Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 20.01.2019
Executado por User (administrador) em DESKTOP-OKRJ2ON (25-01-2019 08:52:32)
Executando a partir de C:\Users\User\Downloads
Perfis Carregados: User (Perfis Disponíveis: User)
Platform: Windows 10 Pro Versão 1803 17134.48 (X64) Idioma: Português (Brasil)
Navegador padrão: Edge
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Windows\KMS-R@1n.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxTsr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
(Zbshareware Lab) C:\Program Files (x86)\USB Disk Security\USBGuard.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\updates\3.5.5_44994\utorrentie.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\updates\3.5.5_44994\utorrentie.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Windows\KMS-R@1nhook.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\User\AppData\Local\Google\Chrome\User Data\SwReporter\37.187.200\software_reporter_tool.exe
(Google) C:\Users\User\AppData\Local\Google\Chrome\User Data\SwReporter\37.187.200\software_reporter_tool.exe
(Google) C:\Users\User\AppData\Local\Google\Chrome\User Data\SwReporter\37.187.200\software_reporter_tool.exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-24] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-28] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-19] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB Security] => C:\Program Files (x86)\USB Disk Security\USBGuard.exe [623520 2011-01-31] (Zbshareware Lab)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-24] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-2514360998-3876603186-3472074485-1001\...\Run: [uTorrent] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [1912760 2019-01-24] (BitTorrent Inc.)
HKU\S-1-5-21-2514360998-3876603186-3472074485-1001\...\Run: [AdobeBridge] => [X]
HKLM\...\Drivers32-x32: [VIDC.DIVX] => C:\Windows\SysWOW64\divx.dll [685056 2009-07-13] (DivX, Inc.)
HKLM\...\Drivers32-x32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [205824 2009-05-29] ()
HKLM\...\Drivers32-x32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [217088 2004-01-25] (www.helixcommunity.org)
HKLM\...\Drivers32-x32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2010-01-17] (fccHandler)
HKLM\...\Drivers32-x32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/)
HKLM\...\Drivers32-x32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [85504 2010-03-14] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-25] (Google Inc.)
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shortcut to Primary output from Start (Active).lnk [2019-01-24]
ShortcutTarget: Shortcut to Primary output from Start (Active).lnk -> C:\Users\User\AppData\Roaming\Microsoft\Installer\{AFBD847D-108D-4A33-BA7E-2BC8DC102E30}\_735B3A73D9E16CBCB46A6A.exe ()
GroupPolicy: Restrição ? <==== ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2b8b4bc5-fc9b-4ebc-a78a-fa0cd2bf412b}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2514360998-3876603186-3472074485-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-24] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2019-01-24] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2019-01-24] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2019-01-24] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-01-24] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2019-01-24] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2019-01-24] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2019-01-24] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-24] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-24] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-24] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-24] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2019-01-24] ()
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2019-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2019-01-24] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2019-01-24] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2019-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2019-01-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-01-24] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.709 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2010-03-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.709 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2010-03-14] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2019-01-25]
CHR Extension: (Apresentações) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-25]
CHR Extension: (Documentos) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-25]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-25]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-25]
CHR Extension: (Planilhas) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-25]
CHR Extension: (Documentos Google off-line) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-25]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-25]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-25]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-25]

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-24] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-24] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-01-24] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-16] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328608 2015-07-30] (Intel Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2019-01-24] () [Arquivo não assinado]
R2 NWRkMjI2Zj; C:\Windows\mblcdjij.mbl [1524736 2019-01-24] () [Arquivo não assinado]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
S3 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-28] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-11] (Microsoft Corporation)
S3 NMIndexingService; "C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe" [X]

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-24] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-24] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-24] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-24] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-24] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-24] (AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-01-24] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-24] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-24] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-24] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-24] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-24] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-24] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-24] (AVAST Software)
R3 HpqKbFiltr; C:\Windows\System32\drivers\HpqKbFiltr64.sys [37112 2015-06-17] (Hewlett-Packard Company)
R3 netr28x; C:\Windows\System32\drivers\netr28x.sys [2537984 2018-04-11] (MediaTek Inc.)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-29] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-11] (Realtek )
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-28] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP)
R1 Mjk0NzF; \??\C:\Windows\system32\drivers\Mjk0NzF [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três meses (criados) ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2019-01-25 08:52 - 2019-01-25 08:53 - 000020516 _____ C:\Users\User\Downloads\FRST.txt
2019-01-25 08:52 - 2019-01-25 08:52 - 000000000 ____D C:\FRST
2019-01-25 08:51 - 2019-01-25 08:51 - 002428416 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2019-01-25 00:55 - 2019-01-25 00:55 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-25 00:54 - 2019-01-25 00:54 - 000003588 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-25 00:54 - 2019-01-25 00:54 - 000003464 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-25 00:05 - 2019-01-25 00:05 - 000000132 _____ C:\Users\User\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2019-01-24 23:33 - 2019-01-24 23:33 - 000471186 _____ C:\Users\User\Downloads\pt_BR.rar
2019-01-24 23:33 - 2019-01-24 23:33 - 000000000 ____D C:\Users\User\Downloads\pt_BR
2019-01-24 23:02 - 2019-01-24 23:02 - 000001120 _____ C:\Users\User\Desktop\Adobe Photoshop CS6 (64 Bit).lnk
2019-01-24 22:31 - 2019-01-24 22:31 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2019-01-24 22:31 - 2019-01-24 22:31 - 000000000 ____D C:\Users\Todos os Usuários\regid.1986-12.com.adobe
2019-01-24 22:31 - 2019-01-24 22:31 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-01-24 22:30 - 2019-01-24 22:31 - 000000000 ____D C:\Program Files\Adobe
2019-01-24 22:30 - 2019-01-24 22:30 - 000001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2019-01-24 22:27 - 2019-01-24 22:27 - 000001600 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2019-01-24 22:27 - 2019-01-24 22:27 - 000001430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2019-01-24 22:23 - 2019-01-25 00:32 - 000000000 ____D C:\Users\User\Desktop\modelos
2019-01-24 22:23 - 2019-01-24 22:31 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-01-24 22:14 - 2019-01-24 22:14 - 000000000 ____D C:\Users\User\AppData\Roaming\Macromedia
2019-01-24 22:06 - 2018-08-08 10:40 - 000000010 _____ C:\Users\User\Downloads\SENHA= 123
2019-01-24 22:00 - 2019-01-25 08:43 - 000000000 ____D C:\Users\User\AppData\LocalLow\uTorrent
2019-01-24 21:52 - 2019-01-25 08:44 - 000000004 _____ C:\Users\Todos os Usuários\lock.dat
2019-01-24 21:52 - 2019-01-25 08:44 - 000000004 _____ C:\ProgramData\lock.dat
2019-01-24 21:52 - 2019-01-25 00:44 - 000000012 _____ C:\Users\Todos os Usuários\irw.atsd
2019-01-24 21:52 - 2019-01-25 00:44 - 000000012 _____ C:\ProgramData\irw.atsd
2019-01-24 21:52 - 2019-01-24 21:52 - 000000008 _____ C:\Users\Todos os Usuários\ts.dat
2019-01-24 21:52 - 2019-01-24 21:52 - 000000008 _____ C:\ProgramData\ts.dat
2019-01-24 19:19 - 2019-01-24 19:19 - 000000000 ___HD C:\$AV_ASW
2019-01-24 19:18 - 2019-01-25 00:21 - 000000000 ____D C:\Windows\SysWOW64\SSL
2019-01-24 19:18 - 2019-01-24 19:18 - 001524736 _____ C:\Windows\mblcdjij.mbl
2019-01-24 19:17 - 2019-01-24 23:01 - 000000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2019-01-24 19:17 - 2019-01-24 23:01 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-01-24 19:17 - 2019-01-24 21:52 - 000000000 ____D C:\Users\User\AppData\Local\WhiteClick
2019-01-24 19:17 - 2019-01-24 21:40 - 000000000 ____D C:\Users\User\Downloads\Adobe Photoshop CS6 13.0.1 Final  Multilanguage (cracked dll) [ChingLiu]
2019-01-24 19:14 - 2019-01-25 08:45 - 000000000 ____D C:\Users\Todos os Usuários\localNETService
2019-01-24 19:14 - 2019-01-25 08:45 - 000000000 ____D C:\ProgramData\localNETService
2019-01-24 19:11 - 2019-01-25 08:53 - 000000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2019-01-24 19:11 - 2019-01-24 19:11 - 000000895 _____ C:\Users\User\Desktop\µTorrent.lnk
2019-01-24 19:11 - 2019-01-24 19:11 - 000000875 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2019-01-24 19:11 - 2019-01-24 19:11 - 000000000 ____D C:\Users\Todos os Usuários\{CE3250D8-129B-4155-E30F-D6CDE3E88F9C}
2019-01-24 19:11 - 2019-01-24 19:11 - 000000000 ____D C:\Users\Todos os Usuários\{0632BFAC-FDEF-8955-97E0-D60597078F54}
2019-01-24 19:11 - 2019-01-24 19:11 - 000000000 ____D C:\ProgramData\{CE3250D8-129B-4155-E30F-D6CDE3E88F9C}
2019-01-24 19:11 - 2019-01-24 19:11 - 000000000 ____D C:\ProgramData\{0632BFAC-FDEF-8955-97E0-D60597078F54}
2019-01-24 19:07 - 2019-01-24 19:39 - 000000000 ____D C:\Users\User\Downloads\u_Pro_3_5_Crack_Completo_em_Portugus_BR_SENHA_123
2019-01-24 16:34 - 2019-01-24 16:34 - 000000000 ____D C:\Users\User\AppData\Roaming\Media Player Classic
2019-01-24 16:09 - 2019-01-24 16:09 - 000003376 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2514360998-3876603186-3472074485-1001
2019-01-24 15:48 - 2019-01-24 15:48 - 000000000 ____D C:\Users\User\Documents\Modelos Personalizados do Office
2019-01-24 15:29 - 2019-01-24 15:30 - 000000000 ____D C:\Users\User\AppData\Local\OfficeBSCache-OD-larissasousao@msn.com
2019-01-24 15:21 - 2019-01-24 15:21 - 017559994 _____ C:\Users\User\Downloads\EaseUS Data Recovery Wizard 9.5.rar
2019-01-24 15:21 - 2019-01-24 15:21 - 000000000 ____D C:\Users\User\Downloads\EaseUS Data Recovery Wizard 9.5
2019-01-24 14:47 - 2019-01-24 14:47 - 000000000 ___HD C:\Users\User\MicrosoftEdgeBackups
2019-01-24 14:46 - 2019-01-24 14:46 - 000001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2019-01-24 14:46 - 2019-01-24 14:46 - 000000000 ____D C:\Users\User\Downloads\Revo Uninstaller Pro 3.2.0.0
2019-01-24 14:46 - 2019-01-24 14:46 - 000000000 ____D C:\Users\User\AppData\Local\VS Revo Group
2019-01-24 14:46 - 2019-01-24 14:46 - 000000000 ____D C:\Users\Todos os Usuários\VS Revo Group
2019-01-24 14:46 - 2019-01-24 14:46 - 000000000 ____D C:\ProgramData\VS Revo Group
2019-01-24 14:46 - 2019-01-24 14:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2019-01-24 14:46 - 2019-01-24 14:46 - 000000000 ____D C:\Program Files\VS Revo Group
2019-01-24 14:46 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2019-01-24 14:44 - 2019-01-24 14:44 - 011979642 _____ C:\Users\User\Downloads\Revo Uninstaller Pro 3.2.0.0.rar
2019-01-24 12:52 - 2018-04-10 21:11 - 002629120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0009.dll
2019-01-24 12:52 - 2018-04-10 21:10 - 005739008 _____ (Microsoft Corporation) C:\Windows\system32\prm0009.dll
2019-01-24 12:52 - 2018-04-10 21:09 - 002629120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2019-01-24 12:52 - 2018-04-10 21:06 - 005487616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0009.dll
2019-01-24 12:52 - 2018-04-10 21:02 - 006350848 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2019-01-24 12:42 - 2019-01-24 12:42 - 000000000 ____D C:\Users\User\AppData\Roaming\DRPNPS
2019-01-24 12:41 - 2019-01-24 12:41 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-24 12:38 - 2019-01-24 11:29 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-24 12:37 - 2019-01-24 12:37 - 000000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-24 12:33 - 2019-01-24 12:33 - 000000000 ____D C:\Users\User\.cache
2019-01-24 12:29 - 2019-01-24 12:29 - 000000000 ____D C:\Windows\system32\SRSLabs
2019-01-24 12:29 - 2012-08-19 21:45 - 006085632 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2019-01-24 12:29 - 2012-08-19 21:45 - 001821184 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl
2019-01-24 12:29 - 2012-08-19 21:45 - 001664000 _____ (IDT, Inc.) C:\Windows\sttray64.exe
2019-01-24 12:29 - 2011-05-02 14:27 - 003308376 _____ (Dolby Laboratories) C:\Windows\system32\EEP64A.dll
2019-01-24 12:29 - 2011-05-02 14:27 - 000426328 _____ (Dolby Laboratories) C:\Windows\system32\EED64A.dll
2019-01-24 12:29 - 2011-05-02 14:27 - 000136024 _____ (Dolby Laboratories) C:\Windows\system32\EEL64A.dll
2019-01-24 12:29 - 2011-05-02 14:27 - 000118104 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2019-01-24 12:28 - 2019-01-24 12:31 - 000000000 ____D C:\Users\User\AppData\Roaming\DRPSu
2019-01-24 12:28 - 2019-01-24 12:30 - 000000000 ____D C:\Program Files\IDT
2019-01-24 12:28 - 2019-01-24 12:28 - 000000000 ____D C:\swsetup
2019-01-24 12:28 - 2012-08-19 21:45 - 002188800 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2019-01-24 12:28 - 2012-08-19 21:45 - 000671744 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2019-01-24 12:28 - 2012-08-19 21:45 - 000542208 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2019-01-24 12:28 - 2012-08-19 21:45 - 000499200 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2019-01-24 12:28 - 2012-08-19 21:45 - 000255488 _____ (IDT, Inc.) C:\Windows\system32\st646425.dll
2019-01-24 11:39 - 2019-01-24 11:39 - 001049360 _____ (DriverPack Solution) C:\Users\User\Downloads\DriverPack-17-Online_catalog.exe
2019-01-24 11:39 - 2019-01-24 11:39 - 000000000 ____D C:\Users\User\Downloads\DriverPack-17-Online_catalog
2019-01-24 11:35 - 2019-01-24 11:41 - 045376856 _____ (Hewlett-Packard ) C:\Users\User\Downloads\sp59802.exe
2019-01-24 11:31 - 2019-01-25 00:44 - 000000000 ____D C:\Users\User\AppData\Local\Adobe
2019-01-24 11:31 - 2019-01-24 11:31 - 000000000 ____D C:\Users\User\AppData\Roaming\Ahead
2019-01-24 11:31 - 2019-01-24 11:31 - 000000000 ____D C:\Users\User\AppData\LocalLow\Adobe
2019-01-24 11:30 - 2019-01-24 11:29 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-24 11:30 - 2019-01-24 11:29 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-24 11:30 - 2019-01-24 11:29 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-24 11:30 - 2019-01-24 11:29 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-24 11:30 - 2019-01-24 11:29 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-24 11:29 - 2019-01-24 11:29 - 000000000 ____D C:\Users\User\AppData\Roaming\Zbshareware Lab
2019-01-24 11:29 - 2019-01-24 11:29 - 000000000 ____D C:\Users\User\AppData\Local\DBG
2019-01-24 11:29 - 2019-01-24 11:29 - 000000000 ____D C:\Users\Todos os Usuários\Zbshareware Lab
2019-01-24 11:29 - 2019-01-24 11:29 - 000000000 ____D C:\ProgramData\Zbshareware Lab
2019-01-24 11:28 - 2019-01-25 08:43 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2019-01-24 11:28 - 2019-01-24 11:28 - 000000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2019-01-24 11:28 - 2019-01-24 11:28 - 000000000 ____D C:\Users\User\AppData\Roaming\Synaptics
2019-01-24 11:28 - 2019-01-24 11:28 - 000000000 ____D C:\Users\Todos os Usuários\Synaptics
2019-01-24 11:28 - 2019-01-24 11:28 - 000000000 ____D C:\ProgramData\Synaptics
2019-01-24 11:25 - 2019-01-24 22:17 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2019-01-24 11:22 - 2019-01-24 16:51 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2019-01-24 11:21 - 2019-01-24 11:21 - 000000000 ____D C:\Users\User\AppData\Roaming\AVAST Software
2019-01-24 11:21 - 2019-01-24 11:21 - 000000000 ____D C:\Users\User\AppData\Local\CEF
2019-01-24 11:21 - 2019-01-24 10:28 - 000000000 ____D C:\Windows\Panther
2019-01-24 11:20 - 2019-01-24 12:41 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-01-24 11:20 - 2019-01-24 12:41 - 000002076 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-24 11:20 - 2019-01-24 11:20 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2019-01-24 11:20 - 2019-01-24 11:20 - 000002096 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2019-01-24 11:20 - 2019-01-24 11:20 - 000000000 ____D C:\Windows\SysWOW64\sda
2019-01-24 11:20 - 2019-01-24 11:20 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-01-24 11:19 - 2019-01-24 22:31 - 000000000 ____D C:\Users\Todos os Usuários\Adobe
2019-01-24 11:19 - 2019-01-24 22:31 - 000000000 ____D C:\ProgramData\Adobe
2019-01-24 11:19 - 2019-01-24 22:30 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-01-24 11:19 - 2019-01-24 12:40 - 000003990 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-24 11:19 - 2019-01-24 11:19 - 000000000 ____D C:\Program Files\Intel
2019-01-24 11:19 - 2019-01-24 11:19 - 000000000 ____D C:\Program Files (x86)\Intel
2019-01-24 11:19 - 2019-01-24 11:19 - 000000000 ____D C:\Intel
2019-01-24 11:19 - 2015-07-30 22:45 - 000072688 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2019-01-24 11:18 - 2019-01-24 11:31 - 000000000 ____D C:\Users\User\AppData\Local\Ahead
2019-01-24 11:17 - 2019-01-24 12:41 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-24 11:17 - 2019-01-24 11:29 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-24 11:17 - 2019-01-24 11:29 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-24 11:17 - 2019-01-24 11:29 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-24 11:17 - 2019-01-24 11:29 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-24 11:17 - 2019-01-24 11:29 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-24 11:17 - 2019-01-24 11:29 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-24 11:17 - 2019-01-24 11:29 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-24 11:17 - 2019-01-24 11:29 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-24 11:17 - 2019-01-24 11:29 - 000015488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2019-01-24 11:17 - 2019-01-24 11:17 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-01-24 11:16 - 2019-01-24 11:16 - 000000000 ____D C:\Users\Todos os Usuários\Ahead
2019-01-24 11:16 - 2019-01-24 11:16 - 000000000 ____D C:\ProgramData\Ahead
2019-01-24 11:14 - 2019-01-24 11:14 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2019-01-24 11:14 - 2019-01-24 11:14 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2019-01-24 11:14 - 2019-01-24 11:14 - 000000000 ____D C:\Program Files\Synaptics
2019-01-24 11:14 - 2019-01-24 11:14 - 000000000 ____D C:\MyWorks
2019-01-24 11:14 - 2016-04-28 00:53 - 000052904 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2019-01-24 11:14 - 2007-01-08 22:17 - 000027168 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2019-01-24 11:14 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2019-01-24 11:14 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2019-01-24 11:13 - 2019-01-24 11:13 - 000000000 ____D C:\Program Files\AVAST Software
2019-01-24 11:12 - 2019-01-24 21:56 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-01-24 11:12 - 2019-01-24 21:56 - 000000000 ____D C:\Program Files (x86)\CyberLink
2019-01-24 11:12 - 2019-01-24 11:17 - 000000000 ____D C:\Users\Todos os Usuários\AVAST Software
2019-01-24 11:12 - 2019-01-24 11:17 - 000000000 ____D C:\ProgramData\AVAST Software
2019-01-24 11:11 - 2019-01-24 11:11 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2019-01-24 11:11 - 2019-01-24 11:08 - 000110968 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2019-01-24 11:10 - 2019-01-24 11:10 - 000000000 ____D C:\Program Files (x86)\Java
2019-01-24 11:09 - 2019-01-25 00:55 - 000000000 ____D C:\Users\User\AppData\Local\Google
2019-01-24 11:09 - 2019-01-25 00:55 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-24 11:09 - 2019-01-24 11:29 - 000000000 ____D C:\Program Files (x86)\USB Disk Security
2019-01-24 11:09 - 2019-01-24 11:09 - 000001143 _____ C:\Users\Public\Desktop\USB Disk Security.lnk
2019-01-24 11:09 - 2019-01-24 11:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security
2019-01-24 11:08 - 2019-01-24 11:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-01-24 11:08 - 2019-01-24 11:08 - 000110968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2019-01-24 11:08 - 2019-01-24 11:08 - 000000000 ____D C:\Users\User\AppData\Roaming\Sun
2019-01-24 11:08 - 2019-01-24 11:08 - 000000000 ____D C:\Users\User\AppData\LocalLow\Sun
2019-01-24 11:08 - 2019-01-24 11:08 - 000000000 ____D C:\Users\User\AppData\Local\mpress
2019-01-24 11:08 - 2019-01-24 11:08 - 000000000 ____D C:\Users\Todos os Usuários\Oracle
2019-01-24 11:08 - 2019-01-24 11:08 - 000000000 ____D C:\ProgramData\Oracle
2019-01-24 11:08 - 2019-01-24 11:08 - 000000000 ____D C:\Program Files\Java
2019-01-24 11:07 - 2019-01-24 11:08 - 000000000 ____D C:\Windows\System32\Tasks\R@1n-KMS
2019-01-24 11:07 - 2019-01-24 11:07 - 000026112 _____ C:\Windows\KMS-R@1n.exe
2019-01-24 11:07 - 2019-01-24 11:07 - 000004608 _____ C:\Windows\KMS-R@1nhook.exe
2019-01-24 11:07 - 2019-01-24 11:07 - 000003584 _____ C:\Windows\KMS-QADhook.dll
2019-01-24 11:07 - 2019-01-24 11:07 - 000000000 ____D C:\Users\User\AppData\Roaming\WinRAR
2019-01-24 11:07 - 2019-01-24 11:07 - 000000000 ____D C:\Users\User\AppData\Local\PeerDistRepub
2019-01-24 11:01 - 2019-01-24 11:01 - 000002525 _____ C:\Users\User\Desktop\Word 2016.lnk
2019-01-24 11:01 - 2019-01-24 11:01 - 000002471 _____ C:\Users\User\Desktop\Excel 2016.lnk
2019-01-24 10:55 - 2019-01-24 14:56 - 000000000 ____D C:\Users\User\AppData\Roaming\Mozilla
2019-01-24 10:55 - 2019-01-24 10:56 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2019-01-24 10:54 - 2019-01-24 10:54 - 000000000 ____D C:\Users\User\AppData\Roaming\Softland
2019-01-24 10:54 - 2019-01-24 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7
2019-01-24 10:54 - 2019-01-24 10:54 - 000000000 ____D C:\Program Files\Softland
2019-01-24 10:54 - 2011-07-26 15:13 - 000024912 _____ (Softland) C:\Windows\system32\dopdfmn7.dll
2019-01-24 10:54 - 2011-07-26 15:13 - 000021328 _____ (Softland) C:\Windows\system32\dopdfmi7.dll
2019-01-24 10:54 - 2010-11-25 12:17 - 000007549 _____ C:\Windows\system32\dopdf7.ctm
2019-01-24 10:53 - 2019-01-24 10:53 - 000002578 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2019-01-24 10:53 - 2019-01-24 10:53 - 000002536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2019-01-24 10:53 - 2019-01-24 10:53 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2019-01-24 10:53 - 2019-01-24 10:53 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2019-01-24 10:53 - 2019-01-24 10:53 - 000002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2019-01-24 10:53 - 2019-01-24 10:53 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2019-01-24 10:53 - 2019-01-24 10:53 - 000002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-01-24 10:53 - 2019-01-24 10:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2019-01-24 10:53 - 2019-01-24 10:53 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2019-01-24 10:53 - 2019-01-24 10:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2019-01-24 10:52 - 2019-01-24 10:52 - 000000000 ____D C:\Users\User\Tracing
2019-01-24 10:51 - 2019-01-24 10:51 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache
2019-01-24 10:51 - 2019-01-24 10:51 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-24 10:49 - 2019-01-24 10:50 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2019-01-24 10:49 - 2019-01-24 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2019-01-24 10:49 - 2010-03-14 16:00 - 000278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2019-01-24 10:49 - 2010-03-14 16:00 - 000185920 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2019-01-24 10:49 - 2010-03-14 16:00 - 000085504 _____ C:\Windows\SysWOW64\ff_vfw.dll
2019-01-24 10:49 - 2010-03-14 16:00 - 000006656 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2019-01-24 10:49 - 2010-03-14 16:00 - 000005632 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2019-01-24 10:49 - 2010-03-14 16:00 - 000000038 _____ C:\Windows\avisplitter.ini
2019-01-24 10:49 - 2010-02-10 15:13 - 000165376 _____ C:\Windows\SysWOW64\unrar.dll
2019-01-24 10:49 - 2010-01-17 13:18 - 000151552 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2019-01-24 10:49 - 2009-07-13 22:15 - 000685056 _____ (DivX, Inc.) C:\Windows\SysWOW64\divx.dll
2019-01-24 10:49 - 2009-07-13 22:15 - 000090112 _____ (DivX, Inc.) C:\Windows\SysWOW64\dpl100.dll
2019-01-24 10:49 - 2009-05-29 19:37 - 000205824 _____ C:\Windows\SysWOW64\xvidvfw.dll
2019-01-24 10:49 - 2009-05-29 19:31 - 000881664 _____ C:\Windows\SysWOW64\xvidcore.dll
2019-01-24 10:49 - 2008-11-06 14:37 - 003596288 _____ C:\Windows\SysWOW64\qt-dx331.dll
2019-01-24 10:49 - 2008-10-03 10:30 - 000000414 _____ C:\Windows\SysWOW64\lame_acm.xml
2019-01-24 10:49 - 2008-09-24 16:41 - 000839680 _____ (hxxp://www.mp3dev.org/) C:\Windows\SysWOW64\lameACM.acm
2019-01-24 10:49 - 2007-07-10 14:10 - 000000547 _____ C:\Windows\SysWOW64\ff_vfw.dll.manifest
2019-01-24 10:49 - 2007-01-08 22:17 - 000502816 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2019-01-24 10:49 - 2004-01-25 14:18 - 000217088 _____ (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2019-01-24 10:49 - 2004-01-11 20:00 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2019-01-24 10:48 - 2019-01-24 10:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-01-24 10:48 - 2019-01-24 10:48 - 000001128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2019-01-24 10:48 - 2019-01-24 10:48 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-01-24 10:48 - 2019-01-24 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2019-01-24 10:48 - 2019-01-24 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-01-24 10:48 - 2019-01-24 10:48 - 000000000 ____D C:\Program Files\WinRAR
2019-01-24 10:48 - 2019-01-24 10:48 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-01-24 10:48 - 2019-01-24 10:48 - 000000000 ____D C:\Program Files (x86)\WinZip
2019-01-24 10:47 - 2019-01-25 08:46 - 000004182 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{29B85C5B-BED3-43A7-8678-1D3B5BA0AB0F}
2019-01-24 10:47 - 2019-01-24 10:47 - 000002326 __RSH C:\Users\Todos os Usuários\ntuser.pol
2019-01-24 10:47 - 2019-01-24 10:47 - 000002326 __RSH C:\ProgramData\ntuser.pol
2019-01-24 10:46 - 2019-01-24 10:46 - 000000000 ____D C:\Users\User\AppData\Local\Comms
2019-01-24 10:36 - 2019-01-24 16:09 - 000000000 ___RD C:\Users\User\OneDrive
2019-01-24 10:35 - 2019-01-24 10:35 - 000000000 ____D C:\Users\User\AppData\Local\MicrosoftEdge
2019-01-24 10:35 - 2019-01-24 10:35 - 000000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2019-01-24 10:35 - 2019-01-24 10:35 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-01-24 10:34 - 2019-01-24 12:02 - 000000000 ____D C:\Users\User\AppData\Local\Publishers
2019-01-24 10:33 - 2019-01-25 00:47 - 001647664 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-24 10:33 - 2019-01-24 23:01 - 000000000 ____D C:\Users\User\AppData\Roaming\Adobe
2019-01-24 10:33 - 2019-01-24 16:09 - 000002370 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-24 10:33 - 2019-01-24 16:04 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2019-01-24 10:33 - 2019-01-24 12:27 - 000000000 ____D C:\Users\User\AppData\Local\ConnectedDevicesPlatform
2019-01-24 10:33 - 2019-01-24 10:33 - 000000020 ___SH C:\Users\User\ntuser.ini
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 _SHDL C:\Users\User\Modelos
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 _SHDL C:\Users\User\Meus Documentos
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 _SHDL C:\Users\User\Menu Iniciar
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 _SHDL C:\Users\User\Documents\Minhas Músicas
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 _SHDL C:\Users\User\Documents\Minhas Imagens
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 _SHDL C:\Users\User\Documents\Meus Vídeos
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 _SHDL C:\Users\User\Dados de Aplicativos
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 _SHDL C:\Users\User\Configurações Locais
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 _SHDL C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 _SHDL C:\Users\User\AppData\Local\Histórico
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 _SHDL C:\Users\User\AppData\Local\Dados de Aplicativos
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 _SHDL C:\Users\User\Ambiente de Rede
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 _SHDL C:\Users\User\Ambiente de Impressão
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 ___RD C:\Users\User\3D Objects
2019-01-24 10:33 - 2019-01-24 10:33 - 000000000 ____D C:\Users\User\AppData\Local\VirtualStore
2019-01-24 10:31 - 2019-01-24 10:31 - 000000000 ____D C:\Windows\CSC
2019-01-24 10:31 - 2018-04-11 21:33 - 002752000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Músicas
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Imagens
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus Vídeos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de Aplicativos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Usuário Padrão
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Todos os Usuários\Modelos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Todos os Usuários\Documentos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Todos os Usuários\Dados de Aplicativos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Todos os Usuários
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Public\Documents\Minhas Músicas
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Public\Documents\Minhas Imagens
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Public\Documents\Meus Vídeos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default\Modelos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default\Meus Documentos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default\Menu Iniciar
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default\Documents\Minhas Músicas
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default\Documents\Minhas Imagens
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default\Documents\Meus Vídeos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default\Dados de Aplicativos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default\Configurações Locais
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default\Ambiente de Rede
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default\Ambiente de Impressão
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default User\Documents\Minhas Músicas
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default User\Documents\Minhas Imagens
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default User\Documents\Meus Vídeos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Dados de Aplicativos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\ProgramData\Modelos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\ProgramData\Menu Iniciar
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\ProgramData\Documentos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\ProgramData\Dados de Aplicativos
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Program Files\Common Files\Sistema
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Program Files\Arquivos Comuns
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Documents and Settings
2019-01-24 10:29 - 2019-01-24 10:29 - 000000000 _SHDL C:\Arquivos de Programas
2019-01-24 10:25 - 2019-01-24 10:25 - 000000000 ____D C:\Users\Todos os Usuários\USOShared
2019-01-24 10:25 - 2019-01-24 10:25 - 000000000 ____D C:\ProgramData\USOShared
2019-01-24 10:23 - 2019-01-24 10:23 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2019-01-24 10:22 - 2019-01-25 00:43 - 005061000 _____ C:\Windows\system32\FNTCACHE.DAT
2019-01-24 10:22 - 2019-01-25 00:43 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-24 10:22 - 2019-01-24 22:57 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-01-24 10:22 - 2019-01-24 10:22 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-01-24 10:22 - 2019-01-24 10:22 - 000000000 ____D C:\Windows\ServiceProfiles
2019-01-24 08:42 - 2019-01-24 08:42 - 001183744 _____ C:\Windows\Y2MzYmM4MGRhZmIwN.exe
2019-01-24 08:42 - 2019-01-24 08:42 - 000135376 _____ C:\Windows\system32\Drivers\Mjk0NzF
2019-01-24 08:42 - 2019-01-24 08:42 - 000101730 _____ C:\Windows\uninstaller.dat
2019-01-20 08:16 - 2015-06-17 17:44 - 001804696 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01011.dll
2019-01-20 08:16 - 2015-06-17 17:40 - 000037112 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpqKbFiltr64.sys
2019-01-20 08:16 - 2012-09-24 07:40 - 000043840 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\Accelerometer.sys
2019-01-20 08:16 - 2012-09-24 07:40 - 000031040 _____ (Hewlett-Packard Company) C:\Windows\system32\hpservice.exe
2019-01-20 08:16 - 2012-09-24 07:40 - 000031040 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\hpdskflt.sys
2019-01-20 08:16 - 2012-09-24 07:40 - 000021312 _____ (Hewlett-Packard Company) C:\Windows\system32\accelerometerdll.DLL
2019-01-20 08:16 - 2012-09-24 07:40 - 000018240 _____ (Hewlett-Packard Company) C:\Windows\system32\HPMDPCoInst12.dll

==================== Três meses (modificados) ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2019-01-25 08:51 - 2018-04-11 21:38 - 000000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2019-01-25 08:51 - 2018-04-11 21:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-25 08:46 - 2018-04-11 21:38 - 000000000 ____D C:\Windows\appcompat
2019-01-25 01:06 - 2018-04-11 21:38 - 000000000 ____D C:\Windows\LiveKernelReports
2019-01-25 00:47 - 2018-04-12 14:37 - 000713958 _____ C:\Windows\system32\prfh0416.dat
2019-01-25 00:47 - 2018-04-12 14:37 - 000140334 _____ C:\Windows\system32\prfc0416.dat
2019-01-25 00:47 - 2018-04-11 21:36 - 000000000 ____D C:\Windows\INF
2019-01-25 00:43 - 2018-04-11 19:04 - 000524288 _____ C:\Windows\system32\config\BBI
2019-01-24 22:24 - 2018-04-11 21:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-01-24 16:19 - 2018-04-11 21:38 - 000000000 ____D C:\Windows\AppReadiness
2019-01-24 16:01 - 2018-04-11 21:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-24 14:20 - 2018-04-11 21:30 - 000000000 ____D C:\Windows\CbsTemp
2019-01-24 14:15 - 2018-04-12 14:37 - 000000000 ____D C:\Windows\SysWOW64\winrm
2019-01-24 14:15 - 2018-04-12 14:37 - 000000000 ____D C:\Windows\SysWOW64\WCN
2019-01-24 14:15 - 2018-04-12 14:37 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2019-01-24 14:15 - 2018-04-12 14:37 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2019-01-24 14:15 - 2018-04-11 21:38 - 000000000 ___SD C:\Windows\SysWOW64\F12
2019-01-24 14:14 - 2018-04-11 21:38 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2019-01-24 14:13 - 2018-04-12 14:37 - 000000000 ____D C:\Windows\system32\winrm
2019-01-24 14:13 - 2018-04-12 14:37 - 000000000 ____D C:\Windows\system32\WCN
2019-01-24 14:13 - 2018-04-12 14:37 - 000000000 ____D C:\Windows\system32\slmgr
2019-01-24 14:13 - 2018-04-12 14:37 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2019-01-24 14:13 - 2018-04-11 21:38 - 000000000 ___SD C:\Windows\system32\F12
2019-01-24 14:13 - 2018-04-11 21:38 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2019-01-24 14:13 - 2018-04-11 21:38 - 000000000 ____D C:\Windows\system32\migwiz
2019-01-24 14:10 - 2018-04-11 21:38 - 000000000 ___SD C:\Windows\system32\dsc
2019-01-24 14:10 - 2018-04-11 21:38 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-01-24 14:10 - 2018-04-11 19:04 - 000000000 ____D C:\Windows\servicing
2019-01-24 14:09 - 2018-04-12 14:42 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-01-24 14:09 - 2018-04-11 21:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-01-24 14:09 - 2018-04-11 21:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-01-24 14:09 - 2018-04-11 21:38 - 000000000 ____D C:\Program Files\Windows Defender
2019-01-24 14:09 - 2018-04-11 21:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-01-24 14:09 - 2018-04-11 21:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-01-24 12:52 - 2018-04-12 14:41 - 000000000 ____D C:\Windows\OCR
2019-01-24 12:38 - 2018-04-11 21:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-01-24 11:21 - 2018-04-11 21:38 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2019-01-24 10:46 - 2018-04-11 21:38 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-01-24 10:32 - 2018-04-11 21:38 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2019-01-24 10:31 - 2018-04-11 21:38 - 000000000 ____D C:\Windows\system32\spool
2019-01-24 10:31 - 2018-04-11 21:38 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-01-24 10:29 - 2018-04-11 21:38 - 000000000 ____D C:\Program Files\windows nt
2019-01-24 10:25 - 2018-04-11 21:38 - 000000000 ____D C:\Users\Todos os Usuários\USOPrivate
2019-01-24 10:25 - 2018-04-11 21:38 - 000000000 ____D C:\ProgramData\USOPrivate
2019-01-24 10:24 - 2018-04-11 21:38 - 000000000 ___RD C:\Windows\PrintDialog
2019-01-24 10:23 - 2018-04-11 19:04 - 000032768 _____ C:\Windows\system32\config\ELAM

==================== Arquivos na raiz de alguns diretórios =======

2019-01-24 21:52 - 2019-01-25 08:44 - 000000004 _____ () C:\ProgramData\lock.dat
2019-01-24 21:52 - 2019-01-24 21:52 - 000000008 _____ () C:\ProgramData\ts.dat
2019-01-24 21:52 - 2019-01-25 08:44 - 000000004 _____ () C:\Users\Todos os Usuários\lock.dat
2019-01-24 21:52 - 2019-01-24 21:52 - 000000008 _____ () C:\Users\Todos os Usuários\ts.dat
2019-01-25 00:05 - 2019-01-25 00:05 - 000000132 _____ () C:\Users\User\AppData\Roaming\Preferências do Formato PNG do Adobe CS6

Alguns arquivos em TEMP:
====================
2019-01-24 19:12 - 2019-01-24 19:12 - 001009174 _____ () C:\Users\User\AppData\Local\Temp\C34.tmp.exe
2019-01-24 19:14 - 2019-01-24 19:14 - 001321984 _____ () C:\Users\User\AppData\Local\Temp\DCEE.tmp.exe
2019-01-24 19:10 - 2019-01-24 19:10 - 000140288 _____ () C:\Users\User\AppData\Local\Temp\ifjhpf.exe
2019-01-24 19:11 - 2019-01-24 19:11 - 000251184 _____ (Google Inc.) C:\Users\User\AppData\Local\Temp\mcasin.exe
2019-01-24 19:09 - 2019-01-24 19:11 - 005590592 _____ (                                                            ) C:\Users\User\AppData\Local\Temp\OneSystemCare.exe
2019-01-24 19:09 - 2019-01-24 19:09 - 000386719 _____ (ZRFXRD                                                      ) C:\Users\User\AppData\Local\Temp\pixel.exe
2019-01-24 19:11 - 2019-01-24 19:11 - 000969712 _____ (                                                            ) C:\Users\User\AppData\Local\Temp\setupSD.exe
2019-01-24 19:09 - 2019-01-24 19:09 - 000649216 _____ () C:\Users\User\AppData\Local\Temp\Tstp.exe
2019-01-24 19:09 - 2019-01-24 19:09 - 002892544 _____ (BitTorrent Inc.) C:\Users\User\AppData\Local\Temp\u_Pro_3_5_Crack_Completo_em_Portugus_BR.exe
2019-01-24 19:16 - 2019-01-24 19:16 - 001104202 _____ (WhiteClick                                                  ) C:\Users\User\AppData\Local\Temp\whiteclick.exe

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dllhost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dllhost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2019-01-24 10:22

==================== Fim de FRST.txt ============================