Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 12-11-2016
Executado por Michele (administrador) em MICHELE-PC (14-11-2016 12:46:52)
Executando a partir de C:\Users\Michele\Downloads
Perfis Carregados: Michele (Perfis Disponíveis: Michele)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Access Manager\newlock.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
() C:\Program Files (x86)\WeatherTool\2.0.1.5000028\WeatherService.exe
(ShenZhen Enode Techology co,.Ltd) C:\Program Files (x86)\WeatherTool\2.0.1.5000028\weather_free.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(%CFullName%) C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Access Manager\newlock.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wusa.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [569200 2011-02-18] (Alps Electric Co., Ltd.)
HKLM\...\Run: [CnxtCoInstallerDefer] => C:\Program Files\CONEXANT\PREINSTALL\SETUP582629B81\KESLYN.EXE [1574528 2010-12-15] (Conexant Systems, Inc.)
HKLM\...\Run: [00saskda] => C:\Program Files (x86)\Access Manager\newlock.exe [1462304 2013-02-02] ()
HKLM\...\Run: [zzsecagent] => [X]
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 1999-12-31] (IDT, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9044392 2016-11-11] (AVAST Software)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\RunOnce: [Nakecabe] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Michele\AppData\Roaming\Lasadafet"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1978768454-4101406953-3495344282-1000\...\Run: [Chromium] => c:\users\michele\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1978768454-4101406953-3495344282-1000\...\RunOnce: [Uninstall C:\Users\Michele\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michele\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1978768454-4101406953-3495344282-1000\...\MountPoints2: {201911ce-a7c0-11e6-b81a-4ceb429af3c5} - E:\Startme.exe
HKU\S-1-5-21-1978768454-4101406953-3495344282-1000\...\MountPoints2: {813cfb39-a7b4-11e6-af17-806e6f6e6963} - D:\setup64.exe
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-11-11] (AVAST Software)
GroupPolicy: Restrição <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 8.8.8.8
Tcpip\..\Interfaces\{9C4AD3C9-B050-4321-809E-B374B04636C5}: [DhcpNameServer] 192.168.1.1 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-1978768454-4101406953-3495344282-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1978768454-4101406953-3495344282-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1978768454-4101406953-3495344282-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-11-11] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-11-13] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-11-13] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-11] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-11-13] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-13] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-11-11]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-11]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2016-11-11] [não assinado]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-11-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-11-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-11] (Google Inc.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default [2016-11-14]
CHR Extension: (Google Apresentações) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-11]
CHR Extension: (Google Docs) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-11]
CHR Extension: (Google Drive) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-11]
CHR Extension: (YouTube) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-11]
CHR Extension: (Avast SafePrice) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-11]
CHR Extension: (Planilhas do Google) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-11]
CHR Extension: (Documentos Google off-line) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-11]
CHR Extension: (Avast Online Security) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-11]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-11]
CHR Extension: (Gmail) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-11]
CHR Extension: (Chrome Media Router) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-11]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1978768454-4101406953-3495344282-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-11-11] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3291848 2016-10-08] (Microsoft Corporation)
R2 DeskSaverService; C:\Program Files (x86)\Access Manager\newlock.exe [1462304 2013-02-02] ()
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-03-07] (Realsil Microelectronics Inc.) [Arquivo não assinado]
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [124928 2015-07-02] (Softex Inc.) [Arquivo não assinado]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 1999-12-31] (IDT, Inc.) [Arquivo não assinado]
R2 TheFreeWeatherService; C:\Program Files (x86)\WeatherTool\2.0.1.5000028\WeatherService.exe [156784 2016-08-11] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-11-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-11-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-11-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-11-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-11-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-11-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-11-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-11-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-11-11] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2016-11-14] (SlimWare Utilities, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-11-14 12:46 - 2016-11-14 12:47 - 00024361 _____ C:\Users\Michele\Downloads\FRST.txt
2016-11-14 12:46 - 2016-11-14 12:46 - 00000000 ____D C:\FRST
2016-11-14 12:44 - 2016-11-14 12:44 - 02411520 _____ (Farbar) C:\Users\Michele\Downloads\FRST64.exe
2016-11-14 00:21 - 2016-11-14 00:21 - 00000000 ____D C:\7d9de7342aabf935c7418966ecd2
2016-11-14 00:19 - 2016-11-14 00:19 - 00000000 ____D C:\Users\Michele\Downloads\api-ms-win-crt-heap-l1-1-0 (1)
2016-11-13 22:52 - 2016-11-14 00:21 - 00000000 ___HT C:\Windows\wusa.lock
2016-11-13 22:52 - 2016-11-13 22:52 - 00000000 ____D C:\5b6f2a40f3944cad96e5a7c4
2016-11-13 22:39 - 2016-11-13 22:39 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-11-13 12:32 - 2016-11-13 12:32 - 01034556 _____ C:\Users\Michele\Downloads\Windows6.1-KB2999226-x64.msu
2016-11-13 12:32 - 2016-11-13 12:32 - 00001129 _____ C:\Users\Public\Desktop\DLL-Files.com Client.lnk
2016-11-13 12:32 - 2016-11-13 12:32 - 00000000 ____D C:\Users\Michele\AppData\Roaming\DLL-files.com
2016-11-13 12:32 - 2016-11-13 12:32 - 00000000 ____D C:\Users\Michele\AppData\Roaming\DFXCT
2016-11-13 12:32 - 2016-11-13 12:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client
2016-11-13 12:32 - 2016-11-13 12:32 - 00000000 ____D C:\Program Files (x86)\DLL-Files.com Client
2016-11-13 12:32 - 2016-11-13 12:32 - 00000000 ____D C:\0b39825a4f69effce12a2135
2016-11-13 12:29 - 2016-11-13 12:31 - 02729024 _____ (DLL-Files.com Client ) C:\Users\Michele\Downloads\clientsetup_d-0.exe
2016-11-13 12:28 - 2016-11-13 12:28 - 00011857 _____ C:\Users\Michele\Downloads\api-ms-win-crt-heap-l1-1-0 (1).zip
2016-11-13 12:18 - 2016-11-13 12:18 - 00132544 _____ C:\Users\Michele\Downloads\WhatsApp Image 2016-11-12 at 21.19.25 (6).jpeg
2016-11-13 12:18 - 2016-11-13 12:18 - 00002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-11-13 12:18 - 2016-11-13 12:18 - 00002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-11-13 12:18 - 2016-11-13 12:18 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-11-13 12:18 - 2016-11-13 12:18 - 00002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-11-13 12:18 - 2016-11-13 12:18 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-11-13 12:18 - 2016-11-13 12:18 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-11-13 12:18 - 2016-11-13 12:18 - 00002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-11-13 12:18 - 2016-11-13 12:18 - 00000000 ____D C:\Users\Michele\AppData\Roaming\Corel
2016-11-13 12:18 - 2016-11-13 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2016-11-13 12:17 - 2016-11-13 12:17 - 00159832 _____ C:\Users\Michele\Downloads\WhatsApp Image 2016-11-12 at 21.19.25 (4).jpeg
2016-11-13 12:17 - 2016-11-13 12:17 - 00159832 _____ C:\Users\Michele\Downloads\WhatsApp Image 2016-11-12 at 21.19.25 (1).jpeg
2016-11-13 12:17 - 2016-11-13 12:17 - 00147185 _____ C:\Users\Michele\Downloads\WhatsApp Image 2016-11-12 at 21.19.25 (2).jpeg
2016-11-13 12:17 - 2016-11-13 12:17 - 00143400 _____ C:\Users\Michele\Downloads\WhatsApp Image 2016-11-12 at 21.19.25 (3).jpeg
2016-11-13 12:17 - 2016-11-13 12:17 - 00130163 _____ C:\Users\Michele\Downloads\WhatsApp Image 2016-11-12 at 21.19.25.jpeg
2016-11-13 12:17 - 2016-11-13 12:17 - 00130163 _____ C:\Users\Michele\Downloads\WhatsApp Image 2016-11-12 at 21.19.25 (5).jpeg
2016-11-13 12:17 - 2016-11-13 12:17 - 00000000 ____D C:\Program Files (x86)\gs
2016-11-13 12:17 - 2016-11-13 12:13 - 00003060 _____ C:\Users\Public\Desktop\Corel CAPTURE X8 (64-Bit).lnk
2016-11-13 12:17 - 2016-11-13 12:13 - 00002343 _____ C:\Users\Public\Desktop\Corel CONNECT X8 (64-Bit).lnk
2016-11-13 12:17 - 2016-11-13 12:12 - 00003063 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X8 (64-Bit).lnk
2016-11-13 12:17 - 2016-11-13 12:12 - 00003015 _____ C:\Users\Public\Desktop\CorelDRAW X8 (64-Bit).lnk
2016-11-13 12:17 - 2016-11-13 12:12 - 00002256 _____ C:\Users\Public\Desktop\Corel Font Manager X8 (64-Bit).lnk
2016-11-13 12:15 - 2016-11-13 12:18 - 00003324 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTaskCore
2016-11-13 12:15 - 2016-11-13 12:15 - 00000000 ____D C:\Users\Todos os Usuários\VsTelemetry
2016-11-13 12:15 - 2016-11-13 12:15 - 00000000 ____D C:\ProgramData\VsTelemetry
2016-11-13 12:15 - 2016-11-13 12:15 - 00000000 ____D C:\Program Files (x86)\Corel
2016-11-13 12:14 - 2016-11-13 12:14 - 00000000 ____D C:\Program Files\Common Files\Corel
2016-11-13 12:13 - 2016-11-13 12:13 - 00000000 ____D C:\Users\Public\Documents\Corel
2016-11-13 12:12 - 2016-11-13 12:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)
2016-11-13 12:11 - 2016-11-13 12:26 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2016-11-13 12:11 - 2016-11-13 12:26 - 00000000 ____D C:\ProgramData\Corel
2016-11-13 12:10 - 2016-11-13 22:40 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-11-13 12:10 - 2016-11-13 22:40 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-13 12:10 - 2016-11-13 12:15 - 00000000 ____D C:\Program Files\Corel
2016-11-13 02:02 - 2016-11-13 02:02 - 00002042 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-11-13 02:02 - 2016-11-13 02:02 - 00002040 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-11-13 02:02 - 2016-11-13 02:02 - 00002030 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-11-13 02:02 - 2016-11-13 02:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-11-13 01:56 - 2016-11-13 11:50 - 534612834 _____ C:\Users\Michele\Downloads\CorelDRAWGraphicsSuiteX8Installer_pt64Bit.zip
2016-11-13 01:55 - 2016-11-13 01:55 - 00000000 ____D C:\Users\Todos os Usuários\UniqueId
2016-11-13 01:55 - 2016-11-13 01:55 - 00000000 ____D C:\ProgramData\UniqueId
2016-11-13 01:54 - 2016-11-13 01:54 - 00002233 _____ C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2016-11-13 01:54 - 2016-11-13 01:54 - 00002225 _____ C:\Users\Michele\Desktop\Chromium.lnk
2016-11-13 01:54 - 2016-11-13 01:54 - 00000000 ____D C:\Users\Michele\AppData\Local\Chromium
2016-11-13 01:52 - 2016-11-13 01:52 - 12505176 _____ (Corel Corporation) C:\Users\Michele\Downloads\Baixaki_coreldraw-graphics-suite [1].exe
2016-11-13 01:51 - 2016-11-13 01:51 - 00019862 _____ C:\Users\Michele\AppData\Roaming\Lasadafet
2016-11-13 01:46 - 2016-11-13 01:57 - 00000000 ____D C:\Users\Michele\AppData\Roaming\PhotoScape
2016-11-13 01:45 - 2016-11-13 01:45 - 00001035 _____ C:\Users\Michele\Desktop\PhotoScape.lnk
2016-11-13 01:45 - 2016-11-13 01:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2016-11-13 01:45 - 2016-11-13 01:45 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2016-11-13 01:42 - 2016-11-13 01:42 - 21025552 _____ (Mooii) C:\Users\Michele\Downloads\Baixaki_photoscape [1].exe
2016-11-13 01:39 - 2016-11-13 01:54 - 00000000 ____D C:\Users\Michele\AppData\Local\{E8F6DEAA-CC5E-B212-A1C6-97FA85AE6B62}
2016-11-13 01:39 - 2016-11-13 01:50 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-11-13 01:36 - 2016-11-13 01:37 - 01869424 _____ (File ) C:\Users\Michele\Downloads\Baixaki_coreldraw-graphics-suite.exe
2016-11-13 01:32 - 2016-11-13 01:32 - 01869424 _____ (File ) C:\Users\Michele\Downloads\Baixaki_photoscape.exe
2016-11-13 01:23 - 2016-11-13 01:23 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-11-13 01:09 - 2016-11-13 01:12 - 05433656 _____ (Microsoft Corporation) C:\Users\Michele\Downloads\Setup.x64.pt-br_ProfessionalRetail_NKGG6-WBPCC-HXWMY-6DQGJ-CPQVG_act_1_.exe
2016-11-12 10:54 - 2016-11-12 10:54 - 00000000 ____D C:\Users\Michele\AppData\Local\Microsoft Games
2016-11-12 10:33 - 2016-11-12 10:33 - 00003300 _____ C:\Windows\System32\Tasks\{DC372437-4978-49A0-9A0E-CB1A6CAE81E0}
2016-11-12 10:28 - 2016-11-12 10:28 - 00000000 ___HD C:\OneDriveTemp
2016-11-12 10:27 - 2016-11-12 10:27 - 00000000 ____D C:\f852b00bcd05d1c743
2016-11-12 10:24 - 2016-11-12 10:24 - 00003242 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task
2016-11-12 10:23 - 2016-11-12 10:23 - 00000000 ____D C:\Users\Michele\AppData\Roaming\Skype
2016-11-12 10:22 - 2016-11-12 10:26 - 14749120 _____ (Microsoft Corporation) C:\Users\Michele\Downloads\vc_redist.x64.exe
2016-11-12 04:54 - 2016-11-14 00:19 - 00000000 ___RD C:\Users\Michele\OneDrive
2016-11-12 04:54 - 2016-11-12 10:24 - 00002134 _____ C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-11-12 04:54 - 2016-11-12 04:54 - 00002110 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-11-12 04:54 - 2016-11-12 04:54 - 00002110 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-11-12 04:54 - 2016-11-12 04:54 - 00002110 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-11-12 04:54 - 2016-11-12 04:54 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-11-12 04:54 - 2016-11-12 04:54 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-11-12 04:54 - 2016-11-12 04:54 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-11-12 04:53 - 2016-11-12 04:53 - 00000000 ____D C:\e8e83afc85632a8a58
2016-11-12 03:48 - 2016-11-12 03:48 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-11-12 03:09 - 2016-11-12 03:11 - 00000000 ____D C:\Program Files\IDT
2016-11-12 03:09 - 1999-12-31 22:00 - 02193920 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2016-11-12 03:09 - 1999-12-31 22:00 - 00674304 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2016-11-12 03:09 - 1999-12-31 22:00 - 00546304 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2016-11-12 03:09 - 1999-12-31 22:00 - 00499200 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2016-11-12 03:09 - 1999-12-31 22:00 - 00256000 _____ (IDT, Inc.) C:\Windows\system32\st646466.dll
2016-11-12 03:02 - 2016-11-13 12:10 - 00000000 ____D C:\Program Files\Microsoft Office
2016-11-12 02:51 - 2016-11-12 02:51 - 03920568 _____ (Microsoft Corporation) C:\Users\Michele\Downloads\Setup.x64.en-us_ProfessionalRetail_NKGG6-WBPCC-HXWMY-6DQGJ-CPQVG_act_1_.exe
2016-11-12 02:22 - 2016-11-12 02:22 - 00000000 ____D C:\Users\Michele\AppData\Roaming\WinBatch
2016-11-11 23:36 - 2016-11-11 23:36 - 00002986 _____ C:\Windows\System32\Tasks\Start SimplePass
2016-11-11 23:36 - 2016-11-11 23:36 - 00002924 _____ C:\Windows\System32\Tasks\Start OPBHOBrokerDesktop
2016-11-11 23:36 - 2016-11-11 23:36 - 00002912 _____ C:\Windows\System32\Tasks\Start OPBHOBroker
2016-11-11 23:36 - 2016-11-11 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2016-11-11 23:36 - 2016-11-11 23:36 - 00000000 ____D C:\Program Files\Hewlett-Packard
2016-11-11 23:36 - 2015-07-01 12:55 - 00001608 _____ C:\Windows\SysWOW64\optskcpl.xml
2016-11-11 23:36 - 2015-06-24 16:31 - 00002986 _____ C:\Windows\SysWOW64\Start_SimplePass.xml
2016-11-11 23:36 - 2015-06-24 16:31 - 00002924 _____ C:\Windows\SysWOW64\Start_OPBHOBrokerDesktop.xml
2016-11-11 23:36 - 2015-06-24 16:31 - 00002912 _____ C:\Windows\SysWOW64\Start_OPBHOBroker.xml
2016-11-11 21:05 - 2016-11-11 21:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2016-11-11 21:05 - 2016-11-11 21:05 - 00000000 ____D C:\Users\Todos os Usuários\Validity
2016-11-11 21:05 - 2016-11-11 21:05 - 00000000 ____D C:\ProgramData\Validity
2016-11-11 20:43 - 2016-11-11 20:43 - 00000000 ____D C:\Users\Todos os Usuários\CyberLink
2016-11-11 20:43 - 2016-11-11 20:43 - 00000000 ____D C:\ProgramData\CyberLink
2016-11-11 20:42 - 2016-11-11 20:43 - 00000000 ____D C:\Users\Michele\Documents\Youcam
2016-11-11 20:42 - 2016-11-11 20:42 - 00000000 ____D C:\Users\Public\CyberLink
2016-11-11 20:42 - 2016-11-11 20:42 - 00000000 ____D C:\Users\Michele\AppData\Roaming\CyberLink
2016-11-11 20:42 - 2016-11-11 20:42 - 00000000 ____D C:\Users\Michele\AppData\Local\CyberLink
2016-11-11 20:32 - 2016-11-11 20:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsAlsDriver_01_09_00.Wdf
2016-11-11 20:27 - 2016-11-11 21:28 - 96647984 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp71729 (1).exe
2016-11-11 20:24 - 2016-11-11 20:24 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safe Web Browser.lnk
2016-11-11 20:24 - 2016-11-11 20:24 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screen Lock.lnk
2016-11-11 20:24 - 2016-11-11 20:24 - 00001150 _____ C:\Users\Public\Desktop\Screen Lock.lnk
2016-11-11 20:24 - 2016-11-11 20:24 - 00001083 _____ C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Access Manager.lnk
2016-11-11 20:24 - 2016-11-11 20:24 - 00001053 _____ C:\Users\Michele\Desktop\Access Manager.lnk
2016-11-11 20:24 - 2016-11-11 20:24 - 00000000 ___HD C:\Access Manager
2016-11-11 20:24 - 2016-11-11 20:24 - 00000000 ____D C:\Users\Michele\Access Manager
2016-11-11 20:24 - 2016-11-11 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access Manager
2016-11-11 20:24 - 2016-11-11 20:24 - 00000000 ____D C:\Program Files (x86)\Access Manager
2016-11-11 20:21 - 2016-11-11 20:22 - 01982307 _____ C:\Users\Michele\Downloads\accmen.zip
2016-11-11 18:57 - 2016-11-11 18:58 - 00000000 ____D C:\Windows\Hewlett-Packard
2016-11-11 18:52 - 2016-11-11 18:52 - 00020392 _____ C:\Users\Michele\AppData\Local\IWDAudHelper.20161111.185222.txt
2016-11-11 18:52 - 2016-11-11 18:52 - 00002052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk
2016-11-11 18:52 - 2016-11-11 18:52 - 00002040 _____ C:\Users\Public\Desktop\Intel(R) WiDi.lnk
2016-11-11 18:52 - 2016-11-11 18:52 - 00001587 _____ C:\Users\Michele\AppData\Local\PDLSetup.20161111.185200.txt
2016-11-11 18:52 - 2016-11-11 18:52 - 00001229 _____ C:\Users\Michele\AppData\Local\PDLSetup.20161111.185252.txt
2016-11-11 18:52 - 2016-11-11 18:52 - 00001229 _____ C:\Users\Michele\AppData\Local\PDLSetup.20161111.185205.txt
2016-11-11 18:52 - 2016-11-11 18:52 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WDKMD_01009.Wdf
2016-11-11 18:52 - 2016-11-11 18:52 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iwdbus_01009.Wdf
2016-11-11 18:52 - 2016-11-11 18:52 - 00000000 ____D C:\Users\Todos os Usuários\Intel
2016-11-11 18:52 - 2016-11-11 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2016-11-11 18:52 - 2016-11-11 18:52 - 00000000 ____D C:\ProgramData\Intel
2016-11-11 18:52 - 2016-11-11 18:52 - 00000000 ____D C:\Program Files (x86)\Intel Corporation
2016-11-11 18:51 - 2016-11-11 18:51 - 00000663 _____ C:\Users\Michele\AppData\Local\PDLSetup.20161111.185158.txt
2016-11-11 18:49 - 2016-11-11 18:49 - 00001587 _____ C:\Users\Michele\AppData\Local\PDLSetup.20161111.184932.txt
2016-11-11 18:48 - 2016-11-11 18:48 - 00003154 _____ C:\Windows\System32\Tasks\MirageAgent
2016-11-11 18:48 - 2016-11-11 18:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2016-11-11 18:48 - 2016-11-11 18:48 - 00000000 ____D C:\Users\Public\Documents\YouCam
2016-11-11 18:47 - 2016-11-11 18:47 - 00000000 ____D C:\Program Files (x86)\CyberLink
2016-11-11 18:46 - 2016-11-11 18:46 - 00000000 ____D C:\Users\Todos os Usuários\Temp
2016-11-11 18:46 - 2016-11-11 18:46 - 00000000 ____D C:\ProgramData\Temp
2016-11-11 18:30 - 2016-11-11 18:30 - 00000000 ____D C:\Windows\system32\SRSLabs
2016-11-11 18:30 - 2011-05-02 14:27 - 00426328 ____N (Dolby Laboratories) C:\Windows\system32\EED64A.dll
2016-11-11 18:30 - 2011-05-02 14:27 - 00136024 ____N (Dolby Laboratories) C:\Windows\system32\EEL64A.dll
2016-11-11 18:30 - 2011-05-02 14:27 - 00074072 ____N (Dolby Laboratories) C:\Windows\system32\EEG64A.dll
2016-11-11 18:30 - 1999-12-31 22:00 - 06101504 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2016-11-11 18:30 - 1999-12-31 22:00 - 03308376 _____ (Dolby Laboratories) C:\Windows\system32\EEP64A.dll
2016-11-11 18:30 - 1999-12-31 22:00 - 01897984 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl
2016-11-11 18:30 - 1999-12-31 22:00 - 01702912 _____ (IDT, Inc.) C:\Windows\sttray64.exe
2016-11-11 18:30 - 1999-12-31 22:00 - 00442368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTEC64.dll
2016-11-11 18:30 - 1999-12-31 22:00 - 00202304 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAC64.dll
2016-11-11 18:30 - 1999-12-31 22:00 - 00118104 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2016-11-11 18:30 - 1999-12-31 22:00 - 00090624 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCo64.dll
2016-11-11 18:30 - 1999-12-31 22:00 - 00074336 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAR64.dll
2016-11-11 18:29 - 2011-05-27 11:06 - 00224256 ____N (IDT, Inc.) C:\Windows\system32\staco64.dll
2016-11-11 18:27 - 2016-11-11 18:27 - 00000000 ____D C:\Program Files\CONEXANT
2016-11-11 18:26 - 2011-04-26 11:07 - 00557848 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2016-11-11 18:25 - 2011-02-22 11:59 - 00008192 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll
2016-11-11 16:43 - 2016-11-11 16:43 - 00000000 ____D C:\Users\Michele\AppData\Roaming\Intel Corporation
2016-11-11 16:38 - 2016-11-11 18:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-11-11 15:46 - 2016-11-11 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-11-11 15:43 - 2016-11-11 15:43 - 00000000 ____D C:\Program Files (x86)\HP
2016-11-11 15:18 - 2016-11-11 15:18 - 00000000 ____D C:\Users\Todos os Usuários\ATI
2016-11-11 15:18 - 2016-11-11 15:18 - 00000000 ____D C:\Users\Michele\AppData\Roaming\ATI
2016-11-11 15:18 - 2016-11-11 15:18 - 00000000 ____D C:\Users\Michele\AppData\Local\ATI
2016-11-11 15:18 - 2016-11-11 15:18 - 00000000 ____D C:\ProgramData\ATI
2016-11-11 15:13 - 2016-11-11 15:13 - 00000000 _____ C:\Windows\ativpsrm.bin
2016-11-11 11:41 - 2016-11-11 21:03 - 00000000 ____D C:\Users\Michele\Downloads\HP Downloads
2016-11-11 11:39 - 2016-11-11 18:26 - 00000000 ____D C:\Program Files (x86)\Intel
2016-11-11 11:39 - 2016-11-11 11:39 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-11-11 11:37 - 2016-11-11 11:37 - 00000000 ____D C:\Intel
2016-11-11 11:37 - 2011-01-12 22:03 - 00003155 _____ C:\Windows\SysWOW64\atipblup.dat
2016-11-11 11:37 - 2011-01-12 22:03 - 00003155 _____ C:\Windows\system32\atipblup.dat
2016-11-11 11:36 - 2016-11-11 11:38 - 00000000 ____D C:\Program Files\ATI Technologies
2016-11-11 11:36 - 2016-11-11 11:37 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-11-11 11:36 - 2016-11-11 11:36 - 00000000 ____D C:\Program Files\ATI
2016-11-11 11:31 - 2016-11-11 18:58 - 00000000 ____D C:\Users\Michele\AppData\Roaming\Hewlett-Packard
2016-11-11 07:19 - 2016-11-11 11:41 - 00000000 ____D C:\Users\Michele\AppData\Local\Hewlett-Packard
2016-11-11 05:54 - 2016-11-11 19:17 - 00000000 ____D C:\Users\Todos os Usuários\HP Inc
2016-11-11 05:54 - 2016-11-11 19:17 - 00000000 ____D C:\ProgramData\HP Inc
2016-11-11 05:54 - 2016-11-11 05:54 - 00000000 ____D C:\System.sav
2016-11-11 05:53 - 2016-11-11 05:53 - 00000000 ____D C:\Users\Michele\AppData\Roaming\hpqLog
2016-11-11 05:29 - 2016-11-13 12:10 - 01598992 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-11-11 05:26 - 2016-11-11 05:34 - 10830288 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp54169.exe
2016-11-11 05:23 - 2016-11-11 05:23 - 00000000 ____D C:\HP
2016-11-11 05:21 - 2016-11-11 21:04 - 00000000 ____D C:\Program Files\Validity Sensors
2016-11-11 05:21 - 2016-11-11 05:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_wbf_vfs_0018_01_09_00.Wdf
2016-11-11 05:20 - 2016-11-11 05:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2016-11-11 05:20 - 2016-11-11 05:20 - 00000000 ____D C:\Program Files\Apoint2K
2016-11-11 05:17 - 2016-11-11 15:44 - 00000000 ____D C:\Users\Todos os Usuários\Hewlett-Packard
2016-11-11 05:17 - 2016-11-11 15:44 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-11-11 05:11 - 2016-11-14 07:23 - 00000370 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Michele).job
2016-11-11 05:11 - 2016-11-11 05:11 - 00003036 _____ C:\Windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan - Michele)
2016-11-11 05:05 - 2016-11-11 05:05 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2016-11-11 05:04 - 2016-11-11 18:56 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-11-11 04:47 - 2016-11-11 08:50 - 289052832 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp54122.exe
2016-11-11 04:46 - 2016-11-11 06:40 - 140150288 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp54243.exe
2016-11-11 04:44 - 2016-11-11 04:48 - 04772296 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp60704.exe
2016-11-11 04:43 - 2016-11-11 05:11 - 32031216 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp54170.exe
2016-11-11 04:43 - 2016-11-11 04:51 - 10767704 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp54120.exe
2016-11-11 04:42 - 2016-11-11 05:37 - 66231192 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp54161.exe
2016-11-11 04:40 - 2016-11-11 04:41 - 01533800 _____ (Hewlett-Packard Company ) C:\Users\Michele\Downloads\sp55152.exe
2016-11-11 04:31 - 2016-11-11 05:40 - 96647984 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp71729.exe
2016-11-11 04:09 - 2016-11-11 11:38 - 00001047 _____ C:\Users\Public\Desktop\DriverTuner.lnk
2016-11-11 04:09 - 2016-11-11 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner
2016-11-11 04:09 - 2016-11-11 11:38 - 00000000 ____D C:\Program Files (x86)\DriverTuner
2016-11-11 04:05 - 2016-11-11 04:08 - 02816040 _____ (LionSea SoftWare ) C:\Users\Michele\Downloads\setup.exe
2016-11-11 03:57 - 2016-11-11 03:57 - 00000000 ____D C:\Users\Michele\AppData\Local\CEF
2016-11-11 03:56 - 2016-11-11 04:52 - 00003900 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1478843812
2016-11-11 03:56 - 2016-11-11 03:56 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-11-11 03:56 - 2016-11-11 03:56 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-11-11 03:45 - 2016-11-11 03:45 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-11-11 03:45 - 2016-11-11 03:45 - 00000000 ____D C:\Users\Michele\AppData\Roaming\AVAST Software
2016-11-11 03:45 - 2016-11-11 03:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-11-11 03:44 - 2016-11-11 19:17 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-11-11 03:44 - 2016-11-11 03:45 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-11-11 03:44 - 2016-11-11 03:45 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-11-11 03:44 - 2016-11-11 03:44 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-11-11 03:44 - 2016-11-11 03:44 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-11-11 03:44 - 2016-11-11 03:44 - 00000000 ____D C:\Program Files\Common Files\AV
2016-11-11 03:44 - 2016-11-11 03:43 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-11-11 03:44 - 2016-11-11 03:43 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-11-11 03:44 - 2016-11-11 03:43 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-11-11 03:44 - 2016-11-11 03:43 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-11-11 03:44 - 2016-11-11 03:43 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-11-11 03:43 - 2016-11-11 03:43 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-11-11 03:43 - 2016-11-11 03:43 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-11-11 03:43 - 2016-11-11 03:43 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-11-11 03:43 - 2016-11-11 03:43 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-11-11 03:35 - 2016-11-13 12:16 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-11-11 03:35 - 2016-11-13 12:16 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-11 03:35 - 2016-11-11 03:56 - 00000000 ____D C:\Program Files\AVAST Software
2016-11-11 03:35 - 2016-11-11 03:35 - 00000000 ____D C:\Program Files\Intel
2016-11-11 03:34 - 2016-11-11 03:56 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-11-11 03:34 - 2016-11-11 03:56 - 00000000 ____D C:\ProgramData\AVAST Software
2016-11-11 03:30 - 2016-11-11 03:30 - 00000000 ____D C:\Users\Michele\Intel
2016-11-11 02:54 - 2016-11-11 19:11 - 00000000 ____D C:\Windows\SysWOW64\sda
2016-11-11 02:54 - 2016-11-11 18:39 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-11-11 02:54 - 2015-06-15 17:08 - 00753368 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsPer.sys
2016-11-11 02:54 - 2015-06-03 09:47 - 00313048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsBaStor.sys
2016-11-11 02:54 - 2015-06-02 18:04 - 00365272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys
2016-11-11 02:54 - 2015-06-01 17:44 - 00301784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsP2Stor.sys
2016-11-11 02:54 - 2015-05-27 14:13 - 00402136 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2016-11-11 02:54 - 2014-10-20 17:50 - 00083160 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll
2016-11-11 02:54 - 2014-01-27 13:39 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2016-11-11 02:35 - 2016-11-11 02:35 - 00000000 ____D C:\Users\Todos os Usuários\SlimWare Utilities, Inc
2016-11-11 02:35 - 2016-11-11 02:35 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc
2016-11-11 02:34 - 2016-11-14 00:19 - 00002844 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2016-11-11 02:34 - 2016-11-14 00:19 - 00000414 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2016-11-11 02:34 - 2016-11-14 00:18 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2016-11-11 02:34 - 2016-11-11 21:10 - 00000000 ____D C:\Users\Michele\AppData\Local\SlimWare Utilities Inc
2016-11-11 02:31 - 2016-11-11 02:31 - 00000000 ____D C:\Users\Michele\AppData\Roaming\Easeware
2016-11-11 02:28 - 2016-11-11 02:28 - 00000000 ___HD C:\Users\Michele\AppData\Roaming\GoldenGate
2016-11-11 02:28 - 2016-11-11 02:28 - 00000000 ___HD C:\Users\Michele\AppData\Roaming\Booking_helper
2016-11-11 02:22 - 2016-11-11 02:22 - 00000000 ____D C:\Users\Michele\Documents\Wireless_14.3.1_Ds64
2016-11-11 02:22 - 2016-11-11 02:22 - 00000000 ____D C:\Program Files\DIFX
2016-11-11 02:21 - 2016-11-11 03:15 - 00000000 ____D C:\Users\Michele\Desktop\arquivos telefone
2016-11-11 02:18 - 2016-11-11 02:18 - 00002483 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2016-11-11 02:18 - 2016-11-11 02:18 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2016-11-11 02:18 - 2016-11-11 02:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
2016-11-11 02:18 - 2016-11-11 02:18 - 00000000 ____D C:\Program Files (x86)\SlimDrivers
2016-11-11 02:17 - 2016-11-13 01:51 - 00000000 ____D C:\Users\Michele\AppData\Roaming\01f7c0f7222dda6818cd658dc9c52bfd
2016-11-11 02:16 - 2016-11-14 11:50 - 00000000 ____D C:\Users\Todos os Usuários\{81B444D7-0BF6-CE11-8D30-50531772DB9D}
2016-11-11 02:16 - 2016-11-14 11:50 - 00000000 ____D C:\ProgramData\{81B444D7-0BF6-CE11-8D30-50531772DB9D}
2016-11-11 02:16 - 2016-11-13 01:50 - 00004348 _____ C:\Windows\System32\Tasks\Yahoo! Powered canit
2016-11-11 02:14 - 2016-11-14 11:23 - 00000000 ____D C:\Users\Michele\AppData\Roaming\WeatherTool
2016-11-11 02:14 - 2016-11-13 01:50 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-11-11 02:14 - 2016-11-13 01:50 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-11-11 02:14 - 2016-11-11 04:08 - 00000000 ____D C:\Program Files (x86)\OLBPre
2016-11-11 02:14 - 2016-11-11 02:14 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-11-11 02:14 - 2016-11-11 02:14 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-11-11 02:14 - 2016-11-11 02:14 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-11-11 02:14 - 2016-11-11 02:14 - 00000000 ____D C:\Program Files (x86)\WeatherTool
2016-11-11 02:10 - 2016-11-11 02:10 - 00000000 ____D C:\Windows\HPQ
2016-11-11 02:09 - 2016-11-11 23:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-11 02:09 - 2016-11-11 18:34 - 00000000 ____D C:\Windows\SysWOW64\Atheros_L1e
2016-11-11 02:08 - 2016-11-11 23:08 - 00000000 ____D C:\SWSetup
2016-11-11 02:08 - 2016-11-11 18:37 - 00001395 _____ C:\Windows\HPSetLog.txt
2016-11-11 02:04 - 2016-11-11 02:04 - 00091950 _____ C:\Windows\ntbtlog.txt
2016-11-11 01:50 - 2016-11-11 01:50 - 00002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-11 01:50 - 2016-11-11 01:50 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-11 01:39 - 2016-11-14 12:44 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-11 01:39 - 2016-11-14 11:13 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-11 01:39 - 2016-11-11 01:39 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-11-11 01:39 - 2016-11-11 01:39 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-11-11 01:38 - 2016-11-13 02:02 - 00000000 ____D C:\Users\Michele\AppData\Local\Google
2016-11-11 01:38 - 2016-11-13 02:02 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-11 01:38 - 2016-11-11 01:38 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-11-11 01:38 - 2016-11-11 01:38 - 00000000 ____D C:\Users\Michele\AppData\Local\Deployment
2016-11-11 01:38 - 2016-11-11 01:38 - 00000000 ____D C:\Users\Michele\AppData\Local\Apps\2.0
2016-11-11 01:25 - 2014-05-14 14:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-11-11 01:25 - 2014-05-14 14:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-11-11 01:25 - 2014-05-14 14:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-11-11 01:25 - 2014-05-14 14:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-11-11 01:25 - 2014-05-14 14:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-11-11 01:25 - 2014-05-14 14:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-11-11 01:25 - 2014-05-14 14:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-11-11 01:25 - 2014-05-14 14:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-11-11 01:25 - 2014-05-14 14:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-11-11 01:25 - 2014-05-14 14:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-11-11 01:24 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-11-11 01:24 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-11-11 01:24 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-11-11 01:24 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-11-11 01:19 - 2016-11-13 12:32 - 00136816 _____ C:\Users\Michele\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-11 01:13 - 2016-11-11 00:22 - 00000000 ____D C:\Windows\Panther
2016-11-11 01:12 - 2016-11-11 20:28 - 00000000 ____D C:\Users\Michele\AppData\Local\ElevatedDiagnostics
2016-11-11 00:58 - 2016-11-11 00:58 - 00000000 ____D C:\$WINDOWS.~BT
2016-11-11 00:56 - 2016-11-11 00:56 - 00002544 _____ C:\Windows\diagwrn.xml
2016-11-11 00:56 - 2016-11-11 00:56 - 00001890 _____ C:\Windows\diagerr.xml
2016-11-11 00:45 - 2016-11-11 00:45 - 00003050 _____ C:\Windows\System32\Tasks\{4DE0A0B1-8460-4F79-89A7-B43963858157}
2016-11-11 00:22 - 2016-11-12 04:54 - 00000000 ____D C:\Users\Michele
2016-11-11 00:22 - 2016-11-11 00:22 - 00001423 _____ C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-11 00:22 - 2016-11-11 00:22 - 00001389 _____ C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-11-11 00:22 - 2016-11-11 00:22 - 00000020 ___SH C:\Users\Michele\ntuser.ini
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Usuário Padrão
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Todos os Usuários
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Modelos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Meus documentos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Menu Iniciar
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Documents\Minhas músicas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Documents\Minhas imagens
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Documents\Meus vídeos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Configurações locais
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\AppData\Local\Histórico
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\AppData\Local\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Ambiente de rede
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Ambiente de impressão
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Modelos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Meus documentos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Configurações locais
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\ProgramData\Modelos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\ProgramData\Favoritos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\ProgramData\Documentos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Arquivos de Programas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 ____D C:\Users\Michele\AppData\Local\VirtualStore
2016-11-11 00:22 - 2010-11-21 07:47 - 00000000 ____D C:\Users\Michele\AppData\Roaming\Media Center Programs
2016-11-11 00:17 - 2016-11-11 00:17 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-11-11 00:17 - 2016-11-11 00:17 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-10-30 09:24 - 2016-10-30 09:24 - 00394496 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2016-10-30 09:24 - 2016-10-30 09:24 - 00089328 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-10-30 09:23 - 2016-10-30 09:23 - 00639728 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2016-10-30 09:23 - 2016-10-30 09:23 - 00334616 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2016-10-21 14:09 - 2016-11-14 00:24 - 00019648 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-10-21 14:09 - 2016-11-14 00:24 - 00019648 _____ (Microsoft Corporation) C:\Windows\api-ms-win-crt-heap-l1-1-0.dll
2016-10-08 01:10 - 2016-10-08 01:10 - 00085744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00443632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00244496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2016-10-08 01:08 - 2016-10-08 01:08 - 00271104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-11-14 00:30 - 2009-07-14 02:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-14 00:30 - 2009-07-14 02:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-14 00:22 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-11-14 00:16 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-14 00:16 - 2009-07-14 02:45 - 00511448 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-13 22:39 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-11-13 12:10 - 2010-11-21 07:37 - 00705268 _____ C:\Windows\system32\prfh0416.dat
2016-11-13 12:10 - 2010-11-21 07:37 - 00147108 _____ C:\Windows\system32\prfc0416.dat
2016-11-13 12:10 - 2009-07-14 03:13 - 01598992 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-11 19:17 - 2010-11-21 07:47 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-11-11 19:17 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\security
2016-11-11 19:17 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\registration
2016-11-11 19:02 - 2009-07-14 03:32 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2016-11-11 18:22 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\Help
2016-11-11 05:21 - 2009-07-14 03:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-11-11 02:14 - 2009-07-14 01:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-11-11 02:14 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-11-11 01:49 - 2009-07-14 01:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-11-11 01:13 - 2009-07-14 03:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-11-11 01:13 - 2009-07-14 02:45 - 00000000 ____D C:\Windows\Setup
2016-11-11 01:08 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-11 00:41 - 2009-07-14 03:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-11-11 00:22 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files\Windows NT
2016-11-11 00:21 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache
2016-11-11 00:19 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\oobe
2016-11-11 00:17 - 2009-07-14 03:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-11-11 00:17 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-11-11 00:14 - 2010-11-21 07:47 - 00000000 ____D C:\Windows\CSC
==================== Arquivos na raiz de alguns diretórios =======
2016-11-13 01:51 - 2016-11-13 01:51 - 0019862 _____ () C:\Users\Michele\AppData\Roaming\Lasadafet
2016-11-11 18:52 - 2016-11-11 18:52 - 0020392 _____ () C:\Users\Michele\AppData\Local\IWDAudHelper.20161111.185222.txt
2016-11-11 18:49 - 2016-11-11 18:49 - 0001587 _____ () C:\Users\Michele\AppData\Local\PDLSetup.20161111.184932.txt
2016-11-11 18:51 - 2016-11-11 18:51 - 0000663 _____ () C:\Users\Michele\AppData\Local\PDLSetup.20161111.185158.txt
2016-11-11 18:52 - 2016-11-11 18:52 - 0001587 _____ () C:\Users\Michele\AppData\Local\PDLSetup.20161111.185200.txt
2016-11-11 18:52 - 2016-11-11 18:52 - 0001229 _____ () C:\Users\Michele\AppData\Local\PDLSetup.20161111.185205.txt
2016-11-11 18:52 - 2016-11-11 18:52 - 0001229 _____ () C:\Users\Michele\AppData\Local\PDLSetup.20161111.185252.txt
Alguns arquivos em TEMP:
====================
C:\Users\Michele\AppData\Local\Temp\GoogleSetup.exe
C:\Users\Michele\AppData\Local\Temp\NetFramework45.exe
C:\Users\Michele\AppData\Local\Temp\scp8556.tmp.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-11-11 00:14
==================== Fim de FRST.txt ============================
Executado por Michele (administrador) em MICHELE-PC (14-11-2016 12:46:52)
Executando a partir de C:\Users\Michele\Downloads
Perfis Carregados: Michele (Perfis Disponíveis: Michele)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Access Manager\newlock.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
() C:\Program Files (x86)\WeatherTool\2.0.1.5000028\WeatherService.exe
(ShenZhen Enode Techology co,.Ltd) C:\Program Files (x86)\WeatherTool\2.0.1.5000028\weather_free.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(%CFullName%) C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Access Manager\newlock.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wusa.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [569200 2011-02-18] (Alps Electric Co., Ltd.)
HKLM\...\Run: [CnxtCoInstallerDefer] => C:\Program Files\CONEXANT\PREINSTALL\SETUP582629B81\KESLYN.EXE [1574528 2010-12-15] (Conexant Systems, Inc.)
HKLM\...\Run: [00saskda] => C:\Program Files (x86)\Access Manager\newlock.exe [1462304 2013-02-02] ()
HKLM\...\Run: [zzsecagent] => [X]
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 1999-12-31] (IDT, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9044392 2016-11-11] (AVAST Software)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\RunOnce: [Nakecabe] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Michele\AppData\Roaming\Lasadafet"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1978768454-4101406953-3495344282-1000\...\Run: [Chromium] => c:\users\michele\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1978768454-4101406953-3495344282-1000\...\RunOnce: [Uninstall C:\Users\Michele\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michele\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1978768454-4101406953-3495344282-1000\...\MountPoints2: {201911ce-a7c0-11e6-b81a-4ceb429af3c5} - E:\Startme.exe
HKU\S-1-5-21-1978768454-4101406953-3495344282-1000\...\MountPoints2: {813cfb39-a7b4-11e6-af17-806e6f6e6963} - D:\setup64.exe
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-11-11] (AVAST Software)
GroupPolicy: Restrição <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 8.8.8.8
Tcpip\..\Interfaces\{9C4AD3C9-B050-4321-809E-B374B04636C5}: [DhcpNameServer] 192.168.1.1 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-1978768454-4101406953-3495344282-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1978768454-4101406953-3495344282-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1978768454-4101406953-3495344282-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzztD0CtCyC0E0A0B0B0DyB0A0ByCyD0CtN0D0Tzu0StCyByByBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtA0B0A0FyEtByDtGyCyD0DyCtG0EyE0AyCtGyB0DtDtCtGtA0F0C0FtCyEyC0DyB0FtCtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyC0C0EzzyEyB0BtGtD0B0CyEtGyE0Dzy0DtG0A0D0FtAtGtAzzzy0E0D0A0EtByByD0EyE2QtN0A0LzuyE%26cr%3D122050607%26a%3Dwbf_bxinw_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-11-11] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-11-13] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-11-13] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-11] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-11-13] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-13] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-13] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-11-11]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-11]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2016-11-11] [não assinado]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-11-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-11-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-11] (Google Inc.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default [2016-11-14]
CHR Extension: (Google Apresentações) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-11]
CHR Extension: (Google Docs) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-11]
CHR Extension: (Google Drive) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-11]
CHR Extension: (YouTube) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-11]
CHR Extension: (Avast SafePrice) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-11]
CHR Extension: (Planilhas do Google) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-11]
CHR Extension: (Documentos Google off-line) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-11]
CHR Extension: (Avast Online Security) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-11]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-11]
CHR Extension: (Gmail) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-11]
CHR Extension: (Chrome Media Router) - C:\Users\Michele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-11]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1978768454-4101406953-3495344282-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-11-11] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3291848 2016-10-08] (Microsoft Corporation)
R2 DeskSaverService; C:\Program Files (x86)\Access Manager\newlock.exe [1462304 2013-02-02] ()
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-03-07] (Realsil Microelectronics Inc.) [Arquivo não assinado]
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [124928 2015-07-02] (Softex Inc.) [Arquivo não assinado]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 1999-12-31] (IDT, Inc.) [Arquivo não assinado]
R2 TheFreeWeatherService; C:\Program Files (x86)\WeatherTool\2.0.1.5000028\WeatherService.exe [156784 2016-08-11] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-11-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-11-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-11-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-11-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-11-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-11-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-11-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-11-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-11-11] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2016-11-14] (SlimWare Utilities, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-11-14 12:46 - 2016-11-14 12:47 - 00024361 _____ C:\Users\Michele\Downloads\FRST.txt
2016-11-14 12:46 - 2016-11-14 12:46 - 00000000 ____D C:\FRST
2016-11-14 12:44 - 2016-11-14 12:44 - 02411520 _____ (Farbar) C:\Users\Michele\Downloads\FRST64.exe
2016-11-14 00:21 - 2016-11-14 00:21 - 00000000 ____D C:\7d9de7342aabf935c7418966ecd2
2016-11-14 00:19 - 2016-11-14 00:19 - 00000000 ____D C:\Users\Michele\Downloads\api-ms-win-crt-heap-l1-1-0 (1)
2016-11-13 22:52 - 2016-11-14 00:21 - 00000000 ___HT C:\Windows\wusa.lock
2016-11-13 22:52 - 2016-11-13 22:52 - 00000000 ____D C:\5b6f2a40f3944cad96e5a7c4
2016-11-13 22:39 - 2016-11-13 22:39 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-11-13 12:32 - 2016-11-13 12:32 - 01034556 _____ C:\Users\Michele\Downloads\Windows6.1-KB2999226-x64.msu
2016-11-13 12:32 - 2016-11-13 12:32 - 00001129 _____ C:\Users\Public\Desktop\DLL-Files.com Client.lnk
2016-11-13 12:32 - 2016-11-13 12:32 - 00000000 ____D C:\Users\Michele\AppData\Roaming\DLL-files.com
2016-11-13 12:32 - 2016-11-13 12:32 - 00000000 ____D C:\Users\Michele\AppData\Roaming\DFXCT
2016-11-13 12:32 - 2016-11-13 12:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client
2016-11-13 12:32 - 2016-11-13 12:32 - 00000000 ____D C:\Program Files (x86)\DLL-Files.com Client
2016-11-13 12:32 - 2016-11-13 12:32 - 00000000 ____D C:\0b39825a4f69effce12a2135
2016-11-13 12:29 - 2016-11-13 12:31 - 02729024 _____ (DLL-Files.com Client ) C:\Users\Michele\Downloads\clientsetup_d-0.exe
2016-11-13 12:28 - 2016-11-13 12:28 - 00011857 _____ C:\Users\Michele\Downloads\api-ms-win-crt-heap-l1-1-0 (1).zip
2016-11-13 12:18 - 2016-11-13 12:18 - 00132544 _____ C:\Users\Michele\Downloads\WhatsApp Image 2016-11-12 at 21.19.25 (6).jpeg
2016-11-13 12:18 - 2016-11-13 12:18 - 00002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-11-13 12:18 - 2016-11-13 12:18 - 00002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-11-13 12:18 - 2016-11-13 12:18 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-11-13 12:18 - 2016-11-13 12:18 - 00002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-11-13 12:18 - 2016-11-13 12:18 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-11-13 12:18 - 2016-11-13 12:18 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-11-13 12:18 - 2016-11-13 12:18 - 00002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-11-13 12:18 - 2016-11-13 12:18 - 00000000 ____D C:\Users\Michele\AppData\Roaming\Corel
2016-11-13 12:18 - 2016-11-13 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2016-11-13 12:17 - 2016-11-13 12:17 - 00159832 _____ C:\Users\Michele\Downloads\WhatsApp Image 2016-11-12 at 21.19.25 (4).jpeg
2016-11-13 12:17 - 2016-11-13 12:17 - 00159832 _____ C:\Users\Michele\Downloads\WhatsApp Image 2016-11-12 at 21.19.25 (1).jpeg
2016-11-13 12:17 - 2016-11-13 12:17 - 00147185 _____ C:\Users\Michele\Downloads\WhatsApp Image 2016-11-12 at 21.19.25 (2).jpeg
2016-11-13 12:17 - 2016-11-13 12:17 - 00143400 _____ C:\Users\Michele\Downloads\WhatsApp Image 2016-11-12 at 21.19.25 (3).jpeg
2016-11-13 12:17 - 2016-11-13 12:17 - 00130163 _____ C:\Users\Michele\Downloads\WhatsApp Image 2016-11-12 at 21.19.25.jpeg
2016-11-13 12:17 - 2016-11-13 12:17 - 00130163 _____ C:\Users\Michele\Downloads\WhatsApp Image 2016-11-12 at 21.19.25 (5).jpeg
2016-11-13 12:17 - 2016-11-13 12:17 - 00000000 ____D C:\Program Files (x86)\gs
2016-11-13 12:17 - 2016-11-13 12:13 - 00003060 _____ C:\Users\Public\Desktop\Corel CAPTURE X8 (64-Bit).lnk
2016-11-13 12:17 - 2016-11-13 12:13 - 00002343 _____ C:\Users\Public\Desktop\Corel CONNECT X8 (64-Bit).lnk
2016-11-13 12:17 - 2016-11-13 12:12 - 00003063 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X8 (64-Bit).lnk
2016-11-13 12:17 - 2016-11-13 12:12 - 00003015 _____ C:\Users\Public\Desktop\CorelDRAW X8 (64-Bit).lnk
2016-11-13 12:17 - 2016-11-13 12:12 - 00002256 _____ C:\Users\Public\Desktop\Corel Font Manager X8 (64-Bit).lnk
2016-11-13 12:15 - 2016-11-13 12:18 - 00003324 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTaskCore
2016-11-13 12:15 - 2016-11-13 12:15 - 00000000 ____D C:\Users\Todos os Usuários\VsTelemetry
2016-11-13 12:15 - 2016-11-13 12:15 - 00000000 ____D C:\ProgramData\VsTelemetry
2016-11-13 12:15 - 2016-11-13 12:15 - 00000000 ____D C:\Program Files (x86)\Corel
2016-11-13 12:14 - 2016-11-13 12:14 - 00000000 ____D C:\Program Files\Common Files\Corel
2016-11-13 12:13 - 2016-11-13 12:13 - 00000000 ____D C:\Users\Public\Documents\Corel
2016-11-13 12:12 - 2016-11-13 12:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)
2016-11-13 12:11 - 2016-11-13 12:26 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2016-11-13 12:11 - 2016-11-13 12:26 - 00000000 ____D C:\ProgramData\Corel
2016-11-13 12:10 - 2016-11-13 22:40 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-11-13 12:10 - 2016-11-13 22:40 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-13 12:10 - 2016-11-13 12:15 - 00000000 ____D C:\Program Files\Corel
2016-11-13 02:02 - 2016-11-13 02:02 - 00002042 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-11-13 02:02 - 2016-11-13 02:02 - 00002040 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-11-13 02:02 - 2016-11-13 02:02 - 00002030 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-11-13 02:02 - 2016-11-13 02:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-11-13 01:56 - 2016-11-13 11:50 - 534612834 _____ C:\Users\Michele\Downloads\CorelDRAWGraphicsSuiteX8Installer_pt64Bit.zip
2016-11-13 01:55 - 2016-11-13 01:55 - 00000000 ____D C:\Users\Todos os Usuários\UniqueId
2016-11-13 01:55 - 2016-11-13 01:55 - 00000000 ____D C:\ProgramData\UniqueId
2016-11-13 01:54 - 2016-11-13 01:54 - 00002233 _____ C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2016-11-13 01:54 - 2016-11-13 01:54 - 00002225 _____ C:\Users\Michele\Desktop\Chromium.lnk
2016-11-13 01:54 - 2016-11-13 01:54 - 00000000 ____D C:\Users\Michele\AppData\Local\Chromium
2016-11-13 01:52 - 2016-11-13 01:52 - 12505176 _____ (Corel Corporation) C:\Users\Michele\Downloads\Baixaki_coreldraw-graphics-suite [1].exe
2016-11-13 01:51 - 2016-11-13 01:51 - 00019862 _____ C:\Users\Michele\AppData\Roaming\Lasadafet
2016-11-13 01:46 - 2016-11-13 01:57 - 00000000 ____D C:\Users\Michele\AppData\Roaming\PhotoScape
2016-11-13 01:45 - 2016-11-13 01:45 - 00001035 _____ C:\Users\Michele\Desktop\PhotoScape.lnk
2016-11-13 01:45 - 2016-11-13 01:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2016-11-13 01:45 - 2016-11-13 01:45 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2016-11-13 01:42 - 2016-11-13 01:42 - 21025552 _____ (Mooii) C:\Users\Michele\Downloads\Baixaki_photoscape [1].exe
2016-11-13 01:39 - 2016-11-13 01:54 - 00000000 ____D C:\Users\Michele\AppData\Local\{E8F6DEAA-CC5E-B212-A1C6-97FA85AE6B62}
2016-11-13 01:39 - 2016-11-13 01:50 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-11-13 01:36 - 2016-11-13 01:37 - 01869424 _____ (File ) C:\Users\Michele\Downloads\Baixaki_coreldraw-graphics-suite.exe
2016-11-13 01:32 - 2016-11-13 01:32 - 01869424 _____ (File ) C:\Users\Michele\Downloads\Baixaki_photoscape.exe
2016-11-13 01:23 - 2016-11-13 01:23 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-11-13 01:09 - 2016-11-13 01:12 - 05433656 _____ (Microsoft Corporation) C:\Users\Michele\Downloads\Setup.x64.pt-br_ProfessionalRetail_NKGG6-WBPCC-HXWMY-6DQGJ-CPQVG_act_1_.exe
2016-11-12 10:54 - 2016-11-12 10:54 - 00000000 ____D C:\Users\Michele\AppData\Local\Microsoft Games
2016-11-12 10:33 - 2016-11-12 10:33 - 00003300 _____ C:\Windows\System32\Tasks\{DC372437-4978-49A0-9A0E-CB1A6CAE81E0}
2016-11-12 10:28 - 2016-11-12 10:28 - 00000000 ___HD C:\OneDriveTemp
2016-11-12 10:27 - 2016-11-12 10:27 - 00000000 ____D C:\f852b00bcd05d1c743
2016-11-12 10:24 - 2016-11-12 10:24 - 00003242 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task
2016-11-12 10:23 - 2016-11-12 10:23 - 00000000 ____D C:\Users\Michele\AppData\Roaming\Skype
2016-11-12 10:22 - 2016-11-12 10:26 - 14749120 _____ (Microsoft Corporation) C:\Users\Michele\Downloads\vc_redist.x64.exe
2016-11-12 04:54 - 2016-11-14 00:19 - 00000000 ___RD C:\Users\Michele\OneDrive
2016-11-12 04:54 - 2016-11-12 10:24 - 00002134 _____ C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-11-12 04:54 - 2016-11-12 04:54 - 00002110 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-11-12 04:54 - 2016-11-12 04:54 - 00002110 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-11-12 04:54 - 2016-11-12 04:54 - 00002110 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-11-12 04:54 - 2016-11-12 04:54 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-11-12 04:54 - 2016-11-12 04:54 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-11-12 04:54 - 2016-11-12 04:54 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-11-12 04:53 - 2016-11-12 04:53 - 00000000 ____D C:\e8e83afc85632a8a58
2016-11-12 03:48 - 2016-11-12 03:48 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-11-12 03:09 - 2016-11-12 03:11 - 00000000 ____D C:\Program Files\IDT
2016-11-12 03:09 - 1999-12-31 22:00 - 02193920 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2016-11-12 03:09 - 1999-12-31 22:00 - 00674304 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2016-11-12 03:09 - 1999-12-31 22:00 - 00546304 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2016-11-12 03:09 - 1999-12-31 22:00 - 00499200 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2016-11-12 03:09 - 1999-12-31 22:00 - 00256000 _____ (IDT, Inc.) C:\Windows\system32\st646466.dll
2016-11-12 03:02 - 2016-11-13 12:10 - 00000000 ____D C:\Program Files\Microsoft Office
2016-11-12 02:51 - 2016-11-12 02:51 - 03920568 _____ (Microsoft Corporation) C:\Users\Michele\Downloads\Setup.x64.en-us_ProfessionalRetail_NKGG6-WBPCC-HXWMY-6DQGJ-CPQVG_act_1_.exe
2016-11-12 02:22 - 2016-11-12 02:22 - 00000000 ____D C:\Users\Michele\AppData\Roaming\WinBatch
2016-11-11 23:36 - 2016-11-11 23:36 - 00002986 _____ C:\Windows\System32\Tasks\Start SimplePass
2016-11-11 23:36 - 2016-11-11 23:36 - 00002924 _____ C:\Windows\System32\Tasks\Start OPBHOBrokerDesktop
2016-11-11 23:36 - 2016-11-11 23:36 - 00002912 _____ C:\Windows\System32\Tasks\Start OPBHOBroker
2016-11-11 23:36 - 2016-11-11 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2016-11-11 23:36 - 2016-11-11 23:36 - 00000000 ____D C:\Program Files\Hewlett-Packard
2016-11-11 23:36 - 2015-07-01 12:55 - 00001608 _____ C:\Windows\SysWOW64\optskcpl.xml
2016-11-11 23:36 - 2015-06-24 16:31 - 00002986 _____ C:\Windows\SysWOW64\Start_SimplePass.xml
2016-11-11 23:36 - 2015-06-24 16:31 - 00002924 _____ C:\Windows\SysWOW64\Start_OPBHOBrokerDesktop.xml
2016-11-11 23:36 - 2015-06-24 16:31 - 00002912 _____ C:\Windows\SysWOW64\Start_OPBHOBroker.xml
2016-11-11 21:05 - 2016-11-11 21:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2016-11-11 21:05 - 2016-11-11 21:05 - 00000000 ____D C:\Users\Todos os Usuários\Validity
2016-11-11 21:05 - 2016-11-11 21:05 - 00000000 ____D C:\ProgramData\Validity
2016-11-11 20:43 - 2016-11-11 20:43 - 00000000 ____D C:\Users\Todos os Usuários\CyberLink
2016-11-11 20:43 - 2016-11-11 20:43 - 00000000 ____D C:\ProgramData\CyberLink
2016-11-11 20:42 - 2016-11-11 20:43 - 00000000 ____D C:\Users\Michele\Documents\Youcam
2016-11-11 20:42 - 2016-11-11 20:42 - 00000000 ____D C:\Users\Public\CyberLink
2016-11-11 20:42 - 2016-11-11 20:42 - 00000000 ____D C:\Users\Michele\AppData\Roaming\CyberLink
2016-11-11 20:42 - 2016-11-11 20:42 - 00000000 ____D C:\Users\Michele\AppData\Local\CyberLink
2016-11-11 20:32 - 2016-11-11 20:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsAlsDriver_01_09_00.Wdf
2016-11-11 20:27 - 2016-11-11 21:28 - 96647984 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp71729 (1).exe
2016-11-11 20:24 - 2016-11-11 20:24 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safe Web Browser.lnk
2016-11-11 20:24 - 2016-11-11 20:24 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screen Lock.lnk
2016-11-11 20:24 - 2016-11-11 20:24 - 00001150 _____ C:\Users\Public\Desktop\Screen Lock.lnk
2016-11-11 20:24 - 2016-11-11 20:24 - 00001083 _____ C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Access Manager.lnk
2016-11-11 20:24 - 2016-11-11 20:24 - 00001053 _____ C:\Users\Michele\Desktop\Access Manager.lnk
2016-11-11 20:24 - 2016-11-11 20:24 - 00000000 ___HD C:\Access Manager
2016-11-11 20:24 - 2016-11-11 20:24 - 00000000 ____D C:\Users\Michele\Access Manager
2016-11-11 20:24 - 2016-11-11 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access Manager
2016-11-11 20:24 - 2016-11-11 20:24 - 00000000 ____D C:\Program Files (x86)\Access Manager
2016-11-11 20:21 - 2016-11-11 20:22 - 01982307 _____ C:\Users\Michele\Downloads\accmen.zip
2016-11-11 18:57 - 2016-11-11 18:58 - 00000000 ____D C:\Windows\Hewlett-Packard
2016-11-11 18:52 - 2016-11-11 18:52 - 00020392 _____ C:\Users\Michele\AppData\Local\IWDAudHelper.20161111.185222.txt
2016-11-11 18:52 - 2016-11-11 18:52 - 00002052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk
2016-11-11 18:52 - 2016-11-11 18:52 - 00002040 _____ C:\Users\Public\Desktop\Intel(R) WiDi.lnk
2016-11-11 18:52 - 2016-11-11 18:52 - 00001587 _____ C:\Users\Michele\AppData\Local\PDLSetup.20161111.185200.txt
2016-11-11 18:52 - 2016-11-11 18:52 - 00001229 _____ C:\Users\Michele\AppData\Local\PDLSetup.20161111.185252.txt
2016-11-11 18:52 - 2016-11-11 18:52 - 00001229 _____ C:\Users\Michele\AppData\Local\PDLSetup.20161111.185205.txt
2016-11-11 18:52 - 2016-11-11 18:52 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WDKMD_01009.Wdf
2016-11-11 18:52 - 2016-11-11 18:52 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iwdbus_01009.Wdf
2016-11-11 18:52 - 2016-11-11 18:52 - 00000000 ____D C:\Users\Todos os Usuários\Intel
2016-11-11 18:52 - 2016-11-11 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2016-11-11 18:52 - 2016-11-11 18:52 - 00000000 ____D C:\ProgramData\Intel
2016-11-11 18:52 - 2016-11-11 18:52 - 00000000 ____D C:\Program Files (x86)\Intel Corporation
2016-11-11 18:51 - 2016-11-11 18:51 - 00000663 _____ C:\Users\Michele\AppData\Local\PDLSetup.20161111.185158.txt
2016-11-11 18:49 - 2016-11-11 18:49 - 00001587 _____ C:\Users\Michele\AppData\Local\PDLSetup.20161111.184932.txt
2016-11-11 18:48 - 2016-11-11 18:48 - 00003154 _____ C:\Windows\System32\Tasks\MirageAgent
2016-11-11 18:48 - 2016-11-11 18:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2016-11-11 18:48 - 2016-11-11 18:48 - 00000000 ____D C:\Users\Public\Documents\YouCam
2016-11-11 18:47 - 2016-11-11 18:47 - 00000000 ____D C:\Program Files (x86)\CyberLink
2016-11-11 18:46 - 2016-11-11 18:46 - 00000000 ____D C:\Users\Todos os Usuários\Temp
2016-11-11 18:46 - 2016-11-11 18:46 - 00000000 ____D C:\ProgramData\Temp
2016-11-11 18:30 - 2016-11-11 18:30 - 00000000 ____D C:\Windows\system32\SRSLabs
2016-11-11 18:30 - 2011-05-02 14:27 - 00426328 ____N (Dolby Laboratories) C:\Windows\system32\EED64A.dll
2016-11-11 18:30 - 2011-05-02 14:27 - 00136024 ____N (Dolby Laboratories) C:\Windows\system32\EEL64A.dll
2016-11-11 18:30 - 2011-05-02 14:27 - 00074072 ____N (Dolby Laboratories) C:\Windows\system32\EEG64A.dll
2016-11-11 18:30 - 1999-12-31 22:00 - 06101504 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2016-11-11 18:30 - 1999-12-31 22:00 - 03308376 _____ (Dolby Laboratories) C:\Windows\system32\EEP64A.dll
2016-11-11 18:30 - 1999-12-31 22:00 - 01897984 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl
2016-11-11 18:30 - 1999-12-31 22:00 - 01702912 _____ (IDT, Inc.) C:\Windows\sttray64.exe
2016-11-11 18:30 - 1999-12-31 22:00 - 00442368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTEC64.dll
2016-11-11 18:30 - 1999-12-31 22:00 - 00202304 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAC64.dll
2016-11-11 18:30 - 1999-12-31 22:00 - 00118104 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2016-11-11 18:30 - 1999-12-31 22:00 - 00090624 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCo64.dll
2016-11-11 18:30 - 1999-12-31 22:00 - 00074336 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAR64.dll
2016-11-11 18:29 - 2011-05-27 11:06 - 00224256 ____N (IDT, Inc.) C:\Windows\system32\staco64.dll
2016-11-11 18:27 - 2016-11-11 18:27 - 00000000 ____D C:\Program Files\CONEXANT
2016-11-11 18:26 - 2011-04-26 11:07 - 00557848 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2016-11-11 18:25 - 2011-02-22 11:59 - 00008192 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll
2016-11-11 16:43 - 2016-11-11 16:43 - 00000000 ____D C:\Users\Michele\AppData\Roaming\Intel Corporation
2016-11-11 16:38 - 2016-11-11 18:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-11-11 15:46 - 2016-11-11 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-11-11 15:43 - 2016-11-11 15:43 - 00000000 ____D C:\Program Files (x86)\HP
2016-11-11 15:18 - 2016-11-11 15:18 - 00000000 ____D C:\Users\Todos os Usuários\ATI
2016-11-11 15:18 - 2016-11-11 15:18 - 00000000 ____D C:\Users\Michele\AppData\Roaming\ATI
2016-11-11 15:18 - 2016-11-11 15:18 - 00000000 ____D C:\Users\Michele\AppData\Local\ATI
2016-11-11 15:18 - 2016-11-11 15:18 - 00000000 ____D C:\ProgramData\ATI
2016-11-11 15:13 - 2016-11-11 15:13 - 00000000 _____ C:\Windows\ativpsrm.bin
2016-11-11 11:41 - 2016-11-11 21:03 - 00000000 ____D C:\Users\Michele\Downloads\HP Downloads
2016-11-11 11:39 - 2016-11-11 18:26 - 00000000 ____D C:\Program Files (x86)\Intel
2016-11-11 11:39 - 2016-11-11 11:39 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-11-11 11:37 - 2016-11-11 11:37 - 00000000 ____D C:\Intel
2016-11-11 11:37 - 2011-01-12 22:03 - 00003155 _____ C:\Windows\SysWOW64\atipblup.dat
2016-11-11 11:37 - 2011-01-12 22:03 - 00003155 _____ C:\Windows\system32\atipblup.dat
2016-11-11 11:36 - 2016-11-11 11:38 - 00000000 ____D C:\Program Files\ATI Technologies
2016-11-11 11:36 - 2016-11-11 11:37 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-11-11 11:36 - 2016-11-11 11:36 - 00000000 ____D C:\Program Files\ATI
2016-11-11 11:31 - 2016-11-11 18:58 - 00000000 ____D C:\Users\Michele\AppData\Roaming\Hewlett-Packard
2016-11-11 07:19 - 2016-11-11 11:41 - 00000000 ____D C:\Users\Michele\AppData\Local\Hewlett-Packard
2016-11-11 05:54 - 2016-11-11 19:17 - 00000000 ____D C:\Users\Todos os Usuários\HP Inc
2016-11-11 05:54 - 2016-11-11 19:17 - 00000000 ____D C:\ProgramData\HP Inc
2016-11-11 05:54 - 2016-11-11 05:54 - 00000000 ____D C:\System.sav
2016-11-11 05:53 - 2016-11-11 05:53 - 00000000 ____D C:\Users\Michele\AppData\Roaming\hpqLog
2016-11-11 05:29 - 2016-11-13 12:10 - 01598992 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-11-11 05:26 - 2016-11-11 05:34 - 10830288 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp54169.exe
2016-11-11 05:23 - 2016-11-11 05:23 - 00000000 ____D C:\HP
2016-11-11 05:21 - 2016-11-11 21:04 - 00000000 ____D C:\Program Files\Validity Sensors
2016-11-11 05:21 - 2016-11-11 05:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_wbf_vfs_0018_01_09_00.Wdf
2016-11-11 05:20 - 2016-11-11 05:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2016-11-11 05:20 - 2016-11-11 05:20 - 00000000 ____D C:\Program Files\Apoint2K
2016-11-11 05:17 - 2016-11-11 15:44 - 00000000 ____D C:\Users\Todos os Usuários\Hewlett-Packard
2016-11-11 05:17 - 2016-11-11 15:44 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-11-11 05:11 - 2016-11-14 07:23 - 00000370 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Michele).job
2016-11-11 05:11 - 2016-11-11 05:11 - 00003036 _____ C:\Windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan - Michele)
2016-11-11 05:05 - 2016-11-11 05:05 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2016-11-11 05:04 - 2016-11-11 18:56 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-11-11 04:47 - 2016-11-11 08:50 - 289052832 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp54122.exe
2016-11-11 04:46 - 2016-11-11 06:40 - 140150288 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp54243.exe
2016-11-11 04:44 - 2016-11-11 04:48 - 04772296 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp60704.exe
2016-11-11 04:43 - 2016-11-11 05:11 - 32031216 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp54170.exe
2016-11-11 04:43 - 2016-11-11 04:51 - 10767704 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp54120.exe
2016-11-11 04:42 - 2016-11-11 05:37 - 66231192 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp54161.exe
2016-11-11 04:40 - 2016-11-11 04:41 - 01533800 _____ (Hewlett-Packard Company ) C:\Users\Michele\Downloads\sp55152.exe
2016-11-11 04:31 - 2016-11-11 05:40 - 96647984 _____ (Hewlett-Packard ) C:\Users\Michele\Downloads\sp71729.exe
2016-11-11 04:09 - 2016-11-11 11:38 - 00001047 _____ C:\Users\Public\Desktop\DriverTuner.lnk
2016-11-11 04:09 - 2016-11-11 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner
2016-11-11 04:09 - 2016-11-11 11:38 - 00000000 ____D C:\Program Files (x86)\DriverTuner
2016-11-11 04:05 - 2016-11-11 04:08 - 02816040 _____ (LionSea SoftWare ) C:\Users\Michele\Downloads\setup.exe
2016-11-11 03:57 - 2016-11-11 03:57 - 00000000 ____D C:\Users\Michele\AppData\Local\CEF
2016-11-11 03:56 - 2016-11-11 04:52 - 00003900 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1478843812
2016-11-11 03:56 - 2016-11-11 03:56 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-11-11 03:56 - 2016-11-11 03:56 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-11-11 03:45 - 2016-11-11 03:45 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-11-11 03:45 - 2016-11-11 03:45 - 00000000 ____D C:\Users\Michele\AppData\Roaming\AVAST Software
2016-11-11 03:45 - 2016-11-11 03:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-11-11 03:44 - 2016-11-11 19:17 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-11-11 03:44 - 2016-11-11 03:45 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-11-11 03:44 - 2016-11-11 03:45 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-11-11 03:44 - 2016-11-11 03:44 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-11-11 03:44 - 2016-11-11 03:44 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-11-11 03:44 - 2016-11-11 03:44 - 00000000 ____D C:\Program Files\Common Files\AV
2016-11-11 03:44 - 2016-11-11 03:43 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-11-11 03:44 - 2016-11-11 03:43 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-11-11 03:44 - 2016-11-11 03:43 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-11-11 03:44 - 2016-11-11 03:43 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-11-11 03:44 - 2016-11-11 03:43 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-11-11 03:43 - 2016-11-11 03:43 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-11-11 03:43 - 2016-11-11 03:43 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-11-11 03:43 - 2016-11-11 03:43 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-11-11 03:43 - 2016-11-11 03:43 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-11-11 03:35 - 2016-11-13 12:16 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-11-11 03:35 - 2016-11-13 12:16 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-11 03:35 - 2016-11-11 03:56 - 00000000 ____D C:\Program Files\AVAST Software
2016-11-11 03:35 - 2016-11-11 03:35 - 00000000 ____D C:\Program Files\Intel
2016-11-11 03:34 - 2016-11-11 03:56 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-11-11 03:34 - 2016-11-11 03:56 - 00000000 ____D C:\ProgramData\AVAST Software
2016-11-11 03:30 - 2016-11-11 03:30 - 00000000 ____D C:\Users\Michele\Intel
2016-11-11 02:54 - 2016-11-11 19:11 - 00000000 ____D C:\Windows\SysWOW64\sda
2016-11-11 02:54 - 2016-11-11 18:39 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-11-11 02:54 - 2015-06-15 17:08 - 00753368 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsPer.sys
2016-11-11 02:54 - 2015-06-03 09:47 - 00313048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsBaStor.sys
2016-11-11 02:54 - 2015-06-02 18:04 - 00365272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys
2016-11-11 02:54 - 2015-06-01 17:44 - 00301784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsP2Stor.sys
2016-11-11 02:54 - 2015-05-27 14:13 - 00402136 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2016-11-11 02:54 - 2014-10-20 17:50 - 00083160 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll
2016-11-11 02:54 - 2014-01-27 13:39 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2016-11-11 02:35 - 2016-11-11 02:35 - 00000000 ____D C:\Users\Todos os Usuários\SlimWare Utilities, Inc
2016-11-11 02:35 - 2016-11-11 02:35 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc
2016-11-11 02:34 - 2016-11-14 00:19 - 00002844 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2016-11-11 02:34 - 2016-11-14 00:19 - 00000414 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2016-11-11 02:34 - 2016-11-14 00:18 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2016-11-11 02:34 - 2016-11-11 21:10 - 00000000 ____D C:\Users\Michele\AppData\Local\SlimWare Utilities Inc
2016-11-11 02:31 - 2016-11-11 02:31 - 00000000 ____D C:\Users\Michele\AppData\Roaming\Easeware
2016-11-11 02:28 - 2016-11-11 02:28 - 00000000 ___HD C:\Users\Michele\AppData\Roaming\GoldenGate
2016-11-11 02:28 - 2016-11-11 02:28 - 00000000 ___HD C:\Users\Michele\AppData\Roaming\Booking_helper
2016-11-11 02:22 - 2016-11-11 02:22 - 00000000 ____D C:\Users\Michele\Documents\Wireless_14.3.1_Ds64
2016-11-11 02:22 - 2016-11-11 02:22 - 00000000 ____D C:\Program Files\DIFX
2016-11-11 02:21 - 2016-11-11 03:15 - 00000000 ____D C:\Users\Michele\Desktop\arquivos telefone
2016-11-11 02:18 - 2016-11-11 02:18 - 00002483 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2016-11-11 02:18 - 2016-11-11 02:18 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2016-11-11 02:18 - 2016-11-11 02:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
2016-11-11 02:18 - 2016-11-11 02:18 - 00000000 ____D C:\Program Files (x86)\SlimDrivers
2016-11-11 02:17 - 2016-11-13 01:51 - 00000000 ____D C:\Users\Michele\AppData\Roaming\01f7c0f7222dda6818cd658dc9c52bfd
2016-11-11 02:16 - 2016-11-14 11:50 - 00000000 ____D C:\Users\Todos os Usuários\{81B444D7-0BF6-CE11-8D30-50531772DB9D}
2016-11-11 02:16 - 2016-11-14 11:50 - 00000000 ____D C:\ProgramData\{81B444D7-0BF6-CE11-8D30-50531772DB9D}
2016-11-11 02:16 - 2016-11-13 01:50 - 00004348 _____ C:\Windows\System32\Tasks\Yahoo! Powered canit
2016-11-11 02:14 - 2016-11-14 11:23 - 00000000 ____D C:\Users\Michele\AppData\Roaming\WeatherTool
2016-11-11 02:14 - 2016-11-13 01:50 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-11-11 02:14 - 2016-11-13 01:50 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-11-11 02:14 - 2016-11-11 04:08 - 00000000 ____D C:\Program Files (x86)\OLBPre
2016-11-11 02:14 - 2016-11-11 02:14 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-11-11 02:14 - 2016-11-11 02:14 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-11-11 02:14 - 2016-11-11 02:14 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-11-11 02:14 - 2016-11-11 02:14 - 00000000 ____D C:\Program Files (x86)\WeatherTool
2016-11-11 02:10 - 2016-11-11 02:10 - 00000000 ____D C:\Windows\HPQ
2016-11-11 02:09 - 2016-11-11 23:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-11 02:09 - 2016-11-11 18:34 - 00000000 ____D C:\Windows\SysWOW64\Atheros_L1e
2016-11-11 02:08 - 2016-11-11 23:08 - 00000000 ____D C:\SWSetup
2016-11-11 02:08 - 2016-11-11 18:37 - 00001395 _____ C:\Windows\HPSetLog.txt
2016-11-11 02:04 - 2016-11-11 02:04 - 00091950 _____ C:\Windows\ntbtlog.txt
2016-11-11 01:50 - 2016-11-11 01:50 - 00002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-11 01:50 - 2016-11-11 01:50 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-11 01:39 - 2016-11-14 12:44 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-11 01:39 - 2016-11-14 11:13 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-11 01:39 - 2016-11-11 01:39 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-11-11 01:39 - 2016-11-11 01:39 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-11-11 01:38 - 2016-11-13 02:02 - 00000000 ____D C:\Users\Michele\AppData\Local\Google
2016-11-11 01:38 - 2016-11-13 02:02 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-11 01:38 - 2016-11-11 01:38 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-11-11 01:38 - 2016-11-11 01:38 - 00000000 ____D C:\Users\Michele\AppData\Local\Deployment
2016-11-11 01:38 - 2016-11-11 01:38 - 00000000 ____D C:\Users\Michele\AppData\Local\Apps\2.0
2016-11-11 01:25 - 2014-05-14 14:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-11-11 01:25 - 2014-05-14 14:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-11-11 01:25 - 2014-05-14 14:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-11-11 01:25 - 2014-05-14 14:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-11-11 01:25 - 2014-05-14 14:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-11-11 01:25 - 2014-05-14 14:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-11-11 01:25 - 2014-05-14 14:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-11-11 01:25 - 2014-05-14 14:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-11-11 01:25 - 2014-05-14 14:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-11-11 01:25 - 2014-05-14 14:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-11-11 01:24 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-11-11 01:24 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-11-11 01:24 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-11-11 01:24 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-11-11 01:19 - 2016-11-13 12:32 - 00136816 _____ C:\Users\Michele\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-11 01:13 - 2016-11-11 00:22 - 00000000 ____D C:\Windows\Panther
2016-11-11 01:12 - 2016-11-11 20:28 - 00000000 ____D C:\Users\Michele\AppData\Local\ElevatedDiagnostics
2016-11-11 00:58 - 2016-11-11 00:58 - 00000000 ____D C:\$WINDOWS.~BT
2016-11-11 00:56 - 2016-11-11 00:56 - 00002544 _____ C:\Windows\diagwrn.xml
2016-11-11 00:56 - 2016-11-11 00:56 - 00001890 _____ C:\Windows\diagerr.xml
2016-11-11 00:45 - 2016-11-11 00:45 - 00003050 _____ C:\Windows\System32\Tasks\{4DE0A0B1-8460-4F79-89A7-B43963858157}
2016-11-11 00:22 - 2016-11-12 04:54 - 00000000 ____D C:\Users\Michele
2016-11-11 00:22 - 2016-11-11 00:22 - 00001423 _____ C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-11 00:22 - 2016-11-11 00:22 - 00001389 _____ C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-11-11 00:22 - 2016-11-11 00:22 - 00000020 ___SH C:\Users\Michele\ntuser.ini
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Usuário Padrão
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Todos os Usuários
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Modelos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Meus documentos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Menu Iniciar
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Documents\Minhas músicas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Documents\Minhas imagens
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Documents\Meus vídeos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Configurações locais
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\AppData\Local\Histórico
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\AppData\Local\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Ambiente de rede
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Michele\Ambiente de impressão
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Modelos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Meus documentos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Configurações locais
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\ProgramData\Modelos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\ProgramData\Favoritos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\ProgramData\Documentos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 _SHDL C:\Arquivos de Programas
2016-11-11 00:22 - 2016-11-11 00:22 - 00000000 ____D C:\Users\Michele\AppData\Local\VirtualStore
2016-11-11 00:22 - 2010-11-21 07:47 - 00000000 ____D C:\Users\Michele\AppData\Roaming\Media Center Programs
2016-11-11 00:17 - 2016-11-11 00:17 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-11-11 00:17 - 2016-11-11 00:17 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-10-30 09:24 - 2016-10-30 09:24 - 00394496 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2016-10-30 09:24 - 2016-10-30 09:24 - 00089328 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-10-30 09:23 - 2016-10-30 09:23 - 00639728 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2016-10-30 09:23 - 2016-10-30 09:23 - 00334616 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2016-10-21 14:09 - 2016-11-14 00:24 - 00019648 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-10-21 14:09 - 2016-11-14 00:24 - 00019648 _____ (Microsoft Corporation) C:\Windows\api-ms-win-crt-heap-l1-1-0.dll
2016-10-08 01:10 - 2016-10-08 01:10 - 00085744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00443632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2016-10-08 01:09 - 2016-10-08 01:09 - 00244496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2016-10-08 01:08 - 2016-10-08 01:08 - 00271104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-11-14 00:30 - 2009-07-14 02:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-14 00:30 - 2009-07-14 02:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-14 00:22 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-11-14 00:16 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-14 00:16 - 2009-07-14 02:45 - 00511448 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-13 22:39 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-11-13 12:10 - 2010-11-21 07:37 - 00705268 _____ C:\Windows\system32\prfh0416.dat
2016-11-13 12:10 - 2010-11-21 07:37 - 00147108 _____ C:\Windows\system32\prfc0416.dat
2016-11-13 12:10 - 2009-07-14 03:13 - 01598992 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-11 19:17 - 2010-11-21 07:47 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-11-11 19:17 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\security
2016-11-11 19:17 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\registration
2016-11-11 19:02 - 2009-07-14 03:32 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2016-11-11 18:22 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\Help
2016-11-11 05:21 - 2009-07-14 03:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-11-11 02:14 - 2009-07-14 01:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-11-11 02:14 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-11-11 01:49 - 2009-07-14 01:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-11-11 01:13 - 2009-07-14 03:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-11-11 01:13 - 2009-07-14 02:45 - 00000000 ____D C:\Windows\Setup
2016-11-11 01:08 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-11 00:41 - 2009-07-14 03:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-11-11 00:22 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files\Windows NT
2016-11-11 00:21 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache
2016-11-11 00:19 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\oobe
2016-11-11 00:17 - 2009-07-14 03:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-11-11 00:17 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-11-11 00:14 - 2010-11-21 07:47 - 00000000 ____D C:\Windows\CSC
==================== Arquivos na raiz de alguns diretórios =======
2016-11-13 01:51 - 2016-11-13 01:51 - 0019862 _____ () C:\Users\Michele\AppData\Roaming\Lasadafet
2016-11-11 18:52 - 2016-11-11 18:52 - 0020392 _____ () C:\Users\Michele\AppData\Local\IWDAudHelper.20161111.185222.txt
2016-11-11 18:49 - 2016-11-11 18:49 - 0001587 _____ () C:\Users\Michele\AppData\Local\PDLSetup.20161111.184932.txt
2016-11-11 18:51 - 2016-11-11 18:51 - 0000663 _____ () C:\Users\Michele\AppData\Local\PDLSetup.20161111.185158.txt
2016-11-11 18:52 - 2016-11-11 18:52 - 0001587 _____ () C:\Users\Michele\AppData\Local\PDLSetup.20161111.185200.txt
2016-11-11 18:52 - 2016-11-11 18:52 - 0001229 _____ () C:\Users\Michele\AppData\Local\PDLSetup.20161111.185205.txt
2016-11-11 18:52 - 2016-11-11 18:52 - 0001229 _____ () C:\Users\Michele\AppData\Local\PDLSetup.20161111.185252.txt
Alguns arquivos em TEMP:
====================
C:\Users\Michele\AppData\Local\Temp\GoogleSetup.exe
C:\Users\Michele\AppData\Local\Temp\NetFramework45.exe
C:\Users\Michele\AppData\Local\Temp\scp8556.tmp.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-11-11 00:14
==================== Fim de FRST.txt ============================