Ir ao conteúdo
  • Cadastre-se
Itamar Rialto

Possível malware banker

Recommended Posts

Hoje, quando fui acessar o site do banco santander, coloquei o cpf e fui redirecionado para o site correto "http://www.santandernet.com.br", pois sempre vejo se está certo. Depois coloquei a senha e aparentemente entrou no site do banco, porém apareceu uma mensagem dizendo que meu cartão de segurança estava expirado e pediu para eu digitar todos os códigos, o que eu não fiz, pois tive a certeza de se tratar de vírus ou algo parecido.

Então, executei o ccleaner, fazendo as limpezas básicas e limpei o registro também.... Depois executei o meu antivirus (internet 360 security da empresa Qihoo), o qual achou algumas poucas coisas... Depois reiniciei e tentei entrar novamente no banco e deu certo.... Porém fiquei preocupado de ainda restar algum arquivo com vírus....

ZA-Scan.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Itamar Rialto

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:

  1. Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  2. O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  3. Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  4. Sempre coloque suas respostas neste tópico... Não abra outro!
  5. Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  6. Respeite a ordem das instruções passadas.

 

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Clique duas vezes para executar o jrt.exe.
 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 3 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Seguem os logs....

 

# AdwCleaner v5.116 - Relatório criado 13/05/2016 às 09:58:15
# Atualizado 09/05/2016 por Xplode
# Banco de dados : 2016-05-13.1 [Servidor]
# Sistema operacional : Windows 10 Home Single Language  (X64)
# Usuário : Itamar_Rialto - E5-511-C7NE
# Executando de : C:\Users\Itamar_Rialto\Desktop\adwcleaner_5.116.exe
# Opção : Limpar
# Apoio : http://toolslib.net/forum

***** [ Serviços ] *****

[-] Serviço Excluído : swdumon

***** [ Pastas ] *****

[-] Pasta Excluído : C:\Device
[-] Pasta Excluído : C:\ProgramData\SlimWare Utilities, Inc
[-] Pasta Excluído : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\B1 Free Archiver
[-] Pasta Excluído : C:\Users\Public\Documents\Downloaded Installers
[-] Pasta Excluído : C:\Program Files (x86)\B1 Free Archiver
[-] Pasta Excluído : C:\Program Files (x86)\Video Converter
[-] Pasta Excluído : C:\Users\Itamar_Rialto\AppData\Local\slimware utilities inc
[-] Pasta Excluído : C:\Users\Itamar_Rialto\AppData\Local\Popcorn Time
[-] Pasta Excluído : C:\Program Files\Booking.com

***** [ Arquivos ] *****

[-] Arquivo Excluído : C:\WINDOWS\SysNative\drivers\swdumon.sys

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Atalhos ] *****


***** [ Tarefas agendadas ] *****

[-] Tarefa Excluída : ACC

***** [ Registro ] *****

[-] Chave Excluída : HKLM\SOFTWARE\Classes\Applications\iLividSetup-r0-n-bc.exe
[-] Chave Excluída : HKCU\Software\Classes\pokki
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{65416821-217D-44BD-9C61-F53398FB1B46}
[-] Chave Excluída : HKCU\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\TypeLib\{39A37965-0A96-43A3-870E-821FE5C84B0B}
[-] Chave Excluída : HKCU\Software\b1.org
[-] Chave Excluída : HKCU\Software\Pokki
[-] Chave Excluída : HKCU\Software\SlimWare Utilities Inc
[-] Chave Excluída : HKCU\Software\WEBAPP
[-] Chave Excluída : HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Chave Excluída : HKLM\SOFTWARE\b1.org
[-] Chave Excluída : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Chave Excluída : HKLM\SOFTWARE\SupDp
[-] Chave Excluída : [x64] HKLM\SOFTWARE\b1.org
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Chave Excluída : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\land.pckeeper.software
[-] Chave Excluída : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pckeeper.software
[-] Chave Excluída : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\land.pckeeper.software
[-] Chave Excluída : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pckeeper.software
[-] Valor Excluída : HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]

***** [ Navegadores ] *****

[-] [C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Excluído : br.ask.com

*************************

:: Chaves "Tracing" excluídas
:: Configurações Winsock restauradas
:: Políticas do IE excluídas
:: Políticas do Chrome excluídas

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3844 bytes] - [13/05/2016 09:58:15]
C:\AdwCleaner\AdwCleaner[S1].txt - [4190 bytes] - [13/05/2016 09:54:22]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3990 bytes] ##########

 

 

-----------------------------------------

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home Single Language x64
Ran by Itamar_Rialto (Administrator) on 13/05/2016 at 10:06:11,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 0


Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/05/2016 at 11:12:25,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~ ZHPCleaner v2016.5.13.66 by Nicolas Coolman (2016/05/13)
~ Run by Itamar_Rialto (Administrator)  (13/05/2016 11:32:00)
~ Site : http://www.nicolascoolman.com
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparo
~ Report : C:\Users\Itamar_Rialto\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Itamar_Rialto\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home Single Language, 64-bit  (Build 10586)


---\\  Serviços (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Navegadores de Internet (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Arquivo hosts (2)
SUBSTITUIDO:  
Número de redirecionamentos encontrados 1/21


---\\  Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Explorer ( Arquivos, Pastas) (75)
MOVIDO pasta: C:\Windows\SECOH-QAD.exe    =>HackTool.KMSpico
MOVIDO arquivo: C:\Users\Itamar_Rialto\Desktop\KMSpico 10.1.5 FINAL + Portable (Office and Windows 10 Activator) [TechTools.NET]  =>HackTool.KMSpico
MOVIDO arquivo: C:\WINDOWS\Installer\MSI1284.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI17FF.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI199E.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI1D6F.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI2582.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI3668.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI4D7C.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI4EEF.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI545F.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI56DD.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI5718.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI5956.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI5A0F.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI6499.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI6922.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI6984.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI6C4B.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI6C89.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI6E12.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI6F2C.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI704B.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI743E.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI776C.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI7922.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI79C1.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI7A3C.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI7B37.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI7BD5.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI7C79.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI8340.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI847C.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI8761.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI8A6B.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI8A72.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI8B56.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI8C62.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI8D0E.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI8E09.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI90BA.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI91A5.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI92B0.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI937C.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI9429.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIAD09.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIAE14.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIAEF1.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIAF9E.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIB04A.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIB162.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIB2CC.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIB398.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIB474.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIB530.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIB574.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIB5DD.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIBC71.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIC338.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIC676.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIC8E7.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSICB25.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSID1AA.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSID40E.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSID858.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIDC12.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIDCD6.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIDFCB.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIE045.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIE0B8.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIE228.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIE4DC.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIEFE6.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIF355.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIFEBB.tmp-  =>Empty


---\\  Registro ( Chaves, Valores, Dados ) (1)
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.]  =>Heuristic.Suspect


---\\  Resumo dos elementos encontrados na sua estação de trabalho (2)
http://www.nicolascoolman.fr/?p=989 =>HackTool.KMSpico
http://www.nicolascoolman.info/2016/04/22/heuristic-suspect/ =>Heuristic.Suspect


---\\  Dodatkowe oczyszczenie. (19)
~ Chave de registro Tracing Supprimido (19)
~ Remover os relatórios antigos ZHPCleaner. (0)


---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Opera Software)


---\\ Estatísticas
~ Items scan : 879
~ Items encontrado : 1
~ items cancelados : 0
~ Items réparo : 76


~ End of clean in 00h00mn46s
~====================
ZHPCleaner-[R]-13052016-11_32_46.txt
ZHPCleaner--13052016-11_28_49.txt

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Itamar Rialto

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


32 bit (x86) ou 64 bit (x64)

 

  • Clique duas vezes para executar a ferramenta.
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar.
  • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta.
  • Anexe o log Addition.txt

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:14-05-2016
Executado por Itamar_Rialto (administrador) em E5-511-C7NE (14-05-2016 17:55:04)
Executando a partir de C:\Users\Itamar_Rialto\Desktop
Perfis Carregados: Itamar_Rialto (Perfis Disponíveis: Itamar_Rialto)
Platform: Windows 10 Home Single Language Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.19761.0_x64__8wekyb3d8bbwe\Video.UI.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\LockAppHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
() C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2015-11-16] (Microsoft Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218656 2015-09-01] (Geek Software GmbH)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23745808 2016-05-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [326264 2016-05-09] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\ GbPluginAbn: C:\Program Files (x86)\GbPlugin\gbiehAbn.dll [2014-11-18] (Banco Real)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-08-19] (Banco do Brasil)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Atheros Communications)
HKLM\...\Policies\Explorer\Run: [x86kernel2] => erperperperperperperperperperperperperperperperperperperperperperperperperperperperperperperperperpe
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1896320 2015-08-19] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1939512 2014-11-18] (Banco Real)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5387184f-dc1d-4d8c-8c55-23669f743de0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d553cff-388e-4407-8c89-80eeb440c0b3}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8161a7c9-c4ae-4bc8-b895-5aac8fd214fe}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?pc=UE01&ocid=UE01DHP
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-01-19] (Microsoft Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2016-05-09] (Qihu 360 Software Co., Ltd.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-17] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-01-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-20] (Oracle Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2016-02-26] (Qihu 360 Software Co., Ltd.)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-08-19] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540007} -> C:\Program Files (x86)\GbPlugin\gbiehabn.dll [2014-11-18] (Banco Real)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-01-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Nenhum Arquivo

FireFox:
========
FF ProfilePath: C:\Users\Itamar_Rialto\AppData\Roaming\Mozilla\Firefox\Profiles\zjxlxe66.default-1437596352191
FF Homepage: about:home
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-01-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-2861522991-3655380705-3476392321-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Itamar_Rialto\AppData\Local\Citrix\Plugins\104\npappdetector.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-2861522991-3655380705-3476392321-1001: gastecnologia.com.br/sf/abn -> C:\Users\Itamar_Rialto\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll [2015-02-19] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-2861522991-3655380705-3476392321-1001: gastecnologia.com.br/sf/abn64 -> C:\Users\Itamar_Rialto\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll [2015-06-02] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-2861522991-3655380705-3476392321-1001: gastecnologia.com.br/sf/bb64 -> C:\Users\Itamar_Rialto\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [Nenhum Arquivo]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-07-21]
FF Extension: Default Full Zoom Level - C:\Users\Itamar_Rialto\AppData\Roaming\Mozilla\Firefox\Profiles\zjxlxe66.default-1437596352191\extensions\{D9A7CBEC-DE1A-444f-A092-844461596C4D} [2016-02-05]
FF Extension: Youtube MP3 Podcaster - C:\Users\Itamar_Rialto\AppData\Roaming\Mozilla\Firefox\Profiles\zjxlxe66.default-1437596352191\extensions\youtubemp3podcaster@jeremy.d.gregorio.com [2016-03-16]
FF Extension: Baixou Agora - C:\Users\Itamar_Rialto\AppData\Roaming\Mozilla\Firefox\Profiles\zjxlxe66.default-1437596352191\Extensions\jid1-dG9taWNhQGdtYWlsLmNvbS4u@jetpack.xpi [2015-11-25]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: 360 Internet Protection - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2016-05-14]
FF HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\Itamar_Rialto\AppData\Local\GAS Tecnologia\GBBD\abn\xpi
FF Extension: GBBD Banco Santander (Brasil) S.A. - C:\Users\Itamar_Rialto\AppData\Local\GAS Tecnologia\GBBD\abn\xpi [2015-05-08] [não assinado]

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://br.search.yahoo.com/search?fr=mcafee&type=B211BR0D20150721&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-10]
CHR Extension: (Google Docs) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-10]
CHR Extension: (Google Drive) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05]
CHR Extension: (HelloFax: 50 páginas gratuitas de fax) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm [2016-01-14]
CHR Extension: (Google Search) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Planilhas do Google) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-10]
CHR Extension: (Área de trabalho remota do Google Chrome) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-05-05]
CHR Extension: (Documentos Google off-line) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-01]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-15]
CHR Extension: (Gmail) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-10]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) [Arquivo não assinado]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2772720 2016-01-17] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-28] (Dropbox, Inc.)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576 2015-08-12] (GAS Tecnologia)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328624 2015-10-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [469736 2014-09-10] (Acer Incorporate)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [916392 2016-05-09] (QIHU 360 SOFTWARE CO. LIMITED)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-14] (acer)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [Arquivo não assinado]
S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [Arquivo não assinado]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137808 2016-02-26] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2016-05-09] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [77904 2016-05-09] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2016-05-09] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-11-13] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [370768 2016-02-26] (360.cn)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [181328 2016-02-26] (360.cn)
U5 BTATH_LWFLT; C:\Windows\System32\Drivers\BTATH_LWFLT.sys [77464 2014-02-25] (Qualcomm Atheros)
S1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [0 2015-08-07] () <==== ATENÇÃO (zero byte Arquivo/Pasta)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [21720 2015-04-29] (GAS Tecnologia)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-10] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
S3 MTKSCVAD; C:\Windows\system32\drivers\mtkvadx.sys [44544 2012-07-16] (Ralink Technology, Corp.) [Arquivo não assinado]
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [461528 2013-12-20] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-10-31] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-14 17:55 - 2016-05-14 17:56 - 00024035 _____ C:\Users\Itamar_Rialto\Desktop\FRST.txt
2016-05-14 17:54 - 2016-05-14 17:54 - 02382336 _____ (Farbar) C:\Users\Itamar_Rialto\Desktop\FRST64.exe
2016-05-13 12:54 - 2016-05-13 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-13 11:39 - 2016-05-13 11:40 - 00000000 ____D C:\Users\Itamar_Rialto\Desktop\Remoção 13-05
2016-05-13 09:53 - 2016-05-13 09:58 - 00000000 ____D C:\AdwCleaner
2016-05-11 17:42 - 2016-05-11 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer
2016-05-11 17:40 - 2016-05-11 17:43 - 00000000 ____D C:\wamp
2016-05-11 17:38 - 2016-05-11 17:38 - 00000000 ____D C:\Users\Itamar_Rialto\AppData\Roaming\MySQL
2016-05-11 17:38 - 2016-05-11 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2016-05-11 17:37 - 2016-05-11 17:37 - 00000000 ____D C:\Program Files\MySQL
2016-05-11 17:36 - 2016-05-11 17:39 - 43507845 _____ (Hervé Leclerc (HeL) ) C:\Users\Itamar_Rialto\Downloads\wampserver2.5-Apache-2.4.9-Mysql-5.6.17-php5.5.12-64b.exe
2016-05-11 17:28 - 2016-05-11 17:32 - 28426240 _____ C:\Users\Itamar_Rialto\Downloads\mysql-workbench-community-6.3.6-winx64.msi
2016-05-11 17:23 - 2016-05-11 17:24 - 07194312 _____ (Microsoft Corporation) C:\Users\Itamar_Rialto\Downloads\vcredist_x64.exe
2016-05-11 15:04 - 2016-05-11 15:30 - 331923533 _____ C:\Users\Itamar_Rialto\Downloads\OracleXE112_Win64.zip
2016-05-11 13:18 - 2016-05-11 13:18 - 00011794 _____ C:\ZA-Scan.txt
2016-05-11 12:41 - 2016-04-23 01:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 12:41 - 2016-04-23 01:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-11 12:41 - 2016-04-23 01:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-11 12:41 - 2016-04-23 01:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 12:41 - 2016-04-23 01:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 12:41 - 2016-04-23 01:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-11 12:41 - 2016-04-23 01:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-11 12:41 - 2016-04-23 01:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-11 12:41 - 2016-04-23 01:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-11 12:41 - 2016-04-23 01:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-11 12:40 - 2016-04-30 03:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-11 12:40 - 2016-04-23 03:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-11 12:40 - 2016-04-23 03:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-11 12:40 - 2016-04-23 03:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-11 12:40 - 2016-04-23 03:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 12:40 - 2016-04-23 03:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 12:40 - 2016-04-23 02:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-11 12:40 - 2016-04-23 02:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 12:40 - 2016-04-23 02:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 12:40 - 2016-04-23 02:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 12:40 - 2016-04-23 02:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-11 12:40 - 2016-04-23 02:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-11 12:40 - 2016-04-23 02:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-11 12:40 - 2016-04-23 02:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-11 12:40 - 2016-04-23 02:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-11 12:40 - 2016-04-23 02:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-11 12:40 - 2016-04-23 02:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-11 12:40 - 2016-04-23 02:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 12:40 - 2016-04-23 01:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 12:40 - 2016-04-23 01:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 12:40 - 2016-04-23 01:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-11 12:40 - 2016-04-23 01:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-11 12:40 - 2016-04-23 01:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-11 12:40 - 2016-04-23 01:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 12:40 - 2016-04-23 01:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-11 12:40 - 2016-04-23 01:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-11 12:40 - 2016-04-23 01:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-11 12:40 - 2016-04-23 01:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-11 12:40 - 2016-04-23 01:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-11 12:40 - 2016-04-23 01:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-11 12:40 - 2016-04-23 01:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 12:40 - 2016-04-23 01:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-11 12:40 - 2016-04-23 01:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-11 12:40 - 2016-04-23 01:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 12:40 - 2016-04-23 01:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 12:40 - 2016-04-23 01:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-11 12:40 - 2016-04-23 01:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 12:40 - 2016-04-23 01:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 12:40 - 2016-04-23 01:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 12:40 - 2016-04-23 01:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-11 12:40 - 2016-04-23 01:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-11 12:40 - 2016-04-23 01:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-11 12:40 - 2016-04-23 01:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 12:40 - 2016-04-23 01:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 12:40 - 2016-04-23 01:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-11 12:40 - 2016-04-23 01:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-11 12:40 - 2016-04-23 01:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-11 12:40 - 2016-04-23 01:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-11 12:40 - 2016-04-23 01:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 12:40 - 2016-04-23 01:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-11 12:40 - 2016-04-23 01:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-11 12:40 - 2016-04-23 01:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 12:40 - 2016-04-23 01:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-11 12:40 - 2016-04-23 01:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 12:40 - 2016-04-23 01:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 12:40 - 2016-04-23 01:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-11 12:40 - 2016-04-23 01:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-11 12:40 - 2016-04-23 01:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-11 12:40 - 2016-04-23 01:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 12:40 - 2016-04-23 01:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-11 12:40 - 2016-04-23 01:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-11 12:40 - 2016-04-23 01:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-11 12:40 - 2016-04-23 01:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 12:40 - 2016-04-23 01:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 12:39 - 2016-05-06 01:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-11 12:39 - 2016-05-06 01:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-11 12:39 - 2016-05-06 01:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 12:39 - 2016-05-06 00:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 12:39 - 2016-05-06 00:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 12:39 - 2016-05-06 00:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 12:39 - 2016-05-06 00:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-11 12:39 - 2016-05-06 00:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 12:39 - 2016-04-30 03:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-11 12:39 - 2016-04-23 03:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-11 12:39 - 2016-04-23 03:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-11 12:39 - 2016-04-23 03:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-11 12:39 - 2016-04-23 02:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-11 12:39 - 2016-04-23 02:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-11 12:39 - 2016-04-23 02:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-11 12:39 - 2016-04-23 02:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 12:39 - 2016-04-23 02:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-11 12:39 - 2016-04-23 02:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-11 12:39 - 2016-04-23 02:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-11 12:39 - 2016-04-23 02:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 12:39 - 2016-04-23 02:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-11 12:39 - 2016-04-23 02:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-11 12:39 - 2016-04-23 02:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-11 12:39 - 2016-04-23 02:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-11 12:39 - 2016-04-23 02:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-11 12:39 - 2016-04-23 02:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-11 12:39 - 2016-04-23 02:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-11 12:39 - 2016-04-23 02:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-11 12:39 - 2016-04-23 02:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 12:39 - 2016-04-23 02:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 12:39 - 2016-04-23 02:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-11 12:39 - 2016-04-23 02:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-11 12:39 - 2016-04-23 02:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 12:39 - 2016-04-23 02:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-11 12:39 - 2016-04-23 02:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-11 12:39 - 2016-04-23 02:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 12:39 - 2016-04-23 02:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-11 12:39 - 2016-04-23 02:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 12:39 - 2016-04-23 02:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-11 12:39 - 2016-04-23 02:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-11 12:39 - 2016-04-23 02:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-11 12:39 - 2016-04-23 02:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-11 12:39 - 2016-04-23 02:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-11 12:39 - 2016-04-23 02:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-11 12:39 - 2016-04-23 02:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-11 12:39 - 2016-04-23 02:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-11 12:39 - 2016-04-23 02:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-11 12:39 - 2016-04-23 02:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 12:39 - 2016-04-23 02:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-11 12:39 - 2016-04-23 02:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-11 12:39 - 2016-04-23 02:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-11 12:39 - 2016-04-23 02:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-11 12:39 - 2016-04-23 02:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-11 12:39 - 2016-04-23 01:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-11 12:39 - 2016-04-23 01:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 12:39 - 2016-04-23 01:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-11 12:39 - 2016-04-23 01:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-11 12:39 - 2016-04-23 01:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-11 12:39 - 2016-04-23 01:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 12:39 - 2016-04-23 01:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-11 12:39 - 2016-04-23 01:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-11 12:39 - 2016-04-23 01:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 12:39 - 2016-04-23 01:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 12:39 - 2016-04-23 01:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 12:39 - 2016-04-23 01:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-11 12:39 - 2016-04-23 01:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-11 12:39 - 2016-04-23 01:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 12:39 - 2016-04-23 01:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-11 12:39 - 2016-04-23 01:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 12:39 - 2016-04-23 01:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-11 12:39 - 2016-04-23 01:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-11 12:39 - 2016-04-23 01:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-11 12:39 - 2016-04-23 01:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 12:39 - 2016-04-23 01:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 12:39 - 2016-04-23 01:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 12:39 - 2016-04-23 01:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-11 12:39 - 2016-04-23 01:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-11 12:39 - 2016-04-23 01:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-11 12:39 - 2016-04-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-11 12:39 - 2016-04-23 01:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 12:39 - 2016-04-23 01:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 12:39 - 2016-04-23 01:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-11 12:39 - 2016-04-23 01:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 12:39 - 2016-04-23 01:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 12:39 - 2016-04-23 01:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-11 12:39 - 2016-04-23 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-11 12:39 - 2016-04-23 01:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-11 12:39 - 2016-04-23 01:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-11 12:39 - 2016-04-23 01:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 12:39 - 2016-04-23 01:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 12:39 - 2016-04-23 01:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-11 12:39 - 2016-04-23 01:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 12:39 - 2016-04-23 01:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-11 12:39 - 2016-04-23 01:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 12:39 - 2016-04-23 01:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-11 12:39 - 2016-04-23 01:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 12:39 - 2016-04-23 01:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 12:39 - 2016-04-23 01:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 12:39 - 2016-04-23 01:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 12:39 - 2016-04-23 01:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 12:39 - 2016-04-23 01:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 12:39 - 2016-04-23 01:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-11 12:39 - 2016-04-23 01:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-11 12:39 - 2016-04-23 01:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-11 12:39 - 2016-04-23 01:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-05-11 12:39 - 2016-04-23 01:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-11 12:39 - 2016-04-23 01:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-05-11 12:39 - 2016-04-23 01:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-11 12:39 - 2016-04-23 01:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-11 12:39 - 2016-04-23 01:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-11 12:39 - 2016-04-23 01:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-11 12:39 - 2016-04-23 01:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-11 12:39 - 2016-04-23 01:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-11 12:39 - 2016-04-23 01:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 12:39 - 2016-04-23 01:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 12:39 - 2016-04-23 01:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 12:39 - 2016-04-23 01:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 12:39 - 2016-04-23 01:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-11 12:39 - 2016-04-23 01:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-11 12:39 - 2016-04-23 01:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-11 12:39 - 2016-04-23 01:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-11 12:39 - 2016-04-23 01:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-11 12:39 - 2016-04-23 01:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-11 12:39 - 2016-04-23 01:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-11 12:39 - 2016-04-23 01:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-11 12:39 - 2016-04-23 01:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-11 12:39 - 2016-04-23 01:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 12:39 - 2016-04-23 01:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-11 12:39 - 2016-04-23 01:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-11 12:39 - 2016-04-23 01:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-11 12:39 - 2016-04-23 01:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-11 12:39 - 2016-04-23 01:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 12:39 - 2016-04-23 01:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-11 12:39 - 2016-04-23 01:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 12:39 - 2016-04-23 01:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-11 12:39 - 2016-04-23 01:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-11 12:39 - 2016-04-23 01:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-11 12:39 - 2016-04-23 01:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-11 12:39 - 2016-04-23 01:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 12:39 - 2016-04-23 00:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-11 12:39 - 2016-04-22 23:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-11 12:39 - 2016-04-22 23:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-11 12:39 - 2016-04-18 19:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-11 12:10 - 2016-05-11 12:12 - 02870984 _____ (ESET) C:\Users\Itamar_Rialto\Downloads\esetsmartinstaller_ptg.exe
2016-05-11 11:42 - 2016-05-11 11:42 - 00353752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-10 14:30 - 2016-05-10 14:18 - 02361368 _____ C:\Users\Itamar_Rialto\Desktop\proposta assinada.PDF
2016-05-10 14:22 - 2016-05-10 14:22 - 00129493 _____ C:\Users\Itamar_Rialto\Downloads\453f8bae-9ce0-4a16-a85d-c193e2fa6d40.pdf
2016-05-09 17:44 - 2016-05-09 17:44 - 00366854 _____ C:\Users\Itamar_Rialto\Downloads\1441198567763.pdf
2016-05-06 11:20 - 2016-05-06 11:21 - 07543342 _____ C:\Users\Itamar_Rialto\Downloads\DBDesigner4.0.5.6_Setup.exe
2016-05-06 11:18 - 2016-05-06 11:18 - 00519335 _____ C:\Users\Itamar_Rialto\Downloads\brModelo.zip
2016-05-06 10:58 - 2016-05-05 13:47 - 00747671 _____ C:\Users\Itamar_Rialto\Desktop\comprov_residencia.PDF
2016-05-04 10:51 - 2016-05-04 10:51 - 00024477 _____ C:\Users\Itamar_Rialto\Downloads\boleto.pdf
2016-04-20 12:55 - 2016-04-20 12:55 - 00014740 _____ C:\Users\Itamar_Rialto\Downloads\boleto-prudente.pdf
2016-04-20 12:50 - 2016-04-20 12:50 - 00088288 _____ C:\Users\Itamar_Rialto\Downloads\GerarPDF_20042016125012.pdf
2016-04-19 17:53 - 2016-04-19 17:54 - 00000000 ____D C:\Users\Itamar_Rialto\Documents\Livro Digital Saraiva
2016-04-19 17:53 - 2016-04-19 17:53 - 00001749 _____ C:\Users\Public\Desktop\Saraiva Reader.lnk
2016-04-19 17:53 - 2016-04-19 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saraiva Reader
2016-04-19 17:51 - 2016-04-21 08:19 - 00068608 _____ C:\Users\Itamar_Rialto\.sysconfig.dat
2016-04-19 17:50 - 2016-04-19 17:50 - 00000000 ____D C:\Saraiva
2016-04-19 16:22 - 2016-04-02 00:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-19 16:22 - 2016-03-29 07:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-19 16:22 - 2016-03-29 07:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-19 16:22 - 2016-03-29 06:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-19 16:22 - 2016-03-29 05:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-19 16:22 - 2016-03-29 05:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-19 16:22 - 2016-03-29 05:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-19 16:22 - 2016-03-29 05:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-19 16:22 - 2016-03-29 04:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-19 16:22 - 2016-03-29 04:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-19 16:22 - 2016-03-29 04:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-19 16:22 - 2016-03-29 04:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-19 16:22 - 2016-03-29 04:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-19 16:22 - 2016-03-29 04:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-19 16:22 - 2016-03-29 04:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-19 16:22 - 2016-03-29 04:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-19 16:22 - 2016-03-29 04:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-19 16:22 - 2016-03-29 04:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-19 16:22 - 2016-03-29 04:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-19 16:22 - 2016-03-29 04:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-19 16:22 - 2016-03-29 03:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-19 16:22 - 2016-03-29 03:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-19 16:22 - 2016-03-29 03:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-19 16:22 - 2016-03-29 03:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-19 16:22 - 2016-03-29 03:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-19 16:22 - 2016-03-29 03:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-19 16:22 - 2016-03-29 03:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-19 16:21 - 2016-04-02 01:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-19 16:21 - 2016-04-02 01:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-19 16:21 - 2016-04-02 01:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-19 16:21 - 2016-04-02 01:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-19 16:21 - 2016-04-02 00:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-19 16:21 - 2016-04-02 00:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-19 16:21 - 2016-03-29 07:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-19 16:21 - 2016-03-29 07:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-19 16:21 - 2016-03-29 07:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-19 16:21 - 2016-03-29 07:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-19 16:21 - 2016-03-29 07:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-19 16:21 - 2016-03-29 07:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-19 16:21 - 2016-03-29 07:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-19 16:21 - 2016-03-29 07:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-19 16:21 - 2016-03-29 07:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-19 16:21 - 2016-03-29 07:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-19 16:21 - 2016-03-29 06:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-19 16:21 - 2016-03-29 06:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-19 16:21 - 2016-03-29 06:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-19 16:21 - 2016-03-29 06:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-19 16:21 - 2016-03-29 06:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-19 16:21 - 2016-03-29 06:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-19 16:21 - 2016-03-29 06:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-19 16:21 - 2016-03-29 06:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-19 16:21 - 2016-03-29 06:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-19 16:21 - 2016-03-29 06:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-19 16:21 - 2016-03-29 06:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-19 16:21 - 2016-03-29 06:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-19 16:21 - 2016-03-29 06:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-19 16:21 - 2016-03-29 06:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-19 16:21 - 2016-03-29 05:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-19 16:21 - 2016-03-29 05:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-19 16:21 - 2016-03-29 05:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-19 16:21 - 2016-03-29 05:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-19 16:21 - 2016-03-29 05:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-19 16:21 - 2016-03-29 05:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-19 16:21 - 2016-03-29 05:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-19 16:21 - 2016-03-29 05:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-19 16:21 - 2016-03-29 05:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-19 16:21 - 2016-03-29 05:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-19 16:21 - 2016-03-29 05:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-19 16:21 - 2016-03-29 04:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-19 16:21 - 2016-03-29 04:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-19 16:21 - 2016-03-29 04:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-19 16:21 - 2016-03-29 04:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-19 16:21 - 2016-03-29 04:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-19 16:21 - 2016-03-29 04:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-19 16:21 - 2016-03-29 04:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-19 16:21 - 2016-03-29 04:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-19 16:21 - 2016-03-29 04:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-19 16:21 - 2016-03-29 04:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-19 16:21 - 2016-03-29 04:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-19 16:21 - 2016-03-29 04:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-19 16:21 - 2016-03-29 04:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-19 16:21 - 2016-03-29 04:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-19 16:21 - 2016-03-29 04:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-19 16:21 - 2016-03-29 04:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-19 16:21 - 2016-03-29 04:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-19 16:21 - 2016-03-29 04:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-19 16:21 - 2016-03-29 04:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-19 16:21 - 2016-03-29 04:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-19 16:21 - 2016-03-29 04:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-19 16:21 - 2016-03-29 04:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-19 16:21 - 2016-03-29 04:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-19 16:21 - 2016-03-29 04:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-19 16:21 - 2016-03-29 04:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-19 16:21 - 2016-03-29 04:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-19 16:21 - 2016-03-29 04:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-19 16:21 - 2016-03-29 04:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-19 16:21 - 2016-03-29 04:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-19 16:21 - 2016-03-29 04:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-19 16:21 - 2016-03-29 04:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-19 16:21 - 2016-03-29 04:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-19 16:21 - 2016-03-29 04:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-19 16:21 - 2016-03-29 04:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-19 16:21 - 2016-03-29 04:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-19 16:21 - 2016-03-29 04:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-19 16:21 - 2016-03-29 03:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-19 16:21 - 2016-03-29 03:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-19 16:21 - 2016-03-29 03:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-19 16:21 - 2016-03-29 03:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-19 16:21 - 2016-03-29 03:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-19 16:21 - 2016-03-29 03:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-19 16:21 - 2016-03-29 03:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-19 16:21 - 2016-03-29 03:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-19 16:21 - 2016-03-29 03:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-19 16:21 - 2016-03-29 03:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-19 16:21 - 2016-03-29 03:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-19 16:21 - 2016-03-29 03:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-19 16:21 - 2016-03-29 03:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-19 16:21 - 2016-03-29 03:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-19 16:21 - 2016-03-29 03:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-19 16:21 - 2016-03-29 03:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-19 16:21 - 2016-03-29 03:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-19 16:21 - 2016-03-29 03:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-19 16:21 - 2016-03-29 03:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-19 16:21 - 2016-03-29 03:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-19 16:21 - 2016-03-29 03:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-19 16:21 - 2016-03-29 03:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-19 16:21 - 2016-03-29 03:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-19 16:21 - 2016-03-29 03:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-19 16:21 - 2016-03-29 03:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-19 16:21 - 2016-03-29 03:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-19 16:21 - 2016-03-29 03:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-19 16:21 - 2016-03-29 03:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-19 16:21 - 2016-03-29 03:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-19 16:21 - 2016-03-29 03:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-19 16:21 - 2016-03-29 03:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-19 16:21 - 2016-03-29 03:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-19 16:21 - 2016-03-29 03:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-19 16:21 - 2016-03-29 03:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-19 16:21 - 2016-03-29 03:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-19 16:21 - 2016-03-29 03:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-19 16:21 - 2016-03-29 03:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-19 16:21 - 2016-03-29 03:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-19 16:21 - 2016-03-29 03:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-19 16:21 - 2016-03-29 02:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-19 16:21 - 2016-03-29 02:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-19 16:21 - 2016-03-29 02:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-19 16:21 - 2016-03-29 02:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-19 16:21 - 2016-03-29 02:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-19 16:21 - 2016-03-29 02:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-19 16:21 - 2016-03-29 02:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-19 16:21 - 2016-03-29 02:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-19 16:21 - 2016-03-29 02:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-19 16:20 - 2016-04-02 00:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-19 16:20 - 2016-04-02 00:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-19 16:20 - 2016-03-29 05:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-19 16:20 - 2016-03-29 05:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-19 16:20 - 2016-03-29 05:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-19 16:20 - 2016-03-29 05:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-19 16:20 - 2016-03-29 05:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-19 16:20 - 2016-03-29 04:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-19 16:20 - 2016-03-29 04:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-19 16:20 - 2016-03-29 04:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-19 16:20 - 2016-03-29 04:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-19 16:20 - 2016-03-29 04:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-19 16:20 - 2016-03-29 04:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-19 16:20 - 2016-03-29 04:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-19 16:20 - 2016-03-29 04:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-19 16:20 - 2016-03-29 04:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-19 16:20 - 2016-03-29 04:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-19 16:20 - 2016-03-29 04:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-19 16:20 - 2016-03-29 04:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-19 16:20 - 2016-03-29 04:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-19 16:20 - 2016-03-29 04:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-19 16:20 - 2016-03-29 04:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-19 16:20 - 2016-03-29 04:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-19 16:20 - 2016-03-29 04:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-19 16:20 - 2016-03-29 04:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-19 16:20 - 2016-03-29 04:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-19 16:20 - 2016-03-29 04:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-19 16:20 - 2016-03-29 04:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-19 16:20 - 2016-03-29 04:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-19 16:20 - 2016-03-29 04:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-19 16:20 - 2016-03-29 04:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-19 16:20 - 2016-03-29 04:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-19 16:20 - 2016-03-29 04:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-19 16:20 - 2016-03-29 04:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-19 16:20 - 2016-03-29 04:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-19 16:20 - 2016-03-29 04:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-19 16:20 - 2016-03-29 04:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-19 16:20 - 2016-03-29 03:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-19 16:20 - 2016-03-29 03:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-19 16:20 - 2016-03-29 03:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-19 16:20 - 2016-03-29 03:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-19 16:20 - 2016-03-29 03:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-19 16:20 - 2016-03-29 03:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-19 16:20 - 2016-03-29 03:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-19 16:20 - 2016-03-29 03:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-19 16:20 - 2016-03-29 02:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-19 16:20 - 2016-03-29 02:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-19 16:20 - 2016-03-29 02:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-19 16:20 - 2016-03-29 02:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-19 16:20 - 2016-03-29 02:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-19 16:20 - 2016-03-29 02:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-19 12:30 - 2016-04-19 12:32 - 65843200 _____ (Saraiva e Siciliano S.A.) C:\Users\Itamar_Rialto\Downloads\SaraivaReader_VAREJO_ALPHA_7RC11b169.exe
2016-04-19 12:01 - 2016-04-19 12:05 - 00516087 _____ C:\Users\Itamar_Rialto\Downloads\Formulario de indicacao de condutor infrator.pdf
2016-04-18 15:40 - 2016-04-18 15:40 - 00087946 _____ C:\Users\Itamar_Rialto\Downloads\GerarPDF_18042016154013.pdf
2016-04-15 14:07 - 2016-04-15 14:07 - 00560579 _____ C:\Users\Itamar_Rialto\Downloads\Formulario recurso_preenchido.pdf
2016-04-15 13:53 - 2016-04-15 13:53 - 00558077 _____ C:\Users\Itamar_Rialto\Downloads\Formulario recurso.pdf
2016-04-13 10:11 - 2016-04-13 10:12 - 00990621 _____ C:\Users\Itamar_Rialto\Downloads\Multa Itamar.pdf
2016-04-08 09:54 - 2016-04-08 09:54 - 00093841 _____ C:\Users\Itamar_Rialto\Downloads\HISTORICO  ITAMAR 2.pdf
2016-04-05 10:58 - 2016-04-05 10:59 - 00097613 _____ C:\Users\Itamar_Rialto\Downloads\Multas_EMR0881.PDF
2016-03-31 11:10 - 2016-03-31 11:17 - 00000000 ____D C:\Users\Itamar_Rialto\Desktop\Seasick Steve
2016-03-30 11:20 - 2016-03-30 11:20 - 00099682 _____ C:\Users\Itamar_Rialto\Downloads\HISTORICO ITAMAR.pdf
2016-03-27 18:19 - 2016-03-13 04:50 - 03997764 _____ C:\Users\Itamar_Rialto\Downloads\DuoHD_V02_027.BIN
2016-03-23 15:31 - 2016-03-23 15:31 - 00099245 _____ C:\Users\Itamar_Rialto\Desktop\unicid.pdf
2016-03-09 19:12 - 2016-03-01 02:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 19:12 - 2016-03-01 02:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 19:12 - 2016-02-24 06:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 19:12 - 2016-02-24 06:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 19:12 - 2016-02-24 05:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 19:12 - 2016-02-24 05:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 19:12 - 2016-02-24 05:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 19:12 - 2016-02-24 05:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 19:12 - 2016-02-24 05:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 19:12 - 2016-02-24 05:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 19:12 - 2016-02-24 05:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 19:12 - 2016-02-24 05:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 19:12 - 2016-02-24 05:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 19:12 - 2016-02-24 05:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 19:12 - 2016-02-24 05:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 19:12 - 2016-02-24 05:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 19:12 - 2016-02-24 04:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 19:12 - 2016-02-24 04:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 19:12 - 2016-02-24 04:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 19:12 - 2016-02-24 04:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 19:12 - 2016-02-24 04:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 19:12 - 2016-02-24 04:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 19:12 - 2016-02-24 04:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 19:12 - 2016-02-24 04:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 19:12 - 2016-02-24 04:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 19:12 - 2016-02-24 04:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 19:12 - 2016-02-24 04:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 19:12 - 2016-02-24 04:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 19:12 - 2016-02-24 04:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 19:12 - 2016-02-24 04:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 19:12 - 2016-02-24 04:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 19:12 - 2016-02-24 04:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 19:12 - 2016-02-24 04:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 19:12 - 2016-02-24 04:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 19:12 - 2016-02-24 04:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 19:12 - 2016-02-24 04:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 19:12 - 2016-02-24 04:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 19:12 - 2016-02-24 04:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 19:12 - 2016-02-24 04:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 19:12 - 2016-02-24 04:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 19:12 - 2016-02-24 04:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 19:12 - 2016-02-24 04:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 19:12 - 2016-02-24 04:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 19:12 - 2016-02-24 04:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 19:12 - 2016-02-24 04:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 19:12 - 2016-02-24 03:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 19:12 - 2016-02-24 03:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 19:12 - 2016-02-24 03:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 19:12 - 2016-02-24 03:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 19:12 - 2016-02-24 03:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 19:12 - 2016-02-24 03:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 19:12 - 2016-02-24 03:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 19:12 - 2016-02-24 03:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 19:12 - 2016-02-24 03:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 19:12 - 2016-02-24 03:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 19:12 - 2016-02-24 03:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 19:12 - 2016-02-24 03:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 19:12 - 2016-02-24 03:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 19:12 - 2016-02-24 03:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 19:12 - 2016-02-24 03:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 19:12 - 2016-02-24 03:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 19:12 - 2016-02-24 03:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 19:12 - 2016-02-24 03:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 19:12 - 2016-02-24 03:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 19:12 - 2016-02-24 03:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 19:12 - 2016-02-24 03:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 19:12 - 2016-02-24 03:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 19:12 - 2016-02-24 03:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 19:12 - 2016-02-24 03:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 19:12 - 2016-02-24 03:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 19:12 - 2016-02-24 03:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 19:12 - 2016-02-24 03:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 19:12 - 2016-02-24 03:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 19:12 - 2016-02-24 03:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 19:12 - 2016-02-24 03:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 19:12 - 2016-02-24 03:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 19:12 - 2016-02-24 03:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 19:12 - 2016-02-24 03:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 19:12 - 2016-02-24 03:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 19:12 - 2016-02-24 03:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 19:12 - 2016-02-24 03:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 19:12 - 2016-02-24 03:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 19:12 - 2016-02-24 03:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 19:12 - 2016-02-24 03:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 19:12 - 2016-02-24 03:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 19:12 - 2016-02-24 03:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 19:12 - 2016-02-24 03:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 19:12 - 2016-02-24 03:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 19:12 - 2016-02-24 03:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 19:12 - 2016-02-24 03:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 19:12 - 2016-02-24 03:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 19:12 - 2016-02-24 03:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 19:12 - 2016-02-24 03:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 19:12 - 2016-02-24 03:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 19:12 - 2016-02-24 03:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 19:12 - 2016-02-24 03:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 19:12 - 2016-02-24 03:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 19:12 - 2016-02-24 02:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 19:12 - 2016-02-24 02:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 19:12 - 2016-02-24 02:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 19:12 - 2016-02-24 02:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 19:12 - 2016-02-24 02:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 19:12 - 2016-02-24 02:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-03 21:33 - 2016-05-09 06:27 - 00077904 _____ (360.cn) C:\WINDOWS\SysWOW64\Drivers\360AvFlt.sys
2016-03-03 21:33 - 2016-02-26 07:56 - 00181328 _____ (360.cn) C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS
2016-03-02 12:36 - 2016-02-23 07:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 12:36 - 2016-02-23 07:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-02 12:36 - 2016-02-23 06:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 12:36 - 2016-02-23 05:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 12:36 - 2016-02-23 04:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 12:35 - 2016-02-23 07:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-02 12:35 - 2016-02-23 07:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 12:35 - 2016-02-23 07:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 12:35 - 2016-02-23 07:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 12:35 - 2016-02-23 07:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 12:35 - 2016-02-23 07:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 12:35 - 2016-02-23 06:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-02 12:35 - 2016-02-23 06:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-02 12:35 - 2016-02-23 06:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-02 12:35 - 2016-02-23 06:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-02 12:35 - 2016-02-23 06:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-02 12:35 - 2016-02-23 06:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-02 12:35 - 2016-02-23 06:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 12:35 - 2016-02-23 05:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-02 12:35 - 2016-02-23 05:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 12:35 - 2016-02-23 05:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 12:35 - 2016-02-23 05:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 12:35 - 2016-02-23 05:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 12:35 - 2016-02-23 05:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-02 12:35 - 2016-02-23 05:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 12:35 - 2016-02-23 05:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-02 12:35 - 2016-02-23 05:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 12:35 - 2016-02-23 04:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-02 12:35 - 2016-02-23 04:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-02 12:35 - 2016-02-23 04:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-02 12:35 - 2016-02-23 04:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 12:35 - 2016-02-23 04:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-02 12:35 - 2016-02-23 03:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-02 12:35 - 2016-02-23 03:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 12:35 - 2016-02-23 03:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-02 12:35 - 2016-02-23 03:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-02 12:35 - 2016-02-23 03:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-02 12:34 - 2016-02-23 08:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-02 12:34 - 2016-02-23 08:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-02 12:34 - 2016-02-23 07:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-02 12:34 - 2016-02-23 07:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-02 12:34 - 2016-02-23 07:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-02 12:34 - 2016-02-23 06:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-02 12:34 - 2016-02-23 06:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-02 12:34 - 2016-02-23 06:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 12:34 - 2016-02-23 06:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-02 12:34 - 2016-02-23 06:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 12:34 - 2016-02-23 06:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 12:34 - 2016-02-23 06:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 12:34 - 2016-02-23 06:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 12:34 - 2016-02-23 06:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-02 12:34 - 2016-02-23 06:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-02 12:34 - 2016-02-23 05:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-02 12:34 - 2016-02-23 05:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-02 12:34 - 2016-02-23 05:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-02 12:34 - 2016-02-23 05:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 12:34 - 2016-02-23 05:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-02 12:34 - 2016-02-23 05:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 12:34 - 2016-02-23 05:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 12:34 - 2016-02-23 05:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 12:34 - 2016-02-23 05:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 12:34 - 2016-02-23 05:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-02 12:34 - 2016-02-23 05:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-02 12:34 - 2016-02-23 05:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 12:34 - 2016-02-23 05:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 12:34 - 2016-02-23 05:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-02 12:34 - 2016-02-23 05:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 12:34 - 2016-02-23 05:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-02 12:34 - 2016-02-23 05:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-02 12:34 - 2016-02-23 05:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-02 12:34 - 2016-02-23 05:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-02 12:34 - 2016-02-23 04:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 12:34 - 2016-02-23 04:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-02 12:34 - 2016-02-23 04:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-02 12:34 - 2016-02-23 04:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-02 12:34 - 2016-02-23 04:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-02 12:34 - 2016-02-23 04:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-02 12:34 - 2016-02-23 04:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-02 12:34 - 2016-02-23 04:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-02 12:34 - 2016-02-23 04:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-02 12:34 - 2016-02-09 00:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-02 12:34 - 2016-02-09 00:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-02 12:34 - 2016-02-09 00:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 12:33 - 2016-02-23 06:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 12:33 - 2016-02-23 05:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-02 12:33 - 2016-02-23 05:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 12:33 - 2016-02-23 05:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-02 12:33 - 2016-02-23 04:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-01 19:46 - 2016-03-01 19:46 - 00000000 ____D C:\Users\Itamar_Rialto\AppData\LocalLow\uTorrent
2016-03-01 18:34 - 2016-03-01 18:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2016-02-27 10:46 - 2016-02-27 10:46 - 00002306 _____ C:\Users\Public\Desktop\Receitanet 1.07 .lnk
2016-02-27 10:46 - 2016-02-27 10:46 - 00000176 _____ C:\WINDOWS\REC-NET.INI
2016-02-27 10:46 - 2016-02-27 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
2016-02-27 10:46 - 2016-02-27 10:46 - 00000000 ____D C:\Program Files (x86)\Programas RFB
2016-02-26 17:05 - 2016-02-26 17:05 - 00001769 _____ C:\Users\Itamar_Rialto\Desktop\IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk
2016-02-26 17:03 - 2016-02-26 17:03 - 00000000 ____D C:\Users\Itamar_Rialto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2016
2016-02-25 11:29 - 2016-02-25 11:29 - 00093171 _____ C:\Users\Itamar_Rialto\Desktop\UnB.pdf
2016-02-23 12:48 - 2016-05-11 12:26 - 00000000 __SHD C:\$360Section
2016-02-23 11:01 - 2016-02-23 11:01 - 00000000 ____H C:\Users\Itamar_Rialto\Documents\Default.rdp
2016-02-22 09:42 - 2016-02-22 09:42 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
2016-02-22 09:41 - 2016-02-22 09:41 - 00000000 ____D C:\WINDOWS\WindowsMobile
2016-02-19 09:35 - 2016-03-30 11:48 - 00136192 _____ C:\Users\Itamar_Rialto\Desktop\Simulador1_quadro.xls
2016-02-17 13:12 - 2016-05-11 12:26 - 00000000 ____D C:\Users\Todos os Usuários\360Quarant
2016-02-17 13:12 - 2016-05-11 12:26 - 00000000 ____D C:\ProgramData\360Quarant
2016-02-17 13:11 - 2016-05-01 08:41 - 00000000 ____D C:\Users\Itamar_Rialto\AppData\Roaming\360safe
2016-02-17 13:10 - 2016-05-14 09:53 - 00000000 ____D C:\Users\Itamar_Rialto\AppData\LocalLow\360WD
2016-02-17 13:10 - 2016-05-14 09:42 - 00001230 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2016-02-17 13:10 - 2016-05-14 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2016-02-17 13:10 - 2016-05-11 11:52 - 00000000 ____D C:\Users\Todos os Usuários\360safe
2016-02-17 13:10 - 2016-05-11 11:52 - 00000000 ____D C:\ProgramData\360safe
2016-02-17 13:10 - 2016-05-11 11:41 - 00000000 _RSHD C:\360SANDBOX
2016-02-17 13:10 - 2016-05-09 06:27 - 00319568 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys
2016-02-17 13:10 - 2016-05-09 06:27 - 00077904 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AvFlt.sys
2016-02-17 13:10 - 2016-02-26 07:56 - 00370768 _____ (360.cn) C:\WINDOWS\system32\Drivers\360fsflt.sys
2016-02-17 13:10 - 2016-02-26 07:56 - 00319568 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys.207
2016-02-17 13:10 - 2016-02-26 07:56 - 00137808 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
2016-02-17 13:10 - 2016-02-17 13:10 - 00000000 ____D C:\Users\Todos os Usuários\360TotalSecurity
2016-02-17 13:10 - 2016-02-17 13:10 - 00000000 ____D C:\ProgramData\360TotalSecurity
2016-02-17 13:10 - 2016-02-17 13:10 - 00000000 ____D C:\Program Files (x86)\360
2016-02-17 13:10 - 2015-11-13 10:29 - 00077904 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AvFlt.sys.tmp
2016-02-17 13:10 - 2015-11-13 10:29 - 00040520 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Camera64.sys
2016-02-16 09:45 - 2016-02-16 14:20 - 00000000 ____D C:\Users\Itamar_Rialto\Documents\Holerith
2016-02-15 09:24 - 2016-02-15 09:24 - 00554841 _____ C:\Users\Itamar_Rialto\Desktop\GRU - Cobrança.pdf

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-14 17:55 - 2015-07-13 10:33 - 00000000 ____D C:\FRST
2016-05-14 16:23 - 2015-12-28 09:18 - 00001058 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-05-14 16:10 - 2014-12-14 20:55 - 00001100 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-14 15:41 - 2014-12-13 13:17 - 00004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FBED73D4-8727-45A8-ABE6-A42385942A9F}
2016-05-14 10:23 - 2015-12-28 09:18 - 00001054 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-05-14 10:16 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-14 10:04 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-14 09:33 - 2014-12-14 20:55 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-14 09:33 - 2014-12-13 12:46 - 00000000 __SHD C:\Users\Itamar_Rialto\IntelGraphicsProfiles
2016-05-13 14:40 - 2014-12-13 12:46 - 00000000 ____D C:\Users\Itamar_Rialto\AppData\Local\Packages
2016-05-13 12:55 - 2015-04-11 12:23 - 00000000 ___RD C:\Users\Itamar_Rialto\Dropbox
2016-05-13 12:55 - 2015-04-11 12:03 - 00000000 ____D C:\Users\Itamar_Rialto\AppData\Roaming\Dropbox
2016-05-13 12:54 - 2015-12-28 09:18 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-05-13 11:32 - 2015-07-13 10:23 - 00000000 ____D C:\Users\Itamar_Rialto\AppData\Roaming\ZHP
2016-05-13 10:12 - 2015-07-15 09:43 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-13 10:12 - 2014-12-14 21:07 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 10:04 - 2015-12-11 12:31 - 02010808 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-13 10:04 - 2015-10-30 16:12 - 00853356 _____ C:\WINDOWS\system32\prfh0416.dat
2016-05-13 10:04 - 2015-10-30 16:12 - 00183252 _____ C:\WINDOWS\system32\prfc0416.dat
2016-05-13 10:04 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-13 10:00 - 2015-12-11 13:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-13 10:00 - 2015-02-25 16:21 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-05-13 09:59 - 2015-12-11 12:32 - 00000000 ____D C:\Users\Itamar_Rialto
2016-05-13 09:59 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-13 09:51 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-12 16:51 - 2015-03-25 14:11 - 00000176 _____ C:\Users\Itamar_Rialto\Desktop\Biblioteca Digital.url
2016-05-12 09:11 - 2014-12-13 12:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-11 17:59 - 2015-10-30 16:15 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 17:59 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-11 17:59 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-11 17:59 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-11 17:59 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-11 17:58 - 2015-10-30 04:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-11 16:57 - 2015-10-30 04:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-11 16:57 - 2015-10-30 04:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 13:20 - 2015-01-09 15:47 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 13:20 - 2015-01-09 15:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 11:05 - 2014-12-14 20:55 - 00004158 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 11:05 - 2014-12-14 20:55 - 00003926 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-09 11:12 - 2015-03-26 16:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-06 11:18 - 2013-09-04 23:15 - 00531456 _____ (brModelo) C:\Users\Itamar_Rialto\Downloads\brModelo.exe
2016-05-01 08:42 - 2015-04-06 16:43 - 00000000 ____D C:\Users\Itamar_Rialto\Documents\faturas
2016-04-20 17:40 - 2015-02-23 15:52 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-04-20 17:40 - 2015-02-23 15:52 - 00000000 ____D C:\ProgramData\Oracle
2016-04-20 17:39 - 2015-09-16 19:25 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-20 17:39 - 2015-02-23 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-20 17:38 - 2015-09-16 19:26 - 00000000 ____D C:\Users\Itamar_Rialto\.oracle_jre_usage
2016-04-20 17:38 - 2015-09-16 19:25 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-20 17:04 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-20 16:32 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-20 16:32 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-15 16:52 - 2015-12-30 15:58 - 00000688 _____ C:\Users\Itamar_Rialto\Desktop\password.txt

==================== Arquivos na raiz de alguns diretórios =======

2014-12-20 08:34 - 2014-12-20 08:34 - 0522752 _____ () C:\Users\Itamar_Rialto\AppData\Roaming\sqlite3.dll
2015-05-08 10:09 - 2015-05-08 10:09 - 0018682 _____ () C:\Users\Itamar_Rialto\AppData\Roaming\unins000.dat
2015-01-11 11:04 - 2015-01-11 11:04 - 0000038 ___SH () C:\Users\Itamar_Rialto\AppData\Local\69ff07055291669bb2b218.72821112
2015-07-17 10:53 - 2015-07-17 11:15 - 27163751 _____ () C:\Users\Itamar_Rialto\AppData\Local\package.nw.new
2015-06-19 09:59 - 2015-06-19 09:59 - 0007610 _____ () C:\Users\Itamar_Rialto\AppData\Local\Resmon.ResmonCfg
2015-12-11 12:28 - 2015-12-11 12:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-03 16:31 - 2015-11-03 16:31 - 0000000 _____ () C:\ProgramData\{EB5F5A55-037A-4E47-806B-2C8AA9374701}

Arquivos para serem movidos ou deletados:
====================
C:\Users\Itamar_Rialto\.sysconfig.dat
C:\Users\Itamar_Rialto\ZHPDiag3.exe


Alguns arquivos em TEMP:
====================
C:\Users\Itamar_Rialto\AppData\Local\Temp\libeay32.dll
C:\Users\Itamar_Rialto\AppData\Local\Temp\msvcr120.dll
C:\Users\Itamar_Rialto\AppData\Local\Temp\sqlite3.dll


Alguns com tamanho de zero byte arquivos/pastas:
==========================
C:\Windows\System32\Drivers\gbpddfac64.sys

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-05-06 15:03

==================== Fim de FRST.txt ============================

 

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:14-05-2016
Executado por Itamar_Rialto (2016-05-14 17:57:13)
Executando a partir de C:\Users\Itamar_Rialto\Desktop
Windows 10 Home Single Language Versão 1511 (X64) (2015-12-11 16:33:40)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2861522991-3655380705-3476392321-500 - Administrator - Disabled)
Convidado (S-1-5-21-2861522991-3655380705-3476392321-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2861522991-3655380705-3476392321-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2861522991-3655380705-3476392321-1003 - Limited - Enabled)
Itamar_Rialto (S-1-5-21-2861522991-3655380705-3476392321-1001 - Administrator - Enabled) => C:\Users\Itamar_Rialto

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 8.2.0.1039 - 360 Security Center)
7-Zip 9.34 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0934-000001000000}) (Version: 9.34.00.0 - Igor Pavlov)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8109 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Bizagi Process Modeler (HKLM-x32\...\InstallShield_{998852A0-ECD5-4A32-94DC-7169D0CE68EF}) (Version: 2.7.02 - Bizagi Limited)
Bizagi Process Modeler (x32 Version: 2.7.02 - Bizagi Limited) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Concord Telephony Translation (HKLM-x32\...\Concord Telephony Translation) (Version:  - )
CTIAPI32 (remove only) (HKLM-x32\...\CTIAPI32) (Version:  - )
CtiLogC (remove only) (HKLM-x32\...\CtiLogC) (Version:  - )
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.20.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Foxit PhantomPDF (HKLM-x32\...\{2DF18CA8-86F2-4F3A-A1BF-A2A7D39B9161}) (Version: 7.0.49.127 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
IHMC CmapTools v6.01 (HKLM\...\IHMC CmapTools v6.01) (Version: 6.0.1.0 - Institute for Human & Machine Cognition)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Intel Processor Diagnostic Tool 64bit (HKLM\...\{F24BC99D-3FC1-4503-BEFA-5DDD16C6265A}) (Version: 2.20.0.0 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.0 - Receita Federal do Brasil)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.0 - Receita Federal do Brasil)
ITR2015 - Declaração do Imposto sobre a Propriedade Territorial Rural (HKLM-x32\...\ITR2015) (Version: 1.0 - Receita Federal do Brasil)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
K-Lite Mega Codec Pack 11.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.6366.2062 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 pt-BR)) (Version: 46.0.1 - Mozilla)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
MySQL Workbench 6.3 CE (HKLM\...\{59958BAC-A61D-4A23-8082-CC2FDF17937F}) (Version: 6.3.6 - Oracle Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
PDF24 Creator 7.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Pencil (HKLM-x32\...\Pencil) (Version:  - Evolus Co., Ltd.)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21245 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
Rosetta Stone Version 3 (HKLM-x32\...\{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}) (Version: 3.3.5.2 - Rosetta Stone Ltd.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Saraiva Reader ALPHA_7RC11b169 (HKLM-x32\...\8505-5699-0960-8592) (Version: ALPHA_7RC11b169 - Saraiva e Siciliano S.A.)
Songr (HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\Songr) (Version: 2.1 - Xamasoft)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM-x32\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WinAVI Video Converter (HKLM-x32\...\WinAVI Video Converter) (Version: 11.0.0.3995 - ZJMedia Digital Technology Ltd.)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0001}\InprocServer32 -> C:\Users\Itamar_Rialto\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0001}\InprocServer32 -> C:\Users\Itamar_Rialto\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {077E4D37-6EB8-40DC-85FF-73A3D48C32B1} - \DropboxUpdateTaskUserS-1-5-21-2861522991-3655380705-3476392321-1001UA -> Nenhum Arquivo <==== ATENÇÃO
Task: {0870AE5F-D478-4544-91F3-619F6C5449E3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {08789B60-FB85-47E8-8D88-31416F6BDC48} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {0A7A0870-3BA3-4B25-9EFA-CBC628EE58FC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation)
Task: {0CFAE48E-9957-4480-9FE6-0D28B2ED24D8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {0FB41AC9-14B2-490B-B7BF-8163D08C74B0} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {12D15E21-F159-404D-929C-338126052577} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {200FA462-9D99-4E69-9EEC-EDE0DB5B5497} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {3117038D-9C40-42BD-AA24-1F4CC823859C} - \ACCAgent -> Nenhum Arquivo <==== ATENÇÃO
Task: {50F8C756-AA0A-426F-B37E-A7E17EA2C8B5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {52B1D0F8-7AEE-4DB8-A5A4-F0DF474D410E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-28] (Dropbox, Inc.)
Task: {54125EE3-F3EA-404A-87BB-8A1469BEE54D} - \DropboxUpdateTaskUserS-1-5-21-2861522991-3655380705-3476392321-1001Core -> Nenhum Arquivo <==== ATENÇÃO
Task: {78DC5BE5-7C22-404C-B294-5A1D36CB01CF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {8524DA82-25E4-4E83-A2CA-18340788791B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-17] (Microsoft Corporation)
Task: {8B6DBE4D-491E-4F80-80E7-5A49B23011D3} - \SmartShare -> Nenhum Arquivo <==== ATENÇÃO
Task: {91758804-2647-4AEC-A900-BCA202C93D83} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A0E75A9B-091A-4C43-985C-E2A719656E3C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {A864AAAB-91CC-4532-BDF3-90DD7DEB3682} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {AD166148-FC2E-4A2A-896A-8D75443FF9D2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {B0063606-AF64-4680-8D04-DE0BAB9A9BA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-01-19] (Microsoft Corporation)
Task: {B1E9317F-8BE3-40FE-A878-5B2520873C01} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-09-10] (Acer Incorporate)
Task: {C6FA6CE4-C3A2-4625-B751-809E13FB01A0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-01-19] (Microsoft Corporation)
Task: {CC514AE7-CAC3-4B7A-96DC-C40287A0E175} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {D030648B-FA59-4F70-87A1-F3901981526F} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {D5A453AF-9969-4C3B-A966-586A1E8C87FF} - \klcp_update -> Nenhum Arquivo <==== ATENÇÃO
Task: {D65E63E3-5E3B-4546-BBAD-D0CFB8ECC302} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {ECD75687-476D-49C4-98C1-D818B63B986F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {F1923CD9-27D9-4FE6-9BE5-45FE19D3EC13} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-28] (Dropbox, Inc.)
Task: {FC4D0423-8205-4BDD-AC09-3716503521EE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {FEFBC0C2-0597-447D-B1AE-0E60E4471A1E} - \ACC -> Nenhum Arquivo <==== ATENÇÃO

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2016-01-15 16:44 - 2015-11-23 12:11 - 00026240 _____ () C:\WINDOWS\system32\vntmon64.dll
2015-12-11 15:30 - 2016-01-17 13:46 - 00171712 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-19 16:22 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-19 16:22 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-17 13:10 - 2016-05-09 06:27 - 00614480 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2015-12-18 13:33 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 12:39 - 2016-04-23 01:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-11 12:40 - 2016-04-23 01:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-11 12:39 - 2016-04-23 00:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-11 12:40 - 2016-04-23 00:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-11 12:40 - 2016-04-23 01:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-02-25 22:14 - 2014-02-25 22:14 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-25 22:11 - 2014-02-25 22:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-25 22:17 - 2014-02-25 22:17 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2016-02-17 13:10 - 2016-05-09 06:27 - 01075624 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
2016-01-21 08:20 - 2016-01-21 08:21 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-12-15 10:04 - 2015-12-15 10:05 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-04-19 12:09 - 2016-04-19 12:09 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-10-30 04:18 - 2015-10-30 04:18 - 02100064 _____ () C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
2016-02-17 13:10 - 2016-05-09 06:27 - 00088184 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2016-02-17 13:10 - 2016-05-09 06:27 - 00578168 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll
2016-04-19 12:09 - 2016-04-19 12:09 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 12:09 - 2016-04-19 12:09 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-13 10:12 - 2016-05-11 08:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 10:12 - 2016-05-11 08:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2016-05-13 10:12 - 2016-05-11 08:48 - 17565848 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\colaboraread.com.br -> hxxp://www.colaboraread.com.br
IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\santander.com.br -> www.santander.com.br
IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\santanderempresarial.com.br -> www.santanderempresarial.com.br
IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\santandernet.com.br -> www.santandernet.com.br
IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\santandernetibe.com.br -> www.santandernetibe.com.br
IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\unopar.br -> hxxps://www22.unopar.br

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 10:25 - 2016-05-13 11:32 - 00000779 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost 
127.0.0.1       localhost

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Itamar_Rialto\appdata\local\microsoft\windows\themes\transcodedwallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\...\StartupApproved\StartupFolder: => "Ralink Wireless Utility.lnk"
HKLM\...\StartupApproved\Run: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "BacKGround Agent"
HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKLM\...\StartupApproved\Run32: => "write.exe"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "x86kernel2"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "RemoteFilesTrayIcon"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Itamar_Rialto\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Itamar_Rialto\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Itamar_Rialto\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Itamar_Rialto\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CBF3EF98-8839-46C5-B99C-7CB9EC4533C6}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{08B790CA-D2B9-4453-9724-5B097079CE5F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0670F4F9-D980-49DA-A75A-A898F1473BB4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{B88F2811-2B9E-4C06-A353-7FE07687AC7E}C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{62D0A1E5-573D-4928-9F49-536CDD784903}C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{6EC42287-3D7D-41FF-8B3A-0FC781119F4C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{DFEB95EE-AF07-410B-BBAC-AC3BB37B7655}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{7747E2AF-3EA8-43F8-B074-F0B2C0F3C5F1}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6F7ABCEA-8BCA-49A2-8762-708EB52D9B76}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{D7ABD79F-3C8D-463A-B9B3-56BBD087390B}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{6D4EBAEA-60A1-4382-8901-98BEB3B66E24}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [TCP Query User{8F74B528-B4D0-44F1-8A39-E94D51DAA180}C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{323585CB-32D2-41AD-BC55-63559B18D832}C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{A34A0061-2DB5-492B-B6AE-C19216E4C510}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{CA5B67DD-6F0A-40D4-92D8-BAB6183D43EC}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [TCP Query User{24FC3317-0E43-46BC-A447-FD8EB7392CD3}C:\users\itamar_rialto\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\itamar_rialto\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{180C93CF-797F-46F9-91C7-4A515F602F72}C:\users\itamar_rialto\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\itamar_rialto\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{D12A46CD-6FD0-432D-9D39-37563E9ED038}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A7A42D55-C99E-4B33-A098-9D69A29FF519}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9DC91661-04A7-477F-924D-3E0522FD94F4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{EFE85B17-B536-482A-9441-817307DED159}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{506EBAD8-9846-4B0E-82E3-10041CB9DA6D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6FA796B6-0F5A-4454-B19E-723B4A8AF7F0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{3AC510CD-C695-4621-84B9-61DF2BA91F89}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{97EBB08A-B0DD-4C87-9600-A3F2ABCAFE3F}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{34934D0B-59D2-43BE-9C49-AC3551218B75}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{B5623C61-F1CD-44AC-A6ED-A14988A5CD2E}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{10C363DF-94FC-4A16-8BB0-4A66ACA3ED03}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{AAA26550-5256-437B-8192-36FB701EE937}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{0B6FC4A4-BA77-4366-83C4-FE22FDB9625B}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{8E0BAE8D-6E95-486D-AE94-F1D872A0D006}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{EB1369A8-99F6-472D-8F57-6D21FAAE596E}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{7486AEB9-5C5E-44EB-B348-809619FBD113}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{503D8136-E220-48DF-B7AC-B9184746FF8F}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [TCP Query User{C6705810-69D3-4987-AC20-49494975C942}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [UDP Query User{0E903742-EE24-4CF7-A0D7-95B93A5F1FEA}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [{DA528ED1-A334-445C-9315-06B575C22FBD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{62194690-4118-4FBA-BFB8-C7C0CC00E83C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{0C4B49C0-5C90-4755-93D2-0778000BC706}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{67534BAD-FD41-4440-B35A-4260E2084854}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Pontos de Restauração =========================

29-04-2016 09:36:39 Ponto de Verificação Agendado
09-05-2016 13:01:45 Ponto de Verificação Agendado
11-05-2016 17:36:51 Installed MySQL Workbench 6.3 CE
13-05-2016 10:06:18 JRT Pre-Junkware Removal

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (05/14/2016 05:54:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (05/14/2016 05:09:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SkypeHost.exe, versão: 10.1.2123.36, carimbo de data/hora: 0x56eb679c
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.10586.306, carimbo de data/hora: 0x571afb9a
Código de exceção: 0xe06d7363
Deslocamento da falha: 0x000bdae8
ID do processo com falha: 0x1f18
Hora de início do aplicativo com falha: 0xSkypeHost.exe0
Caminho do aplicativo com falha: SkypeHost.exe1
Caminho do módulo com falha: SkypeHost.exe2
ID do Relatório: SkypeHost.exe3
Nome completo do pacote com falha: SkypeHost.exe4
ID do aplicativo relativo ao pacote com falha: SkypeHost.exe5

Error: (05/14/2016 05:09:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SkypeHost.exe, versão: 10.1.2123.36, carimbo de data/hora: 0x56eb679c
Nome do módulo com falha: SystemEventsBrokerClient.dll, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d881
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00006541
ID do processo com falha: 0x2014
Hora de início do aplicativo com falha: 0xSkypeHost.exe0
Caminho do aplicativo com falha: SkypeHost.exe1
Caminho do módulo com falha: SkypeHost.exe2
ID do Relatório: SkypeHost.exe3
Nome completo do pacote com falha: SkypeHost.exe4
ID do aplicativo relativo ao pacote com falha: SkypeHost.exe5

Error: (05/14/2016 05:08:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SkypeHost.exe, versão: 10.1.2123.36, carimbo de data/hora: 0x56eb679c
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.10586.306, carimbo de data/hora: 0x571afb9a
Código de exceção: 0xe06d7363
Deslocamento da falha: 0x000bdae8
ID do processo com falha: 0x2014
Hora de início do aplicativo com falha: 0xSkypeHost.exe0
Caminho do aplicativo com falha: SkypeHost.exe1
Caminho do módulo com falha: SkypeHost.exe2
ID do Relatório: SkypeHost.exe3
Nome completo do pacote com falha: SkypeHost.exe4
ID do aplicativo relativo ao pacote com falha: SkypeHost.exe5

Error: (05/14/2016 05:08:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SkypeHost.exe, versão: 10.1.2123.36, carimbo de data/hora: 0x56eb679c
Nome do módulo com falha: Windows.Devices.Enumeration.dll, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d581
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00036541
ID do processo com falha: 0x79c
Hora de início do aplicativo com falha: 0xSkypeHost.exe0
Caminho do aplicativo com falha: SkypeHost.exe1
Caminho do módulo com falha: SkypeHost.exe2
ID do Relatório: SkypeHost.exe3
Nome completo do pacote com falha: SkypeHost.exe4
ID do aplicativo relativo ao pacote com falha: SkypeHost.exe5

Error: (05/14/2016 05:07:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SkypeHost.exe, versão: 10.1.2123.36, carimbo de data/hora: 0x56eb679c
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.10586.306, carimbo de data/hora: 0x571afb9a
Código de exceção: 0xe06d7363
Deslocamento da falha: 0x000bdae8
ID do processo com falha: 0x79c
Hora de início do aplicativo com falha: 0xSkypeHost.exe0
Caminho do aplicativo com falha: SkypeHost.exe1
Caminho do módulo com falha: SkypeHost.exe2
ID do Relatório: SkypeHost.exe3
Nome completo do pacote com falha: SkypeHost.exe4
ID do aplicativo relativo ao pacote com falha: SkypeHost.exe5

Error: (05/14/2016 05:07:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SkypeHost.exe, versão: 10.1.2123.36, carimbo de data/hora: 0x56eb679c
Nome do módulo com falha: SystemEventsBrokerClient.dll, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d881
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00006541
ID do processo com falha: 0x1794
Hora de início do aplicativo com falha: 0xSkypeHost.exe0
Caminho do aplicativo com falha: SkypeHost.exe1
Caminho do módulo com falha: SkypeHost.exe2
ID do Relatório: SkypeHost.exe3
Nome completo do pacote com falha: SkypeHost.exe4
ID do aplicativo relativo ao pacote com falha: SkypeHost.exe5

Error: (05/14/2016 05:06:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SkypeHost.exe, versão: 10.1.2123.36, carimbo de data/hora: 0x56eb679c
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.10586.306, carimbo de data/hora: 0x571afb9a
Código de exceção: 0xe06d7363
Deslocamento da falha: 0x000bdae8
ID do processo com falha: 0x1794
Hora de início do aplicativo com falha: 0xSkypeHost.exe0
Caminho do aplicativo com falha: SkypeHost.exe1
Caminho do módulo com falha: SkypeHost.exe2
ID do Relatório: SkypeHost.exe3
Nome completo do pacote com falha: SkypeHost.exe4
ID do aplicativo relativo ao pacote com falha: SkypeHost.exe5

Error: (05/14/2016 05:05:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SkypeHost.exe, versão: 10.1.2123.36, carimbo de data/hora: 0x56eb679c
Nome do módulo com falha: SystemEventsBrokerClient.dll, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d881
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00006541
ID do processo com falha: 0xbe0
Hora de início do aplicativo com falha: 0xSkypeHost.exe0
Caminho do aplicativo com falha: SkypeHost.exe1
Caminho do módulo com falha: SkypeHost.exe2
ID do Relatório: SkypeHost.exe3
Nome completo do pacote com falha: SkypeHost.exe4
ID do aplicativo relativo ao pacote com falha: SkypeHost.exe5

Error: (05/14/2016 05:04:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SkypeHost.exe, versão: 10.1.2123.36, carimbo de data/hora: 0x56eb679c
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.10586.306, carimbo de data/hora: 0x571afb9a
Código de exceção: 0xe06d7363
Deslocamento da falha: 0x000bdae8
ID do processo com falha: 0xbe0
Hora de início do aplicativo com falha: 0xSkypeHost.exe0
Caminho do aplicativo com falha: SkypeHost.exe1
Caminho do módulo com falha: SkypeHost.exe2
ID do Relatório: SkypeHost.exe3
Nome completo do pacote com falha: SkypeHost.exe4
ID do aplicativo relativo ao pacote com falha: SkypeHost.exe5


Erros de Sistema:
=============
Error: (05/14/2016 05:39:33 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (05/14/2016 05:09:52 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível

Error: (05/14/2016 03:28:59 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (05/14/2016 11:50:22 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível

Error: (05/14/2016 11:44:59 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (05/14/2016 10:49:23 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível

Error: (05/14/2016 09:42:41 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para Start com o seguinte erro: 
%%5

Error: (05/14/2016 09:42:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço 360 Total Security foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (05/14/2016 09:36:10 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (05/14/2016 09:33:51 AM) (Source: DCOM) (EventID: 10016) (User: E5-511-C7NE)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}E5-511-C7NEItamar_RialtoS-1-5-21-2861522991-3655380705-3476392321-1001LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


CodeIntegrity:
===================================
  Date: 2016-05-14 11:44:30.554
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 09:10:15.208
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-11 14:04:15.263
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-21 16:14:48.210
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-20 16:36:36.054
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-20 09:03:55.547
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-28 17:20:09.308
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-15 14:13:40.828
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-14 14:04:29.812
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-03 08:11:20.088
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória =========================== 

Processador: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentagem de memória em uso: 46%
RAM física total: 3979.2 MB
RAM física disponível: 2129.78 MB
Virtual Total: 4683.2 MB
Virtual disponível: 2716.32 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.48 GB) (Free:342.24 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5A76CD2F)

Partition: GPT.

==================== Fim de Addition.txt ============================

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Itamar Rialto

 

Desinstale o seguinte programa completamente:

 

360 Total Security

 

Instale um novo antivírus, caso precise de ajuda na escolha, consulte o site abaixo:

 

https://www.av-test.org/en/

 

Informe qual antivírus instalou... aguardo.

 

Abraços :D

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desinstalei o 360 internet security...

Instalei o Bitdefender free edition

Para informar: hoje, quando tentei novamente entrar no site "www.santander.com.br" em qualquer navegador, não aparecia o "https" e aparentemente era o mesmo site do santander, uma cópia. Quando digitava o cpf errado ele prosseguia para "www.santander.com.br/default.php" e depois digitando qualquer senha ia para "www.santander.com.br/dentro.php", no qual pedia para digitar o meu cartão de segurança. E detalhe: Isso aconteceu no meu serviço, em que usamos uma rede wifi aberta de um estabelecimento ao lado. Os outros 2 colegas meus, que usam o banco do brasil, também aconteceu a mesma coisa, site falso. Só depois de executar o ccleaner e a limpeza do registro que voltou ao normal... Muito estranho... já viu algo parecido???

A respeito do antivirus, esse 360 não é confiável?

obrigado.

Compartilhar este post


Link para o post
Compartilhar em outros sites

É meu notebook pessoal....

Ontem, quando ocorreu novamente o redirecionamento para site falso do banco, eu já estava com o antivirus desinstalado..... Só depois então que instalei o bitdefender... Como aqui é wifi aberto será que num mexeram no roteador não? é possível? pois é muita coincidência dar o mesmo problema aqui no meu notebook e nos dois colegas meus??? é tudo notebook particular, pois aqui no serviço os pcs são todos com acesso restrito... Quando fiz a limpeza com o ccleaner ele pára o redirecionamento para site falso do banco.... Porque será?

tem mais algo a fazer???

obrigado...

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Itamar Rialto

 

Foi por isso que te perguntei... provavelmente o roteador do seu serviço esteja infectado com algum DNS malicioso.

 

Com relação o Ccleaner ele limpa o cache dos navegadores.

 

Sim temos... ;)

 

Faça um novo log com o FRST, porém antes de clicar no botão Examinar, marque a opção Addition.

 

Anexe os logs, por favor.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

segue os logs.

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:14-05-2016
Executado por Itamar_Rialto (administrador) em E5-511-C7NE (17-05-2016 15:00:35)
Executando a partir de C:\Users\Itamar_Rialto\Desktop
Perfis Carregados: Itamar_Rialto (Perfis Disponíveis: Itamar_Rialto)
Platform: Windows 10 Home Single Language Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit PhantomPDF\FoxitPhantomPDF.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.19761.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(brModelo) C:\Users\Itamar_Rialto\Downloads\brModelo.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2015-11-16] (Microsoft Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218656 2015-09-01] (Geek Software GmbH)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23745808 2016-05-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\ GbPluginAbn: C:\Program Files (x86)\GbPlugin\gbiehAbn.dll [2014-11-18] (Banco Real)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-08-19] (Banco do Brasil)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Atheros Communications)
HKLM\...\Policies\Explorer\Run: [x86kernel2] => erperperperperperperperperperperperperperperperperperperperperperperperperperperperperperperperperpe
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1896320 2015-08-19] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1939512 2014-11-18] (Banco Real)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-06] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 10.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{2b08b46e-6f9e-4507-92a5-042e138bd981}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{5387184f-dc1d-4d8c-8c55-23669f743de0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d553cff-388e-4407-8c89-80eeb440c0b3}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8161a7c9-c4ae-4bc8-b895-5aac8fd214fe}: [DhcpNameServer] 10.1.1.1 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?pc=UE01&ocid=UE01DHP
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-01-19] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-17] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-01-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-20] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-08-19] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540007} -> C:\Program Files (x86)\GbPlugin\gbiehabn.dll [2014-11-18] (Banco Real)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-01-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Nenhum Arquivo

FireFox:
========
FF ProfilePath: C:\Users\Itamar_Rialto\AppData\Roaming\Mozilla\Firefox\Profiles\zjxlxe66.default-1437596352191
FF Homepage: about:home
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-01-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-2861522991-3655380705-3476392321-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Itamar_Rialto\AppData\Local\Citrix\Plugins\104\npappdetector.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-2861522991-3655380705-3476392321-1001: gastecnologia.com.br/sf/abn -> C:\Users\Itamar_Rialto\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll [2015-02-19] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-2861522991-3655380705-3476392321-1001: gastecnologia.com.br/sf/abn64 -> C:\Users\Itamar_Rialto\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll [2015-06-02] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-2861522991-3655380705-3476392321-1001: gastecnologia.com.br/sf/bb64 -> C:\Users\Itamar_Rialto\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [Nenhum Arquivo]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-07-21]
FF Extension: Default Full Zoom Level - C:\Users\Itamar_Rialto\AppData\Roaming\Mozilla\Firefox\Profiles\zjxlxe66.default-1437596352191\extensions\{D9A7CBEC-DE1A-444f-A092-844461596C4D} [2016-02-05]
FF Extension: Youtube MP3 Podcaster - C:\Users\Itamar_Rialto\AppData\Roaming\Mozilla\Firefox\Profiles\zjxlxe66.default-1437596352191\extensions\youtubemp3podcaster@jeremy.d.gregorio.com [2016-03-16]
FF Extension: Baixou Agora - C:\Users\Itamar_Rialto\AppData\Roaming\Mozilla\Firefox\Profiles\zjxlxe66.default-1437596352191\Extensions\jid1-dG9taWNhQGdtYWlsLmNvbS4u@jetpack.xpi [2015-11-25]
FF HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\Itamar_Rialto\AppData\Local\GAS Tecnologia\GBBD\abn\xpi
FF Extension: GBBD Banco Santander (Brasil) S.A. - C:\Users\Itamar_Rialto\AppData\Local\GAS Tecnologia\GBBD\abn\xpi [2015-05-08] [não assinado]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://br.search.yahoo.com/search?fr=mcafee&type=B211BR0D20150721&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-10]
CHR Extension: (Google Docs) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-10]
CHR Extension: (Google Drive) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05]
CHR Extension: (HelloFax: 50 páginas gratuitas de fax) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm [2016-01-14]
CHR Extension: (Google Search) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Planilhas do Google) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-10]
CHR Extension: (Área de trabalho remota do Google Chrome) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-05-05]
CHR Extension: (Documentos Google off-line) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-01]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-15]
CHR Extension: (Gmail) - C:\Users\Itamar_Rialto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-10]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) [Arquivo não assinado]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2772720 2016-01-17] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-28] (Dropbox, Inc.)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576 2015-08-12] (GAS Tecnologia)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2756736 2016-04-19] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [103176 2016-04-19] ()
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328624 2015-10-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [469736 2014-09-10] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-14] (acer)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [Arquivo não assinado]
S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [Arquivo não assinado]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
S1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
U5 BTATH_LWFLT; C:\Windows\System32\Drivers\BTATH_LWFLT.sys [77464 2014-02-25] (Qualcomm Atheros)
S1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [0 2015-08-07] () <==== ATENÇÃO (zero byte Arquivo/Pasta)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [21720 2015-04-29] (GAS Tecnologia)
R3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-10] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
S3 MTKSCVAD; C:\Windows\system32\drivers\mtkvadx.sys [44544 2012-07-16] (Ralink Technology, Corp.) [Arquivo não assinado]
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [461528 2013-12-20] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42064 2016-04-19] (Anchorfree Inc.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-10-31] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-17 15:00 - 2016-05-17 15:01 - 00023224 _____ C:\Users\Itamar_Rialto\Desktop\FRST.txt
2016-05-17 15:00 - 2016-05-14 17:54 - 02382336 _____ (Farbar) C:\Users\Itamar_Rialto\Desktop\FRST64.exe
2016-05-17 14:37 - 2016-05-17 14:37 - 01270370 _____ C:\Users\Itamar_Rialto\Downloads\SLIDE SOBRE MODELO ENTIDAE RELACIONAMENTO E ASSUNTOS RELACIONADOS.pdf
2016-05-17 12:15 - 2016-05-17 12:15 - 01905946 _____ C:\Users\Itamar_Rialto\Downloads\SGBD.pdf
2016-05-17 00:10 - 2016-05-17 00:10 - 00001201 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2016-05-17 00:10 - 2016-05-17 00:10 - 00000000 ____D C:\Users\Itamar_Rialto\AppData\Local\CrashRpt
2016-05-17 00:08 - 2016-05-17 00:09 - 00000000 ____D C:\Users\Todos os Usuários\Hotspot Shield
2016-05-17 00:08 - 2016-05-17 00:09 - 00000000 ____D C:\ProgramData\Hotspot Shield
2016-05-17 00:08 - 2016-05-17 00:09 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2016-05-17 00:08 - 2016-05-17 00:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2016-05-17 00:04 - 2016-05-17 00:05 - 12284224 _____ C:\Users\Itamar_Rialto\Downloads\HSS-5.3.2-install-plain-773-plain.exe
2016-05-16 19:42 - 2016-05-16 19:42 - 00261056 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2016-05-16 19:31 - 2016-05-16 19:31 - 00172692 _____ C:\Users\Todos os Usuários\1463437827.bdinstall.bin
2016-05-16 19:31 - 2016-05-16 19:31 - 00172692 _____ C:\ProgramData\1463437827.bdinstall.bin
2016-05-16 19:31 - 2016-05-16 19:31 - 00002253 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2016-05-16 19:31 - 2016-05-16 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2016-05-16 19:30 - 2016-05-16 19:30 - 00000000 ____D C:\WINDOWS\LastGood
2016-05-16 19:30 - 2013-04-17 13:59 - 00718840 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-05-16 19:30 - 2013-04-17 13:59 - 00593144 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-05-16 19:30 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\WINDOWS\system32\Drivers\SET5A04.tmp
2016-05-16 19:28 - 2016-05-16 19:31 - 00000000 ____D C:\Program Files\Bitdefender
2016-05-16 19:28 - 2016-05-16 19:29 - 00049953 _____ C:\Users\Todos os Usuários\1463437707.5748.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 00049953 _____ C:\ProgramData\1463437707.5748.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 00024185 _____ C:\Users\Todos os Usuários\1463437707.3524.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 00024185 _____ C:\ProgramData\1463437707.3524.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 00009135 _____ C:\Users\Todos os Usuários\1463437707.3656.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 00009135 _____ C:\ProgramData\1463437707.3656.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 00005238 _____ C:\Users\Todos os Usuários\1463437707.5512.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 00005238 _____ C:\ProgramData\1463437707.5512.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 00002123 _____ C:\Users\Todos os Usuários\1463437707.5132.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 00002123 _____ C:\ProgramData\1463437707.5132.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 00000507 _____ C:\Users\Todos os Usuários\1463437707.5988.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 00000507 _____ C:\ProgramData\1463437707.5988.bin
2016-05-16 19:28 - 2016-05-16 19:28 - 00013547 _____ C:\Users\Todos os Usuários\1463437707.952.bin
2016-05-16 19:28 - 2016-05-16 19:28 - 00013547 _____ C:\ProgramData\1463437707.952.bin
2016-05-16 19:28 - 2013-05-28 11:12 - 00382536 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-05-16 19:28 - 2013-04-22 12:21 - 00148696 ____N (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-05-16 18:49 - 2016-05-16 18:49 - 00009133 _____ C:\Users\Todos os Usuários\1463435283.1040.bin
2016-05-16 18:49 - 2016-05-16 18:49 - 00009133 _____ C:\ProgramData\1463435283.1040.bin
2016-05-16 18:49 - 2016-05-16 18:49 - 00002122 _____ C:\Users\Todos os Usuários\1463435283.4220.bin
2016-05-16 18:49 - 2016-05-16 18:49 - 00002122 _____ C:\ProgramData\1463435283.4220.bin
2016-05-16 18:49 - 2016-05-16 18:49 - 00000507 _____ C:\Users\Todos os Usuários\1463435283.2992.bin
2016-05-16 18:49 - 2016-05-16 18:49 - 00000507 _____ C:\ProgramData\1463435283.2992.bin
2016-05-16 18:48 - 2016-05-16 18:50 - 00049984 _____ C:\Users\Todos os Usuários\1463435283.2288.bin
2016-05-16 18:48 - 2016-05-16 18:50 - 00049984 _____ C:\ProgramData\1463435283.2288.bin
2016-05-16 18:48 - 2016-05-16 18:50 - 00026753 _____ C:\Users\Todos os Usuários\1463435283.1104.bin
2016-05-16 18:48 - 2016-05-16 18:50 - 00026753 _____ C:\ProgramData\1463435283.1104.bin
2016-05-16 18:48 - 2016-05-16 18:49 - 00005236 _____ C:\Users\Todos os Usuários\1463435283.5636.bin
2016-05-16 18:48 - 2016-05-16 18:49 - 00005236 _____ C:\ProgramData\1463435283.5636.bin
2016-05-16 18:48 - 2016-05-16 18:48 - 00013548 _____ C:\Users\Todos os Usuários\1463435283.2776.bin
2016-05-16 18:48 - 2016-05-16 18:48 - 00013548 _____ C:\ProgramData\1463435283.2776.bin
2016-05-16 18:46 - 2016-05-16 18:47 - 10606640 _____ C:\Users\Itamar_Rialto\Downloads\Antivirus_Free_Edition_x64.exe
2016-05-16 18:42 - 2016-05-16 18:43 - 00047376 _____ C:\Users\Todos os Usuários\1463434941.6892.bin
2016-05-16 18:42 - 2016-05-16 18:43 - 00047376 _____ C:\ProgramData\1463434941.6892.bin
2016-05-16 18:42 - 2016-05-16 18:43 - 00033622 _____ C:\Users\Todos os Usuários\1463434941.3472.bin
2016-05-16 18:42 - 2016-05-16 18:43 - 00033622 _____ C:\ProgramData\1463434941.3472.bin
2016-05-16 18:42 - 2016-05-16 18:43 - 00006084 _____ C:\Users\Todos os Usuários\1463434941.6164.bin
2016-05-16 18:42 - 2016-05-16 18:43 - 00006084 _____ C:\ProgramData\1463434941.6164.bin
2016-05-16 18:42 - 2016-05-16 18:43 - 00004203 _____ C:\Users\Todos os Usuários\1463434941.1076.bin
2016-05-16 18:42 - 2016-05-16 18:43 - 00004203 _____ C:\ProgramData\1463434941.1076.bin
2016-05-16 18:42 - 2016-05-16 18:42 - 00011267 _____ C:\Users\Todos os Usuários\1463434941.3644.bin
2016-05-16 18:42 - 2016-05-16 18:42 - 00011267 _____ C:\ProgramData\1463434941.3644.bin
2016-05-16 18:27 - 2016-05-16 18:27 - 02842784 _____ C:\Users\Itamar_Rialto\Downloads\The_New_Bitdefender_UninstallTool.exe
2016-05-16 18:22 - 2016-05-16 18:24 - 00009133 _____ C:\Users\Todos os Usuários\1463433702.4292.bin
2016-05-16 18:22 - 2016-05-16 18:24 - 00009133 _____ C:\ProgramData\1463433702.4292.bin
2016-05-16 18:22 - 2016-05-16 18:24 - 00002122 _____ C:\Users\Todos os Usuários\1463433702.5092.bin
2016-05-16 18:22 - 2016-05-16 18:24 - 00002122 _____ C:\ProgramData\1463433702.5092.bin
2016-05-16 18:22 - 2016-05-16 18:24 - 00000507 _____ C:\Users\Todos os Usuários\1463433702.2720.bin
2016-05-16 18:22 - 2016-05-16 18:24 - 00000507 _____ C:\ProgramData\1463433702.2720.bin
2016-05-16 18:22 - 2016-05-16 18:22 - 00012936 _____ C:\Users\Todos os Usuários\1463433702.1128.bin
2016-05-16 18:22 - 2016-05-16 18:22 - 00012936 _____ C:\ProgramData\1463433702.1128.bin
2016-05-16 18:21 - 2016-05-16 18:24 - 00049881 _____ C:\Users\Todos os Usuários\1463433702.692.bin
2016-05-16 18:21 - 2016-05-16 18:24 - 00049881 _____ C:\ProgramData\1463433702.692.bin
2016-05-16 18:21 - 2016-05-16 18:24 - 00005230 _____ C:\Users\Todos os Usuários\1463433702.6404.bin
2016-05-16 18:21 - 2016-05-16 18:24 - 00005230 _____ C:\ProgramData\1463433702.6404.bin
2016-05-16 18:21 - 2016-05-16 18:23 - 00022952 _____ C:\Users\Todos os Usuários\1463433702.3512.bin
2016-05-16 18:21 - 2016-05-16 18:23 - 00022952 _____ C:\ProgramData\1463433702.3512.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 00015028 _____ C:\Users\Todos os Usuários\1463432036.2560.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 00015028 _____ C:\ProgramData\1463432036.2560.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 00012936 _____ C:\Users\Todos os Usuários\1463432036.4560.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 00012936 _____ C:\ProgramData\1463432036.4560.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 00009133 _____ C:\Users\Todos os Usuários\1463432036.2420.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 00009133 _____ C:\ProgramData\1463432036.2420.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 00005236 _____ C:\Users\Todos os Usuários\1463432036.2316.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 00005236 _____ C:\ProgramData\1463432036.2316.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 00002122 _____ C:\Users\Todos os Usuários\1463432036.4696.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 00002122 _____ C:\ProgramData\1463432036.4696.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 00000507 _____ C:\Users\Todos os Usuários\1463432036.3744.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 00000507 _____ C:\ProgramData\1463432036.3744.bin
2016-05-16 17:53 - 2016-05-16 17:54 - 00049945 _____ C:\Users\Todos os Usuários\1463432036.5268.bin
2016-05-16 17:53 - 2016-05-16 17:54 - 00049945 _____ C:\ProgramData\1463432036.5268.bin
2016-05-16 17:47 - 2016-05-16 17:48 - 00014463 _____ C:\Users\Todos os Usuários\1463431623.556.bin
2016-05-16 17:47 - 2016-05-16 17:48 - 00014463 _____ C:\ProgramData\1463431623.556.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 00049354 _____ C:\Users\Todos os Usuários\1463431623.6180.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 00049354 _____ C:\ProgramData\1463431623.6180.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 00012836 _____ C:\Users\Todos os Usuários\1463431623.3180.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 00012836 _____ C:\ProgramData\1463431623.3180.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 00009093 _____ C:\Users\Todos os Usuários\1463431623.2808.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 00009093 _____ C:\ProgramData\1463431623.2808.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 00005076 _____ C:\Users\Todos os Usuários\1463431623.3028.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 00005076 _____ C:\ProgramData\1463431623.3028.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 00002102 _____ C:\Users\Todos os Usuários\1463431623.3140.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 00002102 _____ C:\ProgramData\1463431623.3140.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 00000507 _____ C:\Users\Todos os Usuários\1463431623.2136.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 00000507 _____ C:\ProgramData\1463431623.2136.bin
2016-05-16 17:42 - 2016-05-16 17:47 - 00000000 ____D C:\bitdefender_tsecurity
2016-05-16 17:41 - 2016-05-16 17:42 - 00050269 _____ C:\Users\Todos os Usuários\1463431277.4496.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 00050269 _____ C:\ProgramData\1463431277.4496.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 00013401 _____ C:\Users\Todos os Usuários\1463431277.996.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 00013401 _____ C:\ProgramData\1463431277.996.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 00009133 _____ C:\Users\Todos os Usuários\1463431277.2236.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 00009133 _____ C:\ProgramData\1463431277.2236.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 00005236 _____ C:\Users\Todos os Usuários\1463431277.7024.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 00005236 _____ C:\ProgramData\1463431277.7024.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 00002121 _____ C:\Users\Todos os Usuários\1463431277.700.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 00002121 _____ C:\ProgramData\1463431277.700.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 00000507 _____ C:\Users\Todos os Usuários\1463431277.2388.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 00000507 _____ C:\ProgramData\1463431277.2388.bin
2016-05-16 17:41 - 2016-05-16 17:41 - 00012936 _____ C:\Users\Todos os Usuários\1463431277.4988.bin
2016-05-16 17:41 - 2016-05-16 17:41 - 00012936 _____ C:\ProgramData\1463431277.4988.bin
2016-05-16 17:36 - 2016-05-16 17:38 - 00004874 _____ C:\Users\Todos os Usuários\1463430974.6468.bin
2016-05-16 17:36 - 2016-05-16 17:38 - 00004874 _____ C:\ProgramData\1463430974.6468.bin
2016-05-16 17:36 - 2016-05-16 17:37 - 00049883 _____ C:\Users\Todos os Usuários\1463430974.6476.bin
2016-05-16 17:36 - 2016-05-16 17:37 - 00049883 _____ C:\ProgramData\1463430974.6476.bin
2016-05-16 17:36 - 2016-05-16 17:37 - 00028216 _____ C:\Users\Todos os Usuários\1463430974.1336.bin
2016-05-16 17:36 - 2016-05-16 17:37 - 00028216 _____ C:\ProgramData\1463430974.1336.bin
2016-05-16 17:36 - 2016-05-16 17:37 - 00009133 _____ C:\Users\Todos os Usuários\1463430974.3764.bin
2016-05-16 17:36 - 2016-05-16 17:37 - 00009133 _____ C:\ProgramData\1463430974.3764.bin
2016-05-16 17:36 - 2016-05-16 17:37 - 00002122 _____ C:\Users\Todos os Usuários\1463430974.2896.bin
2016-05-16 17:36 - 2016-05-16 17:37 - 00002122 _____ C:\ProgramData\1463430974.2896.bin
2016-05-16 17:36 - 2016-05-16 17:37 - 00000507 _____ C:\Users\Todos os Usuários\1463430974.5672.bin
2016-05-16 17:36 - 2016-05-16 17:37 - 00000507 _____ C:\ProgramData\1463430974.5672.bin
2016-05-16 17:36 - 2016-05-16 17:36 - 00012936 _____ C:\Users\Todos os Usuários\1463430974.4920.bin
2016-05-16 17:36 - 2016-05-16 17:36 - 00012936 _____ C:\ProgramData\1463430974.4920.bin
2016-05-16 17:29 - 2016-05-16 17:29 - 02907472 _____ C:\Users\Itamar_Rialto\Downloads\precatória-itamarandiba-mg.pdf
2016-05-16 17:11 - 2016-05-16 17:11 - 11265544 _____ C:\Users\Itamar_Rialto\Desktop\precatória.pdf
2016-05-16 16:58 - 2016-05-16 16:58 - 00011166 _____ C:\ZA-Scan.txt
2016-05-16 16:17 - 2016-05-16 16:17 - 00000000 ____D C:\zoek_backup
2016-05-16 12:19 - 2016-05-16 12:20 - 04898016 _____ (Avira Operations GmbH & Co. KG) C:\Users\Itamar_Rialto\Downloads\avira_ptbr_av_5739e0a304518__ws.exe
2016-05-16 12:18 - 2016-05-16 12:19 - 00002122 _____ C:\Users\Todos os Usuários\1463411792.5472.bin
2016-05-16 12:18 - 2016-05-16 12:19 - 00002122 _____ C:\ProgramData\1463411792.5472.bin
2016-05-16 12:18 - 2016-05-16 12:18 - 00009133 _____ C:\Users\Todos os Usuários\1463411792.6316.bin
2016-05-16 12:18 - 2016-05-16 12:18 - 00009133 _____ C:\ProgramData\1463411792.6316.bin
2016-05-16 12:18 - 2016-05-16 12:18 - 00000507 _____ C:\Users\Todos os Usuários\1463411792.2620.bin
2016-05-16 12:18 - 2016-05-16 12:18 - 00000507 _____ C:\ProgramData\1463411792.2620.bin
2016-05-16 12:16 - 2016-05-16 12:18 - 00049965 _____ C:\Users\Todos os Usuários\1463411792.6744.bin
2016-05-16 12:16 - 2016-05-16 12:18 - 00049965 _____ C:\ProgramData\1463411792.6744.bin
2016-05-16 12:16 - 2016-05-16 12:18 - 00013564 _____ C:\Users\Todos os Usuários\1463411792.6380.bin
2016-05-16 12:16 - 2016-05-16 12:18 - 00013564 _____ C:\ProgramData\1463411792.6380.bin
2016-05-16 12:16 - 2016-05-16 12:18 - 00005233 _____ C:\Users\Todos os Usuários\1463411792.6068.bin
2016-05-16 12:16 - 2016-05-16 12:18 - 00005233 _____ C:\ProgramData\1463411792.6068.bin
2016-05-16 12:16 - 2016-05-16 12:16 - 00012936 _____ C:\Users\Todos os Usuários\1463411792.5052.bin
2016-05-16 12:16 - 2016-05-16 12:16 - 00012936 _____ C:\ProgramData\1463411792.5052.bin
2016-05-16 12:07 - 2016-05-16 12:07 - 00009133 _____ C:\Users\Todos os Usuários\1463411135.4840.bin
2016-05-16 12:07 - 2016-05-16 12:07 - 00009133 _____ C:\ProgramData\1463411135.4840.bin
2016-05-16 12:07 - 2016-05-16 12:07 - 00002122 _____ C:\Users\Todos os Usuários\1463411135.5532.bin
2016-05-16 12:07 - 2016-05-16 12:07 - 00002122 _____ C:\ProgramData\1463411135.5532.bin
2016-05-16 12:07 - 2016-05-16 12:07 - 00000507 _____ C:\Users\Todos os Usuários\1463411135.5456.bin
2016-05-16 12:07 - 2016-05-16 12:07 - 00000507 _____ C:\ProgramData\1463411135.5456.bin
2016-05-16 12:06 - 2016-05-16 12:06 - 00012936 _____ C:\Users\Todos os Usuários\1463411135.2808.bin
2016-05-16 12:06 - 2016-05-16 12:06 - 00012936 _____ C:\ProgramData\1463411135.2808.bin
2016-05-16 12:05 - 2016-05-16 12:08 - 00050007 _____ C:\Users\Todos os Usuários\1463411135.5840.bin
2016-05-16 12:05 - 2016-05-16 12:08 - 00050007 _____ C:\ProgramData\1463411135.5840.bin
2016-05-16 12:05 - 2016-05-16 12:08 - 00027502 _____ C:\Users\Todos os Usuários\1463411135.6244.bin
2016-05-16 12:05 - 2016-05-16 12:08 - 00027502 _____ C:\ProgramData\1463411135.6244.bin
2016-05-16 12:05 - 2016-05-16 12:08 - 00004874 _____ C:\Users\Todos os Usuários\1463411135.6048.bin
2016-05-16 12:05 - 2016-05-16 12:08 - 00004874 _____ C:\ProgramData\1463411135.6048.bin
2016-05-16 09:50 - 2016-05-16 09:50 - 00000000 ____D C:\Program Files (x86)\ESET
2016-05-16 09:49 - 2016-05-16 09:50 - 00049882 _____ C:\Users\Todos os Usuários\1463402949.3544.bin
2016-05-16 09:49 - 2016-05-16 09:50 - 00049882 _____ C:\ProgramData\1463402949.3544.bin
2016-05-16 09:49 - 2016-05-16 09:50 - 00022985 _____ C:\Users\Todos os Usuários\1463402949.2416.bin
2016-05-16 09:49 - 2016-05-16 09:50 - 00022985 _____ C:\ProgramData\1463402949.2416.bin
2016-05-16 09:49 - 2016-05-16 09:50 - 00009133 _____ C:\Users\Todos os Usuários\1463402949.5904.bin
2016-05-16 09:49 - 2016-05-16 09:50 - 00009133 _____ C:\ProgramData\1463402949.5904.bin
2016-05-16 09:49 - 2016-05-16 09:50 - 00002122 _____ C:\Users\Todos os Usuários\1463402949.5848.bin
2016-05-16 09:49 - 2016-05-16 09:50 - 00002122 _____ C:\ProgramData\1463402949.5848.bin
2016-05-16 09:49 - 2016-05-16 09:50 - 00000507 _____ C:\Users\Todos os Usuários\1463402949.4344.bin
2016-05-16 09:49 - 2016-05-16 09:50 - 00000507 _____ C:\ProgramData\1463402949.4344.bin
2016-05-16 09:49 - 2016-05-16 09:49 - 00012936 _____ C:\Users\Todos os Usuários\1463402949.4804.bin
2016-05-16 09:49 - 2016-05-16 09:49 - 00012936 _____ C:\ProgramData\1463402949.4804.bin
2016-05-16 09:49 - 2016-05-16 09:49 - 00003305 _____ C:\Users\Todos os Usuários\1463402949.6140.bin
2016-05-16 09:49 - 2016-05-16 09:49 - 00003305 _____ C:\ProgramData\1463402949.6140.bin
2016-05-16 09:44 - 2016-05-16 09:44 - 00013548 _____ C:\Users\Todos os Usuários\1463402629.1964.bin
2016-05-16 09:44 - 2016-05-16 09:44 - 00013548 _____ C:\ProgramData\1463402629.1964.bin
2016-05-16 09:44 - 2016-05-16 09:44 - 00009133 _____ C:\Users\Todos os Usuários\1463402629.5160.bin
2016-05-16 09:44 - 2016-05-16 09:44 - 00009133 _____ C:\ProgramData\1463402629.5160.bin
2016-05-16 09:44 - 2016-05-16 09:44 - 00002122 _____ C:\Users\Todos os Usuários\1463402629.5812.bin
2016-05-16 09:44 - 2016-05-16 09:44 - 00002122 _____ C:\ProgramData\1463402629.5812.bin
2016-05-16 09:44 - 2016-05-16 09:44 - 00000507 _____ C:\Users\Todos os Usuários\1463402629.5356.bin
2016-05-16 09:44 - 2016-05-16 09:44 - 00000507 _____ C:\ProgramData\1463402629.5356.bin
2016-05-16 09:43 - 2016-05-16 19:29 - 00000000 ____D C:\Users\Itamar_Rialto\AppData\Roaming\QuickScan
2016-05-16 09:43 - 2016-05-16 09:48 - 00028922 _____ C:\Users\Todos os Usuários\1463402629.4852.bin
2016-05-16 09:43 - 2016-05-16 09:48 - 00028922 _____ C:\ProgramData\1463402629.4852.bin
2016-05-16 09:43 - 2016-05-16 09:44 - 00050045 _____ C:\Users\Todos os Usuários\1463402629.3544.bin
2016-05-16 09:43 - 2016-05-16 09:44 - 00050045 _____ C:\ProgramData\1463402629.3544.bin
2016-05-16 09:43 - 2016-05-16 09:44 - 00003305 _____ C:\Users\Todos os Usuários\1463402629.5720.bin
2016-05-16 09:43 - 2016-05-16 09:44 - 00003305 _____ C:\ProgramData\1463402629.5720.bin
2016-05-16 09:32 - 2016-05-16 09:33 - 00196944 _____ C:\Users\Itamar_Rialto\Downloads\Antivirus_Free_Edition.exe
2016-05-15 10:39 - 2016-05-15 10:39 - 00021170 _____ C:\Users\Itamar_Rialto\Downloads\boletim (1).pdf
2016-05-15 10:37 - 2016-05-15 10:37 - 00021001 _____ C:\Users\Itamar_Rialto\Downloads\boletim.pdf
2016-05-15 10:33 - 2016-05-15 10:33 - 00000000 ____D C:\Users\Itamar_Rialto\Desktop\2 chamada
2016-05-15 10:25 - 2016-05-15 10:25 - 00024338 _____ C:\Users\Itamar_Rialto\Downloads\boleto_lote.pdf
2016-05-13 12:54 - 2016-05-13 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-13 11:39 - 2016-05-16 17:34 - 00000000 ____D C:\Users\Itamar_Rialto\Desktop\Remoção 13-05
2016-05-13 09:53 - 2016-05-13 09:58 - 00000000 ____D C:\AdwCleaner
2016-05-11 17:42 - 2016-05-11 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer
2016-05-11 17:40 - 2016-05-11 17:43 - 00000000 ____D C:\wamp
2016-05-11 17:38 - 2016-05-11 17:38 - 00000000 ____D C:\Users\Itamar_Rialto\AppData\Roaming\MySQL
2016-05-11 17:38 - 2016-05-11 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2016-05-11 17:37 - 2016-05-11 17:37 - 00000000 ____D C:\Program Files\MySQL
2016-05-11 17:36 - 2016-05-11 17:39 - 43507845 _____ (Hervé Leclerc (HeL) ) C:\Users\Itamar_Rialto\Downloads\wampserver2.5-Apache-2.4.9-Mysql-5.6.17-php5.5.12-64b.exe
2016-05-11 17:28 - 2016-05-11 17:32 - 28426240 _____ C:\Users\Itamar_Rialto\Downloads\mysql-workbench-community-6.3.6-winx64.msi
2016-05-11 17:23 - 2016-05-11 17:24 - 07194312 _____ (Microsoft Corporation) C:\Users\Itamar_Rialto\Downloads\vcredist_x64.exe
2016-05-11 15:04 - 2016-05-11 15:30 - 331923533 _____ C:\Users\Itamar_Rialto\Downloads\OracleXE112_Win64.zip
2016-05-11 12:41 - 2016-04-23 01:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 12:41 - 2016-04-23 01:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-11 12:41 - 2016-04-23 01:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-11 12:41 - 2016-04-23 01:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 12:41 - 2016-04-23 01:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 12:41 - 2016-04-23 01:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-11 12:41 - 2016-04-23 01:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-11 12:41 - 2016-04-23 01:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-11 12:41 - 2016-04-23 01:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-11 12:41 - 2016-04-23 01:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-11 12:40 - 2016-04-30 03:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-11 12:40 - 2016-04-23 03:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-11 12:40 - 2016-04-23 03:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-11 12:40 - 2016-04-23 03:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-11 12:40 - 2016-04-23 03:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 12:40 - 2016-04-23 03:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 12:40 - 2016-04-23 02:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-11 12:40 - 2016-04-23 02:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 12:40 - 2016-04-23 02:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 12:40 - 2016-04-23 02:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 12:40 - 2016-04-23 02:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-11 12:40 - 2016-04-23 02:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-11 12:40 - 2016-04-23 02:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-11 12:40 - 2016-04-23 02:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-11 12:40 - 2016-04-23 02:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-11 12:40 - 2016-04-23 02:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-11 12:40 - 2016-04-23 02:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-11 12:40 - 2016-04-23 02:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 12:40 - 2016-04-23 01:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 12:40 - 2016-04-23 01:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 12:40 - 2016-04-23 01:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-11 12:40 - 2016-04-23 01:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-11 12:40 - 2016-04-23 01:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-11 12:40 - 2016-04-23 01:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 12:40 - 2016-04-23 01:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-11 12:40 - 2016-04-23 01:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-11 12:40 - 2016-04-23 01:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-11 12:40 - 2016-04-23 01:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-11 12:40 - 2016-04-23 01:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-11 12:40 - 2016-04-23 01:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-11 12:40 - 2016-04-23 01:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 12:40 - 2016-04-23 01:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-11 12:40 - 2016-04-23 01:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-11 12:40 - 2016-04-23 01:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 12:40 - 2016-04-23 01:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 12:40 - 2016-04-23 01:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-11 12:40 - 2016-04-23 01:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 12:40 - 2016-04-23 01:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 12:40 - 2016-04-23 01:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 12:40 - 2016-04-23 01:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-11 12:40 - 2016-04-23 01:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-11 12:40 - 2016-04-23 01:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-11 12:40 - 2016-04-23 01:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 12:40 - 2016-04-23 01:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 12:40 - 2016-04-23 01:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-11 12:40 - 2016-04-23 01:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-11 12:40 - 2016-04-23 01:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-11 12:40 - 2016-04-23 01:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-11 12:40 - 2016-04-23 01:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 12:40 - 2016-04-23 01:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-11 12:40 - 2016-04-23 01:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-11 12:40 - 2016-04-23 01:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 12:40 - 2016-04-23 01:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-11 12:40 - 2016-04-23 01:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 12:40 - 2016-04-23 01:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 12:40 - 2016-04-23 01:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-11 12:40 - 2016-04-23 01:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-11 12:40 - 2016-04-23 01:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-11 12:40 - 2016-04-23 01:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 12:40 - 2016-04-23 01:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-11 12:40 - 2016-04-23 01:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-11 12:40 - 2016-04-23 01:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-11 12:40 - 2016-04-23 01:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 12:40 - 2016-04-23 01:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 12:39 - 2016-05-06 01:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-11 12:39 - 2016-05-06 01:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-11 12:39 - 2016-05-06 01:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 12:39 - 2016-05-06 00:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 12:39 - 2016-05-06 00:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 12:39 - 2016-05-06 00:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 12:39 - 2016-05-06 00:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-11 12:39 - 2016-05-06 00:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 12:39 - 2016-04-30 03:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-11 12:39 - 2016-04-23 03:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-11 12:39 - 2016-04-23 03:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-11 12:39 - 2016-04-23 03:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-11 12:39 - 2016-04-23 02:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-11 12:39 - 2016-04-23 02:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-11 12:39 - 2016-04-23 02:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-11 12:39 - 2016-04-23 02:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 12:39 - 2016-04-23 02:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-11 12:39 - 2016-04-23 02:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-11 12:39 - 2016-04-23 02:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-11 12:39 - 2016-04-23 02:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 12:39 - 2016-04-23 02:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-11 12:39 - 2016-04-23 02:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-11 12:39 - 2016-04-23 02:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-11 12:39 - 2016-04-23 02:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-11 12:39 - 2016-04-23 02:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-11 12:39 - 2016-04-23 02:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-11 12:39 - 2016-04-23 02:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-11 12:39 - 2016-04-23 02:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-11 12:39 - 2016-04-23 02:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 12:39 - 2016-04-23 02:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 12:39 - 2016-04-23 02:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-11 12:39 - 2016-04-23 02:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-11 12:39 - 2016-04-23 02:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 12:39 - 2016-04-23 02:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-11 12:39 - 2016-04-23 02:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-11 12:39 - 2016-04-23 02:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 12:39 - 2016-04-23 02:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-11 12:39 - 2016-04-23 02:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 12:39 - 2016-04-23 02:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-11 12:39 - 2016-04-23 02:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-11 12:39 - 2016-04-23 02:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-11 12:39 - 2016-04-23 02:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-11 12:39 - 2016-04-23 02:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-11 12:39 - 2016-04-23 02:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-11 12:39 - 2016-04-23 02:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-11 12:39 - 2016-04-23 02:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-11 12:39 - 2016-04-23 02:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-11 12:39 - 2016-04-23 02:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 12:39 - 2016-04-23 02:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-11 12:39 - 2016-04-23 02:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-11 12:39 - 2016-04-23 02:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-11 12:39 - 2016-04-23 02:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-11 12:39 - 2016-04-23 02:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-11 12:39 - 2016-04-23 02:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-11 12:39 - 2016-04-23 01:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-11 12:39 - 2016-04-23 01:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 12:39 - 2016-04-23 01:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-11 12:39 - 2016-04-23 01:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-11 12:39 - 2016-04-23 01:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-11 12:39 - 2016-04-23 01:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 12:39 - 2016-04-23 01:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-11 12:39 - 2016-04-23 01:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-11 12:39 - 2016-04-23 01:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 12:39 - 2016-04-23 01:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 12:39 - 2016-04-23 01:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 12:39 - 2016-04-23 01:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-11 12:39 - 2016-04-23 01:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-11 12:39 - 2016-04-23 01:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 12:39 - 2016-04-23 01:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-11 12:39 - 2016-04-23 01:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 12:39 - 2016-04-23 01:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-11 12:39 - 2016-04-23 01:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-11 12:39 - 2016-04-23 01:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-11 12:39 - 2016-04-23 01:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 12:39 - 2016-04-23 01:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 12:39 - 2016-04-23 01:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 12:39 - 2016-04-23 01:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-11 12:39 - 2016-04-23 01:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-11 12:39 - 2016-04-23 01:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-11 12:39 - 2016-04-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-11 12:39 - 2016-04-23 01:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 12:39 - 2016-04-23 01:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 12:39 - 2016-04-23 01:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-11 12:39 - 2016-04-23 01:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 12:39 - 2016-04-23 01:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 12:39 - 2016-04-23 01:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-11 12:39 - 2016-04-23 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-11 12:39 - 2016-04-23 01:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-11 12:39 - 2016-04-23 01:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-11 12:39 - 2016-04-23 01:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 12:39 - 2016-04-23 01:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 12:39 - 2016-04-23 01:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-11 12:39 - 2016-04-23 01:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 12:39 - 2016-04-23 01:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-11 12:39 - 2016-04-23 01:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 12:39 - 2016-04-23 01:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-11 12:39 - 2016-04-23 01:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 12:39 - 2016-04-23 01:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 12:39 - 2016-04-23 01:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 12:39 - 2016-04-23 01:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 12:39 - 2016-04-23 01:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 12:39 - 2016-04-23 01:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 12:39 - 2016-04-23 01:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-11 12:39 - 2016-04-23 01:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-11 12:39 - 2016-04-23 01:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-11 12:39 - 2016-04-23 01:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-05-11 12:39 - 2016-04-23 01:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-11 12:39 - 2016-04-23 01:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-11 12:39 - 2016-04-23 01:18 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-05-11 12:39 - 2016-04-23 01:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-11 12:39 - 2016-04-23 01:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-11 12:39 - 2016-04-23 01:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-11 12:39 - 2016-04-23 01:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-11 12:39 - 2016-04-23 01:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-11 12:39 - 2016-04-23 01:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-11 12:39 - 2016-04-23 01:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 12:39 - 2016-04-23 01:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 12:39 - 2016-04-23 01:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 12:39 - 2016-04-23 01:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 12:39 - 2016-04-23 01:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-11 12:39 - 2016-04-23 01:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-11 12:39 - 2016-04-23 01:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-11 12:39 - 2016-04-23 01:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-11 12:39 - 2016-04-23 01:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-11 12:39 - 2016-04-23 01:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-11 12:39 - 2016-04-23 01:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-11 12:39 - 2016-04-23 01:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-11 12:39 - 2016-04-23 01:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-11 12:39 - 2016-04-23 01:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 12:39 - 2016-04-23 01:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-11 12:39 - 2016-04-23 01:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-11 12:39 - 2016-04-23 01:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-11 12:39 - 2016-04-23 01:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-11 12:39 - 2016-04-23 01:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 12:39 - 2016-04-23 01:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-11 12:39 - 2016-04-23 01:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 12:39 - 2016-04-23 01:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-11 12:39 - 2016-04-23 01:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-11 12:39 - 2016-04-23 01:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-11 12:39 - 2016-04-23 01:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-11 12:39 - 2016-04-23 01:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 12:39 - 2016-04-23 00:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-11 12:39 - 2016-04-22 23:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-11 12:39 - 2016-04-22 23:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-11 12:39 - 2016-04-18 19:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-11 12:10 - 2016-05-11 12:12 - 02870984 _____ (ESET) C:\Users\Itamar_Rialto\Downloads\esetsmartinstaller_ptg.exe
2016-05-10 14:30 - 2016-05-10 14:18 - 02361368 _____ C:\Users\Itamar_Rialto\Desktop\proposta assinada.PDF
2016-05-10 14:22 - 2016-05-10 14:22 - 00129493 _____ C:\Users\Itamar_Rialto\Downloads\453f8bae-9ce0-4a16-a85d-c193e2fa6d40.pdf
2016-05-09 17:44 - 2016-05-09 17:44 - 00366854 _____ C:\Users\Itamar_Rialto\Downloads\1441198567763.pdf
2016-05-06 11:20 - 2016-05-06 11:21 - 07543342 _____ C:\Users\Itamar_Rialto\Downloads\DBDesigner4.0.5.6_Setup.exe
2016-05-06 11:18 - 2016-05-17 12:30 - 00519335 _____ C:\Users\Itamar_Rialto\Downloads\brModelo.zip
2016-05-06 10:58 - 2016-05-05 13:47 - 00747671 _____ C:\Users\Itamar_Rialto\Desktop\comprov_residencia.PDF
2016-05-04 10:51 - 2016-05-04 10:51 - 00024477 _____ C:\Users\Itamar_Rialto\Downloads\boleto.pdf
2016-04-20 12:55 - 2016-04-20 12:55 - 00014740 _____ C:\Users\Itamar_Rialto\Downloads\boleto-prudente.pdf
2016-04-20 12:50 - 2016-04-20 12:50 - 00088288 _____ C:\Users\Itamar_Rialto\Downloads\GerarPDF_20042016125012.pdf
2016-04-19 17:53 - 2016-04-19 17:54 - 00000000 ____D C:\Users\Itamar_Rialto\Documents\Livro Digital Saraiva
2016-04-19 17:53 - 2016-04-19 17:53 - 00001749 _____ C:\Users\Public\Desktop\Saraiva Reader.lnk
2016-04-19 17:53 - 2016-04-19 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saraiva Reader
2016-04-19 17:51 - 2016-04-21 08:19 - 00068608 _____ C:\Users\Itamar_Rialto\.sysconfig.dat
2016-04-19 17:50 - 2016-04-19 17:50 - 00000000 ____D C:\Saraiva
2016-04-19 16:22 - 2016-04-02 00:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-19 16:22 - 2016-03-29 07:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-19 16:22 - 2016-03-29 07:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-19 16:22 - 2016-03-29 06:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-19 16:22 - 2016-03-29 05:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-19 16:22 - 2016-03-29 05:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-19 16:22 - 2016-03-29 05:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-19 16:22 - 2016-03-29 05:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-19 16:22 - 2016-03-29 04:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-19 16:22 - 2016-03-29 04:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-19 16:22 - 2016-03-29 04:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-19 16:22 - 2016-03-29 04:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-19 16:22 - 2016-03-29 04:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-19 16:22 - 2016-03-29 04:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-19 16:22 - 2016-03-29 04:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-19 16:22 - 2016-03-29 04:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-19 16:22 - 2016-03-29 04:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-19 16:22 - 2016-03-29 04:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-19 16:22 - 2016-03-29 04:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-19 16:22 - 2016-03-29 04:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-19 16:22 - 2016-03-29 03:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-19 16:22 - 2016-03-29 03:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-19 16:22 - 2016-03-29 03:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-19 16:22 - 2016-03-29 03:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-19 16:22 - 2016-03-29 03:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-19 16:22 - 2016-03-29 03:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-19 16:22 - 2016-03-29 03:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-19 16:21 - 2016-04-02 01:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-19 16:21 - 2016-04-02 01:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-19 16:21 - 2016-04-02 01:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-19 16:21 - 2016-04-02 01:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-19 16:21 - 2016-04-02 00:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-19 16:21 - 2016-04-02 00:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-19 16:21 - 2016-03-29 07:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-19 16:21 - 2016-03-29 07:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-19 16:21 - 2016-03-29 07:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-19 16:21 - 2016-03-29 07:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-19 16:21 - 2016-03-29 07:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-19 16:21 - 2016-03-29 07:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-19 16:21 - 2016-03-29 07:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-19 16:21 - 2016-03-29 07:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-19 16:21 - 2016-03-29 07:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-19 16:21 - 2016-03-29 07:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-19 16:21 - 2016-03-29 06:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-19 16:21 - 2016-03-29 06:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-19 16:21 - 2016-03-29 06:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-19 16:21 - 2016-03-29 06:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-19 16:21 - 2016-03-29 06:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-19 16:21 - 2016-03-29 06:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-19 16:21 - 2016-03-29 06:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-19 16:21 - 2016-03-29 06:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-19 16:21 - 2016-03-29 06:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-19 16:21 - 2016-03-29 06:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-19 16:21 - 2016-03-29 06:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-19 16:21 - 2016-03-29 06:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-19 16:21 - 2016-03-29 06:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-19 16:21 - 2016-03-29 06:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-19 16:21 - 2016-03-29 05:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-19 16:21 - 2016-03-29 05:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-19 16:21 - 2016-03-29 05:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-19 16:21 - 2016-03-29 05:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-19 16:21 - 2016-03-29 05:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-19 16:21 - 2016-03-29 05:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-19 16:21 - 2016-03-29 05:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-19 16:21 - 2016-03-29 05:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-19 16:21 - 2016-03-29 05:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-19 16:21 - 2016-03-29 05:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-19 16:21 - 2016-03-29 05:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-19 16:21 - 2016-03-29 04:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-19 16:21 - 2016-03-29 04:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-19 16:21 - 2016-03-29 04:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-19 16:21 - 2016-03-29 04:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-19 16:21 - 2016-03-29 04:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-19 16:21 - 2016-03-29 04:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-19 16:21 - 2016-03-29 04:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-19 16:21 - 2016-03-29 04:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-19 16:21 - 2016-03-29 04:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-19 16:21 - 2016-03-29 04:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-19 16:21 - 2016-03-29 04:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-19 16:21 - 2016-03-29 04:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-19 16:21 - 2016-03-29 04:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-19 16:21 - 2016-03-29 04:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-19 16:21 - 2016-03-29 04:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-19 16:21 - 2016-03-29 04:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-19 16:21 - 2016-03-29 04:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-19 16:21 - 2016-03-29 04:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-19 16:21 - 2016-03-29 04:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-19 16:21 - 2016-03-29 04:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-19 16:21 - 2016-03-29 04:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-19 16:21 - 2016-03-29 04:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-19 16:21 - 2016-03-29 04:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-19 16:21 - 2016-03-29 04:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-19 16:21 - 2016-03-29 04:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-19 16:21 - 2016-03-29 04:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-19 16:21 - 2016-03-29 04:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-19 16:21 - 2016-03-29 04:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-19 16:21 - 2016-03-29 04:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-19 16:21 - 2016-03-29 04:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-19 16:21 - 2016-03-29 04:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-19 16:21 - 2016-03-29 04:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-19 16:21 - 2016-03-29 04:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-19 16:21 - 2016-03-29 04:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-19 16:21 - 2016-03-29 04:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-19 16:21 - 2016-03-29 04:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-19 16:21 - 2016-03-29 03:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-19 16:21 - 2016-03-29 03:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-19 16:21 - 2016-03-29 03:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-19 16:21 - 2016-03-29 03:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-19 16:21 - 2016-03-29 03:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-19 16:21 - 2016-03-29 03:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-19 16:21 - 2016-03-29 03:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-19 16:21 - 2016-03-29 03:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-19 16:21 - 2016-03-29 03:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-19 16:21 - 2016-03-29 03:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-19 16:21 - 2016-03-29 03:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-19 16:21 - 2016-03-29 03:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-19 16:21 - 2016-03-29 03:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-19 16:21 - 2016-03-29 03:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-19 16:21 - 2016-03-29 03:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-19 16:21 - 2016-03-29 03:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-19 16:21 - 2016-03-29 03:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-19 16:21 - 2016-03-29 03:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-19 16:21 - 2016-03-29 03:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-19 16:21 - 2016-03-29 03:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-19 16:21 - 2016-03-29 03:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-19 16:21 - 2016-03-29 03:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-19 16:21 - 2016-03-29 03:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-19 16:21 - 2016-03-29 03:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-19 16:21 - 2016-03-29 03:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-19 16:21 - 2016-03-29 03:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-19 16:21 - 2016-03-29 03:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-19 16:21 - 2016-03-29 03:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-19 16:21 - 2016-03-29 03:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-19 16:21 - 2016-03-29 03:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-19 16:21 - 2016-03-29 03:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-19 16:21 - 2016-03-29 03:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-19 16:21 - 2016-03-29 03:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-19 16:21 - 2016-03-29 03:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-19 16:21 - 2016-03-29 03:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-19 16:21 - 2016-03-29 03:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-19 16:21 - 2016-03-29 03:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-19 16:21 - 2016-03-29 03:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-19 16:21 - 2016-03-29 03:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-19 16:21 - 2016-03-29 02:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-19 16:21 - 2016-03-29 02:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-19 16:21 - 2016-03-29 02:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-19 16:21 - 2016-03-29 02:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-19 16:21 - 2016-03-29 02:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-19 16:21 - 2016-03-29 02:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-19 16:21 - 2016-03-29 02:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-19 16:21 - 2016-03-29 02:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-19 16:21 - 2016-03-29 02:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-19 16:20 - 2016-04-02 00:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-19 16:20 - 2016-04-02 00:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-19 16:20 - 2016-03-29 05:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-19 16:20 - 2016-03-29 05:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-19 16:20 - 2016-03-29 05:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-19 16:20 - 2016-03-29 05:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-19 16:20 - 2016-03-29 05:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-19 16:20 - 2016-03-29 04:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-19 16:20 - 2016-03-29 04:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-19 16:20 - 2016-03-29 04:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-19 16:20 - 2016-03-29 04:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-19 16:20 - 2016-03-29 04:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-19 16:20 - 2016-03-29 04:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-19 16:20 - 2016-03-29 04:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-19 16:20 - 2016-03-29 04:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-19 16:20 - 2016-03-29 04:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-19 16:20 - 2016-03-29 04:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-19 16:20 - 2016-03-29 04:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-19 16:20 - 2016-03-29 04:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-19 16:20 - 2016-03-29 04:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-19 16:20 - 2016-03-29 04:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-19 16:20 - 2016-03-29 04:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-19 16:20 - 2016-03-29 04:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-19 16:20 - 2016-03-29 04:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-19 16:20 - 2016-03-29 04:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-19 16:20 - 2016-03-29 04:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-19 16:20 - 2016-03-29 04:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-19 16:20 - 2016-03-29 04:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-19 16:20 - 2016-03-29 04:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-19 16:20 - 2016-03-29 04:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-19 16:20 - 2016-03-29 04:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-19 16:20 - 2016-03-29 04:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-19 16:20 - 2016-03-29 04:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-19 16:20 - 2016-03-29 04:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-19 16:20 - 2016-03-29 04:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-19 16:20 - 2016-03-29 04:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-19 16:20 - 2016-03-29 04:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-19 16:20 - 2016-03-29 03:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-19 16:20 - 2016-03-29 03:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-19 16:20 - 2016-03-29 03:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-19 16:20 - 2016-03-29 03:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-19 16:20 - 2016-03-29 03:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-19 16:20 - 2016-03-29 03:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-19 16:20 - 2016-03-29 03:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-19 16:20 - 2016-03-29 03:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-19 16:20 - 2016-03-29 02:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-19 16:20 - 2016-03-29 02:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-19 16:20 - 2016-03-29 02:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-19 16:20 - 2016-03-29 02:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-19 16:20 - 2016-03-29 02:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-19 16:20 - 2016-03-29 02:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-19 15:19 - 2016-04-19 15:19 - 00042064 _____ (Anchorfree Inc.) C:\WINDOWS\system32\Drivers\taphss6.sys
2016-04-19 12:30 - 2016-04-19 12:32 - 65843200 _____ (Saraiva e Siciliano S.A.) C:\Users\Itamar_Rialto\Downloads\SaraivaReader_VAREJO_ALPHA_7RC11b169.exe
2016-04-19 12:01 - 2016-04-19 12:05 - 00516087 _____ C:\Users\Itamar_Rialto\Downloads\Formulario de indicacao de condutor infrator.pdf
2016-04-18 15:40 - 2016-04-18 15:40 - 00087946 _____ C:\Users\Itamar_Rialto\Downloads\GerarPDF_18042016154013.pdf

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-17 15:00 - 2015-07-13 10:33 - 00000000 ____D C:\FRST
2016-05-17 14:35 - 2014-12-13 13:17 - 00004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FBED73D4-8727-45A8-ABE6-A42385942A9F}
2016-05-17 14:23 - 2015-12-28 09:18 - 00001058 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-05-17 14:10 - 2014-12-14 20:55 - 00001100 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-17 14:10 - 2014-12-13 12:46 - 00000000 ____D C:\Users\Itamar_Rialto\AppData\Local\Packages
2016-05-17 12:31 - 2015-07-22 15:03 - 05966404 _____ C:\Users\Itamar_Rialto\Downloads\Songr-1.zip
2016-05-17 11:10 - 2014-12-14 20:55 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-17 10:23 - 2015-12-28 09:18 - 00001054 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-05-17 09:35 - 2014-12-13 12:46 - 00000000 __SHD C:\Users\Itamar_Rialto\IntelGraphicsProfiles
2016-05-17 09:02 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-17 08:30 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-17 08:25 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-16 19:12 - 2015-12-11 13:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-16 19:12 - 2015-02-25 16:21 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-05-16 19:11 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-16 16:41 - 2015-12-11 12:31 - 02010808 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-16 16:41 - 2015-10-30 16:12 - 00853356 _____ C:\WINDOWS\system32\prfh0416.dat
2016-05-16 16:41 - 2015-10-30 16:12 - 00183252 _____ C:\WINDOWS\system32\prfc0416.dat
2016-05-16 14:09 - 2015-06-18 17:47 - 00000000 ____D C:\Users\Itamar_Rialto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinAVI Video Converter
2016-05-16 12:41 - 2015-11-17 13:52 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-05-16 12:41 - 2015-11-17 13:52 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-16 11:51 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-14 19:06 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache
2016-05-14 10:16 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-13 12:55 - 2015-04-11 12:23 - 00000000 ___RD C:\Users\Itamar_Rialto\Dropbox
2016-05-13 12:55 - 2015-04-11 12:03 - 00000000 ____D C:\Users\Itamar_Rialto\AppData\Roaming\Dropbox
2016-05-13 12:54 - 2015-12-28 09:18 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-05-13 11:32 - 2015-07-13 10:23 - 00000000 ____D C:\Users\Itamar_Rialto\AppData\Roaming\ZHP
2016-05-13 10:12 - 2015-07-15 09:43 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-13 10:12 - 2014-12-14 21:07 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 09:59 - 2015-12-11 12:32 - 00000000 ____D C:\Users\Itamar_Rialto
2016-05-12 16:51 - 2015-03-25 14:11 - 00000176 _____ C:\Users\Itamar_Rialto\Desktop\Biblioteca Digital.url
2016-05-12 09:11 - 2014-12-13 12:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-11 17:59 - 2015-10-30 16:15 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 17:59 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-11 17:59 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-11 17:59 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-11 17:59 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-11 17:58 - 2015-10-30 04:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-11 16:57 - 2015-10-30 04:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-11 16:57 - 2015-10-30 04:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 13:20 - 2015-01-09 15:47 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 13:20 - 2015-01-09 15:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 12:26 - 2016-02-17 13:12 - 00000000 ____D C:\Users\Todos os Usuários\360Quarant
2016-05-11 12:26 - 2016-02-17 13:12 - 00000000 ____D C:\ProgramData\360Quarant
2016-05-11 11:05 - 2014-12-14 20:55 - 00004158 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 11:05 - 2014-12-14 20:55 - 00003926 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-09 11:12 - 2015-03-26 16:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-09 06:27 - 2016-03-03 21:33 - 00077904 _____ (360.cn) C:\WINDOWS\SysWOW64\Drivers\360AvFlt.sys
2016-05-06 11:18 - 2013-09-04 23:15 - 00531456 _____ (brModelo) C:\Users\Itamar_Rialto\Downloads\brModelo.exe
2016-05-01 08:42 - 2015-04-06 16:43 - 00000000 ____D C:\Users\Itamar_Rialto\Documents\faturas
2016-04-22 04:57 - 2015-07-01 16:58 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-20 17:40 - 2015-02-23 15:52 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-04-20 17:40 - 2015-02-23 15:52 - 00000000 ____D C:\ProgramData\Oracle
2016-04-20 17:39 - 2015-09-16 19:25 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-20 17:39 - 2015-02-23 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-20 17:38 - 2015-09-16 19:26 - 00000000 ____D C:\Users\Itamar_Rialto\.oracle_jre_usage
2016-04-20 17:38 - 2015-09-16 19:25 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-20 16:32 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-20 16:32 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions

==================== Arquivos na raiz de alguns diretórios =======

2014-12-20 08:34 - 2014-12-20 08:34 - 0522752 _____ () C:\Users\Itamar_Rialto\AppData\Roaming\sqlite3.dll
2015-05-08 10:09 - 2015-05-08 10:09 - 0018682 _____ () C:\Users\Itamar_Rialto\AppData\Roaming\unins000.dat
2015-01-11 11:04 - 2015-01-11 11:04 - 0000038 ___SH () C:\Users\Itamar_Rialto\AppData\Local\69ff07055291669bb2b218.72821112
2015-07-17 10:53 - 2015-07-17 11:15 - 27163751 _____ () C:\Users\Itamar_Rialto\AppData\Local\package.nw.new
2015-06-19 09:59 - 2015-06-19 09:59 - 0007610 _____ () C:\Users\Itamar_Rialto\AppData\Local\Resmon.ResmonCfg
2016-05-16 09:44 - 2016-05-16 09:44 - 0013548 _____ () C:\ProgramData\1463402629.1964.bin
2016-05-16 09:43 - 2016-05-16 09:44 - 0050045 _____ () C:\ProgramData\1463402629.3544.bin
2016-05-16 09:43 - 2016-05-16 09:48 - 0028922 _____ () C:\ProgramData\1463402629.4852.bin
2016-05-16 09:44 - 2016-05-16 09:44 - 0009133 _____ () C:\ProgramData\1463402629.5160.bin
2016-05-16 09:44 - 2016-05-16 09:44 - 0000507 _____ () C:\ProgramData\1463402629.5356.bin
2016-05-16 09:43 - 2016-05-16 09:44 - 0003305 _____ () C:\ProgramData\1463402629.5720.bin
2016-05-16 09:44 - 2016-05-16 09:44 - 0002122 _____ () C:\ProgramData\1463402629.5812.bin
2016-05-16 09:49 - 2016-05-16 09:50 - 0022985 _____ () C:\ProgramData\1463402949.2416.bin
2016-05-16 09:49 - 2016-05-16 09:50 - 0049882 _____ () C:\ProgramData\1463402949.3544.bin
2016-05-16 09:49 - 2016-05-16 09:50 - 0000507 _____ () C:\ProgramData\1463402949.4344.bin
2016-05-16 09:49 - 2016-05-16 09:49 - 0012936 _____ () C:\ProgramData\1463402949.4804.bin
2016-05-16 09:49 - 2016-05-16 09:50 - 0002122 _____ () C:\ProgramData\1463402949.5848.bin
2016-05-16 09:49 - 2016-05-16 09:50 - 0009133 _____ () C:\ProgramData\1463402949.5904.bin
2016-05-16 09:49 - 2016-05-16 09:49 - 0003305 _____ () C:\ProgramData\1463402949.6140.bin
2016-05-16 12:06 - 2016-05-16 12:06 - 0012936 _____ () C:\ProgramData\1463411135.2808.bin
2016-05-16 12:07 - 2016-05-16 12:07 - 0009133 _____ () C:\ProgramData\1463411135.4840.bin
2016-05-16 12:07 - 2016-05-16 12:07 - 0000507 _____ () C:\ProgramData\1463411135.5456.bin
2016-05-16 12:07 - 2016-05-16 12:07 - 0002122 _____ () C:\ProgramData\1463411135.5532.bin
2016-05-16 12:05 - 2016-05-16 12:08 - 0050007 _____ () C:\ProgramData\1463411135.5840.bin
2016-05-16 12:05 - 2016-05-16 12:08 - 0004874 _____ () C:\ProgramData\1463411135.6048.bin
2016-05-16 12:05 - 2016-05-16 12:08 - 0027502 _____ () C:\ProgramData\1463411135.6244.bin
2016-05-16 12:18 - 2016-05-16 12:18 - 0000507 _____ () C:\ProgramData\1463411792.2620.bin
2016-05-16 12:16 - 2016-05-16 12:16 - 0012936 _____ () C:\ProgramData\1463411792.5052.bin
2016-05-16 12:18 - 2016-05-16 12:19 - 0002122 _____ () C:\ProgramData\1463411792.5472.bin
2016-05-16 12:16 - 2016-05-16 12:18 - 0005233 _____ () C:\ProgramData\1463411792.6068.bin
2016-05-16 12:18 - 2016-05-16 12:18 - 0009133 _____ () C:\ProgramData\1463411792.6316.bin
2016-05-16 12:16 - 2016-05-16 12:18 - 0013564 _____ () C:\ProgramData\1463411792.6380.bin
2016-05-16 12:16 - 2016-05-16 12:18 - 0049965 _____ () C:\ProgramData\1463411792.6744.bin
2016-05-16 17:36 - 2016-05-16 17:37 - 0028216 _____ () C:\ProgramData\1463430974.1336.bin
2016-05-16 17:36 - 2016-05-16 17:37 - 0002122 _____ () C:\ProgramData\1463430974.2896.bin
2016-05-16 17:36 - 2016-05-16 17:37 - 0009133 _____ () C:\ProgramData\1463430974.3764.bin
2016-05-16 17:36 - 2016-05-16 17:36 - 0012936 _____ () C:\ProgramData\1463430974.4920.bin
2016-05-16 17:36 - 2016-05-16 17:37 - 0000507 _____ () C:\ProgramData\1463430974.5672.bin
2016-05-16 17:36 - 2016-05-16 17:38 - 0004874 _____ () C:\ProgramData\1463430974.6468.bin
2016-05-16 17:36 - 2016-05-16 17:37 - 0049883 _____ () C:\ProgramData\1463430974.6476.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 0009133 _____ () C:\ProgramData\1463431277.2236.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 0000507 _____ () C:\ProgramData\1463431277.2388.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 0050269 _____ () C:\ProgramData\1463431277.4496.bin
2016-05-16 17:41 - 2016-05-16 17:41 - 0012936 _____ () C:\ProgramData\1463431277.4988.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 0002121 _____ () C:\ProgramData\1463431277.700.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 0005236 _____ () C:\ProgramData\1463431277.7024.bin
2016-05-16 17:41 - 2016-05-16 17:42 - 0013401 _____ () C:\ProgramData\1463431277.996.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 0000507 _____ () C:\ProgramData\1463431623.2136.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 0009093 _____ () C:\ProgramData\1463431623.2808.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 0005076 _____ () C:\ProgramData\1463431623.3028.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 0002102 _____ () C:\ProgramData\1463431623.3140.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 0012836 _____ () C:\ProgramData\1463431623.3180.bin
2016-05-16 17:47 - 2016-05-16 17:48 - 0014463 _____ () C:\ProgramData\1463431623.556.bin
2016-05-16 17:47 - 2016-05-16 17:47 - 0049354 _____ () C:\ProgramData\1463431623.6180.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 0005236 _____ () C:\ProgramData\1463432036.2316.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 0009133 _____ () C:\ProgramData\1463432036.2420.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 0015028 _____ () C:\ProgramData\1463432036.2560.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 0000507 _____ () C:\ProgramData\1463432036.3744.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 0012936 _____ () C:\ProgramData\1463432036.4560.bin
2016-05-16 17:54 - 2016-05-16 17:54 - 0002122 _____ () C:\ProgramData\1463432036.4696.bin
2016-05-16 17:53 - 2016-05-16 17:54 - 0049945 _____ () C:\ProgramData\1463432036.5268.bin
2016-05-16 18:22 - 2016-05-16 18:22 - 0012936 _____ () C:\ProgramData\1463433702.1128.bin
2016-05-16 18:22 - 2016-05-16 18:24 - 0000507 _____ () C:\ProgramData\1463433702.2720.bin
2016-05-16 18:21 - 2016-05-16 18:23 - 0022952 _____ () C:\ProgramData\1463433702.3512.bin
2016-05-16 18:22 - 2016-05-16 18:24 - 0009133 _____ () C:\ProgramData\1463433702.4292.bin
2016-05-16 18:22 - 2016-05-16 18:24 - 0002122 _____ () C:\ProgramData\1463433702.5092.bin
2016-05-16 18:21 - 2016-05-16 18:24 - 0005230 _____ () C:\ProgramData\1463433702.6404.bin
2016-05-16 18:21 - 2016-05-16 18:24 - 0049881 _____ () C:\ProgramData\1463433702.692.bin
2016-05-16 18:42 - 2016-05-16 18:43 - 0004203 _____ () C:\ProgramData\1463434941.1076.bin
2016-05-16 18:42 - 2016-05-16 18:43 - 0033622 _____ () C:\ProgramData\1463434941.3472.bin
2016-05-16 18:42 - 2016-05-16 18:42 - 0011267 _____ () C:\ProgramData\1463434941.3644.bin
2016-05-16 18:42 - 2016-05-16 18:43 - 0006084 _____ () C:\ProgramData\1463434941.6164.bin
2016-05-16 18:42 - 2016-05-16 18:43 - 0047376 _____ () C:\ProgramData\1463434941.6892.bin
2016-05-16 18:49 - 2016-05-16 18:49 - 0009133 _____ () C:\ProgramData\1463435283.1040.bin
2016-05-16 18:48 - 2016-05-16 18:50 - 0026753 _____ () C:\ProgramData\1463435283.1104.bin
2016-05-16 18:48 - 2016-05-16 18:50 - 0049984 _____ () C:\ProgramData\1463435283.2288.bin
2016-05-16 18:48 - 2016-05-16 18:48 - 0013548 _____ () C:\ProgramData\1463435283.2776.bin
2016-05-16 18:49 - 2016-05-16 18:49 - 0000507 _____ () C:\ProgramData\1463435283.2992.bin
2016-05-16 18:49 - 2016-05-16 18:49 - 0002122 _____ () C:\ProgramData\1463435283.4220.bin
2016-05-16 18:48 - 2016-05-16 18:49 - 0005236 _____ () C:\ProgramData\1463435283.5636.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 0024185 _____ () C:\ProgramData\1463437707.3524.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 0009135 _____ () C:\ProgramData\1463437707.3656.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 0002123 _____ () C:\ProgramData\1463437707.5132.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 0005238 _____ () C:\ProgramData\1463437707.5512.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 0049953 _____ () C:\ProgramData\1463437707.5748.bin
2016-05-16 19:28 - 2016-05-16 19:29 - 0000507 _____ () C:\ProgramData\1463437707.5988.bin
2016-05-16 19:28 - 2016-05-16 19:28 - 0013547 _____ () C:\ProgramData\1463437707.952.bin
2016-05-16 19:31 - 2016-05-16 19:31 - 0172692 _____ () C:\ProgramData\1463437827.bdinstall.bin
2015-12-11 12:28 - 2015-12-11 12:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-03 16:31 - 2015-11-03 16:31 - 0000000 _____ () C:\ProgramData\{EB5F5A55-037A-4E47-806B-2C8AA9374701}

Arquivos para serem movidos ou deletados:
====================
C:\Users\Itamar_Rialto\.sysconfig.dat
C:\Users\Itamar_Rialto\ZHPDiag3.exe


Alguns com tamanho de zero byte arquivos/pastas:
==========================
C:\Windows\System32\Drivers\gbpddfac64.sys

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-05-16 14:34

==================== Fim de FRST.txt ============================

 

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:14-05-2016
Executado por Itamar_Rialto (2016-05-17 15:02:43)
Executando a partir de C:\Users\Itamar_Rialto\Desktop
Windows 10 Home Single Language Versão 1511 (X64) (2015-12-11 16:33:40)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2861522991-3655380705-3476392321-500 - Administrator - Disabled)
Convidado (S-1-5-21-2861522991-3655380705-3476392321-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-2861522991-3655380705-3476392321-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2861522991-3655380705-3476392321-1003 - Limited - Enabled)
Itamar_Rialto (S-1-5-21-2861522991-3655380705-3476392321-1001 - Administrator - Enabled) => C:\Users\Itamar_Rialto

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus Free Edition (Disabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Edition (Disabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
7-Zip 9.34 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0934-000001000000}) (Version: 9.34.00.0 - Igor Pavlov)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8109 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1109 - Bitdefender)
Bizagi Process Modeler (HKLM-x32\...\InstallShield_{998852A0-ECD5-4A32-94DC-7169D0CE68EF}) (Version: 2.7.02 - Bizagi Limited)
Bizagi Process Modeler (x32 Version: 2.7.02 - Bizagi Limited) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Concord Telephony Translation (HKLM-x32\...\Concord Telephony Translation) (Version:  - )
CTIAPI32 (remove only) (HKLM-x32\...\CTIAPI32) (Version:  - )
CtiLogC (remove only) (HKLM-x32\...\CtiLogC) (Version:  - )
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.20.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Foxit PhantomPDF (HKLM-x32\...\{2DF18CA8-86F2-4F3A-A1BF-A2A7D39B9161}) (Version: 7.0.49.127 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hotspot Shield 5.3.2 (HKLM-x32\...\HotspotShield) (Version: 5.3.2 - AnchorFree Inc.)
Hotspot Shield 5.3.2 Embedded (x32 Version: 5.3.2.9652 - Buildbot) Hidden
IHMC CmapTools v6.01 (HKLM\...\IHMC CmapTools v6.01) (Version: 6.0.1.0 - Institute for Human & Machine Cognition)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Intel Processor Diagnostic Tool 64bit (HKLM\...\{F24BC99D-3FC1-4503-BEFA-5DDD16C6265A}) (Version: 2.20.0.0 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.0 - Receita Federal do Brasil)
IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2016) (Version: 1.0 - Receita Federal do Brasil)
ITR2015 - Declaração do Imposto sobre a Propriedade Territorial Rural (HKLM-x32\...\ITR2015) (Version: 1.0 - Receita Federal do Brasil)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
K-Lite Mega Codec Pack 11.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.6366.2062 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 pt-BR)) (Version: 46.0.1 - Mozilla)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
MySQL Workbench 6.3 CE (HKLM\...\{59958BAC-A61D-4A23-8082-CC2FDF17937F}) (Version: 6.3.6 - Oracle Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
PDF24 Creator 7.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Pencil (HKLM-x32\...\Pencil) (Version:  - Evolus Co., Ltd.)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21245 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.07 - Serpro - Serviço Federal de Processamento de Dados)
Rosetta Stone Version 3 (HKLM-x32\...\{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}) (Version: 3.3.5.2 - Rosetta Stone Ltd.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Saraiva Reader ALPHA_7RC11b169 (HKLM-x32\...\8505-5699-0960-8592) (Version: ALPHA_7RC11b169 - Saraiva e Siciliano S.A.)
Songr (HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\Songr) (Version: 2.1 - Xamasoft)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM-x32\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0001}\InprocServer32 -> C:\Users\Itamar_Rialto\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0001}\InprocServer32 -> C:\Users\Itamar_Rialto\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {077E4D37-6EB8-40DC-85FF-73A3D48C32B1} - \DropboxUpdateTaskUserS-1-5-21-2861522991-3655380705-3476392321-1001UA -> Nenhum Arquivo <==== ATENÇÃO
Task: {0870AE5F-D478-4544-91F3-619F6C5449E3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {08789B60-FB85-47E8-8D88-31416F6BDC48} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {0A7A0870-3BA3-4B25-9EFA-CBC628EE58FC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation)
Task: {0CFAE48E-9957-4480-9FE6-0D28B2ED24D8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {0FB41AC9-14B2-490B-B7BF-8163D08C74B0} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {12D15E21-F159-404D-929C-338126052577} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {200FA462-9D99-4E69-9EEC-EDE0DB5B5497} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {3117038D-9C40-42BD-AA24-1F4CC823859C} - \ACCAgent -> Nenhum Arquivo <==== ATENÇÃO
Task: {50F8C756-AA0A-426F-B37E-A7E17EA2C8B5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {52B1D0F8-7AEE-4DB8-A5A4-F0DF474D410E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-28] (Dropbox, Inc.)
Task: {54125EE3-F3EA-404A-87BB-8A1469BEE54D} - \DropboxUpdateTaskUserS-1-5-21-2861522991-3655380705-3476392321-1001Core -> Nenhum Arquivo <==== ATENÇÃO
Task: {78DC5BE5-7C22-404C-B294-5A1D36CB01CF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {8524DA82-25E4-4E83-A2CA-18340788791B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-17] (Microsoft Corporation)
Task: {8B6DBE4D-491E-4F80-80E7-5A49B23011D3} - \SmartShare -> Nenhum Arquivo <==== ATENÇÃO
Task: {91758804-2647-4AEC-A900-BCA202C93D83} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A0E75A9B-091A-4C43-985C-E2A719656E3C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {A864AAAB-91CC-4532-BDF3-90DD7DEB3682} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {AD166148-FC2E-4A2A-896A-8D75443FF9D2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {B0063606-AF64-4680-8D04-DE0BAB9A9BA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-01-19] (Microsoft Corporation)
Task: {B1E9317F-8BE3-40FE-A878-5B2520873C01} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-09-10] (Acer Incorporate)
Task: {C6FA6CE4-C3A2-4625-B751-809E13FB01A0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-01-19] (Microsoft Corporation)
Task: {CC514AE7-CAC3-4B7A-96DC-C40287A0E175} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {D030648B-FA59-4F70-87A1-F3901981526F} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {D5A453AF-9969-4C3B-A966-586A1E8C87FF} - \klcp_update -> Nenhum Arquivo <==== ATENÇÃO
Task: {D65E63E3-5E3B-4546-BBAD-D0CFB8ECC302} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {ECD75687-476D-49C4-98C1-D818B63B986F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {F1923CD9-27D9-4FE6-9BE5-45FE19D3EC13} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-28] (Dropbox, Inc.)
Task: {FC4D0423-8205-4BDD-AC09-3716503521EE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {FEFBC0C2-0597-447D-B1AE-0E60E4471A1E} - \ACC -> Nenhum Arquivo <==== ATENÇÃO

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2016-01-15 16:44 - 2015-11-23 12:11 - 00026240 _____ () C:\WINDOWS\system32\vntmon64.dll
2015-12-11 15:30 - 2016-01-17 13:46 - 00171712 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-05-16 19:30 - 2013-03-19 11:07 - 00712288 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2016-05-16 19:30 - 2013-09-03 13:29 - 00111832 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-19 16:22 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-19 16:22 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-18 13:33 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 12:39 - 2016-04-23 01:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-11 12:40 - 2016-04-23 01:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-11 12:39 - 2016-04-23 00:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-11 12:40 - 2016-04-23 00:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-11 12:40 - 2016-04-23 01:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-02-25 22:14 - 2014-02-25 22:14 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-25 22:11 - 2014-02-25 22:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-25 22:17 - 2014-02-25 22:17 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2016-04-19 19:01 - 2016-04-19 19:01 - 00166528 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
AlternateDataStreams: C:\Users\Itamar_Rialto\Downloads\brModelo.zip:BDU [1]
AlternateDataStreams: C:\Users\Itamar_Rialto\Downloads\Songr-1.zip:BDU [1]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""

==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\colaboraread.com.br -> hxxp://www.colaboraread.com.br
IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\santander.com.br -> www.santander.com.br
IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\santanderempresarial.com.br -> www.santanderempresarial.com.br
IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\santandernet.com.br -> www.santandernet.com.br
IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\santandernetibe.com.br -> www.santandernetibe.com.br
IE trusted site: HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\unopar.br -> hxxps://www22.unopar.br

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 10:25 - 2016-05-16 14:02 - 00000795 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Itamar_Rialto\appdata\local\microsoft\windows\themes\transcodedwallpaper
DNS Servers: 10.1.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\...\StartupApproved\StartupFolder: => "Ralink Wireless Utility.lnk"
HKLM\...\StartupApproved\Run: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "BacKGround Agent"
HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKLM\...\StartupApproved\Run32: => "write.exe"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "x86kernel2"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "RemoteFilesTrayIcon"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Itamar_Rialto\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Itamar_Rialto\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Itamar_Rialto\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Itamar_Rialto\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CBF3EF98-8839-46C5-B99C-7CB9EC4533C6}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{08B790CA-D2B9-4453-9724-5B097079CE5F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0670F4F9-D980-49DA-A75A-A898F1473BB4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{B88F2811-2B9E-4C06-A353-7FE07687AC7E}C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{62D0A1E5-573D-4928-9F49-536CDD784903}C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{6EC42287-3D7D-41FF-8B3A-0FC781119F4C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{DFEB95EE-AF07-410B-BBAC-AC3BB37B7655}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{7747E2AF-3EA8-43F8-B074-F0B2C0F3C5F1}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6F7ABCEA-8BCA-49A2-8762-708EB52D9B76}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{D7ABD79F-3C8D-463A-B9B3-56BBD087390B}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{6D4EBAEA-60A1-4382-8901-98BEB3B66E24}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [TCP Query User{8F74B528-B4D0-44F1-8A39-E94D51DAA180}C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{323585CB-32D2-41AD-BC55-63559B18D832}C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\itamar_rialto\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{A34A0061-2DB5-492B-B6AE-C19216E4C510}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{CA5B67DD-6F0A-40D4-92D8-BAB6183D43EC}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{D12A46CD-6FD0-432D-9D39-37563E9ED038}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A7A42D55-C99E-4B33-A098-9D69A29FF519}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9DC91661-04A7-477F-924D-3E0522FD94F4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{EFE85B17-B536-482A-9441-817307DED159}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{506EBAD8-9846-4B0E-82E3-10041CB9DA6D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6FA796B6-0F5A-4454-B19E-723B4A8AF7F0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{3AC510CD-C695-4621-84B9-61DF2BA91F89}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{97EBB08A-B0DD-4C87-9600-A3F2ABCAFE3F}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{34934D0B-59D2-43BE-9C49-AC3551218B75}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{B5623C61-F1CD-44AC-A6ED-A14988A5CD2E}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{10C363DF-94FC-4A16-8BB0-4A66ACA3ED03}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [TCP Query User{C6705810-69D3-4987-AC20-49494975C942}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [UDP Query User{0E903742-EE24-4CF7-A0D7-95B93A5F1FEA}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [{DA528ED1-A334-445C-9315-06B575C22FBD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{62194690-4118-4FBA-BFB8-C7C0CC00E83C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Pontos de Restauração =========================

29-04-2016 09:36:39 Ponto de Verificação Agendado
09-05-2016 13:01:45 Ponto de Verificação Agendado
11-05-2016 17:36:51 Installed MySQL Workbench 6.3 CE
13-05-2016 10:06:18 JRT Pre-Junkware Removal

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (05/17/2016 02:19:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: E5-511-C7NE)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (05/17/2016 01:49:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: E5-511-C7NE)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (05/17/2016 01:07:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: E5-511-C7NE)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (05/17/2016 12:47:26 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Erro no arquivo de manifesto ou de política UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2", na linha UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.

Error: (05/17/2016 12:34:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: E5-511-C7NE)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (05/17/2016 12:04:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: E5-511-C7NE)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (05/17/2016 12:04:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: E5-511-C7NE)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (05/17/2016 11:19:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: E5-511-C7NE)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (05/17/2016 10:49:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: E5-511-C7NE)
Description: Falha na ativação do aplicativo Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (05/17/2016 10:29:40 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8


Erros de Sistema:
=============
Error: (05/17/2016 09:38:38 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (05/17/2016 09:05:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Armazenamento de Dados de Usuário_149c3cd.

Error: (05/17/2016 09:05:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_149c3cd foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (05/17/2016 09:05:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Armazenamento de Dados de Usuário_149c3cd foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (05/17/2016 09:05:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Dados de Contato_149c3cd foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (05/17/2016 09:05:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_149c3cd foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (05/17/2016 09:05:06 AM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível


CodeIntegrity:
===================================
  Date: 2016-05-15 10:20:26.343
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-14 11:44:30.554
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 09:10:15.208
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-11 14:04:15.263
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-21 16:14:48.210
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-20 16:36:36.054
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-20 09:03:55.547
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-28 17:20:09.308
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-15 14:13:40.828
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-14 14:04:29.812
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória ===========================

Processador: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentagem de memória em uso: 61%
RAM física total: 3979.2 MB
RAM física disponível: 1516.27 MB
Virtual Total: 4683.2 MB
Virtual disponível: 2224.61 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.48 GB) (Free:340.47 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5A76CD2F)

Partition: GPT.

==================== Fim de Addition.txt ============================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Itamar Rialto

 

Primeiro

 

Acesse o site VirusTotal, e submeta o seguinte arquivo para análise:

 

C:\Users\Todos os Usuários\1463437707.5748.bin

 

Poste o resultado.

 

Segundo

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está abaixo:

 

Citação

CreateRestorePoint:
CloseProcesses:

2016-05-11 12:26 - 2016-02-17 13:12 - 00000000 ____D C:\Users\Todos os Usuários\360Quarant
2016-05-11 12:26 - 2016-02-17 13:12 - 00000000 ____D C:\ProgramData\360Quarant
2016-05-09 06:27 - 2016-03-03 21:33 - 00077904 _____ (360.cn) C:\WINDOWS\SysWOW64\Drivers\360AvFlt.sys
HKLM\...\Policies\Explorer\Run: [x86kernel2] => erperperperperperperperperperperperperperperperperperperperperperperperperperperperperperperperperpe
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\Policies\Explorer: [HideSCAHealth] 0
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Nenhum Arquivo
CHR DefaultSearchURL: Default -> hxxps://br.search.yahoo.com/search?fr=mcafee&type=B211BR0D20150721&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
C:\Users\Itamar_Rialto\.sysconfig.dat
C:\Users\Itamar_Rialto\ZHPDiag3.exe
S1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [0 2015-08-07] () <==== ATENÇÃO (zero byte Arquivo/Pasta)
C:\Windows\System32\Drivers\gbpddfac64.sys
Task: {077E4D37-6EB8-40DC-85FF-73A3D48C32B1} - \DropboxUpdateTaskUserS-1-5-21-2861522991-3655380705-3476392321-1001UA -> Nenhum Arquivo <==== ATENÇÃO
Task: {0870AE5F-D478-4544-91F3-619F6C5449E3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {08789B60-FB85-47E8-8D88-31416F6BDC48} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {0CFAE48E-9957-4480-9FE6-0D28B2ED24D8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {12D15E21-F159-404D-929C-338126052577} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {200FA462-9D99-4E69-9EEC-EDE0DB5B5497} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {3117038D-9C40-42BD-AA24-1F4CC823859C} - \ACCAgent -> Nenhum Arquivo <==== ATENÇÃO
Task: {54125EE3-F3EA-404A-87BB-8A1469BEE54D} - \DropboxUpdateTaskUserS-1-5-21-2861522991-3655380705-3476392321-1001Core -> Nenhum Arquivo <==== ATENÇÃO
Task: {8B6DBE4D-491E-4F80-80E7-5A49B23011D3} - \SmartShare -> Nenhum Arquivo <==== ATENÇÃO
Task: {A0E75A9B-091A-4C43-985C-E2A719656E3C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {A864AAAB-91CC-4532-BDF3-90DD7DEB3682} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {AD166148-FC2E-4A2A-896A-8D75443FF9D2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {CC514AE7-CAC3-4B7A-96DC-C40287A0E175} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {D5A453AF-9969-4C3B-A966-586A1E8C87FF} - \klcp_update -> Nenhum Arquivo <==== ATENÇÃO
Task: {D65E63E3-5E3B-4546-BBAD-D0CFB8ECC302} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {ECD75687-476D-49C4-98C1-D818B63B986F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {FEFBC0C2-0597-447D-B1AE-0E60E4471A1E} - \ACC -> Nenhum Arquivo <==== ATENÇÃO

CMD:ipconfig /flushdns
EmptyTemp:

 

  • Salve este arquivo na Área de Trabalho (Desktop) como fixlist.txt
  • Execute novamente o FRST e clique no botão Corrigir;
  • Aguarde... ao final será gerado o log Fixlog.txt em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

No virustotal o arquivo estava limpo:

SHA256:     40e8aaba23643e4c6e4c06d5fd39ccff6e812c244c16989c65a81fd00e1cc2c2
Nome do arquivo:     1463437707.5748.bin
Taxa de detecção:     0 / 56
Data da análise:     2016-05-18 12:14:15 UTC ( 1 minuto atrás )

 

segue o fixlog

 

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão:14-05-2016
Executado por Itamar_Rialto (2016-05-18 09:20:29) Run:4
Executando a partir de C:\Users\Itamar_Rialto\Desktop
Perfis Carregados: Itamar_Rialto (Perfis Disponíveis: Itamar_Rialto)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************


CreateRestorePoint:
CloseProcesses:

2016-05-11 12:26 - 2016-02-17 13:12 - 00000000 ____D C:\Users\Todos os Usuários\360Quarant
2016-05-11 12:26 - 2016-02-17 13:12 - 00000000 ____D C:\ProgramData\360Quarant
2016-05-09 06:27 - 2016-03-03 21:33 - 00077904 _____ (360.cn) C:\WINDOWS\SysWOW64\Drivers\360AvFlt.sys
HKLM\...\Policies\Explorer\Run: [x86kernel2] => erperperperperperperperperperperperperperperperperperperperperperperperperperperperperperperperperpe
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\...\Policies\Explorer: [HideSCAHealth] 0
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Nenhum Arquivo
CHR DefaultSearchURL: Default -> hxxps://br.search.yahoo.com/search?fr=mcafee&type=B211BR0D20150721&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
C:\Users\Itamar_Rialto\.sysconfig.dat
C:\Users\Itamar_Rialto\ZHPDiag3.exe
S1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [0 2015-08-07] () <==== ATENÇÃO (zero byte Arquivo/Pasta)
C:\Windows\System32\Drivers\gbpddfac64.sys
Task: {077E4D37-6EB8-40DC-85FF-73A3D48C32B1} - \DropboxUpdateTaskUserS-1-5-21-2861522991-3655380705-3476392321-1001UA -> Nenhum Arquivo <==== ATENÇÃO
Task: {0870AE5F-D478-4544-91F3-619F6C5449E3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {08789B60-FB85-47E8-8D88-31416F6BDC48} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {0CFAE48E-9957-4480-9FE6-0D28B2ED24D8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {12D15E21-F159-404D-929C-338126052577} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {200FA462-9D99-4E69-9EEC-EDE0DB5B5497} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {3117038D-9C40-42BD-AA24-1F4CC823859C} - \ACCAgent -> Nenhum Arquivo <==== ATENÇÃO
Task: {54125EE3-F3EA-404A-87BB-8A1469BEE54D} - \DropboxUpdateTaskUserS-1-5-21-2861522991-3655380705-3476392321-1001Core -> Nenhum Arquivo <==== ATENÇÃO
Task: {8B6DBE4D-491E-4F80-80E7-5A49B23011D3} - \SmartShare -> Nenhum Arquivo <==== ATENÇÃO
Task: {A0E75A9B-091A-4C43-985C-E2A719656E3C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {A864AAAB-91CC-4532-BDF3-90DD7DEB3682} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {AD166148-FC2E-4A2A-896A-8D75443FF9D2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {CC514AE7-CAC3-4B7A-96DC-C40287A0E175} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {D5A453AF-9969-4C3B-A966-586A1E8C87FF} - \klcp_update -> Nenhum Arquivo <==== ATENÇÃO
Task: {D65E63E3-5E3B-4546-BBAD-D0CFB8ECC302} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {ECD75687-476D-49C4-98C1-D818B63B986F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {FEFBC0C2-0597-447D-B1AE-0E60E4471A1E} - \ACC -> Nenhum Arquivo <==== ATENÇÃO

CMD:ipconfig /flushdns
EmptyTemp:

*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
C:\Users\Todos os Usuários\360Quarant => movido com sucesso
"C:\ProgramData\360Quarant" => não encontrado (a).
C:\WINDOWS\SysWOW64\Drivers\360AvFlt.sys => movido com sucesso
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\x86kernel2 => valor removido (a) com sucesso.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => valor removido (a) com sucesso.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => valor removido (a) com sucesso.
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => valor removido (a) com sucesso.
HKU\S-1-5-21-2861522991-3655380705-3476392321-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => valor removido (a) com sucesso.
"HKCR\PROTOCOLS\Filter\application/x-mfe-ipt" => chave removido (a) com sucesso.
HKCR\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => chave não encontrado (a).
Chrome DefaultSearchURL => removido (a) com sucesso.
Chrome DefaultSearchKeyword => removido (a) com sucesso.
b06bdrv => serviço removido (a) com sucesso.
C:\Users\Itamar_Rialto\.sysconfig.dat => movido com sucesso
C:\Users\Itamar_Rialto\ZHPDiag3.exe => movido com sucesso
gbpddfac => serviço removido (a) com sucesso.
C:\Windows\System32\Drivers\gbpddfac64.sys => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077E4D37-6EB8-40DC-85FF-73A3D48C32B1}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077E4D37-6EB8-40DC-85FF-73A3D48C32B1}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskUserS-1-5-21-2861522991-3655380705-3476392321-1001UA" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0870AE5F-D478-4544-91F3-619F6C5449E3}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0870AE5F-D478-4544-91F3-619F6C5449E3}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{08789B60-FB85-47E8-8D88-31416F6BDC48}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08789B60-FB85-47E8-8D88-31416F6BDC48}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0CFAE48E-9957-4480-9FE6-0D28B2ED24D8}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CFAE48E-9957-4480-9FE6-0D28B2ED24D8}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12D15E21-F159-404D-929C-338126052577}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12D15E21-F159-404D-929C-338126052577}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{200FA462-9D99-4E69-9EEC-EDE0DB5B5497}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{200FA462-9D99-4E69-9EEC-EDE0DB5B5497}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3117038D-9C40-42BD-AA24-1F4CC823859C}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3117038D-9C40-42BD-AA24-1F4CC823859C}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54125EE3-F3EA-404A-87BB-8A1469BEE54D}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54125EE3-F3EA-404A-87BB-8A1469BEE54D}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskUserS-1-5-21-2861522991-3655380705-3476392321-1001Core" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8B6DBE4D-491E-4F80-80E7-5A49B23011D3}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B6DBE4D-491E-4F80-80E7-5A49B23011D3}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartShare" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0E75A9B-091A-4C43-985C-E2A719656E3C}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0E75A9B-091A-4C43-985C-E2A719656E3C}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A864AAAB-91CC-4532-BDF3-90DD7DEB3682}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A864AAAB-91CC-4532-BDF3-90DD7DEB3682}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AD166148-FC2E-4A2A-896A-8D75443FF9D2}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD166148-FC2E-4A2A-896A-8D75443FF9D2}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC514AE7-CAC3-4B7A-96DC-C40287A0E175}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC514AE7-CAC3-4B7A-96DC-C40287A0E175}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5A453AF-9969-4C3B-A966-586A1E8C87FF}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5A453AF-9969-4C3B-A966-586A1E8C87FF}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\klcp_update" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D65E63E3-5E3B-4546-BBAD-D0CFB8ECC302}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D65E63E3-5E3B-4546-BBAD-D0CFB8ECC302}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ECD75687-476D-49C4-98C1-D818B63B986F}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECD75687-476D-49C4-98C1-D818B63B986F}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FEFBC0C2-0597-447D-B1AE-0E60E4471A1E}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEFBC0C2-0597-447D-B1AE-0E60E4471A1E}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACC" => chave removido (a) com sucesso.

========= ipconfig /flushdns =========


Configura��o de IP do Windows

Libera��o do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========

EmptyTemp: => 2.9 GB de dados temporários Removidos.


O sistema precisou ser reiniciado.

==== Fim de Fixlog 09:24:01 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Itamar Rialto

 

Baixe a Malwarebytes Anti-Malware (MBAM).
 
Clique duas vezes no mbam-setup.exe para instalar o programa.

  • Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO.
  • Se houver atualizações a serem feitas, serão baixadas e instaladas..
  • Clique em Configurações, clique em Detecção e proteção, marque Verificar por Rootkits.
  • Volte ao Painel e por fim clique em Verificar agora.
  • Começará então o exame. Aguarde, pois pode demorar.
  • Ao acabar o exame, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Histórico -> Registros do aplicativo na janela principal do programa.
  • Clique duas vezes no log (Registro de verificação). Utilize o formato .txt para exportar o log.
  • O log de Proteção é desnecessário para a análise, exporte sempre o log correto.
  • Selecione, copie e cole o conteúdo deste log em sua próxima resposta.

 

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Malwarebytes Anti-Malware
www.malwarebytes.org

Data da verificação: 19/05/2016
Hora da verificação: 11:58
Arquivo de registro: log malware.txt
Administrador: Sim

Versão: 2.2.1.1043
Banco de dados de malware: v2016.05.18.05
Banco de dados de rootkit: v2016.05.06.01
Licença: Gratuita
Proteção contra malware: Desabilitado
Proteção contra website malicioso: Desabilitado
Autoproteção: Desabilitado

Sistema operacional: Windows 10
CPU: x64
Sistema de arquivos: NTFS
Usuário: Itamar_Rialto

Tipo de verificação: Verificação da ameaça
Resultado: Concluído
Objetos verificados: 402683
Tempo decorrido: 44 min, 14 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

Processos: 0
(Nenhum item malicioso detectado)

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de registro: 0
(Nenhum item malicioso detectado)

Valores de registro: 0
(Nenhum item malicioso detectado)

Dados de registro: 0
(Nenhum item malicioso detectado)

Pastas: 0
(Nenhum item malicioso detectado)

Arquivos: 1
HackTool.Agent, C:\Users\Itamar_Rialto\Desktop\Nova pasta\AtvdR W7 By PH Downs\Windows Loader\Windows Loader.exe, Quarentena, [431a5e79574249edf4138d8f44bd44bc],

Setores físicos: 0
(Nenhum item malicioso detectado)


(end)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Itamar Rialto

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Stinger e salve em sua Área de trabalho (Desktop).
32 bit (x86) ou 64 bit (x64)

  • Execute o arquivo Stinger.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Clique no botão “I Accept”


Stinger%20a.png

Na nova janela clique em “Advanced” e depois “Settings”

Stinger%20b.png

Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

9hnsyu.png

Clique em “Customize my Scan”

Stinger%20f.png

Selecione as unidades do sistema e em seguida clique no botão “Scan”

Stinger%20g.png

Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.
Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

segue o log:

 

McAfee® Labs Stinger™ Version 12.1.0.2014 built on May 20 2016 at 12:37:35
Copyright© 2015, McAfee, Inc. All Rights Reserved.

AV Engine version v5800.7501 for Windows.
Virus data file v1000.0 created on May 20, 2016
Ready to scan for 9781 viruses, trojans and variants.

Custom scan initiated on domingo, maio 22, 2016 14:14:59


Rootkit scan result : Clean.

Summary Report on C:
File(s)
    TotalFiles:............    1165863
    Clean:.................    441706
    Not Scanned:........... 724157
    Possibly Infected:.....    0

Time: 04:48:25

Scan completed on domingo, maio 22, 2016 19:03:24

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Itamar Rialto

 

Baixe Security Check, by glax24 e salve em sua Área de trabalho (Desktop).

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Aguarde enquanto a ferramenta faz o exame.
  • Ao final salve log como SecurityCheck.html
  • Abra o arquivo com o bloco de notas;
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

SecurityCheck by glax24 & Severnyj v.1.4.0.40 [21.05.16]
WebSite: www.safezone.cc
DateLog: 23.05.2016 11:56:37
Path starting: C:\Users\Itamar_Rialto\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Itamar_Rialto
VersionXML: 2.96is-18.05.2016
___________________________________________________________________________

Windows 10(6.3.10586) (x64) CoreSingleLanguage Lang: Portuguese(0416)
Installation date OS: 11.12.2015 16:33:40
LicenseStatus: Windows(R), CoreSingleLanguage edition The machine is permanently activated.
LicenseStatus: Office 15, OfficeO365HomePremR_Subscription4 edition Windows is in Notification mode
LicenseStatus: Office 16, Office16ProPlusVL_KMS_Client edition Volume activation will expire : 23304 minutes
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
SystemDrive: C: FS: [NTFS] Capacity: [449.5 Gb] Used: [110.5 Gb] Free: [339 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.306.10586.0
User Account Control enabled
The elevation prompt for administrators disabled
^It is recommended to enable: Win+R typing UserAccountControlSettings and Enter^
Automatic download and scheduled installation
Windows Update (wuauserv) - The service has stopped
Central de Segurança (wscsvc) - The service is running
Registro remoto (RemoteRegistry) - The service has stopped
Descoberta SSDP (SSDPSRV) - The service is running
Serviços de Área de Trabalho Remota (TermService) - The service is running
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2013 x86 v.15.0.4569.1506
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (disabled and up to date)
Bitdefender Antivirus Free Edition (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Firewall do Windows (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Bitdefender Antivirus Free Edition (enabled and up to date)
Windows Defender (disabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Bitdefender Antivirus Free Edition v.1.0.21.1109
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware versão 2.2.1.1043 v.2.2.1.1043
--------------------------- [ OtherUtilities ] ----------------------------
7-Zip 9.34 (x64 edition) v.9.34.00.0 Warning! Download Update
Uninstall old version and install new one.
---------------------------- [ ProxyAndVPNs ] -----------------------------
Hotspot Shield 5.3.2 v.5.3.2 Warning! This app can show ads.
Hotspot Shield 5.3.2 Embedded v.5.3.2.9652 Warning! This app can show ads.
--------------------------------- [ P2P ] ---------------------------------
µTorrent v.3.4.5.41865 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 91 v.8.0.910.14 Warning! Download Update
Uninstall old version and install new one.
------------------------------- [ Browser ] -------------------------------
Google Chrome v.50.0.2661.102
Mozilla Firefox 46.0.1 (x86 pt-BR) v.46.0.1
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Mozilla Firefox\firefox.exe v.46.0.1.5966
McAfee Validation Trust Protection Service (mfevtp) - The service is running
C:\Windows\System32\mfevtps.exe
Serviço de Inspeção de Rede do Windows Defender (WdNisSvc) - The service has stopped
Serviço Windows Defender (WinDefend) - The service has stopped
----------------------------- [ End of Log ] ------------------------------

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Itamar Rialto

 

Como está seu Windows?

 

# Etapa nº 1 #

 

Baixe o Delfix by Xplode e salve na sua área de trabalho.

 

Clique duas vezes no delfix.exe para executá-lo. Marque as caixas conforme imagem.

 

** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

 

2mez6ld.png

 

Clique no botão Executar.

 

Ao final será gerado um log, mas não é necessário postar.
 
# Etapa nº 2 #
 
imageproxy.php?img=http%3A%2F%2Fi65.tiny Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.
 
Por isso, é recomendável atualizar os programas que o Security Check (post acima) apontou como desatualizados (os updates opcionais ficam ao seu critério).
 
Basta clicar no Download Update de cada aviso, que irá para o site do desenvolvedor.

<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

 

# Etapa nº 3 #

 

O Ccleaner é um excelente utilitário de limpeza para o computador.

 

Faça o download dele aqui Ccleaner

 

  • Após a instalação vá até o local onde o programa foi instalado, geralmente em C:\Arquivos de programas\CCleaner.
  • Clique duas vezes nesta pasta;
  • Numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta;
  • Coloque o nome de backups.
  • Abra o programa e clique em Executar Limpeza;
  • Clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...
  • Observação: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×