Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) VersÃ£o: 04-03-2017
Executado por Carol (administrador) em CAROL-PC (04-03-2017 21:37:49)
Executando a partir de C:\Users\Carol\Downloads
Perfis Carregados: Carol (Perfis DisponÃ­veis: Carol)
Platform: Windows 7 Professional (X64) Idioma: PortuguÃªs (Brasil)
Internet Explorer VersÃ£o 8 (Navegador padrÃ£o: Chrome)
Modo da InicializaÃ§Ã£o: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluÃ­da na fixlist, o processo serÃ¡ fechado. O arquivo nÃ£o serÃ¡ movido.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Spotify Ltd) C:\Users\Carol\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registro (Whitelisted) ====================

(Se uma entrada for incluÃ­da na fixlist, o Ã­tem no Registro serÃ¡ restaurado para o padrÃ£o ou removido. O arquivo nÃ£o serÃ¡ movido.)

HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60120 2016-11-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [917576 2016-12-15] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3601128966-2980264533-64636291-1000\...\Run: [Spotify Web Helper] => C:\Users\Carol\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-21] (Spotify Ltd)
HKU\S-1-5-21-3601128966-2980264533-64636291-1000\...\Run: [Spotify] => C:\Users\Carol\AppData\Roaming\Spotify\Spotify.exe [7067760 2017-02-21] (Spotify Ltd)
HKU\S-1-5-21-3601128966-2980264533-64636291-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3601128966-2980264533-64636291-1000\...\MountPoints2: {0350fdcd-c176-11e6-9157-806e6f6e6963} - D:\setup.exe

==================== Internet (Whitelisted) ====================

(Se um Ã­tem for incluÃ­do na fixlist, sendo um Ã­tem do Registro, serÃ¡ removido ou restaurado para o padrÃ£o.)

Tcpip\Parameters: [DhcpNameServer] 189.4.128.96 189.4.128.88
Tcpip\..\Interfaces\{ED794E61-B96B-45CE-89C0-EE67746C8FF6}: [DhcpNameServer] 189.4.128.96 189.4.128.88

Internet Explorer:
==================
HKU\S-1-5-21-3601128966-2980264533-64636291-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3601128966-2980264533-64636291-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\WKrjfGdT.default [2016-12-14]
FF Extension: (Avira Browser Safety) - C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\WKrjfGdT.default\Extensions\abs@avira.com [2016-12-14]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-02-10] (Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default [2017-03-04]
CHR Extension: (Google ApresentaÃ§Ãµes) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-13]
CHR Extension: (Google Docs) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-13]
CHR Extension: (Google Drive) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-13]
CHR Extension: (YouTube) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-13]
CHR Extension: (Planilhas do Google) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-13]
CHR Extension: (SeguranÃ§a do navegador Avira) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-12-14]
CHR Extension: (Documentos Google off-line) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-13]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-13]
CHR Extension: (Chrome Media Router) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== ServiÃ§os (Whitelisted) ====================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089592 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1490296 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 postgresql-x64-9.3; C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe [90624 2015-07-13] (PostgreSQL Global Development Group) [Arquivo nÃ£o assinado]
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-12-04] (@ByELDI) [Arquivo nÃ£o assinado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148032 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2016-10-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-10-17] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35864 2016-12-15] (Avira Operations GmbH & Co. KG)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)


==================== TrÃªs Meses Criados arquivos e pastas ========

(Se uma entrada for incluÃ­da na fixlist, o arquivo/pasta serÃ¡ movido.)

2017-03-04 21:34 - 2017-03-04 21:35 - 00020323 _____ C:\Users\Carol\Downloads\Addition.txt
2017-03-04 21:33 - 2017-03-04 21:37 - 00012767 _____ C:\Users\Carol\Downloads\FRST.txt
2017-03-04 21:33 - 2017-03-04 21:37 - 00000000 ____D C:\FRST
2017-03-04 21:33 - 2017-03-04 21:33 - 02423296 _____ (Farbar) C:\Users\Carol\Downloads\FRST64.exe
2017-03-04 21:31 - 2017-03-04 21:32 - 01765376 _____ (Farbar) C:\Users\Carol\Downloads\FRST.exe
2017-03-04 20:45 - 2017-03-04 20:45 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2017-03-04 20:45 - 2017-03-04 20:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-04 20:45 - 2017-03-04 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-04 19:51 - 2017-03-04 19:51 - 00000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-03 23:57 - 2017-03-03 23:59 - 00000000 ____D C:\Windows\system32\MRT
2017-03-03 23:57 - 2017-03-03 23:57 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-03 23:53 - 2017-03-04 19:51 - 00000000 __SHD C:\Users\Carol\IntelGraphicsProfiles
2017-03-03 23:53 - 2017-03-03 23:53 - 00000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-03-03 23:48 - 2017-03-03 23:48 - 00000000 ____D C:\Program Files\Intel
2017-03-03 23:48 - 2015-08-27 18:20 - 00072704 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2017-03-03 23:48 - 2015-08-27 18:20 - 00069120 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2017-03-03 23:33 - 2011-04-09 03:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-03-03 23:33 - 2011-04-09 03:45 - 05509504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-03-03 23:33 - 2011-04-09 03:13 - 03957632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-03-03 23:33 - 2011-04-09 03:13 - 03901824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-03-03 23:33 - 2011-04-09 02:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-03-03 21:27 - 2017-03-03 21:28 - 15301888 _____ (Microsoft Corporation) C:\Users\Carol\Downloads\vc_redist.x64.exe
2017-03-03 21:26 - 2016-08-10 07:01 - 00023232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-03-03 20:34 - 2017-03-03 20:34 - 14749120 _____ (Microsoft Corporation) C:\Users\Carol\Downloads\NÃ£o confirmado 455384.crdownload
2017-02-23 17:54 - 2017-03-04 20:23 - 00010747 _____ C:\Users\Carol\Desktop\Gastos.xlsx
2017-02-23 17:48 - 2017-02-23 17:48 - 05461586 _____ C:\Users\Carol\Downloads\lista-de-tarefas (1).pdf
2017-02-23 17:48 - 2017-02-23 17:48 - 00747659 _____ C:\Users\Carol\Downloads\lista-de-cha-morando-sozinha (1)
2017-02-23 17:48 - 2017-02-23 17:48 - 00246878 _____ C:\Users\Carol\Downloads\controle-de-gastos-morando-sozinha (1).xlsx
2017-02-23 14:01 - 2017-02-23 14:01 - 00081529 _____ C:\Users\Carol\Downloads\Boletos - CobExpress.pdf
2017-02-22 16:25 - 2017-02-22 16:25 - 00026889 _____ C:\Users\Carol\Downloads\1 Parcela Ved Veda  (1).pdf
2017-02-22 15:58 - 2017-02-22 15:58 - 00026889 _____ C:\Users\Carol\Downloads\1 Parcela Ved Veda .pdf
2017-02-21 16:09 - 2017-02-21 16:09 - 00012791 _____ C:\Users\Carol\Downloads\App.Adobe.FL.Player.v17.zip
2017-02-15 09:34 - 2017-02-15 09:34 - 19827800 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-02-11 23:50 - 2017-02-11 01:26 - 00000000 ____D C:\Users\Carol\Desktop\Fotos
2017-02-09 11:05 - 2017-02-19 20:12 - 00000000 ____D C:\Users\Carol\Desktop\MÃ£os estudo alunos
2017-02-08 19:27 - 2017-02-22 11:46 - 00000000 ____D C:\Users\Carol\Desktop\Curso 4bet
2017-02-05 13:50 - 2017-02-26 16:22 - 00005653 _____ C:\Users\Carol\Desktop\DÃºvidas time.txt
2017-02-03 14:02 - 2017-02-14 20:53 - 00000000 ____D C:\Users\Carol\Desktop\HH
2017-01-30 21:05 - 2017-01-30 21:05 - 00747659 _____ C:\Users\Carol\Downloads\lista-de-cha-morando-sozinha
2017-01-30 21:04 - 2017-01-30 21:05 - 05461586 _____ C:\Users\Carol\Downloads\lista-de-tarefas.pdf
2017-01-30 21:04 - 2017-01-30 21:04 - 00246878 _____ C:\Users\Carol\Downloads\controle-de-gastos-morando-sozinha.xlsx
2017-01-25 17:38 - 2017-02-11 01:01 - 00000000 ____D C:\Users\Carol\Desktop\Aulas Aprendiz 2016
2017-01-25 17:22 - 2017-02-28 12:19 - 00000000 ____D C:\Users\Carol\Desktop\Aulas Beta 2017
2017-01-24 13:47 - 2017-01-24 13:47 - 00001136 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-01-23 22:55 - 2017-01-23 22:55 - 00000000 ____D C:\Users\Carol\Documents\Modelos Personalizados do Office
2017-01-23 18:49 - 2017-02-21 03:51 - 00000000 ____D C:\Windows\System32\Tasks\Games
2017-01-23 18:47 - 2017-02-23 12:54 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-01-23 18:47 - 2017-01-23 18:47 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-01-23 18:47 - 2017-01-23 18:47 - 00001031 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-01-23 18:45 - 2017-01-23 18:46 - 12970544 _____ (TeamViewer GmbH) C:\Users\Carol\Downloads\TeamViewer_Setup_pt (1).exe
2017-01-23 12:04 - 2017-01-23 12:04 - 00000000 ____D C:\Users\UsuÃ¡rio PadrÃ£o\AppData\Local\Microsoft Help
2017-01-23 12:04 - 2017-01-23 12:04 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2017-01-23 12:04 - 2017-01-23 12:04 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2017-01-23 01:09 - 2017-01-23 01:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-22 22:42 - 2017-01-22 22:42 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo ItaÃº
2017-01-22 21:24 - 2016-06-25 13:03 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2017-01-20 13:00 - 2012-06-02 19:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-01-20 13:00 - 2012-06-02 19:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-01-20 13:00 - 2012-06-02 19:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-01-20 13:00 - 2012-06-02 19:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-01-20 13:00 - 2012-06-02 19:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-01-20 13:00 - 2012-06-02 19:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-01-20 13:00 - 2012-06-02 19:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-01-20 13:00 - 2012-06-02 14:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-01-20 13:00 - 2012-06-02 14:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-01-19 23:03 - 2017-01-19 23:03 - 00000000 ____D C:\Users\Carol\AppData\LocalLow\Adobe
2017-01-19 22:55 - 2017-01-19 22:58 - 00003364 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2017-01-19 22:55 - 2017-01-19 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-01-19 22:55 - 2017-01-19 22:58 - 00000000 ____D C:\Program Files\KMSpico
2017-01-19 22:55 - 2010-12-05 23:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2017-01-19 22:52 - 2017-01-23 12:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-01-19 22:50 - 2017-01-19 22:50 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\regid.1991-06.com.microsoft
2017-01-19 22:50 - 2017-01-19 22:50 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-19 22:49 - 2017-01-19 22:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2017-01-19 22:49 - 2017-01-19 22:49 - 00000000 ____D C:\Windows\PCHEALTH
2017-01-19 22:48 - 2017-03-03 23:43 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\Microsoft Help
2017-01-19 22:48 - 2017-01-19 22:48 - 00000000 ____D C:\Users\Carol\AppData\Local\Microsoft Help
2017-01-19 22:48 - 2017-01-19 22:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2017-01-19 22:47 - 2017-01-19 22:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-19 22:47 - 2017-01-19 22:47 - 00000000 __RHD C:\MSOCache
2017-01-19 22:47 - 2017-01-19 22:47 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-01-19 22:47 - 2017-01-19 22:47 - 00000000 ____D C:\Program Files\Microsoft Office
2017-01-19 22:45 - 2017-01-19 22:45 - 00000000 ____D C:\Users\Carol\AppData\Roaming\WinRAR
2017-01-19 22:45 - 2017-01-19 22:45 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-01-19 22:45 - 2017-01-19 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-01-19 22:45 - 2017-01-19 22:45 - 00000000 ____D C:\Program Files\WinRAR
2017-01-16 11:21 - 2017-03-04 21:34 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-16 11:21 - 2017-02-15 10:34 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-16 11:21 - 2017-02-15 09:34 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-16 11:21 - 2017-02-15 09:34 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-16 11:21 - 2017-02-15 09:34 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-16 11:21 - 2017-02-15 09:34 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-16 11:03 - 2017-01-19 23:03 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Adobe
2017-01-16 11:03 - 2017-01-16 11:03 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Party
2017-01-16 11:03 - 2017-01-16 11:03 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Macromedia
2017-01-16 11:03 - 2017-01-16 11:03 - 00000000 ____D C:\Users\Carol\AppData\Roaming\cef3-cache
2017-01-16 11:02 - 2017-01-16 11:02 - 00001707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk
2017-01-16 11:02 - 2017-01-16 11:02 - 00001701 _____ C:\Users\Carol\Desktop\partypoker.lnk
2017-01-16 11:02 - 2017-01-16 11:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker
2017-01-16 10:55 - 2017-01-16 10:55 - 00881984 _____ C:\Users\Carol\Downloads\PartyPokerSetup.exe
2017-01-04 18:58 - 2017-01-04 18:58 - 00019601 _____ C:\Users\Carol\Downloads\tabela_fator_previdenciario.xlsx
2016-12-29 20:29 - 2017-02-08 16:57 - 00000000 ____D C:\Users\Carol\Desktop\64 Bit
2016-12-17 13:36 - 2016-12-17 13:36 - 00016736 _____ C:\Users\Carol\Desktop\ComprovanteTEF.jpg
2016-12-17 13:32 - 2017-01-22 22:42 - 00002129 _____ C:\Users\Carol\Desktop\ItaÃº.lnk
2016-12-17 13:32 - 2017-01-22 22:42 - 00000000 ____D C:\Users\Carol\AppData\Local\Aplicativo Itau
2016-12-16 12:36 - 2016-12-16 12:36 - 00052224 _____ C:\Users\Carol\Downloads\CV SÃ©rgio.doc
2016-12-15 10:27 - 2017-03-04 20:44 - 01631200 _____ (Skype Technologies S.A.) C:\Users\Carol\Downloads\SkypeSetup.exe
2016-12-15 10:26 - 2016-12-15 10:26 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-14 19:52 - 2016-12-14 19:52 - 00000000 ____D C:\Users\Carol\Desktop\Sandra
2016-12-14 19:45 - 2016-12-14 19:45 - 00000000 ____D C:\Users\Carol\Documents\Trabalhos Deborah
2016-12-14 19:45 - 2016-12-14 19:45 - 00000000 ____D C:\Users\Carol\Documents\Symantec
2016-12-14 19:45 - 2016-09-30 11:54 - 00013180 _____ C:\Users\Carol\Documents\TEXTO CURRICULO SÃRGIO.docx
2016-12-14 19:45 - 2016-09-08 14:49 - 00052224 _____ C:\Users\Carol\Documents\CV SÃ©rgio.doc
2016-12-14 19:45 - 2016-06-12 18:21 - 00047104 _____ C:\Users\Carol\Documents\CV.doc
2016-12-14 19:45 - 2016-06-06 15:45 - 00123806 _____ C:\Users\Carol\Documents\CURRICULUM VITAE com foto.docx
2016-12-14 19:45 - 2015-11-02 13:05 - 00031232 _____ C:\Users\Carol\Documents\CURRICULUM VITAE- SANDRA.doc
2016-12-14 19:32 - 2017-03-04 20:45 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\Skype
2016-12-14 19:32 - 2017-03-04 20:45 - 00000000 ____D C:\ProgramData\Skype
2016-12-14 19:32 - 2017-03-02 21:00 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Skype
2016-12-14 19:32 - 2016-12-14 19:32 - 00000000 ____D C:\Users\Carol\Tracing
2016-12-14 12:52 - 2017-01-17 18:40 - 00000000 ____D C:\Users\Carol\AppData\Local\ElevatedDiagnostics
2016-12-14 12:29 - 2016-12-14 12:29 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Avira
2016-12-14 12:24 - 2016-12-15 21:02 - 00035864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2016-12-14 12:24 - 2016-12-14 12:24 - 00000000 ____H C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2016-12-14 12:24 - 2016-12-14 12:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2016-12-14 12:23 - 2012-07-26 01:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2016-12-14 12:23 - 2012-07-26 01:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2016-12-14 12:23 - 2012-07-25 23:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2016-12-14 12:23 - 2012-06-02 11:35 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2016-12-14 12:22 - 2016-12-15 21:02 - 00176464 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-12-14 12:22 - 2016-12-15 21:02 - 00148032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-12-14 12:22 - 2016-12-14 12:22 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\GeoComply
2016-12-14 12:22 - 2016-12-14 12:22 - 00000000 ____D C:\ProgramData\GeoComply
2016-12-14 12:22 - 2016-10-17 15:56 - 00079696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-12-14 12:22 - 2016-10-17 15:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2016-12-14 12:21 - 2017-03-04 20:44 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\Package Cache
2016-12-14 12:21 - 2017-03-04 20:44 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-14 12:21 - 2017-01-24 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-14 12:21 - 2016-12-14 12:22 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\Avira
2016-12-14 12:21 - 2016-12-14 12:22 - 00000000 ____D C:\ProgramData\Avira
2016-12-14 12:21 - 2016-12-14 12:22 - 00000000 ____D C:\Program Files (x86)\Avira
2016-12-14 12:21 - 2016-12-14 12:21 - 04578888 _____ (Avira Operations GmbH & Co. KG) C:\Users\Carol\Downloads\avira_ptbr_av_585163615f6bb__ws.exe
2016-12-14 12:21 - 2016-12-14 12:21 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Mozilla
2016-12-14 12:18 - 2016-12-14 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3
2016-12-14 12:17 - 2016-12-14 12:17 - 00000000 ____D C:\Program Files\PostgreSQL
2016-12-14 12:14 - 2016-12-15 10:31 - 00000000 ____D C:\Users\Carol\AppData\Local\PokerTracker 4
2016-12-14 12:14 - 2016-12-14 12:14 - 00004995 _____ C:\Users\Todos os UsuÃ¡rios\flwjycbm.bab
2016-12-14 12:14 - 2016-12-14 12:14 - 00004995 _____ C:\ProgramData\flwjycbm.bab
2016-12-14 12:14 - 2016-12-14 12:14 - 00000016 _____ C:\Users\Todos os UsuÃ¡rios\mntemp
2016-12-14 12:14 - 2016-12-14 12:14 - 00000016 _____ C:\ProgramData\mntemp
2016-12-13 23:51 - 2016-12-13 17:58 - 00000000 ____D C:\Windows\Panther
2016-12-13 22:14 - 2016-12-13 22:14 - 00000000 ____D C:\Users\Carol\AppData\LocalLow\Temp
2016-12-13 22:13 - 2017-03-02 12:47 - 00001076 _____ C:\Users\Carol\Desktop\Resteal.txt
2016-12-13 22:13 - 2017-02-28 16:26 - 00303616 _____ C:\Users\Carol\Desktop\SIT AND GO.xls
2016-12-13 22:13 - 2017-02-09 14:22 - 00000744 _____ C:\Users\Carol\Desktop\Short stack.txt
2016-12-13 22:13 - 2017-02-08 07:44 - 00001910 _____ C:\Users\Carol\Desktop\3bet em posiÃ§Ã£o.txt
2016-12-13 22:13 - 2017-01-27 12:52 - 00016621 _____ C:\Users\Carol\Desktop\assistir mega.docx
2016-12-13 22:13 - 2016-12-07 14:11 - 00010822 _____ C:\Users\Carol\Desktop\estudar odds.docx
2016-12-13 22:13 - 2016-12-07 14:11 - 00000876 _____ C:\Users\Carol\Desktop\musicas.txt
2016-12-13 22:13 - 2016-12-07 14:06 - 00000268 _____ C:\Users\Carol\Desktop\Squeeze BB deep stack - Step.txt
2016-12-13 22:13 - 2016-12-07 14:05 - 00013557 _____ C:\Users\Carol\Desktop\video poker.docx
2016-12-13 22:13 - 2016-12-07 14:05 - 00011004 _____ C:\Users\Carol\Desktop\VÃ­deos.docx
2016-12-13 22:13 - 2016-08-16 22:30 - 00017066 _____ C:\Users\Carol\Desktop\baixar livros.docx
2016-12-13 22:13 - 2016-08-06 19:01 - 00013809 _____ C:\Users\Carol\Desktop\https.docx
2016-12-13 22:13 - 2016-06-22 10:51 - 03317760 _____ C:\Users\Carol\Desktop\pokerstove.exe
2016-12-13 22:13 - 2016-02-12 15:40 - 00015095 _____ C:\Users\Carol\Desktop\Livros.docx
2016-12-13 22:13 - 2015-11-25 14:48 - 00019759 _____ C:\Users\Carol\Desktop\blogs.docx
2016-12-13 22:13 - 2015-10-22 17:41 - 00013465 _____ C:\Users\Carol\Desktop\Campo a mesa.docx
2016-12-13 22:13 - 2015-09-16 16:05 - 00027359 _____ C:\Users\Carol\Desktop\alie.docx
2016-12-13 22:13 - 2015-04-08 21:23 - 00015640 _____ C:\Users\Carol\Desktop\julia forti.docx
2016-12-13 20:07 - 2017-01-19 23:05 - 00000000 ___RD C:\Users\Carol\Desktop\Downloads
2016-12-13 20:07 - 2016-12-14 19:53 - 00000000 ____D C:\Users\Carol\Desktop\Livros poker
2016-12-13 20:07 - 2016-12-14 19:50 - 00000000 ____D C:\Users\Carol\Desktop\Nutrindo o Corpo
2016-12-13 20:07 - 2016-12-13 20:07 - 00000000 ____D C:\Users\Carol\Desktop\Planejamento Sandra
2016-12-13 20:07 - 2016-12-13 20:07 - 00000000 ____D C:\Users\Carol\Desktop\Livros suspense
2016-12-13 20:07 - 2016-06-14 14:22 - 00659319 _____ C:\Users\Carol\Desktop\IMG_20160614_142110.jpg
2016-12-13 20:06 - 2017-01-27 14:50 - 00000000 ____D C:\Users\Carol\Desktop\Livros
2016-12-13 20:06 - 2016-12-14 19:54 - 00000000 ____D C:\Users\Carol\Desktop\BACK UP
2016-12-13 20:06 - 2016-12-14 19:50 - 00000000 ____D C:\Users\Carol\Desktop\Healthy Food
2016-12-13 20:05 - 2017-03-02 12:28 - 00000000 ____D C:\Users\Carol\AppData\Local\PokerStars
2016-12-13 20:05 - 2017-02-08 07:43 - 00000000 ____D C:\Program Files (x86)\PokerStars
2016-12-13 20:05 - 2016-12-13 20:05 - 00001953 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.lnk
2016-12-13 20:05 - 2016-12-13 20:05 - 00001947 _____ C:\Users\Public\Desktop\PokerStars.lnk
2016-12-13 20:05 - 2016-12-13 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars
2016-12-13 19:29 - 2017-03-04 20:28 - 00000000 ____D C:\Users\Carol\AppData\Local\Spotify
2016-12-13 19:29 - 2017-03-04 19:57 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Spotify
2016-12-13 19:29 - 2017-01-24 13:02 - 00000000 ____D C:\Users\Carol\AppData\Roaming\TeamViewer
2016-12-13 19:29 - 2016-12-13 19:29 - 00001767 _____ C:\Users\Carol\Desktop\Spotify.lnk
2016-12-13 19:29 - 2016-12-13 19:29 - 00001753 _____ C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-12-13 19:29 - 2016-12-13 19:29 - 00000000 ____D C:\Users\Carol\AppData\Local\CEF
2016-12-13 19:28 - 2016-12-13 19:49 - 105355536 _____ (Rational Intellectual Holdings Ltd.) C:\Users\Carol\Downloads\PokerStarsInstall.exe
2016-12-13 19:27 - 2017-02-22 01:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-12-13 19:27 - 2017-01-12 12:14 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-12-13 19:27 - 2016-12-13 19:27 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-12-13 19:27 - 2016-12-13 19:27 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-13 19:26 - 2017-01-19 23:03 - 00000000 ____D C:\Users\Carol\AppData\Local\Adobe
2016-12-13 19:26 - 2016-12-14 12:20 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\Adobe
2016-12-13 19:26 - 2016-12-14 12:20 - 00000000 ____D C:\ProgramData\Adobe
2016-12-13 19:25 - 2017-03-02 12:57 - 00000000 ____D C:\Program Files (x86)\PokerTracker 4
2016-12-13 19:25 - 2016-12-13 19:25 - 00001074 _____ C:\Users\Carol\Desktop\PokerTracker 4.lnk
2016-12-13 19:25 - 2016-12-13 19:25 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2016-12-13 19:25 - 2016-12-13 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2016-12-13 19:24 - 2017-03-03 23:50 - 00018214 _____ C:\Windows\PFRO.log
2016-12-13 19:22 - 2016-12-13 19:22 - 63670288 _____ C:\Users\Carol\Downloads\PT-Install-v4.14.21.exe
2016-12-13 19:19 - 2016-12-13 19:19 - 00353488 _____ (Spotify Ltd) C:\Users\Carol\Downloads\SpotifySetup.exe
2016-12-13 19:18 - 2017-03-04 20:45 - 00000000 __SHD C:\Windows\Installer
2016-12-13 19:18 - 2016-12-13 19:18 - 12876400 _____ (TeamViewer GmbH) C:\Users\Carol\Downloads\TeamViewer_Setup_pt.exe
2016-12-13 19:14 - 2017-02-07 10:26 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-13 19:14 - 2017-02-07 10:26 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-13 19:13 - 2017-01-23 18:49 - 00111536 _____ C:\Users\Carol\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-13 19:13 - 2016-12-17 13:19 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-13 19:13 - 2016-12-17 13:19 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-13 19:13 - 2016-12-13 19:38 - 00000000 ____D C:\Users\Carol\AppData\Local\Google
2016-12-13 19:13 - 2016-12-13 19:14 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-13 19:13 - 2016-12-13 19:13 - 00000000 ____D C:\Users\Carol\AppData\Local\Deployment
2016-12-13 19:13 - 2016-12-13 19:13 - 00000000 ____D C:\Users\Carol\AppData\Local\Apps\2.0
2016-12-13 19:13 - 2016-12-13 19:13 - 00000000 ____D C:\Users\Carol\AppData\Local\Apps
2016-12-13 19:12 - 2016-12-13 19:12 - 00000000 __SHD C:\Users\Carol\AppData\LocalLow\Microsoft
2016-12-13 19:09 - 2016-12-13 19:09 - 00000000 ____D C:\Windows\SysWOW64\Atheros_L1e
2016-12-13 19:08 - 2017-03-03 23:48 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-13 19:08 - 2016-12-13 19:08 - 00000000 ____D C:\Windows\SysWOW64\sda
2016-12-13 19:08 - 2016-12-13 19:08 - 00000000 ____D C:\Intel
2016-12-13 19:08 - 2010-11-30 02:40 - 00307304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvstor.sys
2016-12-13 19:08 - 2010-11-11 02:14 - 00017512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\diskperf64.sys
2016-12-13 19:08 - 2010-10-04 01:02 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2016-12-13 19:07 - 2016-12-13 19:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-13 19:07 - 2016-12-13 19:08 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-12-13 19:07 - 2016-12-13 19:07 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-12-13 19:07 - 2010-11-08 00:44 - 00076912 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\L1C62x64.sys
2016-12-13 19:07 - 2010-10-27 22:46 - 01251944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2016-12-13 19:06 - 2016-12-13 19:07 - 00000000 ____D C:\temp
2016-12-13 19:06 - 2016-12-13 19:06 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-12-13 18:04 - 2017-03-03 23:49 - 07436492 ____H C:\Users\Carol\AppData\Local\IconCache.db
2016-12-13 17:59 - 2017-03-04 21:38 - 01572864 ___SH C:\Users\Carol\NTUSER.DAT
2016-12-13 17:59 - 2017-03-04 21:38 - 00262144 ___SH C:\Users\Carol\ntuser.dat.LOG1
2016-12-13 17:59 - 2017-03-04 21:38 - 00000000 ____D C:\Users\Carol\AppData\Local\Temp
2016-12-13 17:59 - 2017-03-04 21:34 - 00000000 ___RD C:\Users\Carol\Downloads
2016-12-13 17:59 - 2017-03-04 20:23 - 00000000 ___RD C:\Users\Carol\Desktop
2016-12-13 17:59 - 2017-03-03 23:53 - 00000000 ____D C:\Users\Carol
2016-12-13 17:59 - 2017-02-23 17:49 - 00000000 ___HD C:\Users\Carol\AppData
2016-12-13 17:59 - 2017-02-22 14:24 - 00000000 ____D C:\Users\Carol\AppData\Local
2016-12-13 17:59 - 2017-02-19 20:20 - 00000000 ___RD C:\Users\Carol\Pictures
2016-12-13 17:59 - 2017-02-11 01:30 - 00000000 ____D C:\Users\Carol\AppData\Local\Microsoft
2016-12-13 17:59 - 2017-01-30 23:27 - 00000000 ___SD C:\Users\Carol\AppData\Roaming\Microsoft
2016-12-13 17:59 - 2017-01-30 10:23 - 00000000 ____D C:\Users\Carol\AppData\Local\VirtualStore
2016-12-13 17:59 - 2017-01-23 22:55 - 00000000 ___RD C:\Users\Carol\Documents
2016-12-13 17:59 - 2017-01-22 22:42 - 00000000 ___RD C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-13 17:59 - 2017-01-19 23:03 - 00000000 ____D C:\Users\Carol\AppData\LocalLow
2016-12-13 17:59 - 2017-01-19 22:45 - 00000000 ____D C:\Users\Carol\AppData\Roaming
2016-12-13 17:59 - 2016-12-14 12:33 - 00000000 ___RD C:\Users\Carol\Searches
2016-12-13 17:59 - 2016-12-13 18:04 - 00524288 ___SH C:\Users\Carol\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
2016-12-13 17:59 - 2016-12-13 18:04 - 00524288 ___SH C:\Users\Carol\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
2016-12-13 17:59 - 2016-12-13 18:04 - 00065536 ___SH C:\Users\Carol\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
2016-12-13 17:59 - 2016-12-13 17:59 - 00001419 _____ C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-13 17:59 - 2016-12-13 17:59 - 00001385 _____ C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-12-13 17:59 - 2016-12-13 17:59 - 00000476 ___SH C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-13 17:59 - 2016-12-13 17:59 - 00000402 ___SH C:\Users\Carol\Documents\desktop.ini
2016-12-13 17:59 - 2016-12-13 17:59 - 00000282 ___SH C:\Users\Carol\Downloads\desktop.ini
2016-12-13 17:59 - 2016-12-13 17:59 - 00000282 ___SH C:\Users\Carol\Desktop\desktop.ini
2016-12-13 17:59 - 2016-12-13 17:59 - 00000174 ___SH C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-13 17:59 - 2016-12-13 17:59 - 00000020 ___SH C:\Users\Carol\ntuser.ini
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\SendTo
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\Recent
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\Modelos
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\Meus documentos
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\Menu Iniciar
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\Documents\Minhas mÃºsicas
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\Documents\Minhas imagens
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\Documents\Meus vÃ­deos
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\Dados de aplicativos
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\Cookies
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\ConfiguraÃ§Ãµes locais
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\AppData\Local\Temporary Internet Files
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\AppData\Local\HistÃ³rico
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\AppData\Local\Dados de aplicativos
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\Ambiente de rede
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 _SHDL C:\Users\Carol\Ambiente de impressÃ£o
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 ___SH C:\Users\Carol\ntuser.dat.LOG2
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 ___RD C:\Users\Carol\Videos
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 ___RD C:\Users\Carol\Saved Games
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 ___RD C:\Users\Carol\Music
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 ___RD C:\Users\Carol\Links
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 ___RD C:\Users\Carol\Favorites
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 ___RD C:\Users\Carol\Contacts
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 ___RD C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 ___RD C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-13 17:59 - 2016-12-13 17:59 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Identities
2016-12-13 17:59 - 2009-07-14 04:45 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Media Center Programs
2016-12-13 17:59 - 2009-07-14 01:54 - 00000000 ___RD C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-13 17:59 - 2009-07-14 01:49 - 00000000 ___RD C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\Documents\Minhas mÃºsicas
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\Documents\Minhas imagens
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\Documents\Meus vÃ­deos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\AppData\Local\HistÃ³rico
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o\AppData\Local\Dados de aplicativos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\UsuÃ¡rio PadrÃ£o
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Todos os UsuÃ¡rios\Modelos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Todos os UsuÃ¡rios\Menu Iniciar
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Todos os UsuÃ¡rios\Favoritos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Todos os UsuÃ¡rios\Documentos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Todos os UsuÃ¡rios\Dados de aplicativos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Todos os UsuÃ¡rios
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Public\Documents\Minhas mÃºsicas
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Public\Documents\Meus vÃ­deos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default\Modelos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default\Meus documentos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default\Documents\Minhas mÃºsicas
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default\Documents\Meus vÃ­deos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default\ConfiguraÃ§Ãµes locais
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default\AppData\Local\HistÃ³rico
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default\Ambiente de impressÃ£o
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas mÃºsicas
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vÃ­deos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default User\AppData\Local\HistÃ³rico
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\ProgramData\Modelos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\ProgramData\Favoritos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\ProgramData\Documentos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 _SHDL C:\Arquivos de Programas
2016-12-13 17:58 - 2016-12-13 17:58 - 00000000 __SHD C:\Recovery
2016-12-13 17:57 - 2017-03-04 21:29 - 01261771 _____ C:\Windows\WindowsUpdate.log
2016-12-13 17:57 - 2017-01-19 22:59 - 00000000 ____D C:\Windows\SoftwareDistribution
2016-12-13 17:56 - 2016-12-13 17:56 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-12-13 17:56 - 2016-12-13 17:56 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-12-13 17:56 - 2016-12-13 17:56 - 00001313 _____ C:\Windows\TSSysprep.log
2016-12-13 17:52 - 2017-03-04 21:35 - 00000000 ____D C:\Windows\Prefetch
2016-12-13 17:52 - 2017-03-04 20:44 - 00000000 __SHD C:\System Volume Information
2016-12-13 17:52 - 2017-03-04 19:51 - 4144918528 ___SH C:\pagefile.sys
2016-12-13 17:52 - 2017-03-04 19:50 - 3108687872 ___SH C:\hiberfil.sys

==================== TrÃªs Meses Modificados arquivos e pastas ========

(Se uma entrada for incluÃ­da na fixlist, o arquivo/pasta serÃ¡ movido.)

2017-03-04 20:51 - 2009-07-14 01:45 - 00009792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-04 20:51 - 2009-07-14 01:45 - 00009792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-04 19:55 - 2009-07-29 12:58 - 00654272 _____ C:\Windows\system32\prfh0416.dat
2017-03-04 19:55 - 2009-07-29 12:58 - 00124724 _____ C:\Windows\system32\prfc0416.dat
2017-03-04 19:55 - 2009-07-14 02:13 - 01491932 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-04 19:55 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-03-04 19:51 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-03 23:43 - 2009-07-13 23:34 - 00000478 _____ C:\Windows\win.ini
2017-02-11 01:30 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2017-02-09 10:16 - 2009-07-14 02:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

==================== Arquivos na raiz de alguns diretÃ³rios =======

2016-12-14 12:14 - 2016-12-14 12:14 - 0004995 _____ () C:\ProgramData\flwjycbm.bab
2016-12-14 12:14 - 2016-12-14 12:14 - 0000016 _____ () C:\ProgramData\mntemp

Alguns arquivos em TEMP:
====================
2017-03-03 20:25 - 2017-03-04 20:44 - 14456872 _____ (Microsoft Corporation) C:\Users\Carol\AppData\Local\Temp\vc_redist.x86.exe

==================== Bamital & volsnap ======================

(NÃ£o hÃ¡ correÃ§Ã£o automÃ¡tica para arquivos que nÃ£o passaram na verificaÃ§Ã£o.)

C:\Windows\system32\winlogon.exe => O arquivo Ã© assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo Ã© assinado digitalmente
C:\Windows\explorer.exe => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo Ã© assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo Ã© assinado digitalmente
C:\Windows\system32\services.exe => O arquivo Ã© assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo Ã© assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo Ã© assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo Ã© assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo Ã© assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo Ã© assinado digitalmente

LastRegBack: 2017-02-22 18:01

==================== Fim de FRST.txt ============================