Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 07-12-2016
Executado por User (administrador) em USER-PC (12-12-2016 13:26:41)
Executando a partir de D:\user\Downloads
Perfis Carregados: User (Perfis Disponíveis: User)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\updates\3.4.9_42973\utorrentie.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\updates\3.4.9_42973\utorrentie.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2016-12-04] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\...\Run: [uTorrent] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [2403520 2016-12-02] (BitTorrent Inc.)
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\...\MountPoints2: {0bc5fac8-baea-11e6-9a90-485b39cef7b4} - G:\SETUP.EXE
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\...\MountPoints2: {0bc5facb-baea-11e6-9a90-485b39cef7b4} - H:\SETUP.EXE
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\...\MountPoints2: {0bc5fad4-baea-11e6-9a90-485b39cef7b4} - I:\SETUP.EXE
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\...\MountPoints2: {0bc5fae7-baea-11e6-9a90-485b39cef7b4} - J:\SETUP.EXE
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\...\MountPoints2: {0ca27840-bb54-11e6-bccd-806e6f6e6963} - H:\SETUP.EXE
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo
GroupPolicy: Restrição <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F4F838E5-8111-4724-8DEA-32652CF81DF4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F7258901-838D-4620-9FF8-26688742ABAF}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={D8502F36-35D4-4A82-83BF-1E6F3AF5836B}&mid=d1231a28efc347cf958499127f2a1e47-79ffac797bc69f0f93e8732a6e3ce2540c7ed4a6&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0516pi&pr=fr&d=2016-12-04 04:45:02&v=4.3.6.255&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1762041641-4157318296-3322979886-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1762041641-4157318296-3322979886-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1762041641-4157318296-3322979886-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D8502F36-35D4-4A82-83BF-1E6F3AF5836B}&mid=d1231a28efc347cf958499127f2a1e47-79ffac797bc69f0f93e8732a6e3ce2540c7ed4a6&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0516pi&pr=fr&d=2016-12-04 04:45:02&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-02] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => Nenhum Arquivo
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-02] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-12-04] (AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-02] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2016-12-12]
CHR Extension: (Google Apresentações) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-02]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-02]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-02]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-02]
CHR Extension: (Planilhas do Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-02]
CHR Extension: (Documentos Google off-line) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-02]
CHR Extension: (Skype) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-12-02]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-02]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-02]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-02]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [647864 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337696 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [727512 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-11-28] (Dropbox, Inc.)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-06-01] (Nero AG)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-03-29] (VIA Technologies, Inc.)
R2 vToolbarUpdater40.3.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe [1349704 2016-12-04] (AVG Secure Search)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-12-04] ()
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-10-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [267520 2016-10-19] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-12-05] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-12-05] (Disc Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2212496 2014-07-04] (MediaTek Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2016-12-05] (Duplex Secure Ltd.)
U3 a57o57by; C:\Windows\System32\Drivers\a57o57by.sys [0 ] (Microsoft Corporation) <==== ATENÇÃO (zero byte Arquivo/Pasta)
U0 aswVmm; não ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-12 13:22 - 2016-12-12 13:26 - 00000000 ____D C:\FRST
2016-12-12 11:58 - 2016-12-12 11:58 - 00000000 ____D C:\Users\User\AppData\LocalLow\uTorrent
2016-12-12 10:02 - 2016-12-12 10:02 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-12-12 10:01 - 2016-12-12 11:07 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.4.0
2016-12-12 10:01 - 2016-12-12 10:01 - 00001943 _____ C:\Users\Public\Desktop\PCSX2 1.4.0.lnk
2016-12-12 10:01 - 2016-12-12 10:01 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-12-12 10:01 - 2016-12-12 10:01 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-12 10:01 - 2016-12-12 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-12-10 10:27 - 2016-12-10 10:29 - 04096000 _____ C:\Program Files (x86)\GUT9AEC.tmp
2016-12-10 10:27 - 2016-12-10 10:27 - 00001035 _____ C:\Users\User\Desktop\PhotoScape.lnk
2016-12-10 10:27 - 2016-12-10 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2016-12-10 10:27 - 2016-12-10 10:27 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2016-12-10 10:27 - 2016-12-10 10:27 - 00000000 ____D C:\Program Files (x86)\GUM9AEB.tmp
2016-12-09 08:17 - 2016-12-12 13:07 - 00000000 ___RD C:\Users\User\Dropbox
2016-12-09 07:50 - 2016-12-09 07:50 - 00000000 ____D C:\Users\User\AppData\Roaming\Dropbox
2016-12-08 22:16 - 2016-12-08 22:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-12-08 15:49 - 2016-12-08 15:49 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-12-08 12:50 - 2014-05-14 14:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-12-08 12:50 - 2014-05-14 14:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-12-08 12:50 - 2014-05-14 14:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-12-08 12:50 - 2014-05-14 14:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-12-08 12:50 - 2014-05-14 14:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-12-08 12:50 - 2014-05-14 14:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-12-08 12:50 - 2014-05-14 14:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-12-08 12:50 - 2014-05-14 14:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-12-08 12:50 - 2014-05-14 14:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-12-08 12:50 - 2014-05-14 14:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-12-08 12:50 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-12-08 12:50 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-12-08 12:50 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-12-08 12:50 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-12-05 23:47 - 2016-12-05 23:47 - 00003030 _____ C:\Windows\System32\Tasks\{0EB8788B-B04A-440E-8B24-EADF4B958E9D}
2016-12-05 23:42 - 2016-12-12 09:55 - 00021840 ____T C:\Windows\SysWOW64\SIntfNT.dll
2016-12-05 23:42 - 2016-12-12 09:55 - 00017212 ____T C:\Windows\SysWOW64\SIntf32.dll
2016-12-05 23:42 - 2016-12-12 09:55 - 00012067 ____T C:\Windows\SysWOW64\SIntf16.dll
2016-12-05 23:38 - 2016-12-12 10:00 - 00000000 ____D C:\Program Files (x86)\Diablo II
2016-12-05 23:32 - 2016-12-05 23:37 - 00000000 ____D C:\Users\User\AppData\Roaming\DAEMON Tools Pro
2016-12-05 23:32 - 2016-12-05 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
2016-12-05 23:32 - 2016-12-05 23:32 - 00564824 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2016-12-05 23:32 - 2016-12-05 23:32 - 00001936 _____ C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
2016-12-05 23:32 - 2016-12-05 23:32 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Pro
2016-12-05 23:30 - 2016-12-05 23:37 - 00000000 ____D C:\Users\Todos os Usuários\DAEMON Tools Pro
2016-12-05 23:30 - 2016-12-05 23:37 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2016-12-05 22:43 - 2016-12-05 22:43 - 00003178 _____ C:\Windows\System32\Tasks\{EAEA7A44-1676-42B1-839B-9D62DA4D8FFF}
2016-12-05 22:42 - 2016-12-05 22:42 - 00003190 _____ C:\Windows\System32\Tasks\{29503627-832E-4B7B-9A26-87F6E10D7277}
2016-12-05 22:42 - 2016-12-05 22:42 - 00003166 _____ C:\Windows\System32\Tasks\{8F7E7841-7877-444A-9E9B-15123339F96F}
2016-12-05 22:36 - 2016-12-05 22:36 - 00003122 _____ C:\Windows\System32\Tasks\{45A38523-0F29-4D0E-9D21-D791E1F44084}
2016-12-05 22:31 - 2016-12-05 22:31 - 00000000 ____D C:\Users\User\AppData\Roaming\PowerISO
2016-12-05 22:30 - 2016-12-05 22:30 - 00001011 _____ C:\Users\Public\Desktop\PowerISO.lnk
2016-12-05 22:30 - 2016-12-05 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2016-12-05 22:30 - 2016-12-05 22:30 - 00000000 ____D C:\Program Files (x86)\PowerISO
2016-12-05 22:30 - 2016-02-10 11:21 - 00137280 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2016-12-05 17:30 - 2016-12-05 23:42 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-12-05 17:28 - 2016-12-05 17:28 - 00003028 _____ C:\Windows\System32\Tasks\{7888E7D5-6A67-456C-B1AF-AB308B0B6683}
2016-12-05 17:27 - 2016-12-05 17:27 - 00001905 _____ C:\Users\User\Desktop\Diablo II - Lord of Destruction.lnk
2016-12-05 17:24 - 2016-12-12 10:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2016-12-05 17:23 - 2016-12-05 17:23 - 00003028 _____ C:\Windows\System32\Tasks\{DF3A26BF-88F3-4E43-9E8F-348F0A2D241C}
2016-12-05 17:18 - 2016-12-05 17:18 - 00003028 _____ C:\Windows\System32\Tasks\{A8063612-F99B-48B4-9330-D99026258075}
2016-12-05 17:15 - 2016-12-05 17:15 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2016-12-05 15:37 - 2016-12-05 15:37 - 00000000 ____D C:\Users\User\AppData\LocalLow\Adobe
2016-12-04 02:45 - 2016-12-04 02:45 - 00000000 ____D C:\Users\User\AppData\Local\AVG Web TuneUp
2016-12-04 02:45 - 2016-12-04 02:45 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2016-12-04 02:44 - 2016-12-04 02:45 - 00000000 ____D C:\Users\Todos os Usuários\AVG Web TuneUp
2016-12-04 02:44 - 2016-12-04 02:45 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-12-04 02:44 - 2016-12-04 02:44 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-12-04 01:08 - 2016-12-04 01:08 - 00000000 ____D C:\Users\User\AppData\Roaming\AVG
2016-12-04 01:07 - 2016-12-04 01:07 - 00000936 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-12-04 01:07 - 2016-12-04 01:07 - 00000000 ___HD C:\$AVG
2016-12-04 01:07 - 2016-12-04 01:07 - 00000000 ____D C:\Users\User\AppData\Roaming\TuneUp Software
2016-12-04 01:07 - 2016-12-04 01:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-12-03 23:58 - 2016-12-12 09:50 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-12-03 23:58 - 2016-12-04 01:07 - 00000000 ____D C:\Program Files (x86)\AVG
2016-12-03 23:36 - 2016-12-05 15:37 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2016-12-03 23:33 - 2016-12-04 01:07 - 00000000 ____D C:\Users\Todos os Usuários\Avg
2016-12-03 23:33 - 2016-12-04 01:07 - 00000000 ____D C:\ProgramData\Avg
2016-12-03 23:29 - 2016-12-04 01:04 - 00000000 ____D C:\Users\User\AppData\Local\AvgSetupLog
2016-12-03 23:28 - 2016-12-04 01:08 - 00000000 ____D C:\Users\User\AppData\Local\Avg
2016-12-03 23:25 - 2016-12-12 09:41 - 00000000 ____D C:\Users\Todos os Usuários\MFAData
2016-12-03 23:25 - 2016-12-12 09:41 - 00000000 ____D C:\ProgramData\MFAData
2016-12-03 23:25 - 2016-12-03 23:25 - 00000000 ____D C:\Users\User\AppData\Local\MFAData
2016-12-03 23:25 - 2016-12-03 23:25 - 00000000 ____D C:\Users\User\AppData\Local\Avg2015
2016-12-03 11:18 - 2016-12-03 11:18 - 00534016 _____ C:\Users\User\AppData\Roaming\Ground.exe
2016-12-03 11:17 - 2016-12-03 11:17 - 00000936 _____ C:\Users\User\Desktop\Guitar Pro 5.lnk
2016-12-03 11:17 - 2016-12-03 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 5
2016-12-03 11:17 - 2016-12-03 11:17 - 00000000 ____D C:\Program Files (x86)\Guitar Pro 5
2016-12-02 23:42 - 2016-12-02 23:42 - 00000000 ____D C:\Users\User\AppData\Roaming\Sun
2016-12-02 22:18 - 2016-12-12 10:18 - 00000000 ____D C:\Users\Todos os Usuários\{8B434E20-0101-C4E6-87C7-5AA41D85D16A}
2016-12-02 22:18 - 2016-12-12 10:18 - 00000000 ____D C:\ProgramData\{8B434E20-0101-C4E6-87C7-5AA41D85D16A}
2016-12-02 22:18 - 2016-12-02 22:18 - 00004336 _____ C:\Windows\System32\Tasks\Yahoo! Powered mimar
2016-12-02 22:18 - 2016-12-02 22:18 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-12-02 22:18 - 2016-12-02 22:18 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-12-02 22:16 - 2016-12-05 17:16 - 00000000 ____D C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2016-12-02 22:16 - 2016-12-05 17:14 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-12-02 22:15 - 2016-12-02 22:16 - 00000000 ____D C:\Users\Todos os Usuários\DAEMON Tools Lite
2016-12-02 22:15 - 2016-12-02 22:16 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-12-02 21:59 - 2016-12-02 22:24 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-12-02 21:55 - 2016-12-02 21:55 - 00002633 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-12-02 21:54 - 2016-12-12 13:26 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2016-12-02 21:44 - 2016-12-02 21:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-02 21:44 - 2016-12-02 21:44 - 00000000 ____D C:\Users\Todos os Usuários\Mediatek Driver
2016-12-02 21:44 - 2016-12-02 21:44 - 00000000 ____D C:\ProgramData\Mediatek Driver
2016-12-02 21:44 - 2014-07-04 18:38 - 02212496 _____ (MediaTek Inc.) C:\Windows\system32\Drivers\netr28ux.sys
2016-12-02 21:44 - 2014-06-26 22:06 - 00016103 _____ C:\Windows\SysWOW64\RaCoInst.dat
2016-12-02 21:44 - 2014-06-26 22:06 - 00016103 _____ C:\Windows\system32\RaCoInst.dat
2016-12-02 21:44 - 2014-06-26 16:15 - 00091412 _____ C:\Windows\SysWOW64\Drivers\FW_7662.bin
2016-12-02 21:44 - 2014-06-26 16:15 - 00091412 _____ C:\Windows\system32\Drivers\FW_7662.bin
2016-12-02 21:44 - 2014-06-05 14:23 - 00334992 _____ (Mediatek Inc.) C:\Windows\system32\RaCoInstx.dll
2016-12-02 21:44 - 2014-05-05 16:24 - 00020626 _____ C:\Windows\SysWOW64\Drivers\Patch_7662.bin
2016-12-02 21:44 - 2014-05-05 16:24 - 00020626 _____ C:\Windows\system32\Drivers\Patch_7662.bin
2016-12-02 14:42 - 2016-12-04 01:08 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-02 14:42 - 2016-12-02 14:42 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-12-02 14:35 - 2016-12-02 14:35 - 00000000 ____D C:\Users\User\AppData\Local\CEF
2016-12-02 14:34 - 2016-12-05 21:48 - 00000000 ____D C:\Users\User\AppData\Local\Ahead
2016-12-02 14:31 - 2016-12-02 14:31 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-12-02 14:31 - 2016-12-02 14:31 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-12-02 14:27 - 2013-05-17 00:13 - 00017280 _____ () C:\Windows\system32\Drivers\ASACPI.sys
2016-12-02 14:24 - 2016-12-02 14:24 - 00000000 ____D C:\Windows\SysWOW64\x64
2016-12-02 14:24 - 2016-12-02 14:24 - 00000000 ____D C:\Windows\SysWOW64\Lang
2016-12-02 14:24 - 2009-07-24 15:57 - 00997912 _____ (Intel Corporation) C:\Windows\SysWOW64\igxpun.exe
2016-12-02 14:22 - 2016-12-02 14:22 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-02 14:22 - 2009-08-18 14:44 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2016-12-02 14:21 - 2016-12-02 14:21 - 00000000 ____D C:\Intel
2016-12-02 14:19 - 2016-12-03 11:19 - 00109240 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-02 14:19 - 2016-12-02 14:19 - 00000000 ____D C:\Users\User\AppData\Roaming\WinRAR
2016-12-02 14:19 - 2011-03-29 11:03 - 02157680 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2016-12-02 14:19 - 2011-03-29 11:03 - 01161328 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaKaraokeApo.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00994416 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00556144 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00248944 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Dts2APO.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00202864 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00116848 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaKaraokePropPageExt.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00091760 _____ (VIA Technologies, Inc.) C:\Windows\system32\Dts2PropPageExt.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00087152 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00027760 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViakaraokeSrv.exe
2016-12-02 14:19 - 2009-07-24 15:57 - 00845848 _____ (Intel Corporation) C:\Windows\system32\igfxcfg.exe
2016-12-02 14:19 - 2009-07-24 15:57 - 00491032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2016-12-02 14:19 - 2009-07-24 15:57 - 00387608 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2016-12-02 14:19 - 2009-07-24 15:57 - 00365592 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2016-12-02 14:19 - 2009-07-24 15:57 - 00215576 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-12-02 14:19 - 2009-07-24 15:57 - 00165912 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2016-12-02 14:19 - 2009-07-24 15:57 - 00106008 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2016-12-02 14:19 - 2009-07-21 16:50 - 00004472 _____ C:\Windows\system32\iglhxs64.vp
2016-12-02 14:19 - 2009-07-21 16:37 - 01306112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v1851.dll
2016-12-02 14:19 - 2009-07-21 16:32 - 07345344 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-12-02 14:19 - 2009-07-21 16:32 - 05615104 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2016-12-02 14:19 - 2009-07-21 16:31 - 00982220 _____ C:\Windows\SysWOW64\igkrng500.bin
2016-12-02 14:19 - 2009-07-21 16:31 - 00982220 _____ C:\Windows\system32\igkrng500.bin
2016-12-02 14:19 - 2009-07-21 16:31 - 00439300 _____ C:\Windows\SysWOW64\igcompkrng500.bin
2016-12-02 14:19 - 2009-07-21 16:31 - 00439300 _____ C:\Windows\system32\igcompkrng500.bin
2016-12-02 14:19 - 2009-07-21 16:31 - 00134592 _____ C:\Windows\SysWOW64\igfcg500.bin
2016-12-02 14:19 - 2009-07-21 16:31 - 00134592 _____ C:\Windows\system32\igfcg500.bin
2016-12-02 14:19 - 2009-07-21 16:31 - 00092216 _____ C:\Windows\SysWOW64\igfcg500m.bin
2016-12-02 14:19 - 2009-07-21 16:31 - 00092216 _____ C:\Windows\system32\igfcg500m.bin
2016-12-02 14:19 - 2009-07-21 16:23 - 00549888 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2016-12-02 14:19 - 2009-07-21 16:19 - 03646976 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2016-12-02 14:19 - 2009-07-21 16:16 - 08095232 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2016-12-02 14:19 - 2009-07-21 16:16 - 05195776 _____ (Intel Corporation) C:\Windows\system32\ig4dev64.dll
2016-12-02 14:19 - 2009-07-21 16:09 - 06042112 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2016-12-02 14:19 - 2009-07-21 16:09 - 03839488 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4dev32.dll
2016-12-02 14:19 - 2009-07-21 16:04 - 00312832 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00306688 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00305664 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00305664 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00305152 _____ (Intel Corporation) C:\Windows\system32\igfxresp.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00301568 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00296960 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00293376 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00291328 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00290304 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00289792 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00284672 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00284672 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00284672 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00283136 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00282112 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00281088 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00279552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00264704 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00254464 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00251904 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00208896 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00207360 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00181760 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00180224 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2016-12-02 14:19 - 2009-07-21 16:01 - 00371712 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2016-12-02 14:19 - 2009-07-21 16:01 - 00246272 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2016-12-02 14:19 - 2009-07-21 16:01 - 00125952 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2016-12-02 14:19 - 2009-07-21 16:01 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2016-12-02 14:19 - 2009-07-21 16:00 - 00108544 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2016-12-02 14:19 - 2009-07-21 16:00 - 00055808 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2016-12-02 14:19 - 2009-07-21 15:59 - 05694976 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2016-12-02 14:19 - 2009-07-21 15:59 - 00278016 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2016-12-02 14:19 - 2009-07-21 15:59 - 00258560 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2016-12-02 14:19 - 2009-07-21 15:59 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2016-12-02 14:19 - 2009-07-21 15:56 - 00059392 _____ (Intel Corporation) C:\Windows\SysWOW64\oemdspif.dll
2016-12-02 14:19 - 2009-07-21 15:54 - 00216576 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2016-12-02 14:19 - 2009-07-21 15:49 - 02805511 _____ C:\Windows\system32\iglhxa64.cpa
2016-12-02 14:19 - 2009-07-21 15:49 - 00059442 _____ C:\Windows\system32\iglhxg64.vp
2016-12-02 14:19 - 2009-07-21 15:49 - 00059330 _____ C:\Windows\system32\iglhxc64.vp
2016-12-02 14:19 - 2009-07-21 15:49 - 00058839 _____ C:\Windows\system32\iglhxo64.vp
2016-12-02 14:19 - 2009-07-21 15:49 - 00001073 _____ C:\Windows\system32\iglhxa64.vp
2016-12-02 14:19 - 2009-05-22 23:52 - 00215040 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2016-12-02 14:19 - 2009-03-05 15:54 - 00067584 _____ C:\Windows\system32\RtNicProp64.dll
2016-12-02 14:19 - 2007-12-04 11:28 - 00086016 _____ (QSound Labs, Inc.) C:\Windows\system32\nQPropPageExt.dll
2016-12-02 14:19 - 2007-12-04 11:28 - 00082432 _____ (QSound Labs, Inc.) C:\Windows\system32\nQAPO.dll
2016-12-02 14:18 - 2016-12-05 15:37 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2016-12-02 14:17 - 2016-12-02 14:25 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2016-12-02 14:17 - 2012-10-30 20:50 - 00227648 _____ (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2016-12-02 14:15 - 2016-12-03 23:00 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-12-02 14:15 - 2016-12-03 23:00 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-02 14:12 - 2016-12-02 14:22 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2016-12-02 14:12 - 2016-12-02 14:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-02 14:12 - 2016-12-02 14:12 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-12-02 14:12 - 2016-12-02 14:12 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-12-02 14:12 - 2016-12-02 14:12 - 00000000 ____D C:\ProgramData\Skype
2016-12-02 14:12 - 2016-12-02 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-12-02 14:11 - 2016-12-02 23:41 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-12-02 14:11 - 2016-12-02 23:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-02 14:11 - 2016-12-02 23:41 - 00000000 ____D C:\Program Files\Java
2016-12-02 14:11 - 2016-12-02 14:11 - 00000000 ____D C:\Users\User\AppData\LocalLow\Oracle
2016-12-02 14:11 - 2016-12-02 14:11 - 00000000 ____D C:\Users\Todos os Usuários\Sun
2016-12-02 14:11 - 2016-12-02 14:11 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-12-02 14:11 - 2016-12-02 14:11 - 00000000 ____D C:\ProgramData\Sun
2016-12-02 14:11 - 2016-12-02 14:11 - 00000000 ____D C:\ProgramData\Oracle
2016-12-02 14:10 - 2016-12-02 14:10 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-12-02 14:09 - 2016-12-08 14:29 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-12-02 14:09 - 2016-12-04 02:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-02 14:09 - 2016-12-02 14:09 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-12-02 14:09 - 2016-12-02 14:09 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-02 14:09 - 2016-12-02 14:09 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-12-02 14:09 - 2016-12-02 14:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-02 14:09 - 2016-12-02 14:09 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-02 14:08 - 2016-12-04 00:26 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-02 14:08 - 2016-12-04 00:26 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-02 14:08 - 2016-12-02 23:40 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-02 14:08 - 2016-12-02 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-02 14:08 - 2016-12-02 23:40 - 00000000 ____D C:\Program Files\WinRAR
2016-12-02 14:08 - 2016-12-02 22:40 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-12-02 14:08 - 2016-12-02 22:40 - 00000000 ____D C:\ProgramData\Adobe
2016-12-02 14:08 - 2016-12-02 14:08 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.1
2016-12-02 14:08 - 2016-12-02 14:08 - 00000000 ____D C:\Users\User\AppData\Roaming\Macromedia
2016-12-02 14:08 - 2016-12-02 14:08 - 00000000 ____D C:\Users\User\AppData\LocalLow\Sun
2016-12-02 14:08 - 2016-12-02 14:08 - 00000000 ____D C:\Program Files\X Codec Pack
2016-12-02 13:23 - 2016-12-02 12:43 - 00000000 ____D C:\Windows\Panther
2016-12-02 13:02 - 2016-12-02 13:02 - 00000000 ____D C:\Windows\PCHEALTH
2016-12-02 13:02 - 2016-12-02 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-12-02 13:02 - 2016-12-02 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-12-02 13:02 - 2016-12-02 13:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-12-02 13:02 - 2016-12-02 13:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2016-12-02 13:02 - 2016-12-02 13:02 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-12-02 13:01 - 2016-12-02 13:01 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-12-02 13:01 - 2016-12-02 13:01 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-02 13:01 - 2016-12-02 13:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-12-02 13:00 - 2016-12-02 13:04 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-12-02 13:00 - 2016-12-02 13:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-02 13:00 - 2016-12-02 13:00 - 00000000 __RHD C:\MSOCache
2016-12-02 13:00 - 2016-12-02 13:00 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Help
2016-12-02 13:00 - 2016-12-02 13:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-12-02 12:59 - 2016-12-12 13:11 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-02 12:59 - 2016-12-12 13:11 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-02 12:59 - 2016-12-02 13:37 - 00000000 ____D C:\Users\User\AppData\Local\Google
2016-12-02 12:59 - 2016-12-02 13:13 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-02 12:59 - 2016-12-02 13:13 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-02 12:59 - 2016-12-02 13:06 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-02 12:59 - 2016-12-02 13:06 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-02 12:59 - 2016-12-02 12:59 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-02 12:57 - 2016-12-02 12:57 - 00002786 _____ C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
2016-12-02 12:57 - 2016-12-02 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials
2016-12-02 12:56 - 2016-12-05 21:25 - 00000000 ____D C:\Users\User\AppData\Roaming\Ahead
2016-12-02 12:55 - 2016-12-02 12:55 - 00000000 ____D C:\Users\Todos os Usuários\Nero
2016-12-02 12:55 - 2016-12-02 12:55 - 00000000 ____D C:\Users\Todos os Usuários\Ahead
2016-12-02 12:55 - 2016-12-02 12:55 - 00000000 ____D C:\ProgramData\Nero
2016-12-02 12:55 - 2016-12-02 12:55 - 00000000 ____D C:\ProgramData\Ahead
2016-12-02 12:55 - 2016-12-02 12:55 - 00000000 ____D C:\Program Files (x86)\Nero
2016-12-02 12:54 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-12-02 12:54 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-12-02 12:48 - 2016-12-02 12:48 - 01565646 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-02 12:43 - 2016-12-12 11:34 - 05375429 ____H C:\Users\User\AppData\Local\IconCache.db.backup
2016-12-02 12:43 - 2016-12-09 07:54 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore
2016-12-02 12:43 - 2016-12-02 12:43 - 00001423 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-02 12:43 - 2016-12-02 12:43 - 00001389 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-12-02 12:43 - 2016-12-02 12:43 - 00000020 ___SH C:\Users\User\ntuser.ini
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Usuário Padrão
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\Modelos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\Meus documentos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\Menu Iniciar
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\Configurações locais
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\AppData\Local\Histórico
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\AppData\Local\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\Ambiente de rede
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\Ambiente de impressão
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Todos os Usuários
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\Modelos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\Meus documentos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\Configurações locais
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\ProgramData\Modelos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\ProgramData\Favoritos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\ProgramData\Documentos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Arquivos de Programas
2016-12-02 12:43 - 2010-11-21 07:47 - 00000000 ____D C:\Users\User\AppData\Roaming\Media Center Programs
2016-12-02 12:28 - 2016-12-02 12:28 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-12-02 12:28 - 2016-12-02 12:28 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-12-02 12:27 - 2016-12-02 12:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-11-28 12:05 - 2016-11-28 12:05 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-11-28 12:05 - 2016-11-28 12:05 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-11-28 12:05 - 2016-11-28 12:05 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-11-28 12:05 - 2016-11-28 12:05 - 00042096 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2016-10-19 14:13 - 2016-10-19 14:13 - 00267520 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2016-10-17 17:19 - 2016-10-17 17:19 - 00312576 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2016-10-05 15:01 - 2016-10-05 15:01 - 00267008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2016-09-26 17:19 - 2016-09-26 17:19 - 00254208 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-12 12:05 - 2009-07-14 02:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-12 12:05 - 2009-07-14 02:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-12 12:03 - 2010-11-21 07:37 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-12-12 12:03 - 2010-11-21 07:37 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-12-12 12:03 - 2009-07-14 03:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-12 12:03 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-12-12 11:57 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-03 23:04 - 2009-07-14 02:45 - 00416288 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-03 09:30 - 2009-07-14 03:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-12-02 22:18 - 2009-07-14 01:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-12-02 22:18 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-12-02 21:47 - 2009-07-14 01:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-02 13:23 - 2009-07-14 03:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-12-02 13:23 - 2009-07-14 02:45 - 00000000 ____D C:\Windows\Setup
2016-12-02 13:02 - 2010-11-21 07:47 - 00000000 ____D C:\Windows\ShellNew
2016-12-02 13:02 - 2009-07-14 03:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-02 13:01 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-02 13:01 - 2009-07-14 00:34 - 00000478 _____ C:\Windows\win.ini
2016-12-02 12:43 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache
2016-12-02 12:43 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files\Windows NT
2016-12-02 12:29 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\oobe
2016-12-02 12:28 - 2009-07-14 03:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-02 12:28 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-12-02 12:26 - 2010-11-21 07:47 - 00000000 ____D C:\Windows\CSC
==================== Arquivos na raiz de alguns diretórios =======
2016-12-10 10:27 - 2016-12-10 10:29 - 4096000 _____ () C:\Program Files (x86)\GUT9AEC.tmp
2016-12-03 11:18 - 2016-12-03 11:18 - 0534016 _____ () C:\Users\User\AppData\Roaming\Ground.exe
Alguns arquivos em TEMP:
====================
C:\Users\User\AppData\Local\Temp\avg-afb83e68-d9d8-4953-a87a-694c1d666a15.exe
C:\Users\User\AppData\Local\Temp\binkw32.dll
C:\Users\User\AppData\Local\Temp\d2l_Install.exe
C:\Users\User\AppData\Local\Temp\d2l_PlayD2.exe
C:\Users\User\AppData\Local\Temp\gcapi_dll.dll
C:\Users\User\AppData\Local\Temp\gdapi.dll
C:\Users\User\AppData\Local\Temp\GoogleSetup.exe
C:\Users\User\AppData\Local\Temp\GoogleUpdateSetup_latest.exe
C:\Users\User\AppData\Local\Temp\gtapi_signed.dll
C:\Users\User\AppData\Local\Temp\GTGCAPI.exe
C:\Users\User\AppData\Local\Temp\Mooii_GDrive.exe
C:\Users\User\AppData\Local\Temp\Mooii_Photoscape_Chrome_New.exe
C:\Users\User\AppData\Local\Temp\Mooii_Toolbar_Omaha.exe
C:\Users\User\AppData\Local\Temp\msvcr90.dll
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-12-04 01:33
==================== Fim de FRST.txt ============================
Executado por User (administrador) em USER-PC (12-12-2016 13:26:41)
Executando a partir de D:\user\Downloads
Perfis Carregados: User (Perfis Disponíveis: User)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\updates\3.4.9_42973\utorrentie.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\updates\3.4.9_42973\utorrentie.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2016-12-04] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\...\Run: [uTorrent] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [2403520 2016-12-02] (BitTorrent Inc.)
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\...\MountPoints2: {0bc5fac8-baea-11e6-9a90-485b39cef7b4} - G:\SETUP.EXE
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\...\MountPoints2: {0bc5facb-baea-11e6-9a90-485b39cef7b4} - H:\SETUP.EXE
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\...\MountPoints2: {0bc5fad4-baea-11e6-9a90-485b39cef7b4} - I:\SETUP.EXE
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\...\MountPoints2: {0bc5fae7-baea-11e6-9a90-485b39cef7b4} - J:\SETUP.EXE
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\...\MountPoints2: {0ca27840-bb54-11e6-bccd-806e6f6e6963} - H:\SETUP.EXE
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo
GroupPolicy: Restrição <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F4F838E5-8111-4724-8DEA-32652CF81DF4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F7258901-838D-4620-9FF8-26688742ABAF}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={D8502F36-35D4-4A82-83BF-1E6F3AF5836B}&mid=d1231a28efc347cf958499127f2a1e47-79ffac797bc69f0f93e8732a6e3ce2540c7ed4a6&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0516pi&pr=fr&d=2016-12-04 04:45:02&v=4.3.6.255&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1762041641-4157318296-3322979886-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1762041641-4157318296-3322979886-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_48¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0BtAzy0C0E0FyB0ByE0B0C0A0BtN0D0Tzu0StCyBzyyBtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0B0F0CyBzyyDtGyE0E0A0AtG0FyC0EtDtGtD0EyC0AtG0F0CyC0AtBzyzytC0DzztCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtC0AzytAtB0E0AtG0Azz0EyCtGyEyE0BtCtG0AzzyBtAtG0EyCzyzztA0E0ByC0F0AyCtC2QtN0A0LzuyE%26cr%3D1420686038%26a%3Dwncy_dmontlsfs_16_48%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1762041641-4157318296-3322979886-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D8502F36-35D4-4A82-83BF-1E6F3AF5836B}&mid=d1231a28efc347cf958499127f2a1e47-79ffac797bc69f0f93e8732a6e3ce2540c7ed4a6&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0516pi&pr=fr&d=2016-12-04 04:45:02&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-02] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => Nenhum Arquivo
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-02] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-12-04] (AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-02] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2016-12-12]
CHR Extension: (Google Apresentações) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-02]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-02]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-02]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-02]
CHR Extension: (Planilhas do Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-02]
CHR Extension: (Documentos Google off-line) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-02]
CHR Extension: (Skype) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-12-02]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-02]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-02]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-02]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1762041641-4157318296-3322979886-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [647864 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337696 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [727512 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-11-28] (Dropbox, Inc.)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-06-01] (Nero AG)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-03-29] (VIA Technologies, Inc.)
R2 vToolbarUpdater40.3.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe [1349704 2016-12-04] (AVG Secure Search)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-12-04] ()
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-10-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [267520 2016-10-19] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-12-05] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-12-05] (Disc Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2212496 2014-07-04] (MediaTek Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2016-12-05] (Duplex Secure Ltd.)
U3 a57o57by; C:\Windows\System32\Drivers\a57o57by.sys [0 ] (Microsoft Corporation) <==== ATENÇÃO (zero byte Arquivo/Pasta)
U0 aswVmm; não ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-12 13:22 - 2016-12-12 13:26 - 00000000 ____D C:\FRST
2016-12-12 11:58 - 2016-12-12 11:58 - 00000000 ____D C:\Users\User\AppData\LocalLow\uTorrent
2016-12-12 10:02 - 2016-12-12 10:02 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-12-12 10:01 - 2016-12-12 11:07 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.4.0
2016-12-12 10:01 - 2016-12-12 10:01 - 00001943 _____ C:\Users\Public\Desktop\PCSX2 1.4.0.lnk
2016-12-12 10:01 - 2016-12-12 10:01 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-12-12 10:01 - 2016-12-12 10:01 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-12 10:01 - 2016-12-12 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-12-10 10:27 - 2016-12-10 10:29 - 04096000 _____ C:\Program Files (x86)\GUT9AEC.tmp
2016-12-10 10:27 - 2016-12-10 10:27 - 00001035 _____ C:\Users\User\Desktop\PhotoScape.lnk
2016-12-10 10:27 - 2016-12-10 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2016-12-10 10:27 - 2016-12-10 10:27 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2016-12-10 10:27 - 2016-12-10 10:27 - 00000000 ____D C:\Program Files (x86)\GUM9AEB.tmp
2016-12-09 08:17 - 2016-12-12 13:07 - 00000000 ___RD C:\Users\User\Dropbox
2016-12-09 07:50 - 2016-12-09 07:50 - 00000000 ____D C:\Users\User\AppData\Roaming\Dropbox
2016-12-08 22:16 - 2016-12-08 22:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-12-08 15:49 - 2016-12-08 15:49 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-12-08 12:50 - 2014-05-14 14:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-12-08 12:50 - 2014-05-14 14:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-12-08 12:50 - 2014-05-14 14:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-12-08 12:50 - 2014-05-14 14:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-12-08 12:50 - 2014-05-14 14:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-12-08 12:50 - 2014-05-14 14:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-12-08 12:50 - 2014-05-14 14:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-12-08 12:50 - 2014-05-14 14:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-12-08 12:50 - 2014-05-14 14:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-12-08 12:50 - 2014-05-14 14:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-12-08 12:50 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-12-08 12:50 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-12-08 12:50 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-12-08 12:50 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-12-05 23:47 - 2016-12-05 23:47 - 00003030 _____ C:\Windows\System32\Tasks\{0EB8788B-B04A-440E-8B24-EADF4B958E9D}
2016-12-05 23:42 - 2016-12-12 09:55 - 00021840 ____T C:\Windows\SysWOW64\SIntfNT.dll
2016-12-05 23:42 - 2016-12-12 09:55 - 00017212 ____T C:\Windows\SysWOW64\SIntf32.dll
2016-12-05 23:42 - 2016-12-12 09:55 - 00012067 ____T C:\Windows\SysWOW64\SIntf16.dll
2016-12-05 23:38 - 2016-12-12 10:00 - 00000000 ____D C:\Program Files (x86)\Diablo II
2016-12-05 23:32 - 2016-12-05 23:37 - 00000000 ____D C:\Users\User\AppData\Roaming\DAEMON Tools Pro
2016-12-05 23:32 - 2016-12-05 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
2016-12-05 23:32 - 2016-12-05 23:32 - 00564824 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2016-12-05 23:32 - 2016-12-05 23:32 - 00001936 _____ C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
2016-12-05 23:32 - 2016-12-05 23:32 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Pro
2016-12-05 23:30 - 2016-12-05 23:37 - 00000000 ____D C:\Users\Todos os Usuários\DAEMON Tools Pro
2016-12-05 23:30 - 2016-12-05 23:37 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2016-12-05 22:43 - 2016-12-05 22:43 - 00003178 _____ C:\Windows\System32\Tasks\{EAEA7A44-1676-42B1-839B-9D62DA4D8FFF}
2016-12-05 22:42 - 2016-12-05 22:42 - 00003190 _____ C:\Windows\System32\Tasks\{29503627-832E-4B7B-9A26-87F6E10D7277}
2016-12-05 22:42 - 2016-12-05 22:42 - 00003166 _____ C:\Windows\System32\Tasks\{8F7E7841-7877-444A-9E9B-15123339F96F}
2016-12-05 22:36 - 2016-12-05 22:36 - 00003122 _____ C:\Windows\System32\Tasks\{45A38523-0F29-4D0E-9D21-D791E1F44084}
2016-12-05 22:31 - 2016-12-05 22:31 - 00000000 ____D C:\Users\User\AppData\Roaming\PowerISO
2016-12-05 22:30 - 2016-12-05 22:30 - 00001011 _____ C:\Users\Public\Desktop\PowerISO.lnk
2016-12-05 22:30 - 2016-12-05 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2016-12-05 22:30 - 2016-12-05 22:30 - 00000000 ____D C:\Program Files (x86)\PowerISO
2016-12-05 22:30 - 2016-02-10 11:21 - 00137280 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2016-12-05 17:30 - 2016-12-05 23:42 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-12-05 17:28 - 2016-12-05 17:28 - 00003028 _____ C:\Windows\System32\Tasks\{7888E7D5-6A67-456C-B1AF-AB308B0B6683}
2016-12-05 17:27 - 2016-12-05 17:27 - 00001905 _____ C:\Users\User\Desktop\Diablo II - Lord of Destruction.lnk
2016-12-05 17:24 - 2016-12-12 10:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2016-12-05 17:23 - 2016-12-05 17:23 - 00003028 _____ C:\Windows\System32\Tasks\{DF3A26BF-88F3-4E43-9E8F-348F0A2D241C}
2016-12-05 17:18 - 2016-12-05 17:18 - 00003028 _____ C:\Windows\System32\Tasks\{A8063612-F99B-48B4-9330-D99026258075}
2016-12-05 17:15 - 2016-12-05 17:15 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2016-12-05 15:37 - 2016-12-05 15:37 - 00000000 ____D C:\Users\User\AppData\LocalLow\Adobe
2016-12-04 02:45 - 2016-12-04 02:45 - 00000000 ____D C:\Users\User\AppData\Local\AVG Web TuneUp
2016-12-04 02:45 - 2016-12-04 02:45 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2016-12-04 02:44 - 2016-12-04 02:45 - 00000000 ____D C:\Users\Todos os Usuários\AVG Web TuneUp
2016-12-04 02:44 - 2016-12-04 02:45 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-12-04 02:44 - 2016-12-04 02:44 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-12-04 01:08 - 2016-12-04 01:08 - 00000000 ____D C:\Users\User\AppData\Roaming\AVG
2016-12-04 01:07 - 2016-12-04 01:07 - 00000936 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-12-04 01:07 - 2016-12-04 01:07 - 00000000 ___HD C:\$AVG
2016-12-04 01:07 - 2016-12-04 01:07 - 00000000 ____D C:\Users\User\AppData\Roaming\TuneUp Software
2016-12-04 01:07 - 2016-12-04 01:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-12-03 23:58 - 2016-12-12 09:50 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-12-03 23:58 - 2016-12-04 01:07 - 00000000 ____D C:\Program Files (x86)\AVG
2016-12-03 23:36 - 2016-12-05 15:37 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2016-12-03 23:33 - 2016-12-04 01:07 - 00000000 ____D C:\Users\Todos os Usuários\Avg
2016-12-03 23:33 - 2016-12-04 01:07 - 00000000 ____D C:\ProgramData\Avg
2016-12-03 23:29 - 2016-12-04 01:04 - 00000000 ____D C:\Users\User\AppData\Local\AvgSetupLog
2016-12-03 23:28 - 2016-12-04 01:08 - 00000000 ____D C:\Users\User\AppData\Local\Avg
2016-12-03 23:25 - 2016-12-12 09:41 - 00000000 ____D C:\Users\Todos os Usuários\MFAData
2016-12-03 23:25 - 2016-12-12 09:41 - 00000000 ____D C:\ProgramData\MFAData
2016-12-03 23:25 - 2016-12-03 23:25 - 00000000 ____D C:\Users\User\AppData\Local\MFAData
2016-12-03 23:25 - 2016-12-03 23:25 - 00000000 ____D C:\Users\User\AppData\Local\Avg2015
2016-12-03 11:18 - 2016-12-03 11:18 - 00534016 _____ C:\Users\User\AppData\Roaming\Ground.exe
2016-12-03 11:17 - 2016-12-03 11:17 - 00000936 _____ C:\Users\User\Desktop\Guitar Pro 5.lnk
2016-12-03 11:17 - 2016-12-03 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 5
2016-12-03 11:17 - 2016-12-03 11:17 - 00000000 ____D C:\Program Files (x86)\Guitar Pro 5
2016-12-02 23:42 - 2016-12-02 23:42 - 00000000 ____D C:\Users\User\AppData\Roaming\Sun
2016-12-02 22:18 - 2016-12-12 10:18 - 00000000 ____D C:\Users\Todos os Usuários\{8B434E20-0101-C4E6-87C7-5AA41D85D16A}
2016-12-02 22:18 - 2016-12-12 10:18 - 00000000 ____D C:\ProgramData\{8B434E20-0101-C4E6-87C7-5AA41D85D16A}
2016-12-02 22:18 - 2016-12-02 22:18 - 00004336 _____ C:\Windows\System32\Tasks\Yahoo! Powered mimar
2016-12-02 22:18 - 2016-12-02 22:18 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-12-02 22:18 - 2016-12-02 22:18 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-12-02 22:16 - 2016-12-05 17:16 - 00000000 ____D C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2016-12-02 22:16 - 2016-12-05 17:14 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-12-02 22:15 - 2016-12-02 22:16 - 00000000 ____D C:\Users\Todos os Usuários\DAEMON Tools Lite
2016-12-02 22:15 - 2016-12-02 22:16 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-12-02 21:59 - 2016-12-02 22:24 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-12-02 21:55 - 2016-12-02 21:55 - 00002633 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-12-02 21:54 - 2016-12-12 13:26 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2016-12-02 21:44 - 2016-12-02 21:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-02 21:44 - 2016-12-02 21:44 - 00000000 ____D C:\Users\Todos os Usuários\Mediatek Driver
2016-12-02 21:44 - 2016-12-02 21:44 - 00000000 ____D C:\ProgramData\Mediatek Driver
2016-12-02 21:44 - 2014-07-04 18:38 - 02212496 _____ (MediaTek Inc.) C:\Windows\system32\Drivers\netr28ux.sys
2016-12-02 21:44 - 2014-06-26 22:06 - 00016103 _____ C:\Windows\SysWOW64\RaCoInst.dat
2016-12-02 21:44 - 2014-06-26 22:06 - 00016103 _____ C:\Windows\system32\RaCoInst.dat
2016-12-02 21:44 - 2014-06-26 16:15 - 00091412 _____ C:\Windows\SysWOW64\Drivers\FW_7662.bin
2016-12-02 21:44 - 2014-06-26 16:15 - 00091412 _____ C:\Windows\system32\Drivers\FW_7662.bin
2016-12-02 21:44 - 2014-06-05 14:23 - 00334992 _____ (Mediatek Inc.) C:\Windows\system32\RaCoInstx.dll
2016-12-02 21:44 - 2014-05-05 16:24 - 00020626 _____ C:\Windows\SysWOW64\Drivers\Patch_7662.bin
2016-12-02 21:44 - 2014-05-05 16:24 - 00020626 _____ C:\Windows\system32\Drivers\Patch_7662.bin
2016-12-02 14:42 - 2016-12-04 01:08 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-02 14:42 - 2016-12-02 14:42 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-12-02 14:35 - 2016-12-02 14:35 - 00000000 ____D C:\Users\User\AppData\Local\CEF
2016-12-02 14:34 - 2016-12-05 21:48 - 00000000 ____D C:\Users\User\AppData\Local\Ahead
2016-12-02 14:31 - 2016-12-02 14:31 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-12-02 14:31 - 2016-12-02 14:31 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-12-02 14:27 - 2013-05-17 00:13 - 00017280 _____ () C:\Windows\system32\Drivers\ASACPI.sys
2016-12-02 14:24 - 2016-12-02 14:24 - 00000000 ____D C:\Windows\SysWOW64\x64
2016-12-02 14:24 - 2016-12-02 14:24 - 00000000 ____D C:\Windows\SysWOW64\Lang
2016-12-02 14:24 - 2009-07-24 15:57 - 00997912 _____ (Intel Corporation) C:\Windows\SysWOW64\igxpun.exe
2016-12-02 14:22 - 2016-12-02 14:22 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-02 14:22 - 2009-08-18 14:44 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2016-12-02 14:21 - 2016-12-02 14:21 - 00000000 ____D C:\Intel
2016-12-02 14:19 - 2016-12-03 11:19 - 00109240 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-02 14:19 - 2016-12-02 14:19 - 00000000 ____D C:\Users\User\AppData\Roaming\WinRAR
2016-12-02 14:19 - 2011-03-29 11:03 - 02157680 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2016-12-02 14:19 - 2011-03-29 11:03 - 01161328 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaKaraokeApo.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00994416 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00556144 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00248944 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Dts2APO.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00202864 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00116848 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaKaraokePropPageExt.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00091760 _____ (VIA Technologies, Inc.) C:\Windows\system32\Dts2PropPageExt.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00087152 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2016-12-02 14:19 - 2011-03-29 11:03 - 00027760 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViakaraokeSrv.exe
2016-12-02 14:19 - 2009-07-24 15:57 - 00845848 _____ (Intel Corporation) C:\Windows\system32\igfxcfg.exe
2016-12-02 14:19 - 2009-07-24 15:57 - 00491032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2016-12-02 14:19 - 2009-07-24 15:57 - 00387608 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2016-12-02 14:19 - 2009-07-24 15:57 - 00365592 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2016-12-02 14:19 - 2009-07-24 15:57 - 00215576 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-12-02 14:19 - 2009-07-24 15:57 - 00165912 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2016-12-02 14:19 - 2009-07-24 15:57 - 00106008 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2016-12-02 14:19 - 2009-07-21 16:50 - 00004472 _____ C:\Windows\system32\iglhxs64.vp
2016-12-02 14:19 - 2009-07-21 16:37 - 01306112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v1851.dll
2016-12-02 14:19 - 2009-07-21 16:32 - 07345344 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-12-02 14:19 - 2009-07-21 16:32 - 05615104 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2016-12-02 14:19 - 2009-07-21 16:31 - 00982220 _____ C:\Windows\SysWOW64\igkrng500.bin
2016-12-02 14:19 - 2009-07-21 16:31 - 00982220 _____ C:\Windows\system32\igkrng500.bin
2016-12-02 14:19 - 2009-07-21 16:31 - 00439300 _____ C:\Windows\SysWOW64\igcompkrng500.bin
2016-12-02 14:19 - 2009-07-21 16:31 - 00439300 _____ C:\Windows\system32\igcompkrng500.bin
2016-12-02 14:19 - 2009-07-21 16:31 - 00134592 _____ C:\Windows\SysWOW64\igfcg500.bin
2016-12-02 14:19 - 2009-07-21 16:31 - 00134592 _____ C:\Windows\system32\igfcg500.bin
2016-12-02 14:19 - 2009-07-21 16:31 - 00092216 _____ C:\Windows\SysWOW64\igfcg500m.bin
2016-12-02 14:19 - 2009-07-21 16:31 - 00092216 _____ C:\Windows\system32\igfcg500m.bin
2016-12-02 14:19 - 2009-07-21 16:23 - 00549888 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2016-12-02 14:19 - 2009-07-21 16:19 - 03646976 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2016-12-02 14:19 - 2009-07-21 16:16 - 08095232 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2016-12-02 14:19 - 2009-07-21 16:16 - 05195776 _____ (Intel Corporation) C:\Windows\system32\ig4dev64.dll
2016-12-02 14:19 - 2009-07-21 16:09 - 06042112 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2016-12-02 14:19 - 2009-07-21 16:09 - 03839488 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4dev32.dll
2016-12-02 14:19 - 2009-07-21 16:04 - 00312832 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00306688 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00305664 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00305664 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00305152 _____ (Intel Corporation) C:\Windows\system32\igfxresp.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00301568 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00296960 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00293376 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00291328 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00290304 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00289792 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00284672 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00284672 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00284672 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00283136 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00282112 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00281088 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00279552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00264704 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00254464 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00251904 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00208896 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00207360 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00181760 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2016-12-02 14:19 - 2009-07-21 16:04 - 00180224 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2016-12-02 14:19 - 2009-07-21 16:01 - 00371712 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2016-12-02 14:19 - 2009-07-21 16:01 - 00246272 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2016-12-02 14:19 - 2009-07-21 16:01 - 00125952 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2016-12-02 14:19 - 2009-07-21 16:01 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2016-12-02 14:19 - 2009-07-21 16:00 - 00108544 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2016-12-02 14:19 - 2009-07-21 16:00 - 00055808 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2016-12-02 14:19 - 2009-07-21 15:59 - 05694976 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2016-12-02 14:19 - 2009-07-21 15:59 - 00278016 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2016-12-02 14:19 - 2009-07-21 15:59 - 00258560 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2016-12-02 14:19 - 2009-07-21 15:59 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2016-12-02 14:19 - 2009-07-21 15:56 - 00059392 _____ (Intel Corporation) C:\Windows\SysWOW64\oemdspif.dll
2016-12-02 14:19 - 2009-07-21 15:54 - 00216576 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2016-12-02 14:19 - 2009-07-21 15:49 - 02805511 _____ C:\Windows\system32\iglhxa64.cpa
2016-12-02 14:19 - 2009-07-21 15:49 - 00059442 _____ C:\Windows\system32\iglhxg64.vp
2016-12-02 14:19 - 2009-07-21 15:49 - 00059330 _____ C:\Windows\system32\iglhxc64.vp
2016-12-02 14:19 - 2009-07-21 15:49 - 00058839 _____ C:\Windows\system32\iglhxo64.vp
2016-12-02 14:19 - 2009-07-21 15:49 - 00001073 _____ C:\Windows\system32\iglhxa64.vp
2016-12-02 14:19 - 2009-05-22 23:52 - 00215040 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2016-12-02 14:19 - 2009-03-05 15:54 - 00067584 _____ C:\Windows\system32\RtNicProp64.dll
2016-12-02 14:19 - 2007-12-04 11:28 - 00086016 _____ (QSound Labs, Inc.) C:\Windows\system32\nQPropPageExt.dll
2016-12-02 14:19 - 2007-12-04 11:28 - 00082432 _____ (QSound Labs, Inc.) C:\Windows\system32\nQAPO.dll
2016-12-02 14:18 - 2016-12-05 15:37 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2016-12-02 14:17 - 2016-12-02 14:25 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2016-12-02 14:17 - 2012-10-30 20:50 - 00227648 _____ (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2016-12-02 14:15 - 2016-12-03 23:00 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-12-02 14:15 - 2016-12-03 23:00 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-02 14:12 - 2016-12-02 14:22 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2016-12-02 14:12 - 2016-12-02 14:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-02 14:12 - 2016-12-02 14:12 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-12-02 14:12 - 2016-12-02 14:12 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-12-02 14:12 - 2016-12-02 14:12 - 00000000 ____D C:\ProgramData\Skype
2016-12-02 14:12 - 2016-12-02 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-12-02 14:11 - 2016-12-02 23:41 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-12-02 14:11 - 2016-12-02 23:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-02 14:11 - 2016-12-02 23:41 - 00000000 ____D C:\Program Files\Java
2016-12-02 14:11 - 2016-12-02 14:11 - 00000000 ____D C:\Users\User\AppData\LocalLow\Oracle
2016-12-02 14:11 - 2016-12-02 14:11 - 00000000 ____D C:\Users\Todos os Usuários\Sun
2016-12-02 14:11 - 2016-12-02 14:11 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-12-02 14:11 - 2016-12-02 14:11 - 00000000 ____D C:\ProgramData\Sun
2016-12-02 14:11 - 2016-12-02 14:11 - 00000000 ____D C:\ProgramData\Oracle
2016-12-02 14:10 - 2016-12-02 14:10 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-12-02 14:09 - 2016-12-08 14:29 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-12-02 14:09 - 2016-12-04 02:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-02 14:09 - 2016-12-02 14:09 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-12-02 14:09 - 2016-12-02 14:09 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-02 14:09 - 2016-12-02 14:09 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-12-02 14:09 - 2016-12-02 14:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-02 14:09 - 2016-12-02 14:09 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-02 14:08 - 2016-12-04 00:26 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-02 14:08 - 2016-12-04 00:26 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-02 14:08 - 2016-12-02 23:40 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-02 14:08 - 2016-12-02 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-02 14:08 - 2016-12-02 23:40 - 00000000 ____D C:\Program Files\WinRAR
2016-12-02 14:08 - 2016-12-02 22:40 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-12-02 14:08 - 2016-12-02 22:40 - 00000000 ____D C:\ProgramData\Adobe
2016-12-02 14:08 - 2016-12-02 14:08 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.1
2016-12-02 14:08 - 2016-12-02 14:08 - 00000000 ____D C:\Users\User\AppData\Roaming\Macromedia
2016-12-02 14:08 - 2016-12-02 14:08 - 00000000 ____D C:\Users\User\AppData\LocalLow\Sun
2016-12-02 14:08 - 2016-12-02 14:08 - 00000000 ____D C:\Program Files\X Codec Pack
2016-12-02 13:23 - 2016-12-02 12:43 - 00000000 ____D C:\Windows\Panther
2016-12-02 13:02 - 2016-12-02 13:02 - 00000000 ____D C:\Windows\PCHEALTH
2016-12-02 13:02 - 2016-12-02 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-12-02 13:02 - 2016-12-02 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-12-02 13:02 - 2016-12-02 13:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-12-02 13:02 - 2016-12-02 13:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2016-12-02 13:02 - 2016-12-02 13:02 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-12-02 13:01 - 2016-12-02 13:01 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-12-02 13:01 - 2016-12-02 13:01 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-02 13:01 - 2016-12-02 13:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-12-02 13:00 - 2016-12-02 13:04 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-12-02 13:00 - 2016-12-02 13:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-02 13:00 - 2016-12-02 13:00 - 00000000 __RHD C:\MSOCache
2016-12-02 13:00 - 2016-12-02 13:00 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Help
2016-12-02 13:00 - 2016-12-02 13:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-12-02 12:59 - 2016-12-12 13:11 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-02 12:59 - 2016-12-12 13:11 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-02 12:59 - 2016-12-02 13:37 - 00000000 ____D C:\Users\User\AppData\Local\Google
2016-12-02 12:59 - 2016-12-02 13:13 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-02 12:59 - 2016-12-02 13:13 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-02 12:59 - 2016-12-02 13:06 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-02 12:59 - 2016-12-02 13:06 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-02 12:59 - 2016-12-02 12:59 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-02 12:57 - 2016-12-02 12:57 - 00002786 _____ C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
2016-12-02 12:57 - 2016-12-02 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials
2016-12-02 12:56 - 2016-12-05 21:25 - 00000000 ____D C:\Users\User\AppData\Roaming\Ahead
2016-12-02 12:55 - 2016-12-02 12:55 - 00000000 ____D C:\Users\Todos os Usuários\Nero
2016-12-02 12:55 - 2016-12-02 12:55 - 00000000 ____D C:\Users\Todos os Usuários\Ahead
2016-12-02 12:55 - 2016-12-02 12:55 - 00000000 ____D C:\ProgramData\Nero
2016-12-02 12:55 - 2016-12-02 12:55 - 00000000 ____D C:\ProgramData\Ahead
2016-12-02 12:55 - 2016-12-02 12:55 - 00000000 ____D C:\Program Files (x86)\Nero
2016-12-02 12:54 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-12-02 12:54 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-12-02 12:48 - 2016-12-02 12:48 - 01565646 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-02 12:43 - 2016-12-12 11:34 - 05375429 ____H C:\Users\User\AppData\Local\IconCache.db.backup
2016-12-02 12:43 - 2016-12-09 07:54 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore
2016-12-02 12:43 - 2016-12-02 12:43 - 00001423 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-02 12:43 - 2016-12-02 12:43 - 00001389 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-12-02 12:43 - 2016-12-02 12:43 - 00000020 ___SH C:\Users\User\ntuser.ini
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Usuário Padrão
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\Modelos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\Meus documentos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\Menu Iniciar
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\Configurações locais
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\AppData\Local\Histórico
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\AppData\Local\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\Ambiente de rede
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\User\Ambiente de impressão
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Todos os Usuários
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\Modelos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\Meus documentos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\Configurações locais
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\ProgramData\Modelos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\ProgramData\Favoritos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\ProgramData\Documentos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-12-02 12:43 - 2016-12-02 12:43 - 00000000 _SHDL C:\Arquivos de Programas
2016-12-02 12:43 - 2010-11-21 07:47 - 00000000 ____D C:\Users\User\AppData\Roaming\Media Center Programs
2016-12-02 12:28 - 2016-12-02 12:28 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-12-02 12:28 - 2016-12-02 12:28 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-12-02 12:27 - 2016-12-02 12:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-11-28 12:05 - 2016-11-28 12:05 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-11-28 12:05 - 2016-11-28 12:05 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-11-28 12:05 - 2016-11-28 12:05 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-11-28 12:05 - 2016-11-28 12:05 - 00042096 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2016-10-19 14:13 - 2016-10-19 14:13 - 00267520 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2016-10-17 17:19 - 2016-10-17 17:19 - 00312576 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2016-10-05 15:01 - 2016-10-05 15:01 - 00267008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2016-09-26 17:19 - 2016-09-26 17:19 - 00254208 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-12 12:05 - 2009-07-14 02:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-12 12:05 - 2009-07-14 02:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-12 12:03 - 2010-11-21 07:37 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-12-12 12:03 - 2010-11-21 07:37 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-12-12 12:03 - 2009-07-14 03:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-12 12:03 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-12-12 11:57 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-03 23:04 - 2009-07-14 02:45 - 00416288 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-03 09:30 - 2009-07-14 03:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-12-02 22:18 - 2009-07-14 01:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-12-02 22:18 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-12-02 21:47 - 2009-07-14 01:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-02 13:23 - 2009-07-14 03:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-12-02 13:23 - 2009-07-14 02:45 - 00000000 ____D C:\Windows\Setup
2016-12-02 13:02 - 2010-11-21 07:47 - 00000000 ____D C:\Windows\ShellNew
2016-12-02 13:02 - 2009-07-14 03:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-02 13:01 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-02 13:01 - 2009-07-14 00:34 - 00000478 _____ C:\Windows\win.ini
2016-12-02 12:43 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache
2016-12-02 12:43 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files\Windows NT
2016-12-02 12:29 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\oobe
2016-12-02 12:28 - 2009-07-14 03:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-02 12:28 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-12-02 12:26 - 2010-11-21 07:47 - 00000000 ____D C:\Windows\CSC
==================== Arquivos na raiz de alguns diretórios =======
2016-12-10 10:27 - 2016-12-10 10:29 - 4096000 _____ () C:\Program Files (x86)\GUT9AEC.tmp
2016-12-03 11:18 - 2016-12-03 11:18 - 0534016 _____ () C:\Users\User\AppData\Roaming\Ground.exe
Alguns arquivos em TEMP:
====================
C:\Users\User\AppData\Local\Temp\avg-afb83e68-d9d8-4953-a87a-694c1d666a15.exe
C:\Users\User\AppData\Local\Temp\binkw32.dll
C:\Users\User\AppData\Local\Temp\d2l_Install.exe
C:\Users\User\AppData\Local\Temp\d2l_PlayD2.exe
C:\Users\User\AppData\Local\Temp\gcapi_dll.dll
C:\Users\User\AppData\Local\Temp\gdapi.dll
C:\Users\User\AppData\Local\Temp\GoogleSetup.exe
C:\Users\User\AppData\Local\Temp\GoogleUpdateSetup_latest.exe
C:\Users\User\AppData\Local\Temp\gtapi_signed.dll
C:\Users\User\AppData\Local\Temp\GTGCAPI.exe
C:\Users\User\AppData\Local\Temp\Mooii_GDrive.exe
C:\Users\User\AppData\Local\Temp\Mooii_Photoscape_Chrome_New.exe
C:\Users\User\AppData\Local\Temp\Mooii_Toolbar_Omaha.exe
C:\Users\User\AppData\Local\Temp\msvcr90.dll
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-12-04 01:33
==================== Fim de FRST.txt ============================