Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 05-02-2017 Executado por Filipe (administrador) em FILIPE-PC (06-02-2017 16:35:28) Executando a partir de C:\Users\Filipe\Downloads Perfis Carregados: Filipe (Perfis Disponíveis: Filipe) Platform: Windows 7 Home Basic Service Pack 1 (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Solvusoft Corporation) C:\Program Files (x86)\Solvusoft\SuiteService.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE (Andy OS, inc.) C:\Program Files\Andy\HandyAndy.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe (Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Solvusoft Corporation) C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Multi Theft Auto) D:\MTA 1.5\Multi Theft Auto.exe () D:\Jogos\Gta Sa\GTA San Andreas Original\gta_sa.exe (Multi Theft Auto) D:\MTA 1.5\MTA\CEF\CEFLauncher.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SndVol.exe ==================== Registro (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] () HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [RaidCall] => C:\Program Files (x86)\RaidCall.RU\raidcall.exe [5160360 2016-10-13] (RAIDCALL.COM) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-04-15] (Power Software Ltd) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKLM-x32\...\Run: [CommonToolkitTray_Solvusoft] => C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe [1686088 2015-09-23] (Solvusoft Corporation) HKU\S-1-5-21-2150723438-2749410326-2359130848-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-01-23] (Skype Technologies S.A.) HKU\S-1-5-21-2150723438-2749410326-2359130848-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-2150723438-2749410326-2359130848-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3503088 2016-09-14] (Electronic Arts) HKU\S-1-5-21-2150723438-2749410326-2359130848-1000\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-2150723438-2749410326-2359130848-1000\...\MountPoints2: {78eae62b-f8f0-11e5-bc7e-20cf30e0689b} - G:\setup.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-03-27] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Filipe\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Filipe\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Filipe\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Filipe\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] () ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Filipe\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] () ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Filipe\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HandyAndy.lnk [2016-08-10] ShortcutTarget: HandyAndy.lnk -> C:\Program Files\Andy\HandyAndy.exe (Andy OS, inc.) Startup: C:\Users\Filipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-01-23] ShortcutTarget: MEGAsync.lnk -> C:\Users\Filipe\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: 127.0.0.1 validation.sls.microsoft.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{40FAF91A-B366-44D3-A12B-91F071DC3BF3}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9C47859F-8622-4671-9FCA-B93D79E3BA7B}: [DhcpNameServer] 192.168.129.2 Internet Explorer: ================== HKU\S-1-5-21-2150723438-2749410326-2359130848-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-25] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-25] (Oracle Corporation) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) FireFox: ======== FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-30] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-30] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-05-19] [não assinado] FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2016-04-28] (Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-25] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2016-04-28] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-01-20] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-01-20] (NVIDIA Corporation) FF Plugin-x32: @raidcall.tw/RCplugin -> C:\Users\Filipe\AppData\Roaming\RCTW\plugins\nprcplugin.dll [2013-06-25] (Raidcall) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default [2017-02-06] CHR Extension: (Google Apresentações) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-26] CHR Extension: (Clube de Regatas Flamengo) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aehciloakdljimnkmnpicmfnkddcmied [2016-09-17] CHR Extension: (Google Docs) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-26] CHR Extension: (Google Drive) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-26] CHR Extension: (YouTube) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-26] CHR Extension: (Mogicons) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgpffljkgjmijjdmjbdppndoojdgboe [2017-01-14] CHR Extension: (Avast SafePrice) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-15] CHR Extension: (Planilhas do Google) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-26] CHR Extension: (Documentos Google off-line) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-26] CHR Extension: (Avast Online Security) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-16] CHR Extension: (Flatbook) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadbillinepbjlgenaliokdhejdmmlgp [2017-02-04] CHR Extension: (Office Online) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2016-10-20] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19] CHR Extension: (Gmail) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-26] CHR Extension: (Chrome Media Router) - C:\Users\Filipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-21] () R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) R2 HFGService; C:\Windows\System32\HFGService.dll [438784 2006-11-20] (CSR, plc) [Arquivo não assinado] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-01-20] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2130440 2016-09-14] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2195472 2016-09-14] (Electronic Arts) S3 PAExec; C:\Windows\PAExec.exe [189112 2016-10-08] (Power Admin LLC) R2 Solvusoft Suite Service; C:\Program Files (x86)\Solvusoft\SuiteService.exe [1284168 2015-11-14] (Solvusoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X] S2 VMAuthdService; "C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe" [X] ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R0 99C5769E; C:\Windows\System32\drivers\99C5769E.sys [478392 2016-10-20] (Kaspersky Lab ZAO) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software) S3 BthAudioHF; C:\Windows\System32\DRIVERS\BthAudioHF.sys [32128 2006-11-20] (CSR, plc) [Arquivo não assinado] S3 bthav; C:\Windows\System32\drivers\bthav.sys [41472 2006-10-11] (CSR, plc) [Arquivo não assinado] R3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [15872 2006-10-11] (CSR, plc) S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [32400 2016-03-04] (ThreatTrack Security) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation) R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31936 2016-04-14] (VMware, Inc.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.) R3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-02-06 16:35 - 2017-02-06 16:35 - 00021081 _____ C:\Users\Filipe\Downloads\FRST.txt 2017-02-06 16:35 - 2017-02-06 16:35 - 00000000 ____D C:\FRST 2017-02-06 16:34 - 2017-02-06 16:34 - 02421248 _____ (Farbar) C:\Users\Filipe\Downloads\FRST64.exe 2017-02-06 16:34 - 2017-02-06 16:34 - 01763328 _____ (Farbar) C:\Users\Filipe\Downloads\FRST.exe 2017-02-06 16:31 - 2017-02-06 16:31 - 00002720 _____ C:\Windows\System32\Tasks\DriverToolkit Autorun 2017-02-06 16:31 - 2017-02-06 16:31 - 00000360 _____ C:\Windows\Tasks\DriverToolkit Autorun.job 2017-02-06 15:32 - 2017-02-06 15:32 - 00000000 ____D C:\Users\Filipe\Downloads\broadcom_bluetooth_5.6.0.8700-xp 2017-02-06 15:27 - 2017-02-06 15:32 - 258672721 _____ C:\Users\Filipe\Downloads\broadcom_bluetooth_5.6.0.8700-xp.zip 2017-02-06 15:27 - 2017-02-06 15:27 - 02449376 _____ (Megaify Software ) C:\Users\Filipe\Downloads\DriverToolkitInstaller.exe 2017-02-06 15:27 - 2017-02-06 15:27 - 02449376 _____ (Megaify Software ) C:\Users\Filipe\Downloads\DriverToolkitInstaller (1).exe 2017-02-06 15:27 - 2017-02-06 15:27 - 00001079 _____ C:\Users\Public\Desktop\DriverToolkit.lnk 2017-02-06 15:27 - 2017-02-06 15:27 - 00000000 ____D C:\Users\Filipe\AppData\Local\DriverToolkit 2017-02-06 15:27 - 2017-02-06 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit 2017-02-06 15:27 - 2017-02-06 15:27 - 00000000 ____D C:\Program Files (x86)\DriverToolkit 2017-02-06 15:23 - 2017-02-06 15:23 - 00000000 ____D C:\Users\Filipe\Downloads\Bluetooth_6.3.0.4500 2017-02-06 15:19 - 2017-02-06 15:22 - 62663503 _____ C:\Users\Filipe\Downloads\Bluetooth_6.3.0.4500.zip 2017-02-03 22:48 - 2017-02-03 22:48 - 00221662 _____ C:\Users\Filipe\Downloads\MicrosoftProgram_Install_and_Uninstall.meta.diagcab 2017-01-31 14:13 - 2017-01-31 14:14 - 00000000 ____D C:\Users\Todos os Usuários\BSD 2017-01-31 14:13 - 2017-01-31 14:14 - 00000000 ____D C:\ProgramData\BSD 2017-01-31 14:12 - 2017-02-06 15:18 - 00000380 _____ C:\Windows\Tasks\DriverDoc Auto Start.job 2017-01-31 14:12 - 2017-01-31 14:12 - 00002764 _____ C:\Windows\System32\Tasks\DriverDoc Auto Start 2017-01-31 14:11 - 2017-01-31 14:11 - 00002057 _____ C:\Users\Public\Desktop\DriverDoc.lnk 2017-01-31 14:11 - 2017-01-31 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft 2017-01-31 14:08 - 2017-01-31 14:12 - 00000000 ____D C:\Users\Filipe\AppData\Roaming\Solvusoft 2017-01-31 14:08 - 2017-01-31 14:11 - 00000000 ____D C:\Users\Todos os Usuários\Solvusoft 2017-01-31 14:08 - 2017-01-31 14:11 - 00000000 ____D C:\ProgramData\Solvusoft 2017-01-30 18:17 - 2017-01-30 18:18 - 00000000 ____D C:\Program Files (x86)\Driver Identifier 2017-01-30 18:17 - 2017-01-30 18:17 - 00000000 ____D C:\Users\Filipe\AppData\Roaming\driveridentifier 2017-01-30 18:17 - 2017-01-30 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Identifier 2017-01-30 17:28 - 2017-01-30 17:30 - 00000000 ___HD C:\Program Files (x86)\Temp 2017-01-30 17:28 - 2017-01-30 17:28 - 00000000 ____D C:\Program Files (x86)\Realtek 2017-01-30 17:28 - 2015-03-11 18:04 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2017-01-30 13:58 - 2017-01-31 14:11 - 00000000 ____D C:\Program Files (x86)\Solvusoft 2017-01-30 13:56 - 2017-01-31 14:12 - 00000000 ___HD C:\Users\Todos os Usuários\{0897014C-63E3-47DF-8A5F-4399CC5D61B9} 2017-01-30 13:56 - 2017-01-31 14:12 - 00000000 ___HD C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9} 2017-01-30 13:56 - 2017-01-31 14:08 - 00000000 ____D C:\Users\Filipe\AppData\Local\IIIQF 2017-01-30 13:41 - 2017-01-30 13:41 - 00001143 _____ C:\Users\Filipe\Desktop\Generic Bluetooth Radio - Atalho.lnk 2017-01-25 15:57 - 2017-01-20 12:07 - 00134080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2017-01-25 15:53 - 2017-01-23 21:04 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2017-01-25 15:53 - 2017-01-23 21:04 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 40192056 _____ C:\Windows\system32\nvcompiler.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 34934720 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 28209720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 19008392 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 16403200 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 14677456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 14286392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2017-01-25 15:53 - 2017-01-20 14:36 - 11123424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 11019192 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 09308896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 08990584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 03623992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 03185720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 01985080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437849.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 01591352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437849.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 01051072 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 00990264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 00960568 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 00909760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 00687224 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 00576192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 00412720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 00173272 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 00156792 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 00150760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 00135840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2017-01-25 15:53 - 2017-01-20 14:36 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json 2017-01-25 15:53 - 2017-01-20 14:36 - 00000669 _____ C:\Windows\system32\nv-vk64.json 2017-01-25 15:08 - 2017-01-20 16:39 - 00156608 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2017-01-25 15:08 - 2017-01-20 16:39 - 00124352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2017-01-25 15:08 - 2017-01-20 16:39 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys 2017-01-25 15:08 - 2017-01-20 16:39 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2017-01-23 17:10 - 2017-01-23 17:21 - 3547365376 _____ C:\Users\Filipe\Documents\Windows7DVD.iso 2017-01-23 17:10 - 2017-01-23 17:10 - 00000000 ____D C:\Users\Filipe\AppData\Roaming\PowerISO 2017-01-23 17:09 - 2017-01-23 17:09 - 00001011 _____ C:\Users\Public\Desktop\PowerISO.lnk 2017-01-23 17:09 - 2017-01-23 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO 2017-01-23 17:09 - 2017-01-23 17:09 - 00000000 ____D C:\Program Files (x86)\PowerISO 2017-01-23 17:09 - 2013-04-15 07:50 - 00127384 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys 2017-01-23 17:06 - 2017-01-23 17:07 - 00000000 ____D C:\Users\Filipe\AppData\Local\Apps\Windows 7 USB DVD Download Tool 2017-01-23 17:06 - 2017-01-23 17:06 - 00002533 _____ C:\Users\Filipe\Desktop\Windows 7 USB DVD Download Tool.lnk 2017-01-23 17:06 - 2017-01-23 17:06 - 00000000 ____D C:\Users\Filipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool 2017-01-23 15:36 - 2017-01-23 15:36 - 00000000 ____D C:\Users\Filipe\Documents\MEGA 2017-01-23 15:35 - 2017-01-23 15:35 - 00001021 _____ C:\Users\Filipe\Desktop\MEGAsync.lnk 2017-01-23 15:35 - 2017-01-23 15:35 - 00000000 ____D C:\Users\Filipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync 2017-01-23 15:35 - 2017-01-23 15:35 - 00000000 ____D C:\Users\Filipe\AppData\Local\MEGAsync 2017-01-23 15:35 - 2017-01-23 15:35 - 00000000 ____D C:\Users\Filipe\AppData\Local\Mega Limited 2017-01-22 22:05 - 2017-01-22 22:05 - 00000000 ____D C:\$WINDOWS.~BT 2017-01-22 16:08 - 2017-01-22 16:09 - 00216000 _____ C:\Windows\ntbtlog.txt 2017-01-22 15:49 - 2017-01-23 17:05 - 00002562 _____ C:\Windows\diagwrn.xml 2017-01-22 15:49 - 2017-01-23 17:05 - 00001908 _____ C:\Windows\diagerr.xml 2017-01-22 00:23 - 2017-01-22 00:24 - 00000616 _____ C:\Users\Filipe\Desktop\codigo.vbs 2017-01-12 01:45 - 2017-01-12 01:45 - 00000000 ____D C:\Users\Filipe\AppData\Roaming\HeroesAndGeneralsDesktop ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-02-06 16:32 - 2016-11-12 13:03 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2017-02-06 16:17 - 2016-05-11 23:52 - 00000000 ____D C:\Users\Filipe\AppData\Roaming\Skype 2017-02-06 15:34 - 2009-07-14 02:45 - 00014336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-02-06 15:34 - 2009-07-14 02:45 - 00014336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-02-06 15:29 - 2016-03-26 01:50 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA 2017-02-06 15:29 - 2016-03-26 01:50 - 00000000 ____D C:\ProgramData\NVIDIA 2017-02-06 15:18 - 2016-08-01 04:30 - 00000000 ____D C:\Users\Todos os Usuários\Origin 2017-02-06 15:18 - 2016-08-01 04:30 - 00000000 ____D C:\ProgramData\Origin 2017-02-06 15:18 - 2009-07-14 00:34 - 00000541 _____ C:\Windows\win.ini 2017-02-06 15:16 - 2016-08-10 00:46 - 00000000 ____D C:\Users\Todos os Usuários\VMware 2017-02-06 15:16 - 2016-08-10 00:46 - 00000000 ____D C:\ProgramData\VMware 2017-02-06 15:15 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-02-05 23:08 - 2016-05-02 18:30 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{556C11C6-E698-4E0B-B7B1-C8F6DD3A8C1E} 2017-02-05 23:08 - 2016-04-21 19:49 - 00000390 _____ C:\Windows\Tasks\update-sys.job 2017-02-05 22:33 - 2016-04-21 19:49 - 00000390 _____ C:\Windows\Tasks\update-S-1-5-21-2150723438-2749410326-2359130848-1000.job 2017-02-05 16:42 - 2016-03-27 16:19 - 00000000 ____D C:\Users\Filipe\AppData\Local\CrashDumps 2017-02-05 10:34 - 2016-03-26 13:13 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2017-02-03 15:56 - 2016-05-11 23:52 - 00000000 ____D C:\Users\Todos os Usuários\Skype 2017-02-03 15:56 - 2016-05-11 23:52 - 00000000 ____D C:\ProgramData\Skype 2017-02-03 15:55 - 2016-05-11 23:52 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-01-31 14:55 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf 2017-01-30 17:38 - 2009-07-14 15:55 - 00708520 _____ C:\Windows\system32\prfh0416.dat 2017-01-30 17:38 - 2009-07-14 15:55 - 00148886 _____ C:\Windows\system32\prfc0416.dat 2017-01-30 17:38 - 2009-07-14 03:13 - 01644104 _____ C:\Windows\system32\PerfStringBackup.INI 2017-01-30 17:28 - 2016-03-27 16:17 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-01-26 15:33 - 2016-03-26 01:49 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation 2017-01-26 15:33 - 2016-03-26 01:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-01-25 16:14 - 2016-04-16 15:49 - 00000000 ____D C:\Users\Todos os Usuários\Oracle 2017-01-25 16:14 - 2016-04-16 15:49 - 00000000 ____D C:\ProgramData\Oracle 2017-01-25 16:14 - 2016-04-16 15:49 - 00000000 ____D C:\Program Files (x86)\Java 2017-01-25 16:13 - 2016-04-16 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-01-25 16:12 - 2016-04-16 15:50 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2017-01-25 15:57 - 2016-10-08 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-01-25 15:56 - 2016-10-08 23:22 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2017-01-25 15:55 - 2016-03-26 01:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-01-25 15:10 - 2016-10-21 14:20 - 00001432 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-01-25 15:09 - 2016-12-15 02:18 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 15:09 - 2016-10-21 14:20 - 00003742 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 15:09 - 2016-10-21 14:20 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 15:09 - 2016-10-21 14:20 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 15:09 - 2016-10-21 14:20 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 15:09 - 2016-10-21 14:20 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 15:09 - 2016-10-21 14:20 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 15:09 - 2016-03-26 01:49 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-01-24 23:38 - 2016-12-15 02:18 - 00005110 _____ C:\Users\Todos os Usuários\NvTelemetryContainer.log_backup1 2017-01-24 23:38 - 2016-12-15 02:18 - 00005110 _____ C:\ProgramData\NvTelemetryContainer.log_backup1 2017-01-24 03:22 - 2016-04-01 17:37 - 00000000 ____D C:\Users\Filipe\AppData\Roaming\uTorrent 2017-01-23 21:04 - 2016-10-08 23:19 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2017-01-23 16:02 - 2016-12-14 00:24 - 00000000 ____D C:\Users\Filipe\AppData\LocalLow\uTorrent 2017-01-21 17:54 - 2016-04-12 18:49 - 00000000 ____D C:\Users\Filipe\AppData\Local\ElevatedDiagnostics 2017-01-20 16:39 - 2016-10-21 14:20 - 01872320 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2017-01-20 16:39 - 2016-10-21 14:20 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2017-01-20 16:39 - 2016-10-21 14:20 - 01464768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2017-01-20 16:39 - 2016-10-21 14:20 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2017-01-20 16:39 - 2016-10-21 14:20 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2017-01-20 14:36 - 2016-10-21 14:48 - 00496680 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2017-01-20 14:36 - 2016-10-08 23:19 - 19092912 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2017-01-20 14:36 - 2016-10-08 23:19 - 16491120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2017-01-20 14:36 - 2016-10-08 23:19 - 13378448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2017-01-20 14:36 - 2016-10-08 23:19 - 04065808 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2017-01-20 14:36 - 2016-10-08 23:19 - 03585120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2017-01-20 14:36 - 2016-03-26 01:50 - 00512960 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2017-01-20 14:36 - 2016-03-26 01:50 - 00420408 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2017-01-20 14:36 - 2015-11-10 02:13 - 00042606 _____ C:\Windows\system32\nvinfo.pb 2017-01-20 13:13 - 2016-03-26 02:04 - 00548800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2017-01-20 13:13 - 2016-03-26 02:04 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2017-01-20 13:13 - 2016-03-26 01:50 - 06401984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2017-01-20 13:13 - 2016-03-26 01:50 - 02479160 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2017-01-20 13:13 - 2016-03-26 01:50 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2017-01-20 13:13 - 2016-03-26 01:50 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2017-01-20 13:13 - 2016-03-26 01:50 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2017-01-20 12:04 - 2016-10-21 14:20 - 00001951 _____ C:\Windows\NvContainerRecovery.bat 2017-01-20 11:36 - 2016-12-15 02:17 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2017-01-18 10:57 - 2016-03-26 01:50 - 07755067 _____ C:\Windows\system32\nvcoproc.bin 2017-01-12 01:49 - 2016-11-24 17:30 - 00000000 ____D C:\Users\Filipe\Documents\my games 2017-01-12 01:47 - 2016-03-26 01:27 - 00000000 ____D C:\Users\Filipe 2017-01-11 00:25 - 2016-07-09 17:45 - 00000000 ____D C:\Users\Filipe\AppData\Local\Arma 3 2017-01-10 21:32 - 2016-11-12 13:03 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-01-10 21:32 - 2016-11-12 13:03 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-01-10 21:32 - 2016-11-12 13:03 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-01-10 21:32 - 2016-11-12 13:03 - 00000000 ____D C:\Windows\system32\Macromed 2017-01-10 21:32 - 2016-09-12 21:20 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-01-09 22:40 - 2016-07-09 16:47 - 00000000 ____D C:\Users\Filipe\AppData\Local\Arma 3 Launcher 2017-01-08 12:48 - 2016-08-11 23:24 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess 2017-01-08 12:48 - 2016-08-11 23:24 - 00000000 ____D C:\ProgramData\boost_interprocess ==================== Arquivos na raiz de alguns diretórios ======= 2016-07-01 19:03 - 2016-07-01 19:03 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A1B5D4F621A1B5D4F62.sph 2016-09-02 01:24 - 2016-09-02 01:24 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A1C5D4F621A1C5D4F62.sph 2016-07-02 17:54 - 2016-07-02 17:54 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A1C5DCB4C1A1C5DCB4C.sph 2016-09-03 16:13 - 2016-09-03 16:13 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A1D5DCB4C1A1D5DCB4C.sph 2016-09-04 01:26 - 2016-09-04 01:26 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A1E4E59571A1E4E5957.sph 2016-07-04 01:16 - 2016-07-04 01:16 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A1E5D4F511A1E5D4F51.sph 2016-09-05 15:13 - 2016-09-05 15:13 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A1F5D4F511A1F5D4F51.sph 2016-08-05 01:42 - 2016-08-05 01:42 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A1F5D4F621A1F5D4F62.sph 2016-07-05 20:27 - 2016-07-05 20:27 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A1F5E4F5C1A1F5E4F5C.sph 2016-07-06 19:14 - 2016-07-06 19:14 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A205B5F4B1A205B5F4B.sph 2016-09-06 02:20 - 2016-09-06 02:20 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A205E4F5C1A205E4F5C.sph 2016-08-07 01:54 - 2016-08-07 01:54 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A214E59571A214E5957.sph 2016-09-07 01:43 - 2016-09-07 01:43 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A215B5F4B1A215B5F4B.sph 2016-08-08 03:07 - 2016-08-08 03:07 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A225D4F511A225D4F51.sph 2016-07-08 01:48 - 2016-07-08 01:48 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A225D4F621A225D4F62.sph 2016-09-09 18:28 - 2016-09-09 18:28 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A235D4F621A235D4F62.sph 2016-07-09 17:06 - 2016-07-09 17:06 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1A235DCB4C1A235DCB4C.sph 2016-08-10 22:02 - 2016-08-10 22:02 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B1A5B5F4B1B1A5B5F4B.sph 2016-09-11 03:24 - 2016-09-11 03:24 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B1B4E59571B1B4E5957.sph 2016-07-11 16:39 - 2016-07-11 16:39 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B1B5D4F511B1B5D4F51.sph 2016-08-13 18:54 - 2016-08-13 18:54 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B1D5DCB4C1B1D5DCB4C.sph 2016-09-13 23:10 - 2016-09-13 23:10 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B1D5E4F5C1B1D5E4F5C.sph 2016-08-14 02:00 - 2016-08-14 02:00 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B1E4E59571B1E4E5957.sph 2016-09-14 14:53 - 2016-09-14 14:53 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B1E5B5F4B1B1E5B5F4B.sph 2016-09-15 03:56 - 2016-09-15 03:56 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B1F5B5F531B1F5B5F53.sph 2016-08-15 14:22 - 2016-08-15 14:22 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B1F5D4F511B1F5D4F51.sph 2016-08-16 17:17 - 2016-08-16 17:17 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B205E4F5C1B205E4F5C.sph 2016-08-17 13:35 - 2016-08-17 13:35 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B215B5F4B1B215B5F4B.sph 2016-09-17 16:50 - 2016-09-17 16:50 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B215DCB4C1B215DCB4C.sph 2016-08-18 23:42 - 2016-08-18 23:42 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B225B5F531B225B5F53.sph 2016-07-18 02:16 - 2016-07-18 02:16 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B225D4F511B225D4F51.sph 2016-08-19 03:07 - 2016-08-19 03:07 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B235D4F621B235D4F62.sph 2016-07-19 17:27 - 2016-07-19 17:27 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1B235E4F5C1B235E4F5C.sph 2016-07-20 02:04 - 2016-07-20 02:04 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C1A5B5F4B1C1A5B5F4B.sph 2016-08-20 01:39 - 2016-08-20 01:39 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C1A5DCB4C1C1A5DCB4C.sph 2016-08-21 01:13 - 2016-08-21 01:13 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C1B4E59571C1B4E5957.sph 2016-07-21 02:29 - 2016-07-21 02:29 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C1B5B5F531C1B5B5F53.sph 2016-07-22 01:08 - 2016-07-22 01:08 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C1C5D4F621C1C5D4F62.sph 2016-08-23 03:41 - 2016-08-23 03:41 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C1D5E4F5C1C1D5E4F5C.sph 2016-07-24 21:00 - 2016-07-24 21:00 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C1E4E59571C1E4E5957.sph 2016-08-24 18:33 - 2016-08-24 18:33 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C1E5B5F4B1C1E5B5F4B.sph 2016-07-25 23:45 - 2016-07-25 23:45 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C1F5D4F511C1F5D4F51.sph 2016-06-26 22:00 - 2016-06-26 22:00 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C204E59571C204E5957.sph 2016-07-26 03:21 - 2016-07-26 03:21 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C205E4F5C1C205E4F5C.sph 2016-07-27 03:06 - 2016-07-27 03:06 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C215B5F4B1C215B5F4B.sph 2016-06-27 01:46 - 2016-06-27 01:46 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C215D4F511C215D4F51.sph 2016-07-28 23:10 - 2016-07-28 23:10 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C225B5F531C225B5F53.sph 2016-08-29 20:52 - 2016-08-29 20:52 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C235D4F511C235D4F51.sph 2016-07-29 15:26 - 2016-07-29 15:26 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1C235D4F621C235D4F62.sph 2016-08-30 02:58 - 2016-08-30 02:58 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\1D1A5E4F5C1D1A5E4F5C.sph 2016-07-25 12:48 - 2016-07-25 12:48 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\335D4B232220212A595F5E56595955184D59572B584B345F56534B.sph 2016-07-29 18:13 - 2016-07-29 18:13 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\364F5E534D534B49605C1B212A52595E574B5356184D5957364F5E534D534B1B211B232322.sph 2016-07-16 02:38 - 2016-07-16 02:38 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\364F5E534D534B49605C1B212A52595E574B5356184D5957364F5E534D534B1B232322.sph 2016-07-29 18:08 - 2016-07-29 18:08 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\364F5E534D534B49605C1B212A52595E574B5356184D5957364F5E534D534B1B2323221B21.sph 2016-07-21 16:12 - 2016-07-21 16:12 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\364F5E534D534B49605C1B212A52595E574B5356184D5957564F5E534D534B1B211B232322.sph 2016-07-21 16:12 - 2016-07-21 16:12 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\364F5E534D534B49605C1B212A52595E574B5356184D5957564F5E534D534B1B2323221B21.sph 2016-07-29 18:11 - 2016-07-29 18:11 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\364F5E534D534B49605C4F1B212A52595E574B5356184D5957364F5E534D534B1B2323221B21.sph 2016-07-29 18:07 - 2016-07-29 18:07 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\364F5E534D534B49605C4F1B212A52595E574B5356184D5957564F5E534D534B1B211B232322.sph 2016-07-29 18:10 - 2016-07-29 18:10 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\364F5E534D534B49605C4F1B212A52595E574B5356184D5957564F5E534D534B1B2323221B21.sph 2016-07-16 02:40 - 2016-07-16 02:40 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\544B4E4F5C5D5958494B644F604F4E592A52595E574B5356184D5957574B515F53571B232220.sph 2016-07-16 02:39 - 2016-07-16 02:39 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\574B515F5357494B644F604F4E592A52595E574B5356184D5957574B515F53571B232220.sph 2016-07-11 18:21 - 2016-07-11 18:21 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\5A52535656535A5A52634960511E2A52595E574B5356184D59573A1F231B1A221B1F231B1A221B.sph 2016-07-11 18:22 - 2016-07-11 18:22 - 0000000 _____ () C:\Users\Filipe\AppData\Roaming\5A52535656535A5A52634960511E2A52595E574B5356184D59573A5A1F231B1A221B1F231B1A221B.sph 2016-09-18 23:28 - 2016-09-18 23:28 - 0022294 _____ () C:\Users\Filipe\AppData\Local\recently-used.xbel 2016-04-28 19:15 - 2016-04-28 19:15 - 0000003 _____ () C:\Users\Filipe\AppData\Local\updater.log 2016-04-21 19:49 - 2016-08-06 15:15 - 0000424 _____ () C:\Users\Filipe\AppData\Local\UserProducts.xml 2016-12-15 02:18 - 2017-01-25 15:09 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log 2016-12-15 02:18 - 2017-01-24 23:38 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1 2016-04-04 20:22 - 2016-04-03 10:21 - 5196184 _____ ((c) PC Cleaners Inc) C:\ProgramData\pclunst.exe Arquivos para serem movidos ou deletados: ==================== C:\ProgramData\pclunst.exe C:\Users\Todos os Usuários\pclunst.exe Alguns arquivos em TEMP: ==================== 2016-05-11 23:51 - 2016-05-11 23:51 - 0432008 _____ (© 2015 Microsoft Corporation) C:\Users\Filipe\AppData\Local\Temp\DefaultPackOffer.dll 2016-05-29 21:53 - 2016-05-29 21:53 - 0091512 _____ () C:\Users\Filipe\AppData\Local\Temp\dfr1FEE.tmp.exe 2016-06-07 19:20 - 2016-06-07 19:20 - 0091512 _____ () C:\Users\Filipe\AppData\Local\Temp\dfr2700.tmp.exe 2016-06-20 17:15 - 2016-06-20 17:15 - 0091512 _____ () C:\Users\Filipe\AppData\Local\Temp\dfr3A9F.tmp.exe 2016-06-03 13:49 - 2016-06-03 13:49 - 0091512 _____ () C:\Users\Filipe\AppData\Local\Temp\dfr8842.tmp.exe 2016-05-23 14:04 - 2016-05-23 14:04 - 0091512 _____ () C:\Users\Filipe\AppData\Local\Temp\dfr9F79.tmp.exe 2016-06-07 01:58 - 2016-06-07 01:58 - 0091512 _____ () C:\Users\Filipe\AppData\Local\Temp\dfrD1A.tmp.exe 2016-05-15 16:40 - 2016-05-15 16:40 - 0091512 _____ () C:\Users\Filipe\AppData\Local\Temp\dfrDE2E.tmp.exe 2016-12-14 14:53 - 2016-12-14 14:53 - 0204800 _____ (Sony DADC Austria AG) C:\Users\Filipe\AppData\Local\Temp\drm_dyndata_7370014.dll 2016-09-12 21:49 - 2016-09-12 21:49 - 1611000 _____ (File Software ) C:\Users\Filipe\AppData\Local\Temp\ICReinstall_Baixaki_gimp.exe 2016-08-24 14:42 - 2016-08-24 14:42 - 0741440 _____ (Oracle Corporation) C:\Users\Filipe\AppData\Local\Temp\jre-8u101-windows-au.exe 2016-11-30 16:11 - 2016-11-30 16:11 - 0737856 _____ (Oracle Corporation) C:\Users\Filipe\AppData\Local\Temp\jre-8u111-windows-au.exe 2017-01-25 16:10 - 2017-01-25 16:10 - 0739904 _____ (Oracle Corporation) C:\Users\Filipe\AppData\Local\Temp\jre-8u121-windows-au.exe 2013-04-15 07:50 - 2013-04-15 07:50 - 2754072 _____ (Power Software Ltd) C:\Users\Filipe\AppData\Local\Temp\nsqC812.tmp.exe 2016-04-01 20:03 - 2016-11-24 17:22 - 0747648 _____ (NVIDIA Corporation) C:\Users\Filipe\AppData\Local\Temp\nvSCPAPI.dll 2016-10-21 14:52 - 2016-10-18 17:31 - 0860960 _____ (NVIDIA Corporation) C:\Users\Filipe\AppData\Local\Temp\nvSCPAPI64.dll 2016-05-15 00:56 - 2016-10-01 17:24 - 0424384 _____ (NVIDIA Corporation) C:\Users\Filipe\AppData\Local\Temp\nvscpapisvr.exe 2016-05-11 21:59 - 2016-11-24 17:22 - 0353336 _____ (NVIDIA Corporation) C:\Users\Filipe\AppData\Local\Temp\nvStInst.exe 2016-10-21 14:20 - 2016-11-17 11:45 - 1135552 _____ (NVIDIA Corporation) C:\Users\Filipe\AppData\Local\Temp\NvTelemetry.dll 2016-10-21 14:20 - 2016-12-12 21:36 - 0253376 _____ (NVIDIA Corporation) C:\Users\Filipe\AppData\Local\Temp\NvTelemetryAPI32.dll 2016-10-21 14:20 - 2016-12-12 21:36 - 0334272 _____ (NVIDIA Corporation) C:\Users\Filipe\AppData\Local\Temp\NvTelemetryAPI64.dll 2016-07-25 13:12 - 2016-07-25 13:12 - 0150648 ____R (Microsoft Corporation) C:\Users\Filipe\AppData\Local\Temp\ose00003.exe 2016-07-25 13:12 - 2016-07-25 13:12 - 0150648 ____R (Microsoft Corporation) C:\Users\Filipe\AppData\Local\Temp\ose00005.exe 2016-07-26 16:04 - 2016-07-26 16:04 - 0003584 _____ () C:\Users\Filipe\AppData\Local\Temp\qwisaurk.dll 2013-01-25 12:09 - 2013-01-25 12:09 - 2940496 _____ () C:\Users\Filipe\AppData\Local\Temp\safeguard.exe 2016-06-10 17:16 - 2016-06-10 17:17 - 41763456 _____ (Skype Technologies S.A.) C:\Users\Filipe\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-10-24 17:11 ==================== Fim de FRST.txt ============================