Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 23-04-2017
Executado por Extra (administrador) em LAPTOP (23-04-2017 03:53:25)
Executando a partir de C:\Users\Extra\Downloads
Perfis Carregados: Extra & UpdatusUser (Perfis Disponíveis: Extra & UpdatusUser)
Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(SAMSUNG Electronics co., LTD.) C:\ProgramData\SAMSUNG\ShutdownEvent.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe
(Samsung Electronics Co., Ltd.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\USBControlWrapper\UsbControlWrapper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsCmdServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsEventHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Extra\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Mega Limited) C:\Users\Extra\AppData\Local\MEGAsync\MEGAsync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wusa.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe

==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [600928 2014-01-29] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2793200 2013-11-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}] => C:\ProgramData\Package Cache\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}\VC_redist.x86.exe [543648 2017-04-22] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134736 2015-06-01] (Atheros Communications)
HKU\S-1-5-21-3822768531-2602815973-1495670275-1002\...\Run: [Quick Starter] => C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe [2358064 2015-07-28] (Samsung Electronics CO., LTD.)
HKU\S-1-5-21-3822768531-2602815973-1495670275-1002\...\Run: [GoogleChromeAutoLaunch_12C92B980A72539F1C2F83C423483611] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1144664 2017-04-19] (Google Inc.)
HKU\S-1-5-21-3822768531-2602815973-1495670275-1002\...\Run: [Spotify Web Helper] => C:\Users\Extra\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-22] (Spotify Ltd)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [156256 2013-11-11] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Extra\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Extra\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Extra\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Extra\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Extra\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Extra\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
Startup: C:\Users\Extra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-04-22]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Extra\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 201.17.1.82 201.17.1.175
Tcpip\..\Interfaces\{907DB20A-00CF-471E-BCB6-6689155CED61}: [DhcpNameServer] 201.17.1.82 201.17.1.175

Internet Explorer:
==================
HKU\S-1-5-21-3822768531-2602815973-1495670275-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com/?pc=smjb
HKU\S-1-5-21-3822768531-2602815973-1495670275-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com/?pc=smjb
URLSearchHook: [S-1-5-21-3822768531-2602815973-1495670275-1003] ATENÇÃO => A URLSearchHook Padrão está ausente
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3822768531-2602815973-1495670275-1002 -> DefaultScope {2CEAD537-6521-4CCA-8CC9-B9FE1A227A36} URL = 
SearchScopes: HKU\S-1-5-21-3822768531-2602815973-1495670275-1002 -> {2CEAD537-6521-4CCA-8CC9-B9FE1A227A36} URL = 

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-18] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems)

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.youndoo.com/?z=61a6386e1fa917cc58d8403g7zab1zbb6q7e9wdeem&from=amz&uid=ST320LM001XHN-M320MBB_S2SNJ5EC919727&type=hp"
CHR Session Restore: Default -> está habilitado.
CHR Profile: C:\Users\Extra\AppData\Local\Google\Chrome\User Data\Default [2017-04-23]
CHR Extension: (Google Apresentações) - C:\Users\Extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-18]
CHR Extension: (Google Docs) - C:\Users\Extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-18]
CHR Extension: (Google Drive) - C:\Users\Extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-18]
CHR Extension: (YouTube) - C:\Users\Extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-18]
CHR Extension: (Planilhas do Google) - C:\Users\Extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-18]
CHR Extension: (Documentos Google off-line) - C:\Users\Extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-18]
CHR Extension: (AdBlock) - C:\Users\Extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-21]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-04-21]
CHR Extension: (Pinterest Save Button) - C:\Users\Extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-04-21]
CHR Extension: (Black carbon + silver metal) - C:\Users\Extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lodhggoaglindpoejnjldimdlikkphph [2017-04-21]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-18]
CHR Extension: (Gmail) - C:\Users\Extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\Extra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-22]

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-20] (Samsung) [Arquivo não assinado]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-06-01] (Windows (R) Win 7 DDK provider)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-01-29] (Copyright 2013 SAMSUNG)
R2 Settings Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe [1594176 2015-06-24] (Samsung Electronics CO., LTD.)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3297632 2017-03-20] (Samsung Electronics Co., Ltd.)
R2 USBControlWrapperSvc; C:\ProgramData\Samsung\USBControlWrapper\UsbControlWrapper.exe [37736 2015-01-30] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2015-06-01] (Atheros) [Arquivo não assinado]

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 athr; C:\windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\windows\system32\DRIVERS\btath_lwflt.sys [77464 2015-06-01] (Qualcomm Atheros)
S3 FlashUSB; C:\windows\System32\drivers\FlashUSB.sys [19968 2013-06-05] (Intel Mobile Communications)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R0 PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 shspusb; C:\windows\System32\drivers\HSPUSB.sys [24064 2013-06-05] (MobileTop)
S3 sscdserd; C:\windows\System32\drivers\sscdserd.sys [158024 2013-06-05] (MCCI Corporation)
S3 ssceserd; C:\windows\System32\drivers\ssceserd.sys [158024 2013-06-05] (MCCI Corporation)
S3 ssdudfu; C:\windows\System32\drivers\ssdudfu.sys [101960 2013-06-05] (MCCI)
S3 ssm_bus; C:\windows\System32\drivers\ssm_bus.sys [136192 2013-06-05] (MCCI Corporation)
S3 ssm_mdm; C:\windows\System32\drivers\ssm_mdm.sys [172032 2013-06-05] (MCCI Corporation)
S3 ssuddmgr; C:\windows\System32\drivers\ssuddmgr.sys [203672 2013-06-05] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\windows\System32\drivers\ssudobex.sys [203672 2013-06-05] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudrmnet; C:\windows\System32\drivers\ssudrmnet.sys [67864 2013-06-05] (DEVGURU Co., LTD.)
S3 ssudserd; C:\windows\System32\drivers\ssudserd.sys [203672 2013-06-05] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_bserd; C:\windows\System32\drivers\ss_bserd.sys [128000 2013-06-05] (MCCI Corporation)
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [35320 2014-09-21] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [258368 2014-09-22] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 BTATH_HID; \SystemRoot\system32\DRIVERS\btath_hid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-04-23 03:53 - 2017-04-23 03:54 - 00018360 _____ C:\Users\Extra\Downloads\FRST.txt
2017-04-23 03:53 - 2017-04-23 03:53 - 00000000 ____D C:\FRST
2017-04-23 03:52 - 2017-04-23 03:52 - 02425344 _____ (Farbar) C:\Users\Extra\Downloads\FRST64.exe
2017-04-23 03:41 - 2017-04-23 03:41 - 00000000 ___HT C:\windows\wusa.lock
2017-04-23 03:41 - 2017-04-23 03:41 - 00000000 ____D C:\16b6d424643a341fef81c9f98ad149
2017-04-23 02:40 - 2017-04-23 02:40 - 00000000 ____D C:\2368d66fa3595ed0c3b49b93
2017-04-23 00:58 - 2016-08-16 19:17 - 03084680 _____ (Adobe Systems Incorporated) C:\windows\system32\PatchMatch.dll
2017-04-23 00:08 - 2017-04-23 03:23 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2017.lnk
2017-04-23 00:08 - 2017-04-23 00:08 - 00000000 ____D C:\Users\Public\Documents\Adobe
2017-04-23 00:05 - 2017-04-23 00:08 - 00000000 ____D C:\Program Files\Adobe
2017-04-23 00:05 - 2017-04-23 00:05 - 00000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2017-04-22 23:11 - 2017-04-22 23:11 - 00001245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-04-22 22:50 - 2012-02-24 03:55 - 00000000 ____D C:\Users\Extra\Desktop\WAVES COMLETE V7
2017-04-22 22:37 - 2017-04-22 22:43 - 528951471 _____ C:\Users\Extra\Desktop\WAVES COMLETE V7.rar
2017-04-22 22:33 - 2017-04-22 23:06 - 00000000 ____D C:\Users\Extra\Desktop\Adobe.Premiere.Pro.CC.2017.v11.0.WINX64-FiLELiST
2017-04-22 22:32 - 2017-04-22 22:33 - 1337766560 _____ C:\Users\Extra\Desktop\Adobe.Premiere.Pro.CC.2017.v11.0.WINX64-FiLELiST.rar
2017-04-22 22:12 - 2017-04-22 22:12 - 01582223 _____ C:\Users\Extra\Desktop\Patch For ALL - AMTemu v0.9.2.rar
2017-04-22 21:25 - 2017-04-22 21:35 - 1134863584 _____ C:\Users\Extra\Desktop\Adobe Premiere Pro CC 7.0.0 (342) Final Multilanguage [ChingLiu].rar
2017-04-22 20:33 - 2017-04-22 20:33 - 00000000 ___RD C:\Users\Extra\Documents\MEGA
2017-04-22 20:32 - 2017-04-22 20:32 - 00000000 ____D C:\Users\Extra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2017-04-22 20:32 - 2017-04-22 20:32 - 00000000 ____D C:\Users\Extra\AppData\Local\MEGAsync
2017-04-22 20:32 - 2017-04-22 20:32 - 00000000 ____D C:\Users\Extra\AppData\Local\Mega Limited
2017-04-22 18:59 - 2017-04-22 18:59 - 00000934 _____ C:\Users\Extra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PSCS6.lnk
2017-04-22 18:41 - 2017-04-22 22:53 - 00000000 ____D C:\ProgramData\Adobe
2017-04-22 18:31 - 2017-04-22 18:31 - 00000000 __HDC C:\ProgramData\{53DC627C-2EC2-49E2-8DA7-F6013C8DAF5C}
2017-04-22 18:25 - 2017-04-22 18:25 - 00000000 __HDC C:\ProgramData\{42DEBD12-9D09-4B77-B434-2EF604E45D3D}
2017-04-22 18:21 - 2017-04-22 18:21 - 00000112 ____H C:\E3C508180AFF
2017-04-22 18:21 - 2017-04-22 18:21 - 00000040 ____H C:\A4AB6F4C5DB3
2017-04-22 18:20 - 2017-04-22 18:20 - 00000000 ____D C:\Users\Extra\AppData\LocalLow\Adobe
2017-04-22 18:15 - 2017-04-22 18:40 - 00000000 ____D C:\Users\Extra\Documents\Native Instruments
2017-04-22 18:13 - 2017-04-22 18:13 - 00000000 __HDC C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2017-04-22 18:12 - 2017-04-22 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2017-04-22 18:12 - 2017-04-22 18:37 - 00000000 ____D C:\Program Files\Native Instruments
2017-04-22 18:12 - 2017-04-22 18:13 - 00000000 ____D C:\ProgramData\Native Instruments
2017-04-22 18:12 - 2017-04-22 18:12 - 00000000 __HDC C:\ProgramData\{90D8CE90-3E6B-4034-A281-BC9F19B60A5B}
2017-04-22 18:09 - 2017-04-22 18:09 - 00000000 ____D C:\Photoshop CS6 Portable (Completo)
2017-04-22 15:49 - 2017-04-22 16:47 - 00000000 ____D C:\Users\Extra\Documents\iZotope
2017-04-22 15:33 - 2017-04-22 15:33 - 00000000 ____D C:\Users\Extra\AppData\Roaming\iZotope
2017-04-22 06:48 - 2017-04-22 18:25 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2017-04-22 06:32 - 2017-04-22 06:32 - 00000000 ____D C:\Users\Extra\Documents\Xfer
2017-04-22 06:00 - 2017-04-22 06:00 - 00000000 ____D C:\Users\Extra\AppData\Roaming\FabFilter
2017-04-22 05:40 - 2017-04-22 05:40 - 00000000 ____D C:\Users\Extra\AppData\Local\Native Instruments
2017-04-22 04:21 - 2017-04-22 04:21 - 00000000 ___HD C:\$WINDOWS.~BT
2017-04-22 03:37 - 2017-04-22 04:49 - 00000000 ____D C:\Users\Extra\AppData\Local\Spotify
2017-04-22 03:37 - 2017-04-22 03:37 - 00001799 _____ C:\Users\Extra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-04-22 03:36 - 2017-04-22 19:18 - 00000000 ____D C:\Users\Extra\AppData\Roaming\Spotify
2017-04-22 03:23 - 2017-04-22 04:21 - 00000000 ____D C:\Windows10Upgrade
2017-04-22 03:14 - 2017-04-22 03:14 - 00000000 ____D C:\Users\Extra\AppData\Roaming\Google
2017-04-22 03:11 - 2017-04-22 03:59 - 00000041 _____ C:\Users\Extra\Desktop\escala nep&fep.txt
2017-04-22 00:36 - 2017-04-22 17:16 - 00000000 ____D C:\Fep Wolf
2017-04-21 22:34 - 2017-04-22 05:25 - 00000000 ____D C:\Users\Extra\AppData\LocalLow\uTorrent
2017-04-21 22:32 - 2017-04-22 18:37 - 00000000 ____D C:\Users\Extra\AppData\Roaming\uTorrent
2017-04-21 22:23 - 2017-04-21 22:23 - 02668789 _____ C:\windows\SysWOW64\TmpA2723875
2017-04-21 22:11 - 2017-04-21 22:11 - 00000000 ____D C:\Users\Extra\AppData\Roaming\Sonic Academy
2017-04-21 22:10 - 2017-04-21 22:10 - 00000000 ____D C:\ProgramData\Sonic Academy
2017-04-21 22:10 - 2017-04-21 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Academy
2017-04-21 21:24 - 2017-04-22 16:48 - 00000000 ____D C:\VSTPlugins
2017-04-21 04:58 - 2017-04-22 22:04 - 00000000 ____D C:\Users\Extra\Documents\Adobe
2017-04-21 04:58 - 2017-04-21 04:58 - 00000000 ____D C:\Users\Extra\AppData\Roaming\NVIDIA
2017-04-21 04:57 - 2017-04-22 22:02 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-04-21 04:49 - 2017-04-21 04:49 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2017-04-21 04:41 - 2017-04-21 04:41 - 00000000 ____D C:\Users\Extra\AppData\Local\Intel_Corporation
2017-04-19 19:19 - 2017-04-19 19:19 - 00000000 ___RD C:\Users\Extra\Documents\Notes
2017-04-19 16:12 - 2017-04-22 05:48 - 00000000 ____D C:\Users\Extra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rob Papen
2017-04-19 15:55 - 2017-04-22 01:18 - 00000000 ____D C:\Users\Extra\AppData\Roaming\Xfer
2017-04-19 15:54 - 2017-04-21 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfer Records
2017-04-19 15:25 - 2017-04-21 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2017-04-19 14:25 - 2017-04-19 14:25 - 01060864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71.dll
2017-04-19 14:25 - 2017-04-19 14:25 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll
2017-04-19 13:07 - 2017-04-19 13:07 - 00000000 ____D C:\Users\Extra\AppData\Roaming\WinRAR
2017-04-19 13:06 - 2017-04-19 13:06 - 00000000 ____D C:\Users\Extra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-19 13:06 - 2017-04-19 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-19 13:06 - 2017-04-19 13:06 - 00000000 ____D C:\Program Files\WinRAR
2017-04-19 12:40 - 2017-04-19 12:44 - 00000000 ____D C:\Users\Extra\Documents\Ableton
2017-04-19 12:37 - 2017-04-22 23:12 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-19 12:37 - 2017-04-19 12:43 - 00000000 ____D C:\Users\Extra\AppData\Roaming\Ableton
2017-04-19 12:37 - 2017-04-19 12:37 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2017-04-19 12:35 - 2017-04-19 12:35 - 00000901 _____ C:\Users\Extra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Suite.lnk
2017-04-19 12:35 - 2017-04-19 12:35 - 00000000 ____D C:\ProgramData\Ableton
2017-04-19 12:32 - 2017-04-19 12:32 - 05634720 _____ (Microsoft Corporation) C:\windows\system32\mfc120u.dll
2017-04-19 12:32 - 2017-04-19 12:32 - 05608088 _____ (Microsoft Corporation) C:\windows\system32\mfc120.dll
2017-04-19 12:32 - 2017-04-19 12:32 - 00963232 _____ (Microsoft Corporation) C:\windows\system32\msvcr120.dll
2017-04-19 12:32 - 2017-04-19 12:32 - 00660128 _____ (Microsoft Corporation) C:\windows\system32\msvcp120.dll
2017-04-19 12:32 - 2017-04-19 12:32 - 00356528 _____ (Microsoft Corporation) C:\windows\system32\vccorlib120.dll
2017-04-19 12:32 - 2017-04-19 12:32 - 00091808 _____ (Microsoft Corporation) C:\windows\system32\mfcm120u.dll
2017-04-19 12:32 - 2017-04-19 12:32 - 00091808 _____ (Microsoft Corporation) C:\windows\system32\mfcm120.dll
2017-04-19 11:13 - 2017-04-21 04:46 - 00000000 ____D C:\windows\pss
2017-04-19 01:06 - 2017-04-19 01:06 - 00000000 ____D C:\windows\SysWOW64\NV
2017-04-19 01:06 - 2017-04-19 01:06 - 00000000 ____D C:\windows\system32\NV
2017-04-19 01:04 - 2017-04-21 04:49 - 00000000 ____D C:\Users\UpdatusUser
2017-04-19 01:04 - 2017-04-19 01:04 - 00003736 _____ C:\windows\System32\Tasks\SettingsHibernateMonitor
2017-04-19 01:04 - 2017-04-19 01:04 - 00003656 _____ C:\windows\System32\Tasks\SettingsEventHandlerMonitor
2017-04-19 01:04 - 2017-04-19 01:04 - 00003548 _____ C:\windows\System32\Tasks\LaunchSettings
2017-04-19 01:03 - 2017-04-19 01:04 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-19 01:03 - 2013-11-10 18:32 - 06610720 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2017-04-19 01:03 - 2013-11-10 18:32 - 03477280 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2017-04-19 01:03 - 2013-11-10 18:32 - 02559776 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2017-04-19 01:03 - 2013-11-10 18:32 - 01042720 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshext.dll
2017-04-19 01:03 - 2013-11-10 18:32 - 00920864 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2017-04-19 01:03 - 2013-11-10 18:32 - 00219424 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2017-04-19 01:03 - 2013-11-10 18:32 - 00067072 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll
2017-04-19 01:03 - 2013-11-10 18:32 - 00063776 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2017-04-19 01:03 - 2013-11-06 17:10 - 03457007 _____ C:\windows\system32\nvcoproc.bin
2017-04-19 01:02 - 2017-04-19 01:02 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-19 01:01 - 2017-04-19 01:02 - 00000000 ____D C:\ProgramData\Atheros
2017-04-19 01:01 - 2017-04-19 01:01 - 00000000 ____D C:\Users\Extra\AppData\Roaming\Atheros
2017-04-18 16:40 - 2017-04-22 18:39 - 00000066 _____ C:\windows\progress.ini
2017-04-18 16:19 - 2017-04-18 16:21 - 00000000 ____D C:\Program Files\Common Files\QCA_Bluetooth
2017-04-18 16:19 - 2017-04-18 16:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2017-04-18 16:19 - 2017-04-18 16:19 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2017-04-18 16:18 - 2017-04-18 16:18 - 00000000 ____D C:\ProgramData\{41A350B0-C533-4604-B09D-EB21FC05B6BB}
2017-04-18 16:08 - 2013-11-11 04:27 - 29339936 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 25256224 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 22103840 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 17560352 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 15930288 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 15699056 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 13656024 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 12947384 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 11313952 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2017-04-18 16:08 - 2013-11-11 04:27 - 09221632 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 07721112 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 07648512 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 06330064 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 02990792 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 02971424 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 02789664 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 02633376 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 02367776 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvenc.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 02007840 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvenc.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 01884448 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6432768.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 01515296 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6432768.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 01421584 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 01230576 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 00681760 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 00603424 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 00586016 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 00515360 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 00353504 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 00305600 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 00184048 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 00156256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2017-04-18 16:08 - 2013-11-11 04:27 - 00032544 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys
2017-04-18 16:08 - 2013-11-11 04:27 - 00022814 _____ C:\windows\system32\nvinfo.pb
2017-04-18 15:19 - 2017-04-21 21:46 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-18 15:18 - 2017-04-18 15:42 - 00000000 ____D C:\Users\Extra\AppData\Local\Google
2017-04-18 15:18 - 2017-04-18 15:34 - 00003500 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-18 15:18 - 2017-04-18 15:34 - 00003372 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-18 15:18 - 2017-04-18 15:19 - 00000000 ____D C:\Program Files (x86)\Google
2017-04-18 15:17 - 2017-04-18 15:18 - 00000000 ____D C:\Users\Extra\AppData\Local\Deployment
2017-04-18 15:17 - 2017-04-18 15:17 - 00000000 ____D C:\Users\Extra\AppData\Local\Apps\2.0
2017-04-18 14:58 - 2017-04-22 18:39 - 00000000 ___HD C:\$GetCurrent
2017-04-18 14:58 - 2017-04-22 03:23 - 00000702 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistente de Atualização do Windows 10.lnk
2017-04-18 14:56 - 2017-04-18 14:56 - 06581904 _____ (Microsoft Corporation) C:\Users\Extra\Downloads\Windows10Upgrade24074.exe
2017-04-18 12:26 - 2017-04-18 12:26 - 00000000 ___HD C:\$Windows.~WS
2017-04-17 20:45 - 2017-04-22 18:37 - 00001890 _____ C:\windows\diagwrn.xml
2017-04-17 20:45 - 2017-04-22 18:37 - 00001890 _____ C:\windows\diagerr.xml
2017-04-17 18:55 - 2017-04-18 13:38 - 00000000 ____D C:\ESD
2017-04-17 18:50 - 2017-04-17 18:50 - 00000000 ____D C:\Users\Extra\AppData\Roaming\Macromedia
2017-04-17 18:43 - 2017-04-07 19:06 - 00532136 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2017-04-17 18:36 - 2017-04-17 18:36 - 00003126 _____ C:\windows\System32\Tasks\advRecovery
2017-04-17 18:28 - 2017-04-17 18:28 - 00002996 _____ C:\windows\System32\Tasks\SUPatchForW10Up

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-04-23 03:37 - 2017-01-03 04:54 - 00000000 ____D C:\Users\Extra\AppData\Local\CrashDumps
2017-04-23 03:29 - 2016-03-14 06:28 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3822768531-2602815973-1495670275-1002
2017-04-22 23:54 - 2016-03-14 06:22 - 00000000 ____D C:\Users\Extra\AppData\Roaming\Adobe
2017-04-22 23:54 - 2015-03-02 04:02 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-04-22 23:11 - 2016-03-14 06:21 - 00000000 ____D C:\Users\Extra
2017-04-22 22:53 - 2015-03-02 04:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-04-22 21:58 - 2016-03-14 06:23 - 00000000 ____D C:\Users\Extra\Documents\Bluetooth Folder
2017-04-22 19:08 - 2016-03-14 06:21 - 00000000 ____D C:\Users\Extra\AppData\Local\Packages
2017-04-22 19:08 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-22 19:08 - 2013-08-22 12:36 - 00000000 ____D C:\windows\AppReadiness
2017-04-22 18:42 - 2015-03-02 03:55 - 00000000 ____D C:\ProgramData\WinClon
2017-04-22 18:39 - 2013-08-22 11:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-04-22 18:38 - 2013-08-22 10:25 - 00262144 ___SH C:\windows\system32\config\BBI
2017-04-22 18:37 - 2013-08-22 10:36 - 00000000 ____D C:\windows\Inf
2017-04-22 04:21 - 2013-08-27 02:50 - 00000000 ____D C:\windows\Panther
2017-04-21 21:38 - 2013-08-22 11:44 - 05012512 _____ C:\windows\system32\FNTCACHE.DAT
2017-04-21 04:59 - 2016-03-14 06:23 - 00000000 ____D C:\Users\Extra\AppData\Local\Adobe
2017-04-19 17:01 - 2016-03-14 06:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-19 13:42 - 2016-03-14 06:27 - 00000000 ____D C:\Users\Extra\AppData\Local\Samsung
2017-04-19 12:53 - 2015-03-02 20:50 - 00774900 _____ C:\windows\system32\prfh0416.dat
2017-04-19 12:53 - 2015-03-02 20:50 - 00158494 _____ C:\windows\system32\prfc0416.dat
2017-04-19 12:53 - 2013-08-27 01:56 - 01797166 _____ C:\windows\system32\PerfStringBackup.INI
2017-04-19 01:04 - 2015-03-02 03:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-04-19 01:04 - 2015-03-02 03:49 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-04-19 01:04 - 2015-03-02 03:43 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-19 01:04 - 2015-03-02 03:43 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-19 01:03 - 2013-08-22 12:36 - 00000000 ____D C:\windows\Help
2017-04-19 00:59 - 2013-08-22 12:36 - 00000000 ___HD C:\windows\ELAMBKUP
2017-04-18 16:31 - 2013-08-22 10:25 - 00262144 ___SH C:\windows\system32\config\ELAM
2017-04-18 16:21 - 2015-03-02 03:50 - 00000000 ____D C:\ProgramData\SAMSUNG
2017-04-18 15:59 - 2015-03-02 03:49 - 00016030 _____ C:\windows\system32\results.xml
2017-04-18 15:50 - 2015-03-02 03:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-04-18 15:50 - 2015-03-02 03:41 - 00000000 ____D C:\Program Files (x86)\Intel
2017-04-18 14:30 - 2016-03-15 11:47 - 00003950 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{AE659B89-AF1B-4B4C-9BA7-05EC133C78A3}
2017-04-17 18:36 - 2015-03-02 03:50 - 00000000 ____D C:\Program Files\Samsung
2017-04-17 18:36 - 2015-03-02 03:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-04-17 18:28 - 2015-03-02 03:41 - 00000000 ____D C:\ProgramData\Intel

==================== Arquivos na raiz de alguns diretórios =======

2015-03-02 03:44 - 2015-03-02 03:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-02 03:49 - 2013-02-19 04:34 - 2064264 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2015-03-02 03:49 - 2013-01-12 11:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\windows\explorer.exe => O arquivo é assinado digitalmente
C:\windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\windows\system32\services.exe => O arquivo é assinado digitalmente
C:\windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2017-04-22 23:36

==================== Fim de FRST.txt ============================