:46 - 2016-10-07 16:46 - 01267784 _____ ( ) C:\Users\Wanderson\Downloads\CD VOL.9 - DESEJO DE MENINA.exe 2016-10-07 16:44 - 2016-10-07 16:45 - 01267784 _____ ( ) C:\Users\Wanderson\Downloads\DM - As Melhores 03.exe 2016-10-07 16:44 - 2016-10-07 16:44 - 01267784 _____ ( ) C:\Users\Wanderson\Downloads\CD BUTECO DA DESEJO.exe 2016-10-06 21:37 - 2016-10-06 21:37 - 00001261 _____ C:\Users\Weverton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pandion.lnk 2016-10-06 21:37 - 2016-10-06 21:37 - 00001253 _____ C:\Users\Weverton\Desktop\Pandion.lnk 2016-10-06 21:37 - 2016-10-06 21:37 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\Pandion 2016-10-06 21:37 - 2016-10-06 21:37 - 00000000 ____D C:\Users\Weverton\AppData\Local\Pandion 2016-10-06 21:36 - 2016-10-06 21:36 - 01904200 _____ C:\Users\Weverton\Downloads\Pandion_2.6.114.msi 2016-10-06 12:31 - 2016-10-06 12:31 - 00042064 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys 2016-10-04 22:16 - 2016-10-04 22:16 - 01947947 _____ C:\Users\Weverton\Downloads\Cartaz_TECINFO 2017.jpeg 2016-10-04 21:59 - 2016-10-04 21:59 - 01947947 _____ C:\Users\Weverton\Downloads\Cartaz_TECINFO 2017.pdf 2016-09-30 20:05 - 2016-10-12 16:57 - 00033710 _____ C:\Users\Wanderson\Documents\Apresentação1.pptx 2016-09-27 10:53 - 2016-09-27 10:53 - 00001608 _____ C:\Users\Weverton\Downloads\Não confirmado 814265.crdownload 2016-09-27 10:53 - 2016-09-27 10:53 - 00001608 _____ C:\Users\Weverton\Downloads\Não confirmado 444260.crdownload 2016-09-27 10:52 - 2016-09-27 10:52 - 00001608 _____ C:\Users\Weverton\Downloads\Não confirmado 25649.crdownload 2016-09-27 09:48 - 2016-09-27 09:49 - 00772096 _____ C:\Users\Weverton\Downloads\pw clean - 1.0.6 - [atalhos].exe 2016-09-23 12:51 - 2016-09-23 12:54 - 29541534 _____ C:\Users\Weverton\Downloads\lista-dez_2015.pdf 2016-09-23 12:50 - 2016-09-23 12:50 - 00107272 _____ C:\Users\Weverton\Downloads\RedeAT.pdf 2016-09-21 10:01 - 2016-09-21 10:01 - 05170312 _____ (Macrovision Corporation) C:\Users\Wanderson\Downloads\HP_Keyboard_V1.5.0.6.exe 2016-09-21 10:01 - 2016-09-21 10:01 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\driveridentifier 2016-09-21 10:00 - 2016-09-21 10:00 - 04276266 _____ (DriverIdentifier ) C:\Users\Wanderson\Downloads\driverdouble_setup.exe 2016-09-21 09:54 - 2016-09-21 09:54 - 02207264 _____ (Easeware ) C:\Users\Wanderson\Downloads\DriverNavigator_Setup.exe 2016-09-21 09:36 - 2016-09-21 09:36 - 02793824 _____ (Speedy HLDGS Limited ) C:\Users\Wanderson\Downloads\setup.exe 2016-09-20 21:14 - 2016-09-20 21:14 - 00000000 ____D C:\Users\Família\AppData\LocalLow\IObit 2016-09-19 08:35 - 2016-09-19 08:35 - 00250170 _____ C:\Users\Weverton\Downloads\FaturaHipercard-09-2016.pdf 2016-09-19 08:35 - 2016-09-19 08:35 - 00249817 _____ C:\Users\Weverton\Downloads\FaturaHipercard-08-2016.pdf 2016-09-16 15:24 - 2016-09-16 15:24 - 00081722 _____ C:\Users\Weverton\Documents\Bora.pdf 2016-09-16 13:50 - 2016-09-16 13:50 - 00083764 _____ C:\Users\Weverton\Documents\666666.pdf 2016-09-16 11:34 - 2016-09-16 11:34 - 00085188 _____ C:\Users\Weverton\Documents\208.pdf 2016-09-16 08:07 - 2016-09-16 08:07 - 00081943 _____ C:\Users\Weverton\Documents\210.pdf 2016-09-15 00:28 - 2016-09-15 00:28 - 00091355 _____ C:\Users\Weverton\Documents\ultimas de todas.pdf 2016-09-14 19:03 - 2016-09-14 19:03 - 00082062 _____ C:\Users\Weverton\Documents\66.pdf 2016-09-14 00:50 - 2016-09-14 00:50 - 00084764 _____ C:\Users\Weverton\Documents\vvv.pdf ==================== Três Meses Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-12-12 22:49 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2016-12-12 22:44 - 2009-07-14 01:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-12-12 22:44 - 2009-07-14 01:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-12-12 22:39 - 2016-08-18 20:21 - 00136152 _____ C:\Users\Weverton\AppData\Local\GDIPFONTCACHEV1.DAT 2016-12-12 22:34 - 2016-10-19 19:15 - 00000000 ____D C:\Program Files (x86)\No-IP 2016-12-12 19:04 - 2016-08-21 15:58 - 00000000 ____D C:\Users\Todos os Usuários\ProductData 2016-12-12 19:04 - 2016-08-21 15:58 - 00000000 ____D C:\ProgramData\ProductData 2016-12-12 19:03 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-12-11 19:52 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-12-09 12:44 - 2016-08-21 15:57 - 00000000 ____D C:\Users\Weverton\Downloads\Advanced Systemcare-9 PRO + Crack - By SystemTEC 2016-12-08 22:26 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf 2016-12-08 07:53 - 2016-08-21 15:57 - 00000000 ____D C:\Users\Todos os Usuários\IObit 2016-12-08 07:53 - 2016-08-21 15:57 - 00000000 ____D C:\ProgramData\IObit 2016-12-07 07:26 - 2016-08-21 15:58 - 00002260 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk 2016-12-05 06:20 - 2016-08-18 19:45 - 00000000 ____D C:\Users\Weverton 2016-12-03 23:34 - 2016-08-18 21:04 - 00002804 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2016-12-03 23:19 - 2016-09-12 20:53 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\PhotoScape 2016-12-03 23:19 - 2016-09-07 19:55 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\uTorrent 2016-12-03 23:19 - 2016-08-23 07:45 - 00000000 ____D C:\Users\Família\AppData\Roaming\ProductData 2016-12-03 23:19 - 2016-08-22 19:00 - 00000000 ____D C:\Users\Wanderson\AppData\Roaming\ProductData 2016-12-03 23:19 - 2016-08-21 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy 2016-12-03 23:19 - 2016-08-21 15:58 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\ProductData 2016-12-03 23:19 - 2016-08-21 15:58 - 00000000 ____D C:\Users\Weverton\AppData\LocalLow\IObit 2016-12-03 23:19 - 2016-08-21 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2016-12-03 23:19 - 2016-08-21 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 2016-12-03 23:19 - 2016-08-21 15:57 - 00000000 ____D C:\Users\Weverton\AppData\Roaming\IObit 2016-12-03 23:19 - 2016-08-19 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-12-03 23:19 - 2016-08-19 14:02 - 00000000 ____D C:\Program Files\Java 2016-12-03 23:19 - 2016-08-19 11:00 - 00000000 ____D C:\Users\Família 2016-12-03 23:19 - 2016-08-19 10:59 - 00000000 ____D C:\Users\Wanderson 2016-12-03 23:19 - 2016-08-18 20:07 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2016-12-03 23:19 - 2010-11-21 06:47 - 00000000 ___RD C:\Users\Public\Recorded TV 2016-12-03 23:19 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF 2016-12-03 23:19 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\registration 2016-12-03 23:18 - 2016-08-19 11:00 - 00000000 ____D C:\Users\Família\AppData\Local\Google 2016-12-03 23:18 - 2016-08-18 20:03 - 00000000 __RHD C:\MSOCache ==================== Arquivos na raiz de alguns diretórios ======= 2016-08-18 20:29 - 2016-08-18 20:29 - 7065600 _____ () C:\Program Files (x86)\GUTE8E8.tmp 2016-12-12 16:48 - 2016-12-12 16:48 - 0621568 _____ () C:\Users\Weverton\AppData\Roaming\repair.exe 2016-12-10 10:47 - 2016-12-12 11:01 - 0001591 _____ () C:\ProgramData\Client Monitor 2016-08-18 20:14 - 2016-08-18 20:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Arquivos para serem movidos ou deletados: ==================== C:\Windows\Tasks\{3FE401CC-8D92-B6E2-85AE-42DA21CA5C0E}.job C:\Windows\Tasks\{7B91D2B7-E887-95F1-F98A-0FE008BE1BAC}.job Alguns arquivos em TEMP: ==================== C:\Users\Wanderson\AppData\Local\Temp\ICReinstall_CD BUTECO DA DESEJO.exe C:\Users\Weverton\AppData\Local\Temp\corelsetup.exe C:\Users\Weverton\AppData\Local\Temp\Keygen1.exe ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-08-18 19:40 ==================== Fim de FRST.txt ============================