Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 29-09-2017 Executado por Senhor(a) (administrador) em SENHORA-PC (29-09-2017 18:07:54) Executando a partir de C:\Users\Senhor(a)\Desktop Perfis Carregados: Senhor(a) (Perfis Disponíveis: Senhor(a)) Platform: Windows 7 Professional (X64) Idioma: Português (Brasil) Internet Explorer Versão 8 (Navegador padrão: IE) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Windows\KMS-R@1n.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe () C:\Windows\KMS-R@1nhook.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (BitTorrent Inc.) C:\Users\Senhor(a)\AppData\Roaming\uTorrent\uTorrent.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (BitTorrent Inc.) C:\Users\Senhor(a)\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe (BitTorrent Inc.) C:\Users\Senhor(a)\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe (IObit) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\Scheduler.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\wusa.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-07-22] (Realtek Semiconductor) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc.) HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [992304 2017-05-23] (GAS Tecnologia LTDA) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation) Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2017-08-02] (Caixa Economica Federal) HKU\S-1-5-21-2197088222-2135754822-4128637424-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [0 2017-09-29] () HKU\S-1-5-21-2197088222-2135754822-4128637424-1000\...\Run: [uTorrent] => C:\Users\Senhor(a)\AppData\Roaming\uTorrent\uTorrent.exe [1985984 2017-09-25] (BitTorrent Inc.) HKU\S-1-5-21-2197088222-2135754822-4128637424-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd) HKU\S-1-5-21-2197088222-2135754822-4128637424-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.) HKU\S-1-5-21-2197088222-2135754822-4128637424-1000\...\MountPoints2: E - E:\setup.exe HKU\S-1-5-21-2197088222-2135754822-4128637424-1000\...\MountPoints2: {1cfd6548-a479-11e7-b0b8-50e549f17735} - G:\setup.exe HKU\S-1-5-21-2197088222-2135754822-4128637424-1000\...\MountPoints2: {50af3a5d-9ff8-11e7-a9b5-50e549f17735} - G:\LGAutoRun.exe HKU\S-1-5-21-2197088222-2135754822-4128637424-1000\...\MountPoints2: {b7b22b94-a366-11e7-bd61-50e549f17735} - E:\setup.exe HKU\S-1-5-21-2197088222-2135754822-4128637424-1000\...\MountPoints2: {b7b22b9c-a366-11e7-bd61-50e549f17735} - F:\setup.exe HKU\S-1-5-21-2197088222-2135754822-4128637424-1000\...\MountPoints2: {e5ad0bcf-720a-11e7-9c57-9a33efe56f62} - F:\setup.exe IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe IFEO\SppSvc.exe: [Debugger] KMS-R@1nhook.exe ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1903328 2017-08-02] (Caixa Economica Federal) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 187.36.192.33 187.36.192.28 Tcpip\..\Interfaces\{42A67B1D-816F-471A-8888-F463FE025DDC}: [DhcpNameServer] 187.36.192.33 187.36.192.28 Tcpip\..\Interfaces\{6DA2F963-CDAB-4447-8703-4FA2CB6C84A5}: [DhcpNameServer] 192.168.1.1 8.8.8.8 Tcpip\..\Interfaces\{91D338BB-D4D2-41ED-828D-C981C65CF1FB}: [DhcpNameServer] 187.36.192.33 187.36.192.28 Internet Explorer: ================== HKU\S-1-5-21-2197088222-2135754822-4128637424-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp SearchScopes: HKU\S-1-5-21-2197088222-2135754822-4128637424-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-22] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-22] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-22] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2017-08-02] (Caixa Economica Federal) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-22] (Oracle Corporation) Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2009-04-23] () Toolbar: HKLM-x32 - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23] () Toolbar: HKU\S-1-5-21-2197088222-2135754822-4128637424-1000 -> DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2009-04-23] () Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: u5wybhcd.default FF ProfilePath: C:\Users\Senhor(a)\AppData\Roaming\Mozilla\Firefox\Profiles\u5wybhcd.default [2017-09-25] FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-22] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-22] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] () FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-22] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-22] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-22] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2017-09-23] <==== ATENÇÃO (Aponta para arquivo *.cfg) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\warsaw.cfg [2017-09-23] <==== ATENÇÃO Chrome: ======= CHR Profile: C:\Users\Senhor(a)\AppData\Local\Google\Chrome\User Data\Default [2017-09-29] CHR Extension: (Google Docs) - C:\Users\Senhor(a)\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-27] CHR Extension: (Google Drive) - C:\Users\Senhor(a)\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-27] CHR Extension: (YouTube) - C:\Users\Senhor(a)\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-27] CHR Extension: (Documentos Google off-line) - C:\Users\Senhor(a)\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-27] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Senhor(a)\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-27] CHR Extension: (Gmail) - C:\Users\Senhor(a)\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-27] CHR Extension: (Chrome Media Router) - C:\Users\Senhor(a)\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27] ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd) R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [631520 2017-08-02] (GAS Tecnologia) R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2017-07-22] () [Arquivo não assinado] R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2017-07-28] (VIA Technologies, Inc.) R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [992304 2017-05-23] (GAS Tecnologia LTDA) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-27] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-27] (Disc Soft Ltd) R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2017-08-02] (GAS Tecnologia) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-07-22] (REALiX(tm)) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2017-07-28] (Qualcomm Atheros Co., Ltd.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [5255728 2017-01-02] (Realtek Semiconductor Corporation ) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2017-07-26] () [Arquivo não assinado] R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2017-08-02] (GAS Tecnologia LTDA) R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [28376 2017-09-29] (GAS Tecnologia) R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [36984 2016-06-16] (GAS Tecnologia) R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [25184 2016-06-08] (GAS Tecnologia) R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [25184 2016-11-07] (GAS Tecnologia) S3 cpuz138; \??\C:\Users\SENHOR~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATENÇÃO S1 gbpddfac; system32\drivers\gbpddfac64.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-09-29 18:07 - 2017-09-29 18:08 - 000016081 _____ C:\Users\Senhor(a)\Desktop\FRST.txt 2017-09-29 18:07 - 2017-09-29 18:07 - 000000000 ____D C:\FRST 2017-09-29 18:07 - 2017-09-29 18:06 - 002399744 _____ (Farbar) C:\Users\Senhor(a)\Desktop\FRST64.exe 2017-09-29 18:06 - 2017-09-29 18:06 - 002399744 _____ (Farbar) C:\Users\Senhor(a)\Downloads\FRST64.exe 2017-09-29 18:04 - 2017-09-29 18:04 - 001034556 _____ C:\Users\Senhor(a)\Downloads\Windows6.1-KB2999226-x64 (4).msu 2017-09-29 18:03 - 2017-09-29 18:03 - 001034556 _____ C:\Users\Senhor(a)\Downloads\Windows6.1-KB2999226-x64 (3).msu 2017-09-29 18:03 - 2017-09-29 18:03 - 000629006 _____ C:\Users\Senhor(a)\Downloads\Windows6.1-KB2999226-x86 (1).msu 2017-09-29 18:03 - 2017-09-29 18:03 - 000000000 ___HT C:\Windows\wusa.lock 2017-09-29 18:03 - 2017-09-29 18:03 - 000000000 ____D C:\5a97d057b5bf97b877626a 2017-09-29 17:44 - 2015-07-17 08:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2017-09-29 17:44 - 2015-07-17 08:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2017-09-29 17:44 - 2015-07-17 08:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2017-09-29 17:44 - 2015-07-17 08:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2017-09-29 17:44 - 2015-07-17 08:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2017-09-29 17:44 - 2015-07-17 08:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2017-09-29 17:44 - 2015-07-17 08:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2017-09-29 17:44 - 2015-07-17 08:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2017-09-29 17:44 - 2015-07-17 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2017-09-29 17:44 - 2015-07-17 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2017-09-29 17:44 - 2015-07-17 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2017-09-29 17:44 - 2015-07-17 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2017-09-29 17:44 - 2015-07-17 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2017-09-29 17:44 - 2015-07-17 08:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2017-09-29 17:44 - 2015-07-17 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll 2017-09-29 17:44 - 2015-07-17 08:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll 2017-09-29 17:41 - 2015-07-17 08:06 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2017-09-29 17:40 - 2017-09-29 17:54 - 000000000 ____D C:\Users\Senhor(a)\Downloads\Api System 32 2017-09-29 17:40 - 2017-09-29 17:53 - 000000000 ____D C:\Users\Senhor(a)\Downloads\Api SysWOW64 2017-09-29 17:37 - 2017-09-29 17:37 - 000130635 _____ C:\Users\Senhor(a)\Downloads\Api SysWOW64.rar 2017-09-29 17:37 - 2017-09-29 17:37 - 000055587 _____ C:\Users\Senhor(a)\Downloads\flash_5.485.zip 2017-09-29 17:36 - 2017-09-29 17:36 - 000142773 _____ C:\Users\Senhor(a)\Downloads\Api System 32.rar 2017-09-29 17:30 - 2017-09-29 17:30 - 001034556 _____ C:\Users\Senhor(a)\Downloads\Windows6.1-KB2999226-x64 (2).msu 2017-09-29 13:45 - 2010-09-14 03:45 - 000367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll 2017-09-29 13:45 - 2010-09-14 03:07 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll 2017-09-29 13:43 - 2017-09-29 13:43 - 000002699 _____ C:\Users\Public\Desktop\Skype.lnk 2017-09-29 13:43 - 2017-09-29 13:43 - 000000000 ___RD C:\Program Files (x86)\Skype 2017-09-29 13:43 - 2017-09-29 13:43 - 000000000 ____D C:\Users\Todos os Usuários\Skype 2017-09-29 13:43 - 2017-09-29 13:43 - 000000000 ____D C:\ProgramData\Skype 2017-09-29 13:43 - 2017-09-29 13:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-09-29 13:22 - 2017-09-29 13:25 - 000000000 ____D C:\Windows\system32\MRT 2017-09-29 13:22 - 2017-09-29 13:23 - 000698900 _____ C:\Users\Senhor(a)\Downloads\lntll_f_la_x+65198198746518945647651561.zip 2017-09-29 13:22 - 2017-09-29 13:22 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-09-29 13:21 - 2009-10-10 00:17 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys 2017-09-29 12:30 - 2017-09-29 12:30 - 000283016 _____ C:\Windows\Minidump\092917-30732-01.dmp 2017-09-28 23:46 - 2017-09-28 23:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-09-28 23:45 - 2017-09-28 23:46 - 000000000 ____D C:\312fea51cd7ed89c7c1d 2017-09-28 23:45 - 2017-09-28 23:45 - 000000000 ____D C:\Program Files\Microsoft Silverlight 2017-09-28 23:45 - 2017-09-28 23:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-09-28 23:43 - 2017-08-17 13:35 - 000544424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2017-09-28 23:37 - 2010-05-23 07:15 - 001619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2017-09-28 23:37 - 2010-05-23 07:11 - 003181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2017-09-28 23:37 - 2010-05-23 07:11 - 000196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll 2017-09-28 23:37 - 2010-05-23 05:37 - 001888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2017-09-28 23:37 - 2010-05-23 05:35 - 004068864 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2017-09-28 23:37 - 2010-05-23 05:35 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll 2017-09-28 23:37 - 2010-05-23 05:35 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2017-09-28 23:34 - 2010-03-04 01:32 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2017-09-28 23:06 - 2011-01-26 03:53 - 000982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2017-09-28 23:06 - 2011-01-26 03:53 - 000265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2017-09-28 23:06 - 2011-01-26 03:31 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2017-09-28 23:06 - 2010-11-02 02:18 - 000662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2017-09-28 23:06 - 2010-11-02 02:18 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2017-09-28 23:06 - 2010-11-02 02:18 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll 2017-09-28 23:06 - 2010-11-02 02:12 - 001837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2017-09-28 23:06 - 2010-11-02 02:12 - 001540608 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2017-09-28 23:06 - 2010-11-02 02:12 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2017-09-28 23:06 - 2010-11-02 02:12 - 000902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2017-09-28 23:06 - 2010-11-02 02:12 - 000320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2017-09-28 23:06 - 2010-11-02 02:12 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2017-09-28 23:06 - 2010-11-02 01:41 - 000442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2017-09-28 23:06 - 2010-11-02 01:41 - 000283648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2017-09-28 23:06 - 2010-11-02 01:41 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll 2017-09-28 23:06 - 2010-11-02 01:35 - 001170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2017-09-28 23:06 - 2010-11-02 01:35 - 001074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2017-09-28 23:06 - 2010-11-02 01:35 - 000739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2017-09-28 23:06 - 2010-11-02 01:35 - 000218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2017-09-28 23:06 - 2010-11-02 01:35 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2017-09-28 23:06 - 2010-06-26 02:31 - 001863680 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2017-09-28 23:06 - 2010-06-26 02:14 - 001495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2017-09-28 23:05 - 2015-03-19 00:07 - 005503416 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-09-28 23:05 - 2015-03-18 23:57 - 003963320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2017-09-28 23:05 - 2015-03-18 23:57 - 003908024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2017-09-28 23:05 - 2014-09-14 21:44 - 003195392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-09-28 23:05 - 2013-03-19 02:54 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2017-09-28 23:05 - 2013-03-19 01:53 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2017-09-28 23:05 - 2013-03-19 00:19 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2017-09-28 23:05 - 2010-12-21 03:16 - 001197056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-09-28 23:05 - 2010-12-21 03:16 - 000442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2017-09-28 23:05 - 2010-12-21 03:16 - 000258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2017-09-28 23:05 - 2010-12-21 03:16 - 000097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll 2017-09-28 23:05 - 2010-12-21 03:16 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll 2017-09-28 23:05 - 2010-12-21 03:15 - 001498112 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-09-28 23:05 - 2010-12-21 03:15 - 000264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll 2017-09-28 23:05 - 2010-12-21 03:15 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll 2017-09-28 23:05 - 2010-12-21 03:13 - 002003968 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2017-09-28 23:05 - 2010-12-21 03:13 - 001880576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2017-09-28 23:05 - 2010-12-21 03:11 - 012369408 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-09-28 23:05 - 2010-12-21 03:10 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2017-09-28 23:05 - 2010-12-21 02:38 - 001228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-09-28 23:05 - 2010-12-21 02:38 - 000981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-09-28 23:05 - 2010-12-21 02:38 - 000350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2017-09-28 23:05 - 2010-12-21 02:38 - 000204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2017-09-28 23:05 - 2010-12-21 02:38 - 000204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll 2017-09-28 23:05 - 2010-12-21 02:38 - 000051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll 2017-09-28 23:05 - 2010-12-21 02:38 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll 2017-09-28 23:05 - 2010-12-21 02:36 - 001389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2017-09-28 23:05 - 2010-12-21 02:36 - 001236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2017-09-28 23:05 - 2010-12-21 02:35 - 010989056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-09-28 23:05 - 2010-12-21 02:34 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2017-09-28 23:05 - 2010-11-04 03:31 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2017-09-28 23:05 - 2010-11-04 03:31 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2017-09-28 23:05 - 2010-11-04 02:48 - 000176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2017-09-28 23:05 - 2010-11-04 02:48 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2017-09-28 23:05 - 2010-02-18 05:07 - 014163456 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2017-09-28 23:05 - 2010-02-18 04:34 - 012867072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2017-09-28 23:05 - 2010-01-19 06:05 - 000424960 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2017-09-28 23:05 - 2010-01-19 06:05 - 000422912 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2017-09-28 23:05 - 2010-01-19 06:05 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2017-09-28 23:05 - 2010-01-19 06:05 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2017-09-28 23:05 - 2010-01-19 06:00 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2017-09-28 23:05 - 2010-01-19 06:00 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2017-09-28 23:05 - 2010-01-19 06:00 - 000306688 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2017-09-28 23:05 - 2010-01-19 06:00 - 000305152 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2017-09-28 23:05 - 2010-01-18 20:29 - 000369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2017-09-28 23:05 - 2010-01-18 20:29 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2017-09-28 23:05 - 2010-01-18 20:29 - 000085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2017-09-28 23:05 - 2010-01-18 20:29 - 000085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2017-09-28 23:05 - 2010-01-18 20:28 - 000324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2017-09-28 23:05 - 2010-01-18 20:28 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2017-09-28 23:05 - 2010-01-18 20:28 - 000280064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2017-09-28 23:05 - 2010-01-18 20:28 - 000277504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2017-09-28 23:05 - 2009-12-11 07:29 - 000153160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2017-09-28 23:05 - 2009-12-11 06:24 - 001446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-09-28 23:05 - 2009-12-11 04:39 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2017-09-28 23:05 - 2009-12-11 04:36 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2017-09-28 23:05 - 2009-10-31 03:34 - 002870272 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2017-09-28 23:05 - 2009-10-31 02:45 - 002614272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2017-09-28 23:05 - 2009-10-28 03:24 - 000389632 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2017-09-28 23:04 - 2011-04-09 03:58 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2017-09-28 23:04 - 2011-04-09 02:56 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2017-09-28 23:04 - 2010-03-24 03:59 - 001736608 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2017-09-28 23:04 - 2010-03-24 03:37 - 001289528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2017-09-28 23:03 - 2016-06-25 13:03 - 000304128 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe 2017-09-28 23:03 - 2012-09-06 14:38 - 000295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2017-09-28 22:44 - 2017-09-28 22:44 - 001034556 _____ C:\Users\Senhor(a)\Downloads\Windows6.1-KB2999226-x64 (1).msu 2017-09-28 22:42 - 2017-09-28 22:42 - 000313366 _____ C:\Users\Senhor(a)\Downloads\WindowsUpdate.diagcab 2017-09-28 22:41 - 2017-09-28 22:41 - 001005170 _____ C:\Users\Senhor(a)\Downloads\Windows8.1-KB2999226-x64 (1).msu 2017-09-28 22:40 - 2017-09-28 22:40 - 000629006 _____ C:\Users\Senhor(a)\Downloads\Windows6.1-KB2999226-x86.msu 2017-09-28 22:39 - 2017-09-28 22:39 - 001034556 _____ C:\Users\Senhor(a)\Downloads\Windows6.1-KB2999226-x64.msu 2017-09-28 22:07 - 2017-09-28 22:17 - 000001239 _____ C:\Users\Public\Desktop\Pro Evolution Soccer 2018.lnk 2017-09-28 22:07 - 2017-09-28 22:07 - 000001248 _____ C:\Users\Public\Desktop\Pro Evolution Soccer 2018 - Settings.lnk 2017-09-28 22:07 - 2017-09-28 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Evolution Soccer 2018 2017-09-28 21:43 - 2017-09-28 22:17 - 000000000 ____D C:\Program Files (x86)\Pro Evolution Soccer 2018 2017-09-28 21:39 - 2017-09-28 21:39 - 000003461 _____ C:\Users\Senhor(a)\Downloads\api-ms-win-crt-convert-l1-1-0 (4).zip 2017-09-28 21:39 - 2016-08-10 10:40 - 000007168 _____ (Microsoft Corporation) C:\Users\Senhor(a)\Desktop\api-ms-win-crt-convert-l1-1-0.dll 2017-09-28 21:35 - 2017-05-22 14:26 - 000022208 _____ (Microsoft Corporation) C:\Users\Senhor(a)\Downloads\api-ms-win-crt-convert-l1-1-0(4).dll 2017-09-28 21:35 - 2016-10-12 09:09 - 000001983 _____ C:\Users\Senhor(a)\Downloads\README.txt 2017-09-28 21:35 - 2016-10-12 09:09 - 000001983 _____ C:\Users\Senhor(a)\Downloads\README(4).txt 2017-09-28 21:35 - 2016-10-12 09:09 - 000001983 _____ C:\Users\Senhor(a)\Downloads\README(3).txt 2017-09-28 21:35 - 2016-10-12 09:09 - 000001983 _____ C:\Users\Senhor(a)\Downloads\README(2).txt 2017-09-28 21:35 - 2016-10-12 09:09 - 000001983 _____ C:\Users\Senhor(a)\Downloads\README(1).txt 2017-09-28 21:35 - 2016-09-30 17:19 - 000022720 _____ (Microsoft Corporation) C:\Users\Senhor(a)\Downloads\api-ms-win-crt-convert-l1-1-0(3).dll 2017-09-28 21:35 - 2016-08-10 10:42 - 000007168 _____ (Microsoft Corporation) C:\Users\Senhor(a)\Downloads\api-ms-win-crt-convert-l1-1-0.dll 2017-09-28 21:35 - 2016-08-10 10:40 - 000015712 _____ (Microsoft Corporation) C:\Users\Senhor(a)\Downloads\api-ms-win-crt-convert-l1-1-0(1).dll 2017-09-28 21:35 - 2016-08-10 10:40 - 000007168 _____ (Microsoft Corporation) C:\Users\Senhor(a)\Downloads\api-ms-win-crt-convert-l1-1-0(2).dll 2017-09-28 21:34 - 2017-09-28 21:34 - 000008939 _____ C:\Users\Senhor(a)\Downloads\api-ms-win-crt-convert-l1-1-0 (1).zip 2017-09-28 21:34 - 2017-09-28 21:34 - 000003461 _____ C:\Users\Senhor(a)\Downloads\api-ms-win-crt-convert-l1-1-0 (2).zip 2017-09-28 21:34 - 2017-09-28 21:34 - 000003459 _____ C:\Users\Senhor(a)\Downloads\api-ms-win-crt-convert-l1-1-0 (3).zip 2017-09-28 21:25 - 2015-07-17 08:06 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2017-09-28 21:25 - 2015-07-17 08:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2017-09-28 21:23 - 2017-09-28 21:23 - 001005170 _____ C:\Users\Senhor(a)\Downloads\Windows8.1-KB2999226-x64.msu 2017-09-28 21:21 - 2017-09-28 21:21 - 000003461 _____ C:\Users\Senhor(a)\Downloads\api-ms-win-crt-convert-l1-1-0.zip 2017-09-28 18:22 - 2017-09-22 12:29 - 000041984 _____ C:\Users\Senhor(a)\Downloads\steam_api64.dll 2017-09-28 18:22 - 2017-09-21 14:03 - 000000114 _____ C:\Users\Senhor(a)\Downloads\CPY.ini 2017-09-28 18:22 - 2017-09-19 09:03 - 208388608 _____ (Konami Digital Entertainment Co., Ltd.) C:\Users\Senhor(a)\Downloads\PES2018.exe 2017-09-28 18:22 - 2017-02-20 19:56 - 000014848 _____ C:\Users\Senhor(a)\Downloads\steamclient64.dll 2017-09-28 13:04 - 2017-09-28 13:04 - 001167698 _____ C:\Users\Senhor(a)\Downloads\Ins_Fl+2800933225588741478523698147221225282136282017.zip 2017-09-28 13:04 - 2017-09-28 13:04 - 000375706 _____ C:\Users\Senhor(a)\Downloads\lntll_f_la_x+956418918976518974651845.zip 2017-09-28 11:44 - 2017-09-28 11:44 - 005339106 _____ C:\Users\Senhor(a)\Desktop\Apresentação 3.pdf 2017-09-28 10:42 - 2017-09-28 10:42 - 005339106 _____ C:\Users\Senhor(a)\Downloads\Apresentação 3.pdf 2017-09-27 20:39 - 2017-09-28 09:31 - 000000000 ____D C:\Users\Senhor(a)\Downloads\Pro.Evolution.Soccer.2018-CPY 2017-09-27 20:39 - 2017-09-27 20:39 - 000000794 _____ C:\Users\Senhor(a)\Downloads\WILNOIA - Lista de Rastreadores.txt 2017-09-27 20:38 - 2017-09-27 20:38 - 000063477 _____ C:\Users\Senhor(a)\Downloads\Pes 2018.torrent 2017-09-27 12:35 - 2017-09-27 12:36 - 000000000 ____D C:\ce86d215e8c19eac37db583c4c8646 2017-09-27 12:34 - 2017-09-27 12:34 - 000047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys 2017-09-27 12:33 - 2017-09-27 12:34 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2017-09-27 12:33 - 2017-09-27 12:33 - 000030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2017-09-27 12:33 - 2017-09-27 12:33 - 000001773 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2017-09-27 12:33 - 2017-09-27 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2017-09-26 18:29 - 2017-09-26 18:30 - 000019951 _____ C:\Users\Senhor(a)\Downloads\WILNOIA - Crack CPY - Pro Evolution Soccer 2018.rar 2017-09-26 18:28 - 2017-09-27 20:33 - 000000000 ____D C:\Users\Senhor(a)\Downloads\cpy-pes2018 2017-09-26 17:59 - 2017-09-29 18:00 - 000000000 ____D C:\Users\Senhor(a)\AppData\LocalLow\uTorrent 2017-09-25 21:57 - 2017-09-25 21:57 - 000000000 ____D C:\Users\Senhor(a)\AppData\LocalLow\Unity 2017-09-25 21:54 - 2017-09-25 21:54 - 000000000 ____D C:\Users\Senhor(a)\AppData\LocalLow\SKS 2017-09-25 21:49 - 2017-09-26 12:55 - 000000000 ____D C:\Users\Senhor(a)\Desktop\The Forest 2017-09-25 20:54 - 2017-09-25 21:37 - 2291244246 _____ C:\Users\Senhor(a)\Desktop\The Forest 0.67.rar 2017-09-25 20:39 - 2017-09-25 20:39 - 000290512 _____ C:\Windows\Minidump\092517-16317-01.dmp 2017-09-25 19:13 - 2017-09-25 19:13 - 000282856 _____ C:\Windows\Minidump\092517-14773-01.dmp 2017-09-25 18:35 - 2017-09-25 18:35 - 000000857 _____ C:\Users\Senhor(a)\Desktop\µTorrent.lnk 2017-09-24 18:23 - 2017-09-24 18:23 - 000000000 ____D C:\Windows\system32\appmgmt 2017-09-23 19:50 - 2017-09-29 18:00 - 000028376 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys 2017-09-23 19:50 - 2017-09-23 19:50 - 000002912 _____ C:\Windows\System32\Tasks\Rerun Warsaw's CoreFixer 2017-09-23 19:50 - 2017-09-23 19:50 - 000000000 ___HD C:\Program Files (x86)\GAS Tecnologia 2017-09-23 19:50 - 2017-09-23 19:50 - 000000000 ___HD C:\Program Files (x86)\Diebold 2017-09-23 19:50 - 2016-11-07 14:54 - 000025184 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddprm.sys 2017-09-23 19:50 - 2016-06-16 18:43 - 000036984 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddntf.sys 2017-09-23 19:50 - 2016-06-16 18:43 - 000008811 _____ C:\Windows\system32\Drivers\wsddntf.cat 2017-09-23 19:50 - 2016-06-08 18:43 - 000025184 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys 2017-09-22 22:49 - 2017-09-22 22:50 - 000000000 ____D C:\Users\Senhor(a)\Desktop\raps 2017-09-22 22:23 - 2017-09-22 22:23 - 000001753 _____ C:\Users\Public\Desktop\iTunes.lnk 2017-09-22 22:23 - 2017-09-22 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2017-09-22 22:23 - 2012-10-03 16:14 - 000033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2017-09-22 22:21 - 2017-09-22 22:22 - 000000000 ____D C:\Users\Todos os Usuários\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2017-09-22 22:21 - 2017-09-22 22:22 - 000000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2017-09-22 22:21 - 2017-09-22 22:22 - 000000000 ____D C:\Program Files\iTunes 2017-09-22 22:21 - 2017-09-22 22:21 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2017-09-22 22:21 - 2017-09-22 22:21 - 000000000 ____D C:\Windows\System32\Tasks\Apple 2017-09-22 22:21 - 2017-09-22 22:21 - 000000000 ____D C:\Users\Todos os Usuários\Apple Computer 2017-09-22 22:21 - 2017-09-22 22:21 - 000000000 ____D C:\ProgramData\Apple Computer 2017-09-22 22:21 - 2017-09-22 22:21 - 000000000 ____D C:\Program Files\iPod 2017-09-22 22:21 - 2017-09-22 22:21 - 000000000 ____D C:\Program Files\Bonjour 2017-09-22 22:21 - 2017-09-22 22:21 - 000000000 ____D C:\Program Files (x86)\iTunes 2017-09-22 22:21 - 2017-09-22 22:21 - 000000000 ____D C:\Program Files (x86)\Bonjour 2017-09-22 22:21 - 2017-09-22 22:21 - 000000000 ____D C:\Program Files (x86)\Apple Software Update 2017-09-22 22:20 - 2017-09-22 22:21 - 000000000 ____D C:\Users\Todos os Usuários\Apple 2017-09-22 22:20 - 2017-09-22 22:21 - 000000000 ____D C:\ProgramData\Apple 2017-09-22 22:20 - 2017-09-22 22:21 - 000000000 ____D C:\Program Files\Common Files\Apple 2017-09-21 12:03 - 2017-09-21 12:03 - 000285752 _____ C:\Windows\Minidump\092117-14804-01.dmp 2017-09-20 19:17 - 2017-09-20 19:17 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-09-20 18:30 - 2017-03-06 20:43 - 000000000 ____D C:\Users\Senhor(a)\Desktop\EP Jé Santiago 2017-09-20 18:30 - 2017-03-06 20:43 - 000000000 ____D C:\Users\Senhor(a)\Desktop\__MACOSX 2017-09-20 13:04 - 2017-09-20 13:04 - 000101810 _____ C:\Users\Senhor(a)\Desktop\beat.flp 2017-09-20 12:38 - 2017-09-20 12:38 - 000000232 _____ C:\Users\Senhor(a)\Desktop\APB Reloaded.url 2017-09-19 22:37 - 2017-09-19 22:37 - 000073082 _____ C:\Users\Senhor(a)\Desktop\faixa1.flp 2017-09-19 22:09 - 2017-09-19 22:09 - 000072123 _____ C:\Users\Senhor(a)\Desktop\untitled.flp 2017-09-19 21:55 - 2017-09-19 21:55 - 000001946 _____ C:\Users\Public\Desktop\FL Studio 12 (64bit).lnk 2017-09-19 21:55 - 2017-09-19 21:55 - 000001932 _____ C:\Users\Public\Desktop\FL Studio 12.lnk 2017-09-19 21:55 - 2017-09-19 21:55 - 000001142 _____ C:\Users\Senhor(a)\Desktop\ASIO4ALL v2 Instruction Manual.lnk 2017-09-19 21:55 - 2017-09-19 21:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line 2017-09-19 21:55 - 2017-09-19 21:55 - 000000000 ____D C:\Program Files\Image-Line 2017-09-19 21:55 - 2017-09-19 21:55 - 000000000 ____D C:\Program Files\Common Files\VST2 2017-09-19 21:55 - 2017-09-19 21:55 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software 2017-09-19 21:55 - 2017-09-19 21:55 - 000000000 ____D C:\Program Files (x86)\VstPlugins 2017-09-19 21:55 - 2017-09-19 21:55 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2 2017-09-19 21:51 - 2017-09-19 21:55 - 000000000 ____D C:\Program Files (x86)\Image-Line 2017-09-16 23:47 - 2017-09-23 12:14 - 000001955 _____ C:\Users\Public\Desktop\ARK - Survival Evolved.lnk 2017-09-14 13:06 - 2017-09-14 13:06 - 000290688 _____ C:\Windows\Minidump\091417-15288-01.dmp 2017-09-10 18:55 - 2017-09-16 23:47 - 000000000 ____D C:\Games 2017-09-10 16:17 - 2017-09-10 16:17 - 000001087 _____ C:\Users\Senhor(a)\Desktop\MPC-HC.lnk 2017-09-10 16:17 - 2017-09-10 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC 2017-09-10 16:17 - 2017-09-10 16:17 - 000000000 ____D C:\Program Files (x86)\MPC-HC 2017-09-01 22:37 - 2016-11-18 17:11 - 000000708 _____ C:\Program Files (x86)\Como Instalar.txt 2017-09-01 22:37 - 2016-08-08 16:19 - 000000212 _____ C:\Program Files (x86)\CANAL DO PRATA.URL 2017-09-01 22:37 - 2016-08-08 16:13 - 000000212 _____ C:\Program Files (x86)\Rei dos TutorGamer.URL 2017-09-01 22:37 - 2016-04-12 19:58 - 000000000 ____D C:\Program Files (x86)\Data 2017-09-01 22:34 - 2016-10-20 09:54 - 293337286 _____ C:\Users\Senhor(a)\Desktop\dt41_bra_all.cpk 2017-09-01 21:23 - 2017-09-29 12:30 - 000000000 ____D C:\Windows\Minidump 2017-09-01 21:23 - 2017-09-01 21:23 - 000282344 _____ C:\Windows\Minidump\090117-68765-01.dmp 2017-09-01 21:10 - 2017-09-01 21:10 - 000000869 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2017-09-01 21:10 - 2017-09-01 21:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2017-09-01 21:10 - 2017-09-01 21:10 - 000000000 ____D C:\Program Files\CPUID 2017-08-31 21:47 - 2017-08-31 21:56 - 000000000 ____D C:\Program Files\NBA 2K16 2017-08-31 21:46 - 2016-08-11 11:24 - 000617536 _____ (Microsoft Corporation) C:\Windows\system\msvcp110.dll 2017-08-31 21:26 - 2016-10-12 09:09 - 000001983 _____ C:\Users\Senhor(a)\Desktop\README.txt ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-09-29 18:07 - 2009-07-14 01:45 - 000016848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-09-29 18:07 - 2009-07-14 01:45 - 000016848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-09-29 18:05 - 2017-07-22 16:15 - 000002898 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Senhor(a)) 2017-09-29 18:00 - 2017-08-21 17:12 - 000000000 ____D C:\Users\Todos os Usuários\GbPlugin 2017-09-29 18:00 - 2017-08-21 17:12 - 000000000 ____D C:\ProgramData\GbPlugin 2017-09-29 17:59 - 2017-08-21 17:12 - 000000000 ____D C:\Program Files (x86)\GbPlugin 2017-09-29 17:59 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-09-29 17:58 - 2017-07-26 11:02 - 000000000 ____D C:\Users\Todos os Usuários\DAEMON Tools Lite 2017-09-29 17:58 - 2017-07-26 11:02 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite 2017-09-29 17:58 - 2017-07-22 15:53 - 000000000 ____D C:\Users\Senhor(a) 2017-09-29 17:58 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\registration 2017-09-29 17:57 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\tracing 2017-09-29 17:54 - 2017-07-22 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2017-09-29 14:01 - 2017-07-22 17:31 - 000000000 ____D C:\Users\Todos os Usuários\Microsoft Help 2017-09-29 13:48 - 2009-07-14 01:45 - 000312808 _____ C:\Windows\system32\FNTCACHE.DAT 2017-09-29 13:40 - 2009-07-14 00:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2017-09-28 23:42 - 2017-07-22 16:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-09-28 09:02 - 2009-07-14 02:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-09-27 20:39 - 2017-08-05 14:13 - 000000000 ____D C:\Users\Senhor(a)\AppData\LocalLow\Temp 2017-09-27 18:44 - 2017-07-22 17:43 - 001594828 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2017-09-27 18:44 - 2009-07-14 14:55 - 000703976 _____ C:\Windows\system32\prfh0416.dat 2017-09-27 18:44 - 2009-07-14 14:55 - 000146282 _____ C:\Windows\system32\prfc0416.dat 2017-09-27 18:44 - 2009-07-14 02:13 - 001594828 _____ C:\Windows\system32\PerfStringBackup.INI 2017-09-27 18:44 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf 2017-09-27 12:31 - 2017-07-26 11:02 - 000000000 ____D C:\Program Files (x86)\DAEMON Tools Toolbar 2017-09-27 06:44 - 2017-07-22 16:46 - 000002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-09-27 06:44 - 2017-07-22 16:46 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-09-25 13:33 - 2017-07-29 11:03 - 000000000 ____D C:\Users\Senhor(a)\AppData\LocalLow\Mozilla 2017-09-24 18:23 - 2017-07-22 16:46 - 000000000 ____D C:\Program Files (x86)\Google 2017-09-24 12:44 - 2017-07-29 21:15 - 000000000 ____D C:\Program Files (x86)\Pro Evolution Soccer 2017 2017-09-07 15:40 - 2009-07-14 00:20 - 000000000 __RHD C:\Users\Public\Libraries 2017-09-03 10:21 - 2009-07-14 02:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD 2017-09-01 23:38 - 2017-08-12 23:17 - 000000000 ____D C:\Users\Senhor(a)\Desktop\games 2017-09-01 18:48 - 2017-07-30 20:12 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache 2017-09-01 18:48 - 2017-07-30 20:12 - 000000000 ____D C:\ProgramData\Package Cache 2017-08-31 21:46 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system ==================== Arquivos na raiz de alguns diretórios ======= 2017-09-01 22:37 - 2016-08-08 16:19 - 000000212 _____ () C:\Program Files (x86)\CANAL DO PRATA.URL 2017-09-01 22:37 - 2016-11-18 17:11 - 000000708 _____ () C:\Program Files (x86)\Como Instalar.txt 2017-09-01 22:37 - 2016-08-08 16:13 - 000000212 _____ () C:\Program Files (x86)\Rei dos TutorGamer.URL 2017-08-11 12:30 - 2017-08-11 12:30 - 000000000 ____H () C:\Users\Senhor(a)\AppData\Local\BIT2FC.tmp 2017-08-11 12:30 - 2017-08-11 12:30 - 000000000 _____ () C:\Users\Senhor(a)\AppData\Local\{1004DE41-E804-440F-B522-66D21DE8B1DB} 2017-08-08 21:38 - 2017-08-08 21:38 - 000000000 _____ () C:\Users\Senhor(a)\AppData\Local\{87B32757-7542-4AB3-8613-B2449D9A212C} 2017-07-22 16:34 - 2017-07-22 16:34 - 000000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente C:\Windows\system32\drivers\sptd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATENÇÃO LastRegBack: 2017-09-22 19:24 ==================== Fim de FRST.txt ============================