Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 11-09-2017
Executado por renat (administrador) em RENATO (11-09-2017 12:33:49)
Executando a partir de C:\Users\renat\Desktop
Perfis Carregados: renat (Perfis Disponíveis: defaultuser0 & renat)
Platform: Windows 10 Pro Versão 1703 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
() C:\Windows\System32\PnkBstrA.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Alcohol Soft Development Team) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAHCIServiceEx.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Program Files (x86)\Legendas-3.4\srvcdb.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Corsair Components, Inc.) C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe
(Corsair Components, Inc.) C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe
(BitTorrent Inc.) C:\Users\renat\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files (x86)\Genius\Gila\mousehid.exe
(Rizonesoft) C:\Program Files\Rizonesoft\Firemin\Firemin.exe
(BitTorrent Inc.) C:\Users\renat\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
(BitTorrent Inc.) C:\Users\renat\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
() C:\Program Files (x86)\Genius\Gila\trayicon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Sports Interactive) D:\Program Files (x86)\Games\Football Manager + Touch 2017\FM 2017\fm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CrackingPatching) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-06-30] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1047000 2017-04-06] (DivX, LLC)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Gila] => C:\Program Files (x86)\Genius\Gila\mousehid.exe [307712 2013-01-07] ()
HKLM-x32\...\Run: [Path] => C:\Program Files (x86)\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe [1989632 2012-06-08] ()
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9832152 2017-08-03] (Piriform Ltd)
HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2017-05-07] (Glarysoft Ltd)
HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Run: [CorsairLink4] => C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe [26947792 2017-02-27] (Corsair Components, Inc.)
HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Run: [uTorrent] => C:\Users\renat\AppData\Roaming\uTorrent\uTorrent.exe [2146496 2017-06-30] (BitTorrent Inc.)
HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\amddvr.exe [1433992 2017-09-05] (Advanced Micro Devices, Inc.)
Startup: C:\Users\renat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firemin.lnk [2017-08-24]
ShortcutTarget: Firemin.lnk -> C:\Program Files\Rizonesoft\Firemin\Firemin.exe (Rizonesoft)
Startup: C:\Users\renat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE AORUS GRAPHICS ENGINE.lnk [2017-07-27]
ShortcutTarget: GIGABYTE AORUS GRAPHICS ENGINE.lnk -> C:\Program Files (x86)\Gigabyte\AORUS GRAPHICS ENGINE\autorun.exe ()
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyServer: [S-1-5-21-3756162619-268681666-269873450-1001] => http=127.0.0.1:8888;
Hosts: 127.0.0.1 my.nalpeiron.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d94a3ec9-8b1f-482f-a5b9-784e96797d91}: [DhcpNameServer] 192.168.1.1
ManualProxies: 1http=127.0.0.1:8888;
Internet Explorer:
==================
URLSearchHook: [S-1-5-21-3756162619-268681666-269873450-1001] ATENÇÃO => A URLSearchHook Padrão está ausente
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-07-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-07-01] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: m8t4fdna.default
FF ProfilePath: C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default [2017-09-11]
FF NewTab: Mozilla\Firefox\Profiles\m8t4fdna.default -> nohomepageset
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\m8t4fdna.default -> Yahoo®
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\m8t4fdna.default -> Yahoo®
FF Homepage: Mozilla\Firefox\Profiles\m8t4fdna.default -> hxxps://www.google.com.br
FF NetworkProxy: Mozilla\Firefox\Profiles\m8t4fdna.default -> type", 0
FF Extension: (Desprotetor de Links) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default\Extensions\desprotetordelinks@claudio-silva.com.xpi [2017-05-15]
FF Extension: (MEGA) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default\Extensions\firefox@mega.co.nz.xpi [2017-09-06]
FF Extension: (YouTube™ Enhancer Plus) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default\Extensions\firefoxaddon@youtubeenhancer.com.xpi [2017-05-15]
FF Extension: (Nimbus Screen Capture) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default\Extensions\nimbusscreencaptureff@everhelper.me.xpi [2017-09-07]
FF Extension: (Google Translator for Firefox) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default\Extensions\translator@zoli.bod.xpi [2017-05-26]
FF Extension: (Video DownloadHelper) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-15]
FF Extension: (Adblock Plus) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (Sem Nome) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2017-04-25]
FF HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\renat\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\renat\AppData\Roaming\IDM\idmmzcc5 [2017-05-15] [não assinado]
FF HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-08] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-08] ()
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-04-06] (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-07-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-07-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-15] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-07-05]
Chrome:
=======
CHR Profile: C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default [2017-08-16]
CHR Extension: (Google Apresentações) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-15]
CHR Extension: (Google Docs) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-08]
CHR Extension: (Google Drive) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-08]
CHR Extension: (YouTube) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-08]
CHR Extension: (Adobe Acrobat) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-15]
CHR Extension: (Planilhas do Google) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-15]
CHR Extension: (Documentos Google off-line) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-08]
CHR Extension: (IDM Integration Module) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-07-17]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-15]
CHR Extension: (Gmail) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-08]
CHR Extension: (Chrome Media Router) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-17]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-04-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-04-26]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 ALG; C:\WINDOWS\System32\alg.exe [92672 2017-03-18] (Microsoft Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S4 AppVClient; C:\WINDOWS\system32\AppVClient.exe [846752 2017-07-07] (Microsoft Corporation)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
R2 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAHCIServiceEx.exe [99712 2015-12-04] (Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530888 2017-07-06] ()
R2 CDPUserSvc_366ce38; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 CDPUserSvc_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [86224 2017-02-27] (Corsair Components, Inc.)
R2 COMCdbService; C:\Program Files (x86)\Legendas-3.4\srvcdb.exe [1854976 2015-12-24] () [Arquivo não assinado]
S3 DevicesFlowUserSvc_366ce38; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATENÇÃO (não ServiceDLL)
S3 DevicesFlowUserSvc_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATENÇÃO (não ServiceDLL)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-08-03] (EasyAntiCheat Ltd)
S2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S3 Fax; C:\WINDOWS\system32\fxssvc.exe [637440 2017-03-18] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Arquivo não assinado]
S3 MessagingService_366ce38; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATENÇÃO (não ServiceDLL)
S3 MessagingService_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATENÇÃO (não ServiceDLL)
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [147456 2017-03-18] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\System32\msiexec.exe [66048 2017-03-18] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe [59392 2017-03-18] (Microsoft Corporation)
R2 OneSyncSvc_366ce38; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 OneSyncSvc_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-08-23] (Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-08-23] (Electronic Arts)
R3 PimIndexMaintenanceSvc_366ce38; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-06-24] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-06-24] ()
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [11264 2017-03-18] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [58488 2017-07-07] (Microsoft Corporation)
R2 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [336320 2017-07-07] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1284608 2017-03-18] (Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15872 2017-05-29] (Microsoft Corporation)
S3 spectrum; C:\WINDOWS\system32\spectrum.exe [891904 2017-03-18] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [757760 2017-03-18] (Microsoft Corporation)
S2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [4574192 2017-03-18] (Microsoft Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Arquivo não assinado]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
S3 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [302592 2017-03-18] (Microsoft Corporation)
S4 UevAgentService; C:\WINDOWS\system32\AgentService.exe [1200640 2017-03-20] (Microsoft Corporation)
S3 UI0Detect; C:\WINDOWS\system32\UI0Detect.exe [43008 2017-03-18] (Microsoft Corporation)
R3 UnistoreSvc_366ce38; C:\WINDOWS\System32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 UnistoreSvc_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R3 UserDataSvc_366ce38; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 UserDataSvc_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 vds; C:\WINDOWS\System32\vds.exe [643072 2017-03-18] (Microsoft Corporation)
R3 VSS; C:\WINDOWS\system32\vssvc.exe [1550848 2017-03-18] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 WpnUserService_366ce38; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 WpnUserService_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [933376 2017-06-03] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [797184 2017-06-03] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2017-05-15] (Advanced Micro Devices Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0317685.inf_amd64_f4ed8f05a31c5d2d\atikmdag.sys [38761496 2017-09-07] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0317685.inf_amd64_f4ed8f05a31c5d2d\atikmpag.sys [541720 2017-09-07] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-04-26] (Advanced Micro Devices)
R3 cpuz141; C:\WINDOWS\TEMP\cpuz141\cpuz141_x64.sys [46400 2017-09-11] (CPUID)
S3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2017-05-15] (Glarysoft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2017-05-15] ()
R1 HWiNFO32; C:\Windows\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-05-15] (REALiX(tm))
R1 legendasdrv; C:\WINDOWS\System32\drivers\legendasdrv.sys [58032 2015-12-18] (Windows (R) Win 7 DDK provider)
R1 MpKsl589d2b60; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1166C316-E4D5-423A-A47E-86ED78E3B01D}\MpKsl589d2b60.sys [44928 2017-09-07] (Microsoft Corporation)
R1 MpKsla035570c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F7C67218-24FF-420E-93A6-066E0EB49D1E}\MpKsla035570c.sys [44928 2017-09-09] (Microsoft Corporation)
S2 Proteq; C:\Windows\SysWow64\Drivers\Proteq.sys [7598 2012-06-25] (PROTEQ) [Arquivo não assinado]
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [954368 2017-05-15] (Realtek )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2017-05-15] (Duplex Secure Ltd)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-09-11 12:33 - 2017-09-11 12:33 - 000083710 _____ C:\Users\renat\Desktop\Addition.txt
2017-09-11 12:32 - 2017-09-11 12:33 - 000026211 _____ C:\Users\renat\Desktop\FRST.txt
2017-09-11 12:32 - 2017-09-11 12:33 - 000000000 ____D C:\FRST
2017-09-11 12:31 - 2017-09-11 12:31 - 002396672 _____ (Farbar) C:\Users\renat\Desktop\FRST64.exe
2017-09-11 12:28 - 2017-09-11 12:28 - 000000000 ____D C:\Users\renat\AppData\Roaming\ZHP
2017-09-11 12:28 - 2017-09-11 12:28 - 000000000 ____D C:\Users\renat\AppData\Local\ZHP
2017-09-08 19:01 - 2017-09-09 15:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Promob
2017-09-08 19:01 - 2017-09-08 19:01 - 000000000 ___HD C:\Users\Todos os Usuários\Permission
2017-09-08 19:01 - 2017-09-08 19:01 - 000000000 ___HD C:\ProgramData\Permission
2017-09-08 19:01 - 2017-09-08 19:01 - 000000000 ____D C:\Users\Todos os Usuários\Procad
2017-09-08 19:01 - 2017-09-08 19:01 - 000000000 ____D C:\Users\Todos os Usuários\Isolated Storage
2017-09-08 19:01 - 2017-09-08 19:01 - 000000000 ____D C:\ProgramData\Procad
2017-09-08 19:01 - 2017-09-08 19:01 - 000000000 ____D C:\ProgramData\Isolated Storage
2017-09-08 18:49 - 2017-09-10 09:54 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2017-09-08 18:49 - 2017-09-10 09:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-09-08 18:49 - 2017-09-09 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-09-08 18:49 - 2017-09-08 18:58 - 000000000 ____D C:\Program Files\Promob
2017-09-07 18:49 - 2017-09-07 18:49 - 000000000 ____D C:\Users\renat\AppData\Local\AMD
2017-09-07 18:48 - 2017-09-07 18:48 - 000003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-09-07 18:48 - 2017-09-07 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistente de relatório de problemas da AMD
2017-09-07 18:48 - 2017-09-07 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2017-09-07 18:48 - 2017-09-07 18:48 - 000000000 ____D C:\Program Files (x86)\AMD
2017-09-07 18:47 - 2017-09-07 18:47 - 000000000 ____D C:\WINDOWS\LastGood
2017-09-07 18:46 - 2017-09-07 18:46 - 000000238 ____H C:\()_CN.reg
2017-09-07 18:46 - 2017-09-07 18:46 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-09-07 18:43 - 2017-09-07 18:44 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-09-07 12:37 - 2017-09-07 12:37 - 002915864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-09-07 12:37 - 2017-09-07 12:37 - 002530328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-09-07 12:37 - 2017-09-07 12:37 - 000925208 _____ (AMD) C:\WINDOWS\system32\coinst_17.30.dll
2017-09-07 12:37 - 2017-09-07 12:37 - 000467992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-09-07 12:37 - 2017-09-07 12:37 - 000136728 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-09-07 12:37 - 2017-09-07 12:37 - 000120880 _____ C:\WINDOWS\system32\kapp_ci.sbin
2017-09-07 12:37 - 2017-09-07 12:37 - 000115224 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-09-07 12:37 - 2017-09-07 12:37 - 000032804 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2017-09-07 12:37 - 2017-09-07 12:37 - 000029720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-09-07 12:37 - 2017-09-07 12:37 - 000029720 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-09-05 20:00 - 2017-09-05 20:00 - 000000000 ____D C:\Users\renat\AppData\Local\WhatsApp
2017-09-05 13:41 - 2017-09-05 13:41 - 000000000 ____D C:\Users\renat\AppData\Local\RAID WW2 Beta
2017-09-05 12:58 - 2017-09-05 12:58 - 000149896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2017-09-05 12:58 - 2017-09-05 12:58 - 000127880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2017-09-04 16:55 - 2017-09-04 16:55 - 000610644 _____ C:\WINDOWS\Minidump\090417-8390-01.dmp
2017-09-04 13:21 - 2017-09-04 13:22 - 000001257 _____ C:\Users\renat\Desktop\Football Manager 2017.lnk
2017-08-29 09:42 - 2017-08-29 09:42 - 000000000 ____D C:\Users\renat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader
2017-08-29 09:40 - 2017-08-29 09:40 - 000000000 ____D C:\Users\renat\AppData\Local\drmingw
2017-08-27 13:44 - 2017-08-27 13:44 - 000000000 ____D C:\Users\Todos os Usuários\dbg
2017-08-27 13:44 - 2017-08-27 13:44 - 000000000 ____D C:\ProgramData\dbg
2017-08-25 17:14 - 2017-09-10 13:59 - 000000000 ____D C:\Users\renat\AppData\Roaming\FMRTE17
2017-08-25 17:13 - 2017-08-25 17:13 - 000000755 _____ C:\Users\Public\Desktop\FMRTE 17.lnk
2017-08-25 17:13 - 2017-08-25 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FMRTE
2017-08-25 16:56 - 2017-09-03 12:36 - 000000000 ____D C:\Users\renat\AppData\Local\Microsoft Windows
2017-08-25 14:10 - 2017-08-25 14:10 - 000000000 ____D C:\Users\Todos os Usuários\Football Manager 2017 Editor
2017-08-25 14:10 - 2017-08-25 14:10 - 000000000 ____D C:\ProgramData\Football Manager 2017 Editor
2017-08-24 22:46 - 2017-09-03 11:56 - 000000000 ____D C:\Users\renat\AppData\Local\Deployment
2017-08-24 22:46 - 2017-08-24 22:46 - 000000000 ____D C:\Users\renat\AppData\Local\Apps\2.0
2017-08-24 20:33 - 2017-08-24 20:33 - 000000000 ____D C:\Users\renat\AppData\Local\IsolatedStorage
2017-08-24 20:33 - 2017-08-24 20:33 - 000000000 ____D C:\Users\renat\AppData\Local\FM_Scout_Editor_2017
2017-08-24 20:12 - 2017-08-28 12:28 - 000000000 ____D C:\Users\renat\AppData\Local\Sports Interactive
2017-08-24 20:12 - 2017-08-25 14:10 - 000000000 ____D C:\Users\renat\Documents\Sports Interactive
2017-08-24 20:12 - 2017-08-25 14:10 - 000000000 ____D C:\Users\Public\Documents\Sports Interactive
2017-08-24 20:12 - 2017-08-24 20:12 - 000000000 ____D C:\Users\Todos os Usuários\Football Manager 2017
2017-08-24 20:12 - 2017-08-24 20:12 - 000000000 ____D C:\ProgramData\Football Manager 2017
2017-08-23 19:06 - 2017-08-23 19:06 - 000000000 ____D C:\Users\renat\AppData\Roaming\stremio
2017-08-23 18:51 - 2017-08-23 18:51 - 000000000 ____D C:\Users\renat\AppData\Local\Chromium
2017-08-23 18:46 - 2017-08-23 18:46 - 000000000 ____D C:\Users\renat\AppData\Local\Smart Code ltd
2017-08-23 12:48 - 2017-08-23 12:48 - 000000000 ____D C:\Users\renat\AppData\Local\Sony Corporation
2017-08-23 12:48 - 2017-08-23 12:48 - 000000000 ____D C:\Program Files (x86)\Sony
2017-08-21 21:16 - 2017-08-21 21:16 - 000791284 _____ C:\WINDOWS\Minidump\082117-8265-01.dmp
2017-08-20 19:06 - 2017-09-10 09:54 - 805636483 _____ C:\WINDOWS\MEMORY.DMP
2017-08-20 19:06 - 2017-08-20 19:06 - 000577836 _____ C:\WINDOWS\Minidump\082017-10187-01.dmp
2017-08-19 14:02 - 2017-08-19 14:02 - 000000000 ____D C:\Users\renat\AppData\LocalLow\DefaultCompany
2017-08-19 13:53 - 2017-09-08 18:33 - 000000000 ____D C:\Users\Todos os Usuários\Unity
2017-08-19 13:53 - 2017-09-08 18:33 - 000000000 ____D C:\ProgramData\Unity
2017-08-19 13:53 - 2017-08-19 14:02 - 000000000 ____D C:\Users\renat\AppData\Roaming\Unity
2017-08-19 13:53 - 2017-08-19 14:02 - 000000000 ____D C:\Users\renat\AppData\LocalLow\Unity
2017-08-19 13:53 - 2017-08-19 13:53 - 000000000 ____D C:\Users\renat\AppData\Local\Unity
2017-08-19 10:56 - 2017-08-19 11:10 - 000000000 ____D C:\Users\renat\Documents\FIFA 17
2017-08-18 18:44 - 2017-08-18 18:44 - 000000000 ____D C:\Users\Todos os Usuários\X360CE
2017-08-18 18:44 - 2017-08-18 18:44 - 000000000 ____D C:\ProgramData\X360CE
2017-08-18 18:05 - 2017-09-11 12:11 - 000000000 ____D C:\Users\renat\AppData\Roaming\Origin
2017-08-18 16:55 - 2017-08-18 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 17
2017-08-18 15:16 - 2017-08-18 15:16 - 000000000 ____D C:\Users\renat\Documents\Visual Studio 2017
2017-08-18 15:16 - 2017-08-18 15:16 - 000000000 ____D C:\Users\renat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2017 Tools for Unity
2017-08-18 15:16 - 2017-08-18 15:16 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2017-08-18 15:14 - 2017-08-18 15:16 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2017-08-18 15:14 - 2017-08-18 15:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2017-08-18 15:14 - 2017-08-18 15:14 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2017-08-18 15:13 - 2017-08-18 15:13 - 000001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk
2017-08-18 15:12 - 2017-08-18 18:03 - 000000000 ____D C:\Users\renat\AppData\Local\Facebook
2017-08-18 15:12 - 2017-08-18 15:17 - 000000000 ____D C:\Users\renat\AppData\Roaming\Visual Studio Setup
2017-08-18 15:12 - 2017-08-18 15:12 - 000001315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2017-08-18 15:12 - 2017-08-18 15:12 - 000000000 ____D C:\Users\renat\AppData\Roaming\vstelemetry
2017-08-18 15:12 - 2017-08-18 15:12 - 000000000 ____D C:\Users\renat\AppData\Local\ServiceHub
2017-08-18 15:10 - 2017-08-18 15:10 - 000000000 ____D C:\Users\Public\Documents\Unity Projects
2017-08-18 15:00 - 2017-08-18 15:00 - 000000928 _____ C:\Users\Public\Desktop\Unity.lnk
2017-08-18 15:00 - 2017-08-18 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2017.1.0f3 (64-bit)
2017-08-18 15:00 - 2017-08-18 15:00 - 000000000 ____D C:\Program Files (x86)\GtkSharp
2017-08-18 14:56 - 2017-08-18 15:00 - 000000000 ____D C:\Program Files\Unity
2017-08-15 21:44 - 2017-08-16 00:28 - 000000000 ____D C:\Program Files\Rockstar Games
2017-08-15 21:33 - 2017-09-07 18:48 - 000000000 ____D C:\Program Files\AMD
2017-08-15 21:32 - 2017-09-07 18:48 - 000000000 ____D C:\AMD
2017-08-15 14:26 - 2017-08-15 14:26 - 000000000 ____D C:\Users\renat\AppData\Roaming\HelloGames
2017-08-14 21:49 - 2017-08-16 00:28 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2017-08-14 21:49 - 2017-08-14 21:49 - 000000000 ____D C:\Users\renat\AppData\Local\Rockstar Games
2017-08-14 20:45 - 2017-08-03 17:15 - 000382504 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2017-08-13 23:10 - 2017-09-07 18:43 - 000000000 ____D C:\Users\renat\AppData\LocalLow\AMD
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-09-11 12:29 - 2017-05-15 13:49 - 000000000 ____D C:\Users\renat\AppData\Roaming\uTorrent
2017-09-11 12:27 - 2017-05-15 14:28 - 000000000 ____D C:\Users\Todos os Usuários\Origin
2017-09-11 12:27 - 2017-05-15 14:28 - 000000000 ____D C:\ProgramData\Origin
2017-09-11 12:27 - 2017-05-15 13:34 - 000000000 ____D C:\Users\renat\AppData\Roaming\DMCache
2017-09-11 12:26 - 2017-03-18 18:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-11 12:26 - 2017-03-18 18:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-11 11:39 - 2017-05-15 13:49 - 000000000 ____D C:\Users\renat\AppData\LocalLow\uTorrent
2017-09-10 15:54 - 2017-05-29 11:50 - 000003124 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2017-09-10 15:36 - 2017-05-29 11:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-10 13:51 - 2017-05-31 19:25 - 001249792 _____ (hxxp://www.ruby-lang.org/) C:\Users\renat\AppData\Roaming\msvcr90-ruby191.dll
2017-09-10 11:56 - 2017-05-15 14:33 - 000040636 _____ C:\Users\renat\Desktop\Compras.xlsx
2017-09-10 11:15 - 2017-05-15 12:31 - 000000000 ____D C:\Users\Todos os Usuários\CLink4
2017-09-10 11:15 - 2017-05-15 12:31 - 000000000 ____D C:\ProgramData\CLink4
2017-09-10 09:54 - 2017-06-05 13:04 - 000000000 ____D C:\WINDOWS\Minidump
2017-09-10 09:54 - 2017-05-29 11:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-10 09:54 - 2017-05-15 14:09 - 000025640 _____ (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys
2017-09-10 00:56 - 2017-05-29 11:43 - 000000000 ____D C:\Users\renat
2017-09-09 14:30 - 2017-05-29 11:41 - 005019528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-08 20:40 - 2017-05-15 13:29 - 000000000 ____D C:\Users\renat\AppData\Roaming\WhatsApp
2017-09-08 20:17 - 2017-05-15 12:20 - 000000000 ___RD C:\Users\renat\Desktop\Atalhos
2017-09-08 15:34 - 2017-08-05 16:04 - 000001228 _____ C:\Users\renat\Desktop\Adobe Photoshop CS6.lnk
2017-09-08 15:34 - 2017-07-14 22:52 - 000001395 _____ C:\Users\renat\Desktop\GPU-Z.lnk
2017-09-08 15:34 - 2017-05-15 12:20 - 000001246 _____ C:\Users\renat\Desktop\Alcohol 52%.lnk
2017-09-08 15:34 - 2017-05-15 12:13 - 000001042 _____ C:\Users\renat\Desktop\X-Dev Image.lnk
2017-09-08 15:34 - 2017-05-15 12:09 - 000001077 _____ C:\Users\renat\Desktop\MP3Gain.lnk
2017-09-08 15:34 - 2017-05-15 12:08 - 000001207 _____ C:\Users\renat\Desktop\VSO Image Resizer 4.lnk
2017-09-08 15:34 - 2017-05-15 12:07 - 000001136 _____ C:\Users\renat\Desktop\Format Factory.lnk
2017-09-08 15:34 - 2017-05-15 12:05 - 000001083 _____ C:\Users\renat\Desktop\TagScanner.lnk
2017-09-08 15:34 - 2017-05-15 12:02 - 000001131 _____ C:\Users\renat\Desktop\PhotoFiltre 7.lnk
2017-09-08 15:34 - 2017-05-15 11:55 - 000001968 _____ C:\Users\renat\Desktop\winLAME.lnk
2017-09-08 15:34 - 2017-05-15 11:51 - 000000666 _____ C:\Users\renat\Desktop\Renato Silva.lnk
2017-09-07 21:29 - 2017-05-15 11:27 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-09-07 21:29 - 2017-05-15 11:27 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-07 20:25 - 2017-05-15 13:38 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-09-07 18:51 - 2017-05-15 13:39 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2017-09-07 18:48 - 2017-05-29 11:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-09-07 18:48 - 2017-03-18 08:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-09-07 18:47 - 2017-03-18 18:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-07 12:37 - 2017-07-10 14:58 - 001058328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 012515352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 010294808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2017-09-07 12:37 - 2017-05-18 15:55 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-09-07 12:37 - 2017-05-18 15:55 - 001541144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 001058328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000822448 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-09-07 12:37 - 2017-05-18 15:55 - 000822448 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-09-07 12:37 - 2017-05-18 15:55 - 000781848 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-09-07 12:37 - 2017-05-18 15:55 - 000666648 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-09-07 12:37 - 2017-05-18 15:55 - 000552984 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-09-07 12:37 - 2017-05-18 15:55 - 000552472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-09-07 12:37 - 2017-05-18 15:55 - 000547352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000531992 _____ C:\WINDOWS\system32\GameManager64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000484376 _____ C:\WINDOWS\system32\atieah64.exe
2017-09-07 12:37 - 2017-05-18 15:55 - 000478744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000370200 _____ C:\WINDOWS\system32\clinfo.exe
2017-09-07 12:37 - 2017-05-18 15:55 - 000366104 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000334872 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-09-07 12:37 - 2017-05-18 15:55 - 000277016 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000245784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000242712 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000204312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000192024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000170520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000168472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000157360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000151576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000149104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000136216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000134168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000131944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000131944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000124952 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000115736 _____ C:\WINDOWS\system32\atidxx64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000113176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000103184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000103176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000102424 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000099864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000069656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000045592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000043032 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000864792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000696856 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000574464 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000515096 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000360984 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000196840 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000165072 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000139744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000116736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000092184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000075800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000000145 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2017-09-07 12:37 - 2017-05-18 15:54 - 000000145 _____ C:\WINDOWS\system32\amd-vulkan64.json
2017-09-05 20:00 - 2017-05-15 13:29 - 000000000 ____D C:\Users\renat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-09-05 20:00 - 2017-05-15 13:29 - 000000000 ____D C:\Users\renat\AppData\Local\SquirrelTemp
2017-09-05 12:22 - 2017-05-15 11:25 - 000000000 ____D C:\Users\renat\AppData\Local\Packages
2017-09-04 16:14 - 2017-05-15 12:08 - 000000000 ____D C:\Users\renat\AppData\Roaming\VSO
2017-09-03 12:33 - 2017-07-14 21:47 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2017-08-31 11:01 - 2017-05-15 14:24 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-30 13:23 - 2017-06-02 11:55 - 000000000 ____D C:\Users\renat\Documents\REAPER Media
2017-08-30 13:17 - 2017-05-15 12:21 - 000000000 ___RD C:\Users\renat\Desktop\Multimídia
2017-08-28 17:39 - 2017-05-15 12:28 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-27 21:46 - 2017-07-31 16:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-27 13:41 - 2017-05-15 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2017-08-27 12:41 - 2017-05-15 11:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-23 12:48 - 2017-05-15 13:28 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uso remoto do PS4.lnk
2017-08-22 22:58 - 2017-05-21 11:19 - 000000000 ____D C:\Users\renat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-08-21 22:15 - 2017-05-15 13:24 - 000000000 ____D C:\Users\renat\AppData\Local\Windows Live
2017-08-21 11:38 - 2017-06-01 12:11 - 000000000 ____D C:\Users\renat\Desktop\Outros
2017-08-19 11:07 - 2017-05-15 14:45 - 000000000 ____D C:\Users\renat\AppData\Local\Ubisoft Game Launcher
2017-08-18 18:06 - 2017-05-15 14:28 - 000000000 ____D C:\Users\renat\AppData\Local\Origin
2017-08-18 17:10 - 2017-05-15 14:39 - 000000000 ____D C:\Users\renat\Documents\Torrents
2017-08-18 16:55 - 2017-05-22 14:23 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2017-08-18 15:53 - 2017-06-28 20:00 - 000000000 ____D C:\Users\renat\AppData\Local\ElevatedDiagnostics
2017-08-18 15:14 - 2017-05-29 11:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-08-18 15:14 - 2017-03-18 18:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-08-18 15:12 - 2017-05-15 14:10 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2017-08-18 15:00 - 2017-03-18 17:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-18 14:50 - 2017-05-15 13:38 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-16 17:52 - 2017-05-15 13:34 - 000000000 ____D C:\Users\renat\AppData\Roaming\IDM
2017-08-16 11:22 - 2017-05-30 18:18 - 000000000 ____D C:\Users\Todos os Usuários\VSO
2017-08-16 11:22 - 2017-05-30 18:18 - 000000000 ____D C:\ProgramData\VSO
2017-08-16 11:22 - 2017-05-29 11:03 - 000000000 ___DC C:\WINDOWS\Panther
2017-08-16 11:22 - 2017-03-18 18:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-16 11:21 - 2017-05-15 11:57 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-08-16 00:36 - 2017-06-10 00:59 - 000000000 ____D C:\Users\renat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-08-16 00:36 - 2017-06-10 00:59 - 000000000 ____D C:\Users\renat\AppData\Local\Discord
2017-08-16 00:36 - 2017-05-15 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2017-08-16 00:36 - 2017-05-15 11:59 - 000000000 ____D C:\Program Files\CPUID
2017-08-15 21:34 - 2017-05-29 11:52 - 002959180 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-15 21:34 - 2017-03-20 00:57 - 001068664 _____ C:\WINDOWS\system32\prfh0416.dat
2017-08-15 21:34 - 2017-03-20 00:57 - 000419234 _____ C:\WINDOWS\system32\prfc0416.dat
2017-08-15 21:22 - 2017-05-15 11:58 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-08-15 21:22 - 2017-05-15 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-08-14 20:45 - 2017-05-15 17:45 - 000780328 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-08-12 13:15 - 2017-07-14 14:03 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
==================== Arquivos na raiz de alguns diretórios =======
2017-05-30 18:18 - 2017-05-30 18:18 - 000099384 _____ () C:\Users\renat\AppData\Roaming\inst.exe
2017-05-31 19:25 - 2017-09-10 13:51 - 001249792 _____ (http://www.ruby-lang.org/) C:\Users\renat\AppData\Roaming\msvcr90-ruby191.dll
2017-05-30 18:18 - 2017-05-30 18:18 - 000007859 _____ () C:\Users\renat\AppData\Roaming\pcouffin.cat
2017-05-30 18:18 - 2017-05-30 18:18 - 000001167 _____ () C:\Users\renat\AppData\Roaming\pcouffin.inf
2017-05-30 18:18 - 2017-05-30 18:18 - 000000055 _____ () C:\Users\renat\AppData\Roaming\pcouffin.log
2017-05-30 18:18 - 2017-05-30 18:18 - 000082816 _____ (VSO Software) C:\Users\renat\AppData\Roaming\pcouffin.sys
2017-08-11 20:06 - 2017-08-11 20:07 - 000007606 _____ () C:\Users\renat\AppData\Local\Resmon.ResmonCfg
2017-06-14 13:46 - 2017-06-14 13:46 - 000004930 _____ () C:\ProgramData\czchsjpj.srw
2017-05-29 11:42 - 2017-05-29 11:42 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-06-14 13:46 - 2017-06-14 13:46 - 000000016 _____ () C:\ProgramData\mntemp
2017-06-09 01:46 - 2017-06-09 01:46 - 000000059 _____ () C:\ProgramData\serverclasscache.ini
Alguns arquivos em TEMP:
====================
2017-09-07 18:44 - 2017-09-07 18:44 - 001178504 _____ () C:\Users\renat\AppData\Local\Temp\AMDCleanupUtility.exe
2017-09-07 18:44 - 2017-09-07 18:44 - 000250248 _____ () C:\Users\renat\AppData\Local\Temp\Cleanup.dll
2017-09-07 18:44 - 2017-09-07 18:44 - 000065536 _____ (Windows (R) Server 2003 DDK provider) C:\Users\renat\AppData\Local\Temp\ddu.exe
2017-09-07 18:44 - 2017-09-07 18:44 - 000414152 _____ (Microsoft Corporation) C:\Users\renat\AppData\Local\Temp\difxapi.dll
2017-09-07 18:44 - 2017-09-07 18:44 - 000516096 _____ (Microsoft Corporation) C:\Users\renat\AppData\Local\Temp\msvcm80.dll
2017-09-07 18:44 - 2017-09-07 18:44 - 001061376 _____ (Microsoft Corporation) C:\Users\renat\AppData\Local\Temp\msvcp80.dll
2017-09-07 18:44 - 2017-09-07 18:44 - 000796672 _____ (Microsoft Corporation) C:\Users\renat\AppData\Local\Temp\msvcr80.dll
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-09-06 13:11
==================== Fim de FRST.txt ============================
Executado por renat (administrador) em RENATO (11-09-2017 12:33:49)
Executando a partir de C:\Users\renat\Desktop
Perfis Carregados: renat (Perfis Disponíveis: defaultuser0 & renat)
Platform: Windows 10 Pro Versão 1703 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
() C:\Windows\System32\PnkBstrA.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Alcohol Soft Development Team) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAHCIServiceEx.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Program Files (x86)\Legendas-3.4\srvcdb.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Corsair Components, Inc.) C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe
(Corsair Components, Inc.) C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe
(BitTorrent Inc.) C:\Users\renat\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files (x86)\Genius\Gila\mousehid.exe
(Rizonesoft) C:\Program Files\Rizonesoft\Firemin\Firemin.exe
(BitTorrent Inc.) C:\Users\renat\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
(BitTorrent Inc.) C:\Users\renat\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
() C:\Program Files (x86)\Genius\Gila\trayicon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Sports Interactive) D:\Program Files (x86)\Games\Football Manager + Touch 2017\FM 2017\fm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CrackingPatching) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-06-30] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1047000 2017-04-06] (DivX, LLC)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Gila] => C:\Program Files (x86)\Genius\Gila\mousehid.exe [307712 2013-01-07] ()
HKLM-x32\...\Run: [Path] => C:\Program Files (x86)\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe [1989632 2012-06-08] ()
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9832152 2017-08-03] (Piriform Ltd)
HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2017-05-07] (Glarysoft Ltd)
HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Run: [CorsairLink4] => C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe [26947792 2017-02-27] (Corsair Components, Inc.)
HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Run: [uTorrent] => C:\Users\renat\AppData\Roaming\uTorrent\uTorrent.exe [2146496 2017-06-30] (BitTorrent Inc.)
HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\amddvr.exe [1433992 2017-09-05] (Advanced Micro Devices, Inc.)
Startup: C:\Users\renat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firemin.lnk [2017-08-24]
ShortcutTarget: Firemin.lnk -> C:\Program Files\Rizonesoft\Firemin\Firemin.exe (Rizonesoft)
Startup: C:\Users\renat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE AORUS GRAPHICS ENGINE.lnk [2017-07-27]
ShortcutTarget: GIGABYTE AORUS GRAPHICS ENGINE.lnk -> C:\Program Files (x86)\Gigabyte\AORUS GRAPHICS ENGINE\autorun.exe ()
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyServer: [S-1-5-21-3756162619-268681666-269873450-1001] => http=127.0.0.1:8888;
Hosts: 127.0.0.1 my.nalpeiron.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d94a3ec9-8b1f-482f-a5b9-784e96797d91}: [DhcpNameServer] 192.168.1.1
ManualProxies: 1http=127.0.0.1:8888;
Internet Explorer:
==================
URLSearchHook: [S-1-5-21-3756162619-268681666-269873450-1001] ATENÇÃO => A URLSearchHook Padrão está ausente
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-07-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-07-01] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: m8t4fdna.default
FF ProfilePath: C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default [2017-09-11]
FF NewTab: Mozilla\Firefox\Profiles\m8t4fdna.default -> nohomepageset
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\m8t4fdna.default -> Yahoo®
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\m8t4fdna.default -> Yahoo®
FF Homepage: Mozilla\Firefox\Profiles\m8t4fdna.default -> hxxps://www.google.com.br
FF NetworkProxy: Mozilla\Firefox\Profiles\m8t4fdna.default -> type", 0
FF Extension: (Desprotetor de Links) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default\Extensions\desprotetordelinks@claudio-silva.com.xpi [2017-05-15]
FF Extension: (MEGA) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default\Extensions\firefox@mega.co.nz.xpi [2017-09-06]
FF Extension: (YouTube™ Enhancer Plus) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default\Extensions\firefoxaddon@youtubeenhancer.com.xpi [2017-05-15]
FF Extension: (Nimbus Screen Capture) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default\Extensions\nimbusscreencaptureff@everhelper.me.xpi [2017-09-07]
FF Extension: (Google Translator for Firefox) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default\Extensions\translator@zoli.bod.xpi [2017-05-26]
FF Extension: (Video DownloadHelper) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-15]
FF Extension: (Adblock Plus) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\m8t4fdna.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (Sem Nome) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2017-04-25]
FF HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\renat\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\renat\AppData\Roaming\IDM\idmmzcc5 [2017-05-15] [não assinado]
FF HKU\S-1-5-21-3756162619-268681666-269873450-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-08] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-08] ()
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-04-06] (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-07-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-07-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-15] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-07-05]
Chrome:
=======
CHR Profile: C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default [2017-08-16]
CHR Extension: (Google Apresentações) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-15]
CHR Extension: (Google Docs) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-08]
CHR Extension: (Google Drive) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-08]
CHR Extension: (YouTube) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-08]
CHR Extension: (Adobe Acrobat) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-15]
CHR Extension: (Planilhas do Google) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-15]
CHR Extension: (Documentos Google off-line) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-08]
CHR Extension: (IDM Integration Module) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-07-17]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-15]
CHR Extension: (Gmail) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-08]
CHR Extension: (Chrome Media Router) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-17]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-04-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-04-26]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 ALG; C:\WINDOWS\System32\alg.exe [92672 2017-03-18] (Microsoft Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S4 AppVClient; C:\WINDOWS\system32\AppVClient.exe [846752 2017-07-07] (Microsoft Corporation)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
R2 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAHCIServiceEx.exe [99712 2015-12-04] (Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530888 2017-07-06] ()
R2 CDPUserSvc_366ce38; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 CDPUserSvc_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [86224 2017-02-27] (Corsair Components, Inc.)
R2 COMCdbService; C:\Program Files (x86)\Legendas-3.4\srvcdb.exe [1854976 2015-12-24] () [Arquivo não assinado]
S3 DevicesFlowUserSvc_366ce38; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATENÇÃO (não ServiceDLL)
S3 DevicesFlowUserSvc_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATENÇÃO (não ServiceDLL)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-08-03] (EasyAntiCheat Ltd)
S2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S3 Fax; C:\WINDOWS\system32\fxssvc.exe [637440 2017-03-18] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Arquivo não assinado]
S3 MessagingService_366ce38; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) <==== ATENÇÃO (não ServiceDLL)
S3 MessagingService_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) <==== ATENÇÃO (não ServiceDLL)
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [147456 2017-03-18] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\System32\msiexec.exe [66048 2017-03-18] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe [59392 2017-03-18] (Microsoft Corporation)
R2 OneSyncSvc_366ce38; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 OneSyncSvc_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-08-23] (Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-08-23] (Electronic Arts)
R3 PimIndexMaintenanceSvc_366ce38; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-06-24] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-06-24] ()
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [11264 2017-03-18] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [58488 2017-07-07] (Microsoft Corporation)
R2 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [336320 2017-07-07] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1284608 2017-03-18] (Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15872 2017-05-29] (Microsoft Corporation)
S3 spectrum; C:\WINDOWS\system32\spectrum.exe [891904 2017-03-18] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [757760 2017-03-18] (Microsoft Corporation)
S2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [4574192 2017-03-18] (Microsoft Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Arquivo não assinado]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
S3 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [302592 2017-03-18] (Microsoft Corporation)
S4 UevAgentService; C:\WINDOWS\system32\AgentService.exe [1200640 2017-03-20] (Microsoft Corporation)
S3 UI0Detect; C:\WINDOWS\system32\UI0Detect.exe [43008 2017-03-18] (Microsoft Corporation)
R3 UnistoreSvc_366ce38; C:\WINDOWS\System32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 UnistoreSvc_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R3 UserDataSvc_366ce38; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R3 UserDataSvc_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
S3 vds; C:\WINDOWS\System32\vds.exe [643072 2017-03-18] (Microsoft Corporation)
R3 VSS; C:\WINDOWS\system32\vssvc.exe [1550848 2017-03-18] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 WpnUserService_366ce38; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation)
R2 WpnUserService_366ce38; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [933376 2017-06-03] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [797184 2017-06-03] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2017-05-15] (Advanced Micro Devices Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0317685.inf_amd64_f4ed8f05a31c5d2d\atikmdag.sys [38761496 2017-09-07] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0317685.inf_amd64_f4ed8f05a31c5d2d\atikmpag.sys [541720 2017-09-07] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-04-26] (Advanced Micro Devices)
R3 cpuz141; C:\WINDOWS\TEMP\cpuz141\cpuz141_x64.sys [46400 2017-09-11] (CPUID)
S3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2017-05-15] (Glarysoft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2017-05-15] ()
R1 HWiNFO32; C:\Windows\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-05-15] (REALiX(tm))
R1 legendasdrv; C:\WINDOWS\System32\drivers\legendasdrv.sys [58032 2015-12-18] (Windows (R) Win 7 DDK provider)
R1 MpKsl589d2b60; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1166C316-E4D5-423A-A47E-86ED78E3B01D}\MpKsl589d2b60.sys [44928 2017-09-07] (Microsoft Corporation)
R1 MpKsla035570c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F7C67218-24FF-420E-93A6-066E0EB49D1E}\MpKsla035570c.sys [44928 2017-09-09] (Microsoft Corporation)
S2 Proteq; C:\Windows\SysWow64\Drivers\Proteq.sys [7598 2012-06-25] (PROTEQ) [Arquivo não assinado]
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [954368 2017-05-15] (Realtek )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203296 2017-05-15] (Duplex Secure Ltd)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-09-11 12:33 - 2017-09-11 12:33 - 000083710 _____ C:\Users\renat\Desktop\Addition.txt
2017-09-11 12:32 - 2017-09-11 12:33 - 000026211 _____ C:\Users\renat\Desktop\FRST.txt
2017-09-11 12:32 - 2017-09-11 12:33 - 000000000 ____D C:\FRST
2017-09-11 12:31 - 2017-09-11 12:31 - 002396672 _____ (Farbar) C:\Users\renat\Desktop\FRST64.exe
2017-09-11 12:28 - 2017-09-11 12:28 - 000000000 ____D C:\Users\renat\AppData\Roaming\ZHP
2017-09-11 12:28 - 2017-09-11 12:28 - 000000000 ____D C:\Users\renat\AppData\Local\ZHP
2017-09-08 19:01 - 2017-09-09 15:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Promob
2017-09-08 19:01 - 2017-09-08 19:01 - 000000000 ___HD C:\Users\Todos os Usuários\Permission
2017-09-08 19:01 - 2017-09-08 19:01 - 000000000 ___HD C:\ProgramData\Permission
2017-09-08 19:01 - 2017-09-08 19:01 - 000000000 ____D C:\Users\Todos os Usuários\Procad
2017-09-08 19:01 - 2017-09-08 19:01 - 000000000 ____D C:\Users\Todos os Usuários\Isolated Storage
2017-09-08 19:01 - 2017-09-08 19:01 - 000000000 ____D C:\ProgramData\Procad
2017-09-08 19:01 - 2017-09-08 19:01 - 000000000 ____D C:\ProgramData\Isolated Storage
2017-09-08 18:49 - 2017-09-10 09:54 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2017-09-08 18:49 - 2017-09-10 09:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-09-08 18:49 - 2017-09-09 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-09-08 18:49 - 2017-09-08 18:58 - 000000000 ____D C:\Program Files\Promob
2017-09-07 18:49 - 2017-09-07 18:49 - 000000000 ____D C:\Users\renat\AppData\Local\AMD
2017-09-07 18:48 - 2017-09-07 18:48 - 000003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-09-07 18:48 - 2017-09-07 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistente de relatório de problemas da AMD
2017-09-07 18:48 - 2017-09-07 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2017-09-07 18:48 - 2017-09-07 18:48 - 000000000 ____D C:\Program Files (x86)\AMD
2017-09-07 18:47 - 2017-09-07 18:47 - 000000000 ____D C:\WINDOWS\LastGood
2017-09-07 18:46 - 2017-09-07 18:46 - 000000238 ____H C:\()_CN.reg
2017-09-07 18:46 - 2017-09-07 18:46 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-09-07 18:43 - 2017-09-07 18:44 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-09-07 12:37 - 2017-09-07 12:37 - 002915864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-09-07 12:37 - 2017-09-07 12:37 - 002530328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-09-07 12:37 - 2017-09-07 12:37 - 000925208 _____ (AMD) C:\WINDOWS\system32\coinst_17.30.dll
2017-09-07 12:37 - 2017-09-07 12:37 - 000467992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-09-07 12:37 - 2017-09-07 12:37 - 000136728 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-09-07 12:37 - 2017-09-07 12:37 - 000120880 _____ C:\WINDOWS\system32\kapp_ci.sbin
2017-09-07 12:37 - 2017-09-07 12:37 - 000115224 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-09-07 12:37 - 2017-09-07 12:37 - 000032804 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2017-09-07 12:37 - 2017-09-07 12:37 - 000029720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-09-07 12:37 - 2017-09-07 12:37 - 000029720 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-09-05 20:00 - 2017-09-05 20:00 - 000000000 ____D C:\Users\renat\AppData\Local\WhatsApp
2017-09-05 13:41 - 2017-09-05 13:41 - 000000000 ____D C:\Users\renat\AppData\Local\RAID WW2 Beta
2017-09-05 12:58 - 2017-09-05 12:58 - 000149896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2017-09-05 12:58 - 2017-09-05 12:58 - 000127880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2017-09-04 16:55 - 2017-09-04 16:55 - 000610644 _____ C:\WINDOWS\Minidump\090417-8390-01.dmp
2017-09-04 13:21 - 2017-09-04 13:22 - 000001257 _____ C:\Users\renat\Desktop\Football Manager 2017.lnk
2017-08-29 09:42 - 2017-08-29 09:42 - 000000000 ____D C:\Users\renat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader
2017-08-29 09:40 - 2017-08-29 09:40 - 000000000 ____D C:\Users\renat\AppData\Local\drmingw
2017-08-27 13:44 - 2017-08-27 13:44 - 000000000 ____D C:\Users\Todos os Usuários\dbg
2017-08-27 13:44 - 2017-08-27 13:44 - 000000000 ____D C:\ProgramData\dbg
2017-08-25 17:14 - 2017-09-10 13:59 - 000000000 ____D C:\Users\renat\AppData\Roaming\FMRTE17
2017-08-25 17:13 - 2017-08-25 17:13 - 000000755 _____ C:\Users\Public\Desktop\FMRTE 17.lnk
2017-08-25 17:13 - 2017-08-25 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FMRTE
2017-08-25 16:56 - 2017-09-03 12:36 - 000000000 ____D C:\Users\renat\AppData\Local\Microsoft Windows
2017-08-25 14:10 - 2017-08-25 14:10 - 000000000 ____D C:\Users\Todos os Usuários\Football Manager 2017 Editor
2017-08-25 14:10 - 2017-08-25 14:10 - 000000000 ____D C:\ProgramData\Football Manager 2017 Editor
2017-08-24 22:46 - 2017-09-03 11:56 - 000000000 ____D C:\Users\renat\AppData\Local\Deployment
2017-08-24 22:46 - 2017-08-24 22:46 - 000000000 ____D C:\Users\renat\AppData\Local\Apps\2.0
2017-08-24 20:33 - 2017-08-24 20:33 - 000000000 ____D C:\Users\renat\AppData\Local\IsolatedStorage
2017-08-24 20:33 - 2017-08-24 20:33 - 000000000 ____D C:\Users\renat\AppData\Local\FM_Scout_Editor_2017
2017-08-24 20:12 - 2017-08-28 12:28 - 000000000 ____D C:\Users\renat\AppData\Local\Sports Interactive
2017-08-24 20:12 - 2017-08-25 14:10 - 000000000 ____D C:\Users\renat\Documents\Sports Interactive
2017-08-24 20:12 - 2017-08-25 14:10 - 000000000 ____D C:\Users\Public\Documents\Sports Interactive
2017-08-24 20:12 - 2017-08-24 20:12 - 000000000 ____D C:\Users\Todos os Usuários\Football Manager 2017
2017-08-24 20:12 - 2017-08-24 20:12 - 000000000 ____D C:\ProgramData\Football Manager 2017
2017-08-23 19:06 - 2017-08-23 19:06 - 000000000 ____D C:\Users\renat\AppData\Roaming\stremio
2017-08-23 18:51 - 2017-08-23 18:51 - 000000000 ____D C:\Users\renat\AppData\Local\Chromium
2017-08-23 18:46 - 2017-08-23 18:46 - 000000000 ____D C:\Users\renat\AppData\Local\Smart Code ltd
2017-08-23 12:48 - 2017-08-23 12:48 - 000000000 ____D C:\Users\renat\AppData\Local\Sony Corporation
2017-08-23 12:48 - 2017-08-23 12:48 - 000000000 ____D C:\Program Files (x86)\Sony
2017-08-21 21:16 - 2017-08-21 21:16 - 000791284 _____ C:\WINDOWS\Minidump\082117-8265-01.dmp
2017-08-20 19:06 - 2017-09-10 09:54 - 805636483 _____ C:\WINDOWS\MEMORY.DMP
2017-08-20 19:06 - 2017-08-20 19:06 - 000577836 _____ C:\WINDOWS\Minidump\082017-10187-01.dmp
2017-08-19 14:02 - 2017-08-19 14:02 - 000000000 ____D C:\Users\renat\AppData\LocalLow\DefaultCompany
2017-08-19 13:53 - 2017-09-08 18:33 - 000000000 ____D C:\Users\Todos os Usuários\Unity
2017-08-19 13:53 - 2017-09-08 18:33 - 000000000 ____D C:\ProgramData\Unity
2017-08-19 13:53 - 2017-08-19 14:02 - 000000000 ____D C:\Users\renat\AppData\Roaming\Unity
2017-08-19 13:53 - 2017-08-19 14:02 - 000000000 ____D C:\Users\renat\AppData\LocalLow\Unity
2017-08-19 13:53 - 2017-08-19 13:53 - 000000000 ____D C:\Users\renat\AppData\Local\Unity
2017-08-19 10:56 - 2017-08-19 11:10 - 000000000 ____D C:\Users\renat\Documents\FIFA 17
2017-08-18 18:44 - 2017-08-18 18:44 - 000000000 ____D C:\Users\Todos os Usuários\X360CE
2017-08-18 18:44 - 2017-08-18 18:44 - 000000000 ____D C:\ProgramData\X360CE
2017-08-18 18:05 - 2017-09-11 12:11 - 000000000 ____D C:\Users\renat\AppData\Roaming\Origin
2017-08-18 16:55 - 2017-08-18 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 17
2017-08-18 15:16 - 2017-08-18 15:16 - 000000000 ____D C:\Users\renat\Documents\Visual Studio 2017
2017-08-18 15:16 - 2017-08-18 15:16 - 000000000 ____D C:\Users\renat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2017 Tools for Unity
2017-08-18 15:16 - 2017-08-18 15:16 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2017-08-18 15:14 - 2017-08-18 15:16 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2017-08-18 15:14 - 2017-08-18 15:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2017-08-18 15:14 - 2017-08-18 15:14 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2017-08-18 15:13 - 2017-08-18 15:13 - 000001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk
2017-08-18 15:12 - 2017-08-18 18:03 - 000000000 ____D C:\Users\renat\AppData\Local\Facebook
2017-08-18 15:12 - 2017-08-18 15:17 - 000000000 ____D C:\Users\renat\AppData\Roaming\Visual Studio Setup
2017-08-18 15:12 - 2017-08-18 15:12 - 000001315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2017-08-18 15:12 - 2017-08-18 15:12 - 000000000 ____D C:\Users\renat\AppData\Roaming\vstelemetry
2017-08-18 15:12 - 2017-08-18 15:12 - 000000000 ____D C:\Users\renat\AppData\Local\ServiceHub
2017-08-18 15:10 - 2017-08-18 15:10 - 000000000 ____D C:\Users\Public\Documents\Unity Projects
2017-08-18 15:00 - 2017-08-18 15:00 - 000000928 _____ C:\Users\Public\Desktop\Unity.lnk
2017-08-18 15:00 - 2017-08-18 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2017.1.0f3 (64-bit)
2017-08-18 15:00 - 2017-08-18 15:00 - 000000000 ____D C:\Program Files (x86)\GtkSharp
2017-08-18 14:56 - 2017-08-18 15:00 - 000000000 ____D C:\Program Files\Unity
2017-08-15 21:44 - 2017-08-16 00:28 - 000000000 ____D C:\Program Files\Rockstar Games
2017-08-15 21:33 - 2017-09-07 18:48 - 000000000 ____D C:\Program Files\AMD
2017-08-15 21:32 - 2017-09-07 18:48 - 000000000 ____D C:\AMD
2017-08-15 14:26 - 2017-08-15 14:26 - 000000000 ____D C:\Users\renat\AppData\Roaming\HelloGames
2017-08-14 21:49 - 2017-08-16 00:28 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2017-08-14 21:49 - 2017-08-14 21:49 - 000000000 ____D C:\Users\renat\AppData\Local\Rockstar Games
2017-08-14 20:45 - 2017-08-03 17:15 - 000382504 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2017-08-13 23:10 - 2017-09-07 18:43 - 000000000 ____D C:\Users\renat\AppData\LocalLow\AMD
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-09-11 12:29 - 2017-05-15 13:49 - 000000000 ____D C:\Users\renat\AppData\Roaming\uTorrent
2017-09-11 12:27 - 2017-05-15 14:28 - 000000000 ____D C:\Users\Todos os Usuários\Origin
2017-09-11 12:27 - 2017-05-15 14:28 - 000000000 ____D C:\ProgramData\Origin
2017-09-11 12:27 - 2017-05-15 13:34 - 000000000 ____D C:\Users\renat\AppData\Roaming\DMCache
2017-09-11 12:26 - 2017-03-18 18:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-11 12:26 - 2017-03-18 18:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-11 11:39 - 2017-05-15 13:49 - 000000000 ____D C:\Users\renat\AppData\LocalLow\uTorrent
2017-09-10 15:54 - 2017-05-29 11:50 - 000003124 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2017-09-10 15:36 - 2017-05-29 11:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-10 13:51 - 2017-05-31 19:25 - 001249792 _____ (hxxp://www.ruby-lang.org/) C:\Users\renat\AppData\Roaming\msvcr90-ruby191.dll
2017-09-10 11:56 - 2017-05-15 14:33 - 000040636 _____ C:\Users\renat\Desktop\Compras.xlsx
2017-09-10 11:15 - 2017-05-15 12:31 - 000000000 ____D C:\Users\Todos os Usuários\CLink4
2017-09-10 11:15 - 2017-05-15 12:31 - 000000000 ____D C:\ProgramData\CLink4
2017-09-10 09:54 - 2017-06-05 13:04 - 000000000 ____D C:\WINDOWS\Minidump
2017-09-10 09:54 - 2017-05-29 11:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-10 09:54 - 2017-05-15 14:09 - 000025640 _____ (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys
2017-09-10 00:56 - 2017-05-29 11:43 - 000000000 ____D C:\Users\renat
2017-09-09 14:30 - 2017-05-29 11:41 - 005019528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-08 20:40 - 2017-05-15 13:29 - 000000000 ____D C:\Users\renat\AppData\Roaming\WhatsApp
2017-09-08 20:17 - 2017-05-15 12:20 - 000000000 ___RD C:\Users\renat\Desktop\Atalhos
2017-09-08 15:34 - 2017-08-05 16:04 - 000001228 _____ C:\Users\renat\Desktop\Adobe Photoshop CS6.lnk
2017-09-08 15:34 - 2017-07-14 22:52 - 000001395 _____ C:\Users\renat\Desktop\GPU-Z.lnk
2017-09-08 15:34 - 2017-05-15 12:20 - 000001246 _____ C:\Users\renat\Desktop\Alcohol 52%.lnk
2017-09-08 15:34 - 2017-05-15 12:13 - 000001042 _____ C:\Users\renat\Desktop\X-Dev Image.lnk
2017-09-08 15:34 - 2017-05-15 12:09 - 000001077 _____ C:\Users\renat\Desktop\MP3Gain.lnk
2017-09-08 15:34 - 2017-05-15 12:08 - 000001207 _____ C:\Users\renat\Desktop\VSO Image Resizer 4.lnk
2017-09-08 15:34 - 2017-05-15 12:07 - 000001136 _____ C:\Users\renat\Desktop\Format Factory.lnk
2017-09-08 15:34 - 2017-05-15 12:05 - 000001083 _____ C:\Users\renat\Desktop\TagScanner.lnk
2017-09-08 15:34 - 2017-05-15 12:02 - 000001131 _____ C:\Users\renat\Desktop\PhotoFiltre 7.lnk
2017-09-08 15:34 - 2017-05-15 11:55 - 000001968 _____ C:\Users\renat\Desktop\winLAME.lnk
2017-09-08 15:34 - 2017-05-15 11:51 - 000000666 _____ C:\Users\renat\Desktop\Renato Silva.lnk
2017-09-07 21:29 - 2017-05-15 11:27 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-09-07 21:29 - 2017-05-15 11:27 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-07 20:25 - 2017-05-15 13:38 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-09-07 18:51 - 2017-05-15 13:39 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2017-09-07 18:48 - 2017-05-29 11:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-09-07 18:48 - 2017-03-18 08:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-09-07 18:47 - 2017-03-18 18:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-07 12:37 - 2017-07-10 14:58 - 001058328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 012515352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 010294808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2017-09-07 12:37 - 2017-05-18 15:55 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-09-07 12:37 - 2017-05-18 15:55 - 001541144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 001058328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000822448 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-09-07 12:37 - 2017-05-18 15:55 - 000822448 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-09-07 12:37 - 2017-05-18 15:55 - 000781848 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-09-07 12:37 - 2017-05-18 15:55 - 000666648 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-09-07 12:37 - 2017-05-18 15:55 - 000552984 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-09-07 12:37 - 2017-05-18 15:55 - 000552472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-09-07 12:37 - 2017-05-18 15:55 - 000547352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000531992 _____ C:\WINDOWS\system32\GameManager64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000484376 _____ C:\WINDOWS\system32\atieah64.exe
2017-09-07 12:37 - 2017-05-18 15:55 - 000478744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000370200 _____ C:\WINDOWS\system32\clinfo.exe
2017-09-07 12:37 - 2017-05-18 15:55 - 000366104 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000334872 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-09-07 12:37 - 2017-05-18 15:55 - 000277016 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000245784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000242712 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000204312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000192024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000170520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000168472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000157360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000151576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000149104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000136216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000134168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000131944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000131944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000124952 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000115736 _____ C:\WINDOWS\system32\atidxx64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000113176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000103184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000103176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000102424 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000099864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000069656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000045592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-09-07 12:37 - 2017-05-18 15:55 - 000043032 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000864792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000696856 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000574464 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000515096 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000360984 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000196840 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000165072 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000139744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000116736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000092184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000075800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-09-07 12:37 - 2017-05-18 15:54 - 000000145 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2017-09-07 12:37 - 2017-05-18 15:54 - 000000145 _____ C:\WINDOWS\system32\amd-vulkan64.json
2017-09-05 20:00 - 2017-05-15 13:29 - 000000000 ____D C:\Users\renat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-09-05 20:00 - 2017-05-15 13:29 - 000000000 ____D C:\Users\renat\AppData\Local\SquirrelTemp
2017-09-05 12:22 - 2017-05-15 11:25 - 000000000 ____D C:\Users\renat\AppData\Local\Packages
2017-09-04 16:14 - 2017-05-15 12:08 - 000000000 ____D C:\Users\renat\AppData\Roaming\VSO
2017-09-03 12:33 - 2017-07-14 21:47 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2017-08-31 11:01 - 2017-05-15 14:24 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-30 13:23 - 2017-06-02 11:55 - 000000000 ____D C:\Users\renat\Documents\REAPER Media
2017-08-30 13:17 - 2017-05-15 12:21 - 000000000 ___RD C:\Users\renat\Desktop\Multimídia
2017-08-28 17:39 - 2017-05-15 12:28 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-27 21:46 - 2017-07-31 16:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-27 13:41 - 2017-05-15 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2017-08-27 12:41 - 2017-05-15 11:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-23 12:48 - 2017-05-15 13:28 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uso remoto do PS4.lnk
2017-08-22 22:58 - 2017-05-21 11:19 - 000000000 ____D C:\Users\renat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-08-21 22:15 - 2017-05-15 13:24 - 000000000 ____D C:\Users\renat\AppData\Local\Windows Live
2017-08-21 11:38 - 2017-06-01 12:11 - 000000000 ____D C:\Users\renat\Desktop\Outros
2017-08-19 11:07 - 2017-05-15 14:45 - 000000000 ____D C:\Users\renat\AppData\Local\Ubisoft Game Launcher
2017-08-18 18:06 - 2017-05-15 14:28 - 000000000 ____D C:\Users\renat\AppData\Local\Origin
2017-08-18 17:10 - 2017-05-15 14:39 - 000000000 ____D C:\Users\renat\Documents\Torrents
2017-08-18 16:55 - 2017-05-22 14:23 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2017-08-18 15:53 - 2017-06-28 20:00 - 000000000 ____D C:\Users\renat\AppData\Local\ElevatedDiagnostics
2017-08-18 15:14 - 2017-05-29 11:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-08-18 15:14 - 2017-03-18 18:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-08-18 15:12 - 2017-05-15 14:10 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2017-08-18 15:00 - 2017-03-18 17:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-18 14:50 - 2017-05-15 13:38 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-16 17:52 - 2017-05-15 13:34 - 000000000 ____D C:\Users\renat\AppData\Roaming\IDM
2017-08-16 11:22 - 2017-05-30 18:18 - 000000000 ____D C:\Users\Todos os Usuários\VSO
2017-08-16 11:22 - 2017-05-30 18:18 - 000000000 ____D C:\ProgramData\VSO
2017-08-16 11:22 - 2017-05-29 11:03 - 000000000 ___DC C:\WINDOWS\Panther
2017-08-16 11:22 - 2017-03-18 18:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-16 11:21 - 2017-05-15 11:57 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-08-16 00:36 - 2017-06-10 00:59 - 000000000 ____D C:\Users\renat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-08-16 00:36 - 2017-06-10 00:59 - 000000000 ____D C:\Users\renat\AppData\Local\Discord
2017-08-16 00:36 - 2017-05-15 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2017-08-16 00:36 - 2017-05-15 11:59 - 000000000 ____D C:\Program Files\CPUID
2017-08-15 21:34 - 2017-05-29 11:52 - 002959180 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-15 21:34 - 2017-03-20 00:57 - 001068664 _____ C:\WINDOWS\system32\prfh0416.dat
2017-08-15 21:34 - 2017-03-20 00:57 - 000419234 _____ C:\WINDOWS\system32\prfc0416.dat
2017-08-15 21:22 - 2017-05-15 11:58 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-08-15 21:22 - 2017-05-15 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-08-14 20:45 - 2017-05-15 17:45 - 000780328 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-08-12 13:15 - 2017-07-14 14:03 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
==================== Arquivos na raiz de alguns diretórios =======
2017-05-30 18:18 - 2017-05-30 18:18 - 000099384 _____ () C:\Users\renat\AppData\Roaming\inst.exe
2017-05-31 19:25 - 2017-09-10 13:51 - 001249792 _____ (http://www.ruby-lang.org/) C:\Users\renat\AppData\Roaming\msvcr90-ruby191.dll
2017-05-30 18:18 - 2017-05-30 18:18 - 000007859 _____ () C:\Users\renat\AppData\Roaming\pcouffin.cat
2017-05-30 18:18 - 2017-05-30 18:18 - 000001167 _____ () C:\Users\renat\AppData\Roaming\pcouffin.inf
2017-05-30 18:18 - 2017-05-30 18:18 - 000000055 _____ () C:\Users\renat\AppData\Roaming\pcouffin.log
2017-05-30 18:18 - 2017-05-30 18:18 - 000082816 _____ (VSO Software) C:\Users\renat\AppData\Roaming\pcouffin.sys
2017-08-11 20:06 - 2017-08-11 20:07 - 000007606 _____ () C:\Users\renat\AppData\Local\Resmon.ResmonCfg
2017-06-14 13:46 - 2017-06-14 13:46 - 000004930 _____ () C:\ProgramData\czchsjpj.srw
2017-05-29 11:42 - 2017-05-29 11:42 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-06-14 13:46 - 2017-06-14 13:46 - 000000016 _____ () C:\ProgramData\mntemp
2017-06-09 01:46 - 2017-06-09 01:46 - 000000059 _____ () C:\ProgramData\serverclasscache.ini
Alguns arquivos em TEMP:
====================
2017-09-07 18:44 - 2017-09-07 18:44 - 001178504 _____ () C:\Users\renat\AppData\Local\Temp\AMDCleanupUtility.exe
2017-09-07 18:44 - 2017-09-07 18:44 - 000250248 _____ () C:\Users\renat\AppData\Local\Temp\Cleanup.dll
2017-09-07 18:44 - 2017-09-07 18:44 - 000065536 _____ (Windows (R) Server 2003 DDK provider) C:\Users\renat\AppData\Local\Temp\ddu.exe
2017-09-07 18:44 - 2017-09-07 18:44 - 000414152 _____ (Microsoft Corporation) C:\Users\renat\AppData\Local\Temp\difxapi.dll
2017-09-07 18:44 - 2017-09-07 18:44 - 000516096 _____ (Microsoft Corporation) C:\Users\renat\AppData\Local\Temp\msvcm80.dll
2017-09-07 18:44 - 2017-09-07 18:44 - 001061376 _____ (Microsoft Corporation) C:\Users\renat\AppData\Local\Temp\msvcp80.dll
2017-09-07 18:44 - 2017-09-07 18:44 - 000796672 _____ (Microsoft Corporation) C:\Users\renat\AppData\Local\Temp\msvcr80.dll
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-09-06 13:11
==================== Fim de FRST.txt ============================