Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 29-01-2017
Executado por Felipe (administrador) em FELIPE-PC (03-02-2017 10:32:01)
Executando a partir de C:\Users\Felipe\Downloads
Perfis Carregados: Felipe (Perfis Disponíveis: Felipe & DefaultAppPool)
Platform: Windows 10 Pro Versão 1607 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files\DriverSetupUtility\FUB\LiveUpdateChecker.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.25.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files\Opera\42.0.2393.517\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files\Opera\42.0.2393.517\opera.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-29] (Realtek Semiconductor)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [927280 2016-11-11] (GAS Tecnologia LTDA)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-16] (AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-08-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-07] (Banco do Brasil)
Winlogon\Notify\ GbPluginbrb: C:\Program Files (x86)\GbPlugin\gbiehbrb.dll [2015-11-16] (Banco de Brasilia S.A.)
Winlogon\Notify\ GbPluginCef-x32: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [X]
HKU\S-1-5-21-1407101166-185733026-294777997-1000\...\Run: [GoogleChromeAutoLaunch_3598036481B262A4AE210A3CE1B03E37] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [935768 2016-12-08] (Google Inc.)
HKU\S-1-5-21-1407101166-185733026-294777997-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-18] (Valve Corporation)
HKU\S-1-5-21-1407101166-185733026-294777997-1000\...\Run: [SharewareOnSale Notifier] => C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe [1008816 2017-01-13] ()
HKU\S-1-5-21-1407101166-185733026-294777997-1000\...\RunOnce: [Uninstall C:\Users\Felipe\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Felipe\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-1407101166-185733026-294777997-1000\...\MountPoints2: {51c04512-89e6-11e6-a448-50b7c34024cf} - "F:\setup.EXE" /AUTORUN
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1947872 2016-06-07] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll -> Nenhum Arquivo
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399028} - C:\Program Files (x86)\GbPlugin\gbiehbrb.dll [1870560 2015-11-16] (Banco de Brasilia S.A.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Felipe\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-11] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Felipe\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-11] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Felipe\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-11] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-11] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Felipe\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-11] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Felipe\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-11] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Felipe\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-11] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-11-20]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{10639eaa-b308-4c7e-b817-671bc163a1e6}: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{3ee2adcf-f9a4-4e98-923e-cb01d57f6a61}: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{bddaadaa-1b34-4fe8-9c28-d322e0b18550}: [DhcpNameServer] 192.168.25.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.istartsurf.com/?type=hp&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278&q={searchTerms}
HKU\S-1-5-21-1407101166-185733026-294777997-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.istartsurf.com/?type=hp&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278
URLSearchHook: HKU\S-1-5-21-1407101166-185733026-294777997-1000 - (Sem Nome) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Nenhum Arquivo
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1407101166-185733026-294777997-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=3219913727_198313_9876C278&ts=1435363642&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1407101166-185733026-294777997-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_6&ent=ch_5224&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1407101166-185733026-294777997-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=3219913727_198313_9876C278&ts=1435363642&type=default&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-11] (Oracle Corporation)
BHO-x32: Sem Nome -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> Nenhum Arquivo
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-07] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll => Nenhum Arquivo
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540028} -> C:\Program Files (x86)\GbPlugin\gbiehbrb.dll [2015-11-16] (Banco de Brasilia S.A.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-11] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\i6kvx25l.default-1448403199000 [2016-04-07]
FF Homepage: Mozilla\Firefox\Profiles\i6kvx25l.default-1448403199000 -> www.google.com.br
FF Extension: (MyStart Toolbar) - C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\i6kvx25l.default-1448403199000\Extensions\{607b689f-7600-45e4-b8e5-887f72dab15c}.xpi [2015-12-16]
FF Extension: (Video AdBlock for Firefox) - C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\i6kvx25l.default-1448403199000\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-12-24] [não assinado]
FF SearchPlugin: C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\i6kvx25l.default-1448403199000\searchplugins\search-the-web.xml [2015-12-10]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-11]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-11]
FF HKLM-x32\...\Firefox\Extensions: [searchffv2@gmail.com] - C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\3cbvs9q5.default-1432523806056\extensions\searchffv2@gmail.com => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\3cbvs9q5.default-1432523806056\extensions\sweetsearch@gmail.com => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-11-20] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKU\S-1-5-21-1407101166-185733026-294777997-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Felipe\AppData\Local\GAS Tecnologia\GBBD\bb\xpi => não encontrado (a)
FF HKU\S-1-5-21-1407101166-185733026-294777997-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1407101166-185733026-294777997-1000: gastecnologia.com.br/sf/bb64 -> C:\Users\Felipe\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [Nenhum Arquivo]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com.br/
CHR StartupUrls: Default -> "hxxp://www.google.com.br/","hxxp://www.tjdft.jus.br/","hxxps://www.google.com.br/"
CHR Profile: C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default [2017-02-03]
CHR Extension: (Google Apresentações) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-18]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\adldnnhmpcmipijphdbchbfdmnafnjia [2016-10-12]
CHR Extension: (Google Docs) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-18]
CHR Extension: (Google Drive) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-15]
CHR Extension: (Google Search) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-27]
CHR Extension: (Translate Selected Text) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbimffnjoeobhjhochngikepgfejjmgj [2016-06-30]
CHR Extension: (Planilhas do Google) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-18]
CHR Extension: (Documentos Google off-line) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (Acrobat Reader) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjocpdcjohdhoeaoeoflfjnkdpmccdlp [2015-07-30]
CHR Extension: (GBBD Banco do Brasil) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkafhcogdnfhkmiepeebkkdbdphnjfll [2015-04-21]
CHR Extension: (Google Maps) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-10-15]
CHR Extension: (Verificador de mensagens do Google) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-04-18]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Clash of Clans) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofafmlelfljkaoaglplpikoonkceepai [2015-08-21]
CHR Extension: (Gmail) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]
CHR Profile: C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1 [2015-11-16]
CHR Extension: (Google Apresentações) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-14]
CHR Extension: (Google Docs) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-14]
CHR Extension: (Google Drive) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-14]
CHR Extension: (YouTube) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-14]
CHR Extension: (Google Search) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-14]
CHR Extension: (Planilhas do Google) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-14]
CHR Extension: (Documentos Google off-line) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-15]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-14]
CHR Extension: (Gmail) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-14]
CHR Profile: C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\System Profile [2015-11-16]
CHR HKU\S-1-5-21-1407101166-185733026-294777997-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dogdoihocdkadpalbghcpfafbojcfofa] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-06-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-15]
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-11] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S2 debugregsvc; C:\WINDOWS\System32\debugregsvc.dll [29184 2016-07-15] (Microsoft Corporation)
S3 DeveloperToolsService; C:\WINDOWS\System32\DeveloperToolsSvc.exe [104448 2016-07-15] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corp.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [631520 2016-06-07] (GAS Tecnologia)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Arquivo não assinado]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Arquivo não assinado]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [329280 2016-02-19] (Intel Corporation)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.)
S3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Arquivo não assinado]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5707232 2016-09-27] (INCA Internet Co., Ltd.)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Arquivo não assinado]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R3 SshBroker; C:\WINDOWS\System32\SshBroker.dll [360960 2016-12-21] (Microsoft Corporation)
R3 SshProxy; C:\WINDOWS\System32\SshProxy.dll [275456 2016-12-21] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [927280 2016-11-11] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S4 WebManagement; C:\WINDOWS\system32\WebManagement.exe [1000448 2016-09-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-11] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-11] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-11] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-24] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-16] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [41024 2015-09-23] (ELAN Microelectronic Corp.)
R1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2017-01-28] (GAS Tecnologia)
R0 gbpddreg; C:\WINDOWS\System32\drivers\gbpddreg64.sys [29816 2017-01-28] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2016-05-09] (GAS Tecnologia)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 1999-12-31] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8220904 2012-02-15] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 1999-12-31] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [16056 2016-11-11] (SlimWare Utilities, Inc.)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2016-05-09] (GAS Tecnologia LTDA)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [28376 2017-01-28] (GAS Tecnologia)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [47176 2016-06-21] (GAS Tecnologia)
S1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [25184 2016-11-11] (GAS Tecnologia)
S3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [25184 2016-11-11] (GAS Tecnologia)
R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
U3 idsvc; não ImagePath
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
NETSVC: debugregsvc -> C:\Windows\System32\debugregsvc.dll (Microsoft Corporation)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-02-03 10:32 - 2017-02-03 10:33 - 00033004 _____ C:\Users\Felipe\Downloads\FRST.txt
2017-02-03 10:31 - 2017-02-03 10:32 - 00000000 ____D C:\FRST
2017-02-03 10:30 - 2017-02-03 10:30 - 02420736 _____ (Farbar) C:\Users\Felipe\Downloads\FRST64.exe
2017-02-02 09:09 - 2017-02-02 09:24 - 02459320 _____ C:\Users\Felipe\Downloads\Gramática.zip
2017-02-01 21:38 - 2017-02-01 21:39 - 1161345668 _____ C:\Users\Felipe\Downloads\Lei 8.112.zip
2017-02-01 20:42 - 2017-02-01 20:43 - 04030410 _____ C:\Users\Felipe\Downloads\Figuras-de-Linguagem-Verbos-Concordancias-Substantivos-e-Adjetivos.rar
2017-02-01 20:28 - 2017-02-01 20:28 - 00000000 ____D C:\Users\Felipe\Documents\HP Photosmart Projects
2017-02-01 20:21 - 2017-02-01 20:21 - 00000000 ____D C:\Users\Felipe\Downloads\6245- Exercicios de- Língua Portuguesa- para- Concursos
2017-02-01 20:20 - 2017-02-01 20:20 - 00899142 _____ C:\Users\Felipe\Downloads\6245- Exercicios de- Língua Portuguesa- para- Concursos.rar
2017-02-01 09:27 - 2017-02-01 09:29 - 00000000 ____D C:\Users\Felipe\Documents\Animes
2017-01-30 21:36 - 2017-01-30 21:59 - 214184171 _____ C:\Users\Felipe\Downloads\PUNCH_Yowamushi_Pedal_New_Generation_-_04_SD.mp4
2017-01-29 23:26 - 2017-01-29 23:32 - 00000000 ____D C:\Users\Felipe\Downloads\SIMPSONS
2017-01-29 17:31 - 2017-01-29 17:31 - 00003944 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1485718271
2017-01-29 17:31 - 2017-01-29 17:31 - 00001162 _____ C:\Users\Public\Desktop\Opera.lnk
2017-01-29 17:31 - 2017-01-29 17:31 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-01-29 17:28 - 2017-01-29 17:31 - 00000000 ____D C:\Program Files\Opera
2017-01-29 17:26 - 2017-01-29 17:27 - 01152720 _____ (Opera Software) C:\Users\Felipe\Downloads\OperaSetup.exe
2017-01-29 14:28 - 2017-01-29 14:28 - 00000000 ____D C:\Users\Felipe\AppData\LocalLow\uTorrent
2017-01-29 13:11 - 2017-01-29 13:11 - 00000000 ____D C:\Users\Felipe\Downloads\TheSimp.S28E09 [SériesinTorrent]
2017-01-29 11:12 - 2017-02-01 20:48 - 00000000 ____D C:\Users\Felipe\Downloads\PMDF
2017-01-27 23:58 - 2017-01-27 23:58 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-01-27 23:58 - 2017-01-27 23:58 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-25 18:56 - 2016-12-21 05:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 18:56 - 2016-12-21 02:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-24 00:28 - 2017-01-24 00:28 - 00198280 _____ C:\Users\Felipe\Desktop\EDITAL PM 2013.pdf
2017-01-24 00:11 - 2017-01-24 00:11 - 00141338 _____ C:\Users\Felipe\Desktop\PARA ESTUDAR.pdf
2017-01-23 00:41 - 2017-01-23 00:41 - 00074395 _____ C:\Users\Felipe\Downloads\Tabela de Análises de Whey (2015).xlsx
2017-01-22 00:09 - 2017-01-22 00:09 - 00119820 _____ C:\Users\Felipe\Desktop\Bradesco Comércio Eletrônico.pdf
2017-01-17 23:27 - 2017-01-17 23:27 - 00102331 _____ C:\Users\Felipe\Desktop\Avianca Brasil - reserva.pdf
2017-01-15 22:34 - 2017-01-15 22:34 - 01254618 _____ C:\Users\Felipe\Downloads\Direito Processual Civil Contem - Humberto Dalla Bernardina de Pi (1).epub
2017-01-15 22:34 - 2017-01-15 22:34 - 01066797 _____ C:\Users\Felipe\Downloads\Direito Processual Civil Contem - Humberto Dalla Bernardina de Pi.epub
2017-01-13 09:44 - 2017-01-13 09:48 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2017-01-13 09:44 - 2017-01-13 09:48 - 00000000 ____D C:\ProgramData\McAfee
2017-01-13 09:44 - 2017-01-13 09:44 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-01-13 09:44 - 2016-04-26 17:56 - 00277744 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
2017-01-13 09:43 - 2017-01-13 09:43 - 00000000 ____D C:\Users\Todos os Usuários\SharewareOnSale Notifier
2017-01-13 09:43 - 2017-01-13 09:43 - 00000000 ____D C:\ProgramData\SharewareOnSale Notifier
2017-01-13 08:33 - 2017-01-13 08:33 - 00127103 _____ C:\Users\Felipe\Desktop\UNIP __..pdf
2017-01-11 15:59 - 2016-12-21 06:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 15:59 - 2016-12-21 06:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 15:59 - 2016-12-21 05:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 15:59 - 2016-12-21 05:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 15:59 - 2016-12-21 05:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 15:59 - 2016-12-21 05:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 15:59 - 2016-12-21 05:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 15:59 - 2016-12-21 05:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 15:59 - 2016-12-21 05:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 15:59 - 2016-12-21 05:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 15:59 - 2016-12-21 05:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 15:59 - 2016-12-21 05:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 15:59 - 2016-12-21 05:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 15:59 - 2016-12-21 05:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 15:59 - 2016-12-21 04:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 15:59 - 2016-12-21 04:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 15:59 - 2016-12-21 04:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 15:59 - 2016-12-21 04:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 15:59 - 2016-12-21 04:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 15:59 - 2016-12-21 04:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 15:59 - 2016-12-21 04:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 15:59 - 2016-12-21 04:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 15:59 - 2016-12-21 04:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 15:59 - 2016-12-21 04:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 15:59 - 2016-12-21 03:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 15:59 - 2016-12-21 03:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 15:59 - 2016-12-21 03:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 15:59 - 2016-12-21 02:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 15:59 - 2016-12-21 02:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 15:59 - 2016-12-21 02:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 15:59 - 2016-12-21 02:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 15:59 - 2016-12-21 02:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 15:59 - 2016-12-21 02:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 15:59 - 2016-12-21 02:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 15:59 - 2016-12-21 02:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 15:59 - 2016-12-21 02:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 15:59 - 2016-12-21 02:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 15:59 - 2016-12-21 02:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 15:59 - 2016-12-21 02:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 15:59 - 2016-12-21 02:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 15:59 - 2016-12-21 02:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 15:59 - 2016-12-21 02:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 15:59 - 2016-12-21 02:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 15:59 - 2016-12-14 03:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 15:59 - 2016-12-14 03:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 15:59 - 2016-12-14 03:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 15:59 - 2016-12-14 03:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 15:59 - 2016-12-14 03:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 15:59 - 2016-12-14 03:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 15:59 - 2016-12-14 03:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 15:59 - 2016-12-14 02:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 15:59 - 2016-12-14 02:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 15:59 - 2016-12-14 02:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 15:59 - 2016-12-14 02:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 15:59 - 2016-12-14 02:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 15:59 - 2016-12-14 02:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 15:59 - 2016-12-14 02:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 15:59 - 2016-12-14 02:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 15:59 - 2016-12-14 02:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 15:59 - 2016-12-14 02:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 15:59 - 2016-12-14 02:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 15:59 - 2016-12-14 02:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 15:59 - 2016-12-14 02:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 15:59 - 2016-12-14 02:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 15:59 - 2016-12-14 02:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 15:59 - 2016-12-14 02:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 15:59 - 2016-12-14 02:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 15:59 - 2016-12-14 02:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 15:59 - 2016-12-14 02:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 15:59 - 2016-12-14 02:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 15:59 - 2016-12-14 02:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 15:59 - 2016-12-14 02:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 15:59 - 2016-11-02 10:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 15:59 - 2016-11-02 08:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 15:59 - 2016-08-02 02:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 15:58 - 2016-12-21 06:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 15:58 - 2016-12-21 05:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 15:58 - 2016-12-21 05:45 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll
2017-01-11 15:58 - 2016-12-21 05:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 15:58 - 2016-12-21 05:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 15:58 - 2016-12-21 05:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 15:58 - 2016-12-21 05:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 15:58 - 2016-12-21 05:10 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshProxy.dll
2017-01-11 15:58 - 2016-12-21 05:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 15:58 - 2016-12-21 05:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 15:58 - 2016-12-21 05:09 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshBroker.dll
2017-01-11 15:58 - 2016-12-21 05:08 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSession.exe
2017-01-11 15:58 - 2016-12-21 05:08 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSftp.exe
2017-01-11 15:58 - 2016-12-21 05:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 15:58 - 2016-12-21 05:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 15:58 - 2016-12-21 05:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 15:58 - 2016-12-21 05:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 15:58 - 2016-12-21 05:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 15:58 - 2016-12-21 05:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 15:58 - 2016-12-21 05:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 15:58 - 2016-12-21 05:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 15:58 - 2016-12-21 05:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 15:58 - 2016-12-21 05:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 15:58 - 2016-12-21 05:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 15:58 - 2016-12-21 04:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 15:58 - 2016-12-21 04:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 15:58 - 2016-12-21 04:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 15:58 - 2016-12-21 04:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 15:58 - 2016-12-21 04:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 15:58 - 2016-12-21 04:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 15:58 - 2016-12-21 04:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 15:58 - 2016-12-21 04:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 15:58 - 2016-12-21 03:03 - 00136544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2017-01-11 15:58 - 2016-12-21 03:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 15:58 - 2016-12-21 03:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 15:58 - 2016-12-21 03:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 15:58 - 2016-12-21 03:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 15:58 - 2016-12-21 03:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 15:58 - 2016-12-21 03:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 15:58 - 2016-12-21 02:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 15:58 - 2016-12-21 02:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 15:58 - 2016-12-21 02:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 15:58 - 2016-12-21 02:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 15:58 - 2016-12-21 02:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 15:58 - 2016-12-21 02:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 15:58 - 2016-12-21 02:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 15:58 - 2016-12-21 02:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 15:58 - 2016-12-14 03:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 15:58 - 2016-12-14 03:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-01-11 15:58 - 2016-12-14 03:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-01-11 15:58 - 2016-12-14 03:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-11 15:58 - 2016-12-14 03:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 15:58 - 2016-12-14 03:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 15:58 - 2016-12-14 03:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 15:58 - 2016-12-14 03:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 15:58 - 2016-12-14 03:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 15:58 - 2016-12-14 03:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 15:58 - 2016-12-14 03:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 15:58 - 2016-12-14 02:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 15:58 - 2016-12-14 02:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 15:58 - 2016-12-14 02:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 15:58 - 2016-12-14 02:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 15:58 - 2016-12-14 02:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 15:58 - 2016-12-14 02:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 15:58 - 2016-12-14 02:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 15:58 - 2016-12-14 02:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 15:58 - 2016-12-14 02:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 15:58 - 2016-12-14 02:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 15:58 - 2016-12-14 02:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 15:58 - 2016-12-14 02:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 15:58 - 2016-12-14 02:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 15:58 - 2016-12-14 02:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 15:58 - 2016-12-14 02:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 15:58 - 2016-12-14 02:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 15:58 - 2016-12-14 02:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 15:58 - 2016-12-14 02:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 15:58 - 2016-11-02 09:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 15:58 - 2016-11-02 08:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 15:58 - 2016-11-02 08:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 15:57 - 2016-12-21 05:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 15:57 - 2016-12-21 05:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 15:57 - 2016-12-21 05:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 15:57 - 2016-12-21 05:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 15:57 - 2016-12-21 05:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 15:57 - 2016-12-21 05:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 15:57 - 2016-12-21 04:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 15:57 - 2016-12-21 04:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 15:57 - 2016-12-21 02:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 15:57 - 2016-12-21 02:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 15:57 - 2016-12-21 02:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 15:57 - 2016-12-21 02:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 15:57 - 2016-12-14 03:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-01-11 15:57 - 2016-12-14 03:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 15:57 - 2016-12-14 03:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 15:57 - 2016-12-14 02:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 15:57 - 2016-12-14 02:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 15:57 - 2016-12-14 02:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 15:57 - 2016-12-14 02:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 15:57 - 2016-12-14 02:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 15:57 - 2016-12-14 02:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-10 08:25 - 2017-01-10 08:28 - 00000000 ____D C:\Users\TEMP\AppData\Local\ConnectedDevicesPlatform
2017-01-10 08:25 - 2017-01-10 08:28 - 00000000 ____D C:\Users\TEMP
2017-01-09 14:11 - 2017-01-09 14:11 - 00098349 _____ C:\Users\Felipe\Desktop\ImpressaoHistoricoEscolar.pdf
2017-01-09 14:09 - 2017-01-09 14:09 - 00132947 _____ C:\Users\Felipe\Desktop\ContratoMatriculaPDF.pdf
2017-01-04 20:30 - 2017-01-04 20:30 - 00000219 _____ C:\Users\Felipe\Desktop\Dota 2.url
2017-01-04 20:28 - 2017-01-04 20:28 - 00000000 ____D C:\Users\Felipe\AppData\Local\Chromium
2017-01-04 20:14 - 2017-01-31 15:00 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-04 20:14 - 2017-01-04 20:14 - 00000992 _____ C:\Users\Public\Desktop\Steam.lnk
2017-01-04 20:14 - 2017-01-04 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-01-04 09:20 - 2017-01-04 09:20 - 00001219 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2017-01-04 09:20 - 2017-01-04 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2017-01-04 09:20 - 2017-01-04 09:20 - 00000000 ____D C:\Program Files (x86)\DsNET Corp
2017-01-04 09:20 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\WINDOWS\SysWOW64\fmcodec.DLL
2017-01-04 09:10 - 2017-01-04 09:11 - 17622984 _____ (DsNET Corp ) C:\Users\Felipe\Downloads\aTube_Catcher.exe
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-02-03 09:44 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-03 09:41 - 2016-08-24 21:10 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-03 00:35 - 2015-04-18 01:07 - 00002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-03 00:35 - 2015-04-18 01:07 - 00002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-02 11:55 - 2016-11-11 15:26 - 00000000 ____D C:\Users\Felipe\Documents\Minhas digitalizações
2017-02-02 09:28 - 2016-07-16 09:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-01 20:21 - 2016-04-02 22:19 - 00000000 ____D C:\Users\Felipe\AppData\Local\Packages
2017-01-31 15:01 - 2016-08-24 21:40 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-01-31 15:00 - 2016-04-02 22:20 - 00000000 __SHD C:\Users\Felipe\IntelGraphicsProfiles
2017-01-31 14:59 - 2015-06-26 21:44 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2017-01-31 14:59 - 2015-06-26 21:44 - 00000000 ____D C:\ProgramData\GbPlugin
2017-01-30 23:42 - 2015-04-27 08:26 - 00000000 ____D C:\Users\Felipe\AppData\Roaming\uTorrent
2017-01-29 23:35 - 2016-02-26 22:43 - 00000000 ____D C:\Users\Felipe\Downloads\Livros de Direito
2017-01-29 23:33 - 2016-11-28 10:01 - 00000000 ____D C:\Users\Felipe\Downloads\Animes
2017-01-29 17:31 - 2015-10-16 19:03 - 00000000 ____D C:\Users\Felipe\AppData\Roaming\Opera Software
2017-01-29 17:31 - 2015-10-16 19:03 - 00000000 ____D C:\Users\Felipe\AppData\Local\Opera Software
2017-01-29 16:23 - 2015-04-27 15:09 - 00000000 ____D C:\Users\Felipe\Downloads\Torrent
2017-01-28 13:32 - 2016-11-11 15:17 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2017-01-28 13:31 - 2016-11-11 15:17 - 00029816 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddreg64.sys
2017-01-28 13:30 - 2016-11-11 15:17 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2017-01-28 13:29 - 2016-11-11 15:18 - 00028376 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2017-01-28 13:29 - 2016-08-24 21:20 - 00000000 ____D C:\Users\Felipe
2017-01-28 13:28 - 2016-08-24 21:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-27 23:54 - 2017-01-02 12:16 - 00000000 ____D C:\Users\Felipe\Desktop\AT O2016 By PHDowns
2017-01-26 23:45 - 2016-07-16 09:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-24 18:18 - 2016-12-17 18:28 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-24 18:18 - 2016-04-02 22:26 - 00002411 _____ C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-24 18:18 - 2016-04-02 22:26 - 00000000 ___RD C:\Users\Felipe\OneDrive
2017-01-21 00:08 - 2015-05-25 08:10 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-16 14:01 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-15 09:24 - 2015-04-21 01:05 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-13 23:30 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-13 23:29 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-13 12:13 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-11 18:17 - 2016-07-16 09:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-11 18:08 - 2016-07-16 09:47 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2017-01-11 18:08 - 2016-07-16 09:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-11 18:06 - 2017-01-02 12:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-11 17:44 - 2016-04-02 22:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-11 17:39 - 2016-08-24 21:10 - 00348800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-11 17:38 - 2016-07-16 04:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-01-11 17:37 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 17:37 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 17:36 - 2016-07-16 09:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 17:36 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 17:36 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 17:36 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-11 16:08 - 2015-04-18 01:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 16:05 - 2015-04-18 01:40 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-11 15:30 - 2016-08-24 21:40 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-05 20:41 - 2009-07-14 00:34 - 00000493 _____ C:\WINDOWS\win.ini
2017-01-04 20:34 - 2017-01-02 12:16 - 00000000 ____D C:\Program Files\KMSpico
2017-01-04 20:30 - 2015-04-18 18:04 - 00000000 ____D C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
==================== Arquivos na raiz de alguns diretórios =======
2005-08-18 03:16 - 2016-12-12 21:35 - 0869104 ____H () C:\Users\Felipe\AppData\Roaming\logs.dat
2016-10-15 14:48 - 2016-10-15 14:48 - 0000104 _____ () C:\Users\Felipe\AppData\Roaming\SQLite3.dll
2015-11-02 16:51 - 2015-11-02 16:51 - 0000000 _____ () C:\Users\Felipe\AppData\Local\{33BD26D1-2ED5-4CAE-876D-4D0DC87F7B04}
2015-11-09 18:08 - 2015-11-09 18:08 - 0000000 _____ () C:\Users\Felipe\AppData\Local\{4C9BFA64-295A-470B-A9A9-DA465C19696A}
2016-02-29 19:41 - 2016-02-29 19:41 - 0000000 _____ () C:\Users\Felipe\AppData\Local\{F9EC2906-F952-44B8-ADF8-5CC33EC2DAD5}
2016-08-24 21:14 - 2016-08-24 21:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-20 10:33 - 2016-09-10 10:43 - 0003425 _____ () C:\ProgramData\hpzinstall.log
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job
Alguns arquivos em TEMP:
====================
2017-01-01 23:27 - 2016-12-06 20:39 - 0050720 _____ (HP Inc.) C:\Users\Felipe\AppData\Local\Temp\ACLMInstaller.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-01-26 09:44
==================== Fim de FRST.txt ============================
Executado por Felipe (administrador) em FELIPE-PC (03-02-2017 10:32:01)
Executando a partir de C:\Users\Felipe\Downloads
Perfis Carregados: Felipe (Perfis Disponíveis: Felipe & DefaultAppPool)
Platform: Windows 10 Pro Versão 1607 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files\DriverSetupUtility\FUB\LiveUpdateChecker.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.25.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files\Opera\42.0.2393.517\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files\Opera\42.0.2393.517\opera.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-29] (Realtek Semiconductor)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [927280 2016-11-11] (GAS Tecnologia LTDA)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-16] (AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-08-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-07] (Banco do Brasil)
Winlogon\Notify\ GbPluginbrb: C:\Program Files (x86)\GbPlugin\gbiehbrb.dll [2015-11-16] (Banco de Brasilia S.A.)
Winlogon\Notify\ GbPluginCef-x32: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [X]
HKU\S-1-5-21-1407101166-185733026-294777997-1000\...\Run: [GoogleChromeAutoLaunch_3598036481B262A4AE210A3CE1B03E37] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [935768 2016-12-08] (Google Inc.)
HKU\S-1-5-21-1407101166-185733026-294777997-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-18] (Valve Corporation)
HKU\S-1-5-21-1407101166-185733026-294777997-1000\...\Run: [SharewareOnSale Notifier] => C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe [1008816 2017-01-13] ()
HKU\S-1-5-21-1407101166-185733026-294777997-1000\...\RunOnce: [Uninstall C:\Users\Felipe\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Felipe\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-1407101166-185733026-294777997-1000\...\MountPoints2: {51c04512-89e6-11e6-a448-50b7c34024cf} - "F:\setup.EXE" /AUTORUN
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1947872 2016-06-07] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll -> Nenhum Arquivo
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399028} - C:\Program Files (x86)\GbPlugin\gbiehbrb.dll [1870560 2015-11-16] (Banco de Brasilia S.A.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Felipe\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-11] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Felipe\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-11] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Felipe\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-11] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-11] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Felipe\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-11] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Felipe\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-11] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Felipe\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-11] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-11-20]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{10639eaa-b308-4c7e-b817-671bc163a1e6}: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{3ee2adcf-f9a4-4e98-923e-cb01d57f6a61}: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{bddaadaa-1b34-4fe8-9c28-d322e0b18550}: [DhcpNameServer] 192.168.25.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.istartsurf.com/?type=hp&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278&q={searchTerms}
HKU\S-1-5-21-1407101166-185733026-294777997-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.istartsurf.com/?type=hp&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278
URLSearchHook: HKU\S-1-5-21-1407101166-185733026-294777997-1000 - (Sem Nome) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Nenhum Arquivo
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435363609&z=ae4ffd46034c3d1194cb365gcz7c9wacdq3c8q3g3q&from=cor&uid=3219913727_198313_9876C278&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1407101166-185733026-294777997-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=3219913727_198313_9876C278&ts=1435363642&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1407101166-185733026-294777997-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_6&ent=ch_5224&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1407101166-185733026-294777997-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=3219913727_198313_9876C278&ts=1435363642&type=default&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-11] (Oracle Corporation)
BHO-x32: Sem Nome -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> Nenhum Arquivo
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-07] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll => Nenhum Arquivo
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540028} -> C:\Program Files (x86)\GbPlugin\gbiehbrb.dll [2015-11-16] (Banco de Brasilia S.A.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-11] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\i6kvx25l.default-1448403199000 [2016-04-07]
FF Homepage: Mozilla\Firefox\Profiles\i6kvx25l.default-1448403199000 -> www.google.com.br
FF Extension: (MyStart Toolbar) - C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\i6kvx25l.default-1448403199000\Extensions\{607b689f-7600-45e4-b8e5-887f72dab15c}.xpi [2015-12-16]
FF Extension: (Video AdBlock for Firefox) - C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\i6kvx25l.default-1448403199000\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-12-24] [não assinado]
FF SearchPlugin: C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\i6kvx25l.default-1448403199000\searchplugins\search-the-web.xml [2015-12-10]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-11]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-11]
FF HKLM-x32\...\Firefox\Extensions: [searchffv2@gmail.com] - C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\3cbvs9q5.default-1432523806056\extensions\searchffv2@gmail.com => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\3cbvs9q5.default-1432523806056\extensions\sweetsearch@gmail.com => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-11-20] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKU\S-1-5-21-1407101166-185733026-294777997-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Felipe\AppData\Local\GAS Tecnologia\GBBD\bb\xpi => não encontrado (a)
FF HKU\S-1-5-21-1407101166-185733026-294777997-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1407101166-185733026-294777997-1000: gastecnologia.com.br/sf/bb64 -> C:\Users\Felipe\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [Nenhum Arquivo]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com.br/
CHR StartupUrls: Default -> "hxxp://www.google.com.br/","hxxp://www.tjdft.jus.br/","hxxps://www.google.com.br/"
CHR Profile: C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default [2017-02-03]
CHR Extension: (Google Apresentações) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-18]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\adldnnhmpcmipijphdbchbfdmnafnjia [2016-10-12]
CHR Extension: (Google Docs) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-18]
CHR Extension: (Google Drive) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-15]
CHR Extension: (Google Search) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-27]
CHR Extension: (Translate Selected Text) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbimffnjoeobhjhochngikepgfejjmgj [2016-06-30]
CHR Extension: (Planilhas do Google) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-18]
CHR Extension: (Documentos Google off-line) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (Acrobat Reader) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjocpdcjohdhoeaoeoflfjnkdpmccdlp [2015-07-30]
CHR Extension: (GBBD Banco do Brasil) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkafhcogdnfhkmiepeebkkdbdphnjfll [2015-04-21]
CHR Extension: (Google Maps) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-10-15]
CHR Extension: (Verificador de mensagens do Google) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-04-18]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Clash of Clans) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofafmlelfljkaoaglplpikoonkceepai [2015-08-21]
CHR Extension: (Gmail) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]
CHR Profile: C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1 [2015-11-16]
CHR Extension: (Google Apresentações) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-14]
CHR Extension: (Google Docs) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-14]
CHR Extension: (Google Drive) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-14]
CHR Extension: (YouTube) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-14]
CHR Extension: (Google Search) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-14]
CHR Extension: (Planilhas do Google) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-14]
CHR Extension: (Documentos Google off-line) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-15]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-14]
CHR Extension: (Gmail) - C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-14]
CHR Profile: C:\Users\Felipe\AppData\Local\Google\Chrome\User Data\System Profile [2015-11-16]
CHR HKU\S-1-5-21-1407101166-185733026-294777997-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dogdoihocdkadpalbghcpfafbojcfofa] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-06-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-15]
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-11] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S2 debugregsvc; C:\WINDOWS\System32\debugregsvc.dll [29184 2016-07-15] (Microsoft Corporation)
S3 DeveloperToolsService; C:\WINDOWS\System32\DeveloperToolsSvc.exe [104448 2016-07-15] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corp.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [631520 2016-06-07] (GAS Tecnologia)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Arquivo não assinado]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Arquivo não assinado]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [329280 2016-02-19] (Intel Corporation)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.)
S3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Arquivo não assinado]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5707232 2016-09-27] (INCA Internet Co., Ltd.)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Arquivo não assinado]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R3 SshBroker; C:\WINDOWS\System32\SshBroker.dll [360960 2016-12-21] (Microsoft Corporation)
R3 SshProxy; C:\WINDOWS\System32\SshProxy.dll [275456 2016-12-21] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [927280 2016-11-11] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S4 WebManagement; C:\WINDOWS\system32\WebManagement.exe [1000448 2016-09-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-11] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-11] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-11] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-24] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-16] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [41024 2015-09-23] (ELAN Microelectronic Corp.)
R1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2017-01-28] (GAS Tecnologia)
R0 gbpddreg; C:\WINDOWS\System32\drivers\gbpddreg64.sys [29816 2017-01-28] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2016-05-09] (GAS Tecnologia)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 1999-12-31] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8220904 2012-02-15] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 1999-12-31] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [16056 2016-11-11] (SlimWare Utilities, Inc.)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2016-05-09] (GAS Tecnologia LTDA)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [28376 2017-01-28] (GAS Tecnologia)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [47176 2016-06-21] (GAS Tecnologia)
S1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [25184 2016-11-11] (GAS Tecnologia)
S3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [25184 2016-11-11] (GAS Tecnologia)
R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
U3 idsvc; não ImagePath
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
NETSVC: debugregsvc -> C:\Windows\System32\debugregsvc.dll (Microsoft Corporation)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-02-03 10:32 - 2017-02-03 10:33 - 00033004 _____ C:\Users\Felipe\Downloads\FRST.txt
2017-02-03 10:31 - 2017-02-03 10:32 - 00000000 ____D C:\FRST
2017-02-03 10:30 - 2017-02-03 10:30 - 02420736 _____ (Farbar) C:\Users\Felipe\Downloads\FRST64.exe
2017-02-02 09:09 - 2017-02-02 09:24 - 02459320 _____ C:\Users\Felipe\Downloads\Gramática.zip
2017-02-01 21:38 - 2017-02-01 21:39 - 1161345668 _____ C:\Users\Felipe\Downloads\Lei 8.112.zip
2017-02-01 20:42 - 2017-02-01 20:43 - 04030410 _____ C:\Users\Felipe\Downloads\Figuras-de-Linguagem-Verbos-Concordancias-Substantivos-e-Adjetivos.rar
2017-02-01 20:28 - 2017-02-01 20:28 - 00000000 ____D C:\Users\Felipe\Documents\HP Photosmart Projects
2017-02-01 20:21 - 2017-02-01 20:21 - 00000000 ____D C:\Users\Felipe\Downloads\6245- Exercicios de- Língua Portuguesa- para- Concursos
2017-02-01 20:20 - 2017-02-01 20:20 - 00899142 _____ C:\Users\Felipe\Downloads\6245- Exercicios de- Língua Portuguesa- para- Concursos.rar
2017-02-01 09:27 - 2017-02-01 09:29 - 00000000 ____D C:\Users\Felipe\Documents\Animes
2017-01-30 21:36 - 2017-01-30 21:59 - 214184171 _____ C:\Users\Felipe\Downloads\PUNCH_Yowamushi_Pedal_New_Generation_-_04_SD.mp4
2017-01-29 23:26 - 2017-01-29 23:32 - 00000000 ____D C:\Users\Felipe\Downloads\SIMPSONS
2017-01-29 17:31 - 2017-01-29 17:31 - 00003944 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1485718271
2017-01-29 17:31 - 2017-01-29 17:31 - 00001162 _____ C:\Users\Public\Desktop\Opera.lnk
2017-01-29 17:31 - 2017-01-29 17:31 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-01-29 17:28 - 2017-01-29 17:31 - 00000000 ____D C:\Program Files\Opera
2017-01-29 17:26 - 2017-01-29 17:27 - 01152720 _____ (Opera Software) C:\Users\Felipe\Downloads\OperaSetup.exe
2017-01-29 14:28 - 2017-01-29 14:28 - 00000000 ____D C:\Users\Felipe\AppData\LocalLow\uTorrent
2017-01-29 13:11 - 2017-01-29 13:11 - 00000000 ____D C:\Users\Felipe\Downloads\TheSimp.S28E09 [SériesinTorrent]
2017-01-29 11:12 - 2017-02-01 20:48 - 00000000 ____D C:\Users\Felipe\Downloads\PMDF
2017-01-27 23:58 - 2017-01-27 23:58 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-01-27 23:58 - 2017-01-27 23:58 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-25 18:56 - 2016-12-21 05:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 18:56 - 2016-12-21 02:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-24 00:28 - 2017-01-24 00:28 - 00198280 _____ C:\Users\Felipe\Desktop\EDITAL PM 2013.pdf
2017-01-24 00:11 - 2017-01-24 00:11 - 00141338 _____ C:\Users\Felipe\Desktop\PARA ESTUDAR.pdf
2017-01-23 00:41 - 2017-01-23 00:41 - 00074395 _____ C:\Users\Felipe\Downloads\Tabela de Análises de Whey (2015).xlsx
2017-01-22 00:09 - 2017-01-22 00:09 - 00119820 _____ C:\Users\Felipe\Desktop\Bradesco Comércio Eletrônico.pdf
2017-01-17 23:27 - 2017-01-17 23:27 - 00102331 _____ C:\Users\Felipe\Desktop\Avianca Brasil - reserva.pdf
2017-01-15 22:34 - 2017-01-15 22:34 - 01254618 _____ C:\Users\Felipe\Downloads\Direito Processual Civil Contem - Humberto Dalla Bernardina de Pi (1).epub
2017-01-15 22:34 - 2017-01-15 22:34 - 01066797 _____ C:\Users\Felipe\Downloads\Direito Processual Civil Contem - Humberto Dalla Bernardina de Pi.epub
2017-01-13 09:44 - 2017-01-13 09:48 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2017-01-13 09:44 - 2017-01-13 09:48 - 00000000 ____D C:\ProgramData\McAfee
2017-01-13 09:44 - 2017-01-13 09:44 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-01-13 09:44 - 2016-04-26 17:56 - 00277744 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
2017-01-13 09:43 - 2017-01-13 09:43 - 00000000 ____D C:\Users\Todos os Usuários\SharewareOnSale Notifier
2017-01-13 09:43 - 2017-01-13 09:43 - 00000000 ____D C:\ProgramData\SharewareOnSale Notifier
2017-01-13 08:33 - 2017-01-13 08:33 - 00127103 _____ C:\Users\Felipe\Desktop\UNIP __..pdf
2017-01-11 15:59 - 2016-12-21 06:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 15:59 - 2016-12-21 06:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 15:59 - 2016-12-21 05:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 15:59 - 2016-12-21 05:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 15:59 - 2016-12-21 05:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 15:59 - 2016-12-21 05:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 15:59 - 2016-12-21 05:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 15:59 - 2016-12-21 05:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 15:59 - 2016-12-21 05:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 15:59 - 2016-12-21 05:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 15:59 - 2016-12-21 05:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 15:59 - 2016-12-21 05:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 15:59 - 2016-12-21 05:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 15:59 - 2016-12-21 05:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 15:59 - 2016-12-21 04:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 15:59 - 2016-12-21 04:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 15:59 - 2016-12-21 04:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 15:59 - 2016-12-21 04:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 15:59 - 2016-12-21 04:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 15:59 - 2016-12-21 04:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 15:59 - 2016-12-21 04:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 15:59 - 2016-12-21 04:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 15:59 - 2016-12-21 04:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 15:59 - 2016-12-21 04:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 15:59 - 2016-12-21 03:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 15:59 - 2016-12-21 03:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 15:59 - 2016-12-21 03:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 15:59 - 2016-12-21 02:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 15:59 - 2016-12-21 02:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 15:59 - 2016-12-21 02:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 15:59 - 2016-12-21 02:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 15:59 - 2016-12-21 02:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 15:59 - 2016-12-21 02:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 15:59 - 2016-12-21 02:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 15:59 - 2016-12-21 02:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 15:59 - 2016-12-21 02:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 15:59 - 2016-12-21 02:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 15:59 - 2016-12-21 02:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 15:59 - 2016-12-21 02:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 15:59 - 2016-12-21 02:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 15:59 - 2016-12-21 02:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 15:59 - 2016-12-21 02:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 15:59 - 2016-12-21 02:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 15:59 - 2016-12-14 03:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 15:59 - 2016-12-14 03:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 15:59 - 2016-12-14 03:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 15:59 - 2016-12-14 03:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 15:59 - 2016-12-14 03:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 15:59 - 2016-12-14 03:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 15:59 - 2016-12-14 03:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 15:59 - 2016-12-14 02:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 15:59 - 2016-12-14 02:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 15:59 - 2016-12-14 02:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 15:59 - 2016-12-14 02:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 15:59 - 2016-12-14 02:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 15:59 - 2016-12-14 02:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 15:59 - 2016-12-14 02:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 15:59 - 2016-12-14 02:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 15:59 - 2016-12-14 02:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 15:59 - 2016-12-14 02:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 15:59 - 2016-12-14 02:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 15:59 - 2016-12-14 02:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 15:59 - 2016-12-14 02:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 15:59 - 2016-12-14 02:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 15:59 - 2016-12-14 02:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 15:59 - 2016-12-14 02:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 15:59 - 2016-12-14 02:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 15:59 - 2016-12-14 02:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 15:59 - 2016-12-14 02:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 15:59 - 2016-12-14 02:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 15:59 - 2016-12-14 02:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 15:59 - 2016-12-14 02:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 15:59 - 2016-11-02 10:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 15:59 - 2016-11-02 08:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 15:59 - 2016-08-02 02:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 15:58 - 2016-12-21 06:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 15:58 - 2016-12-21 05:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 15:58 - 2016-12-21 05:45 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll
2017-01-11 15:58 - 2016-12-21 05:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 15:58 - 2016-12-21 05:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 15:58 - 2016-12-21 05:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 15:58 - 2016-12-21 05:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 15:58 - 2016-12-21 05:10 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshProxy.dll
2017-01-11 15:58 - 2016-12-21 05:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 15:58 - 2016-12-21 05:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 15:58 - 2016-12-21 05:09 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshBroker.dll
2017-01-11 15:58 - 2016-12-21 05:08 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSession.exe
2017-01-11 15:58 - 2016-12-21 05:08 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSftp.exe
2017-01-11 15:58 - 2016-12-21 05:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 15:58 - 2016-12-21 05:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 15:58 - 2016-12-21 05:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 15:58 - 2016-12-21 05:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 15:58 - 2016-12-21 05:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 15:58 - 2016-12-21 05:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 15:58 - 2016-12-21 05:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 15:58 - 2016-12-21 05:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 15:58 - 2016-12-21 05:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 15:58 - 2016-12-21 05:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 15:58 - 2016-12-21 05:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 15:58 - 2016-12-21 04:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 15:58 - 2016-12-21 04:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 15:58 - 2016-12-21 04:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 15:58 - 2016-12-21 04:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 15:58 - 2016-12-21 04:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 15:58 - 2016-12-21 04:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 15:58 - 2016-12-21 04:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 15:58 - 2016-12-21 04:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 15:58 - 2016-12-21 03:03 - 00136544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2017-01-11 15:58 - 2016-12-21 03:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 15:58 - 2016-12-21 03:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 15:58 - 2016-12-21 03:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 15:58 - 2016-12-21 03:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 15:58 - 2016-12-21 03:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 15:58 - 2016-12-21 03:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 15:58 - 2016-12-21 02:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 15:58 - 2016-12-21 02:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 15:58 - 2016-12-21 02:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 15:58 - 2016-12-21 02:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 15:58 - 2016-12-21 02:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 15:58 - 2016-12-21 02:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 15:58 - 2016-12-21 02:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 15:58 - 2016-12-21 02:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 15:58 - 2016-12-14 03:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 15:58 - 2016-12-14 03:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-01-11 15:58 - 2016-12-14 03:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-01-11 15:58 - 2016-12-14 03:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-01-11 15:58 - 2016-12-14 03:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-11 15:58 - 2016-12-14 03:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 15:58 - 2016-12-14 03:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 15:58 - 2016-12-14 03:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 15:58 - 2016-12-14 03:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 15:58 - 2016-12-14 03:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 15:58 - 2016-12-14 03:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 15:58 - 2016-12-14 03:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 15:58 - 2016-12-14 02:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 15:58 - 2016-12-14 02:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 15:58 - 2016-12-14 02:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 15:58 - 2016-12-14 02:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 15:58 - 2016-12-14 02:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 15:58 - 2016-12-14 02:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 15:58 - 2016-12-14 02:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 15:58 - 2016-12-14 02:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 15:58 - 2016-12-14 02:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 15:58 - 2016-12-14 02:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 15:58 - 2016-12-14 02:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 15:58 - 2016-12-14 02:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 15:58 - 2016-12-14 02:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 15:58 - 2016-12-14 02:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 15:58 - 2016-12-14 02:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 15:58 - 2016-12-14 02:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 15:58 - 2016-12-14 02:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 15:58 - 2016-12-14 02:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 15:58 - 2016-11-02 09:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 15:58 - 2016-11-02 08:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 15:58 - 2016-11-02 08:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 15:57 - 2016-12-21 05:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 15:57 - 2016-12-21 05:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 15:57 - 2016-12-21 05:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 15:57 - 2016-12-21 05:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 15:57 - 2016-12-21 05:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 15:57 - 2016-12-21 05:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 15:57 - 2016-12-21 04:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 15:57 - 2016-12-21 04:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 15:57 - 2016-12-21 02:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 15:57 - 2016-12-21 02:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 15:57 - 2016-12-21 02:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 15:57 - 2016-12-21 02:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 15:57 - 2016-12-14 03:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-01-11 15:57 - 2016-12-14 03:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 15:57 - 2016-12-14 03:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 15:57 - 2016-12-14 02:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 15:57 - 2016-12-14 02:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 15:57 - 2016-12-14 02:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 15:57 - 2016-12-14 02:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 15:57 - 2016-12-14 02:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 15:57 - 2016-12-14 02:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-10 08:25 - 2017-01-10 08:28 - 00000000 ____D C:\Users\TEMP\AppData\Local\ConnectedDevicesPlatform
2017-01-10 08:25 - 2017-01-10 08:28 - 00000000 ____D C:\Users\TEMP
2017-01-09 14:11 - 2017-01-09 14:11 - 00098349 _____ C:\Users\Felipe\Desktop\ImpressaoHistoricoEscolar.pdf
2017-01-09 14:09 - 2017-01-09 14:09 - 00132947 _____ C:\Users\Felipe\Desktop\ContratoMatriculaPDF.pdf
2017-01-04 20:30 - 2017-01-04 20:30 - 00000219 _____ C:\Users\Felipe\Desktop\Dota 2.url
2017-01-04 20:28 - 2017-01-04 20:28 - 00000000 ____D C:\Users\Felipe\AppData\Local\Chromium
2017-01-04 20:14 - 2017-01-31 15:00 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-04 20:14 - 2017-01-04 20:14 - 00000992 _____ C:\Users\Public\Desktop\Steam.lnk
2017-01-04 20:14 - 2017-01-04 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-01-04 09:20 - 2017-01-04 09:20 - 00001219 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2017-01-04 09:20 - 2017-01-04 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2017-01-04 09:20 - 2017-01-04 09:20 - 00000000 ____D C:\Program Files (x86)\DsNET Corp
2017-01-04 09:20 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\WINDOWS\SysWOW64\fmcodec.DLL
2017-01-04 09:10 - 2017-01-04 09:11 - 17622984 _____ (DsNET Corp ) C:\Users\Felipe\Downloads\aTube_Catcher.exe
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-02-03 09:44 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-03 09:41 - 2016-08-24 21:10 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-03 00:35 - 2015-04-18 01:07 - 00002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-03 00:35 - 2015-04-18 01:07 - 00002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-02 11:55 - 2016-11-11 15:26 - 00000000 ____D C:\Users\Felipe\Documents\Minhas digitalizações
2017-02-02 09:28 - 2016-07-16 09:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-01 20:21 - 2016-04-02 22:19 - 00000000 ____D C:\Users\Felipe\AppData\Local\Packages
2017-01-31 15:01 - 2016-08-24 21:40 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-01-31 15:00 - 2016-04-02 22:20 - 00000000 __SHD C:\Users\Felipe\IntelGraphicsProfiles
2017-01-31 14:59 - 2015-06-26 21:44 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2017-01-31 14:59 - 2015-06-26 21:44 - 00000000 ____D C:\ProgramData\GbPlugin
2017-01-30 23:42 - 2015-04-27 08:26 - 00000000 ____D C:\Users\Felipe\AppData\Roaming\uTorrent
2017-01-29 23:35 - 2016-02-26 22:43 - 00000000 ____D C:\Users\Felipe\Downloads\Livros de Direito
2017-01-29 23:33 - 2016-11-28 10:01 - 00000000 ____D C:\Users\Felipe\Downloads\Animes
2017-01-29 17:31 - 2015-10-16 19:03 - 00000000 ____D C:\Users\Felipe\AppData\Roaming\Opera Software
2017-01-29 17:31 - 2015-10-16 19:03 - 00000000 ____D C:\Users\Felipe\AppData\Local\Opera Software
2017-01-29 16:23 - 2015-04-27 15:09 - 00000000 ____D C:\Users\Felipe\Downloads\Torrent
2017-01-28 13:32 - 2016-11-11 15:17 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2017-01-28 13:31 - 2016-11-11 15:17 - 00029816 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddreg64.sys
2017-01-28 13:30 - 2016-11-11 15:17 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2017-01-28 13:29 - 2016-11-11 15:18 - 00028376 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2017-01-28 13:29 - 2016-08-24 21:20 - 00000000 ____D C:\Users\Felipe
2017-01-28 13:28 - 2016-08-24 21:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-27 23:54 - 2017-01-02 12:16 - 00000000 ____D C:\Users\Felipe\Desktop\AT O2016 By PHDowns
2017-01-26 23:45 - 2016-07-16 09:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-24 18:18 - 2016-12-17 18:28 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-24 18:18 - 2016-04-02 22:26 - 00002411 _____ C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-24 18:18 - 2016-04-02 22:26 - 00000000 ___RD C:\Users\Felipe\OneDrive
2017-01-21 00:08 - 2015-05-25 08:10 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-16 14:01 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-15 09:24 - 2015-04-21 01:05 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-13 23:30 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-13 23:29 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-13 12:13 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-11 18:17 - 2016-07-16 09:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-11 18:08 - 2016-07-16 09:47 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2017-01-11 18:08 - 2016-07-16 09:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-11 18:06 - 2017-01-02 12:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-11 17:44 - 2016-04-02 22:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-11 17:39 - 2016-08-24 21:10 - 00348800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-11 17:38 - 2016-07-16 04:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-01-11 17:37 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 17:37 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 17:36 - 2016-07-16 09:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 17:36 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 17:36 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 17:36 - 2016-07-16 09:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-11 16:08 - 2015-04-18 01:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 16:05 - 2015-04-18 01:40 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-11 15:30 - 2016-08-24 21:40 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-05 20:41 - 2009-07-14 00:34 - 00000493 _____ C:\WINDOWS\win.ini
2017-01-04 20:34 - 2017-01-02 12:16 - 00000000 ____D C:\Program Files\KMSpico
2017-01-04 20:30 - 2015-04-18 18:04 - 00000000 ____D C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
==================== Arquivos na raiz de alguns diretórios =======
2005-08-18 03:16 - 2016-12-12 21:35 - 0869104 ____H () C:\Users\Felipe\AppData\Roaming\logs.dat
2016-10-15 14:48 - 2016-10-15 14:48 - 0000104 _____ () C:\Users\Felipe\AppData\Roaming\SQLite3.dll
2015-11-02 16:51 - 2015-11-02 16:51 - 0000000 _____ () C:\Users\Felipe\AppData\Local\{33BD26D1-2ED5-4CAE-876D-4D0DC87F7B04}
2015-11-09 18:08 - 2015-11-09 18:08 - 0000000 _____ () C:\Users\Felipe\AppData\Local\{4C9BFA64-295A-470B-A9A9-DA465C19696A}
2016-02-29 19:41 - 2016-02-29 19:41 - 0000000 _____ () C:\Users\Felipe\AppData\Local\{F9EC2906-F952-44B8-ADF8-5CC33EC2DAD5}
2016-08-24 21:14 - 2016-08-24 21:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-20 10:33 - 2016-09-10 10:43 - 0003425 _____ () C:\ProgramData\hpzinstall.log
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job
Alguns arquivos em TEMP:
====================
2017-01-01 23:27 - 2016-12-06 20:39 - 0050720 _____ (HP Inc.) C:\Users\Felipe\AppData\Local\Temp\ACLMInstaller.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-01-26 09:44
==================== Fim de FRST.txt ============================