[Resolvido] windows defender desligado pela política de grupos

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 10 Home x64
Ran by Alfredo (Administrator) on 01/01/2016 at 15:08:24,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 7

Failed to delete: C:\WINDOWS\system32\drivers\bsdriver.sys (File)
Failed to delete: C:\WINDOWS\system32\drivers\cherimoya.sys (File)
Failed to delete: C:\WINDOWS\system32\Drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}w64.sys (File)
Failed to delete: C:\WINDOWS\system32\Drivers\{5eeb83d0-96ea-4249-942c-beead6847053}w64.sys (File)
Failed to delete: C:\WINDOWS\system32\Drivers\swsedrvr_vw_1_10_0_25.sys (File)
Successfully deleted: C:\Users\Alfredo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js (File)
Successfully deleted: C:\Users\Alfredo\AppData\Roaming\Mozilla\Firefox\Profiles\atjem6d4.default\user.js (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/01/2016 at 15:20:40,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão:31-12-2015
Executado por Alfredo (2016-01-01 15:39:54) Run:1
Executando a partir de C:\Users\Alfredo\Desktop
Perfis Carregados: Alfredo (Perfis Disponíveis: Alfredo & Convidado & DefaultAppPool)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [SearchSettings] => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
HKLM-x32\...\Run: [gmsd_br_005010192] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
CHR HKU\S-1-5-21-2447171046-917324971-2953145129-1000\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=4e61e552-1754-4042-874b-166861ad6e84&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=4e61e552-1754-4042-874b-166861ad6e84&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
URLSearchHook: HKU\S-1-5-21-2447171046-917324971-2953145129-1000 - (Sem Nome) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - Nenhum Arquivo
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://
SearchScopes: HKU\S-1-5-21-2447171046-917324971-2953145129-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://
SearchScopes: HKU\S-1-5-21-2447171046-917324971-2953145129-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=4e61e552-1754-4042-874b-166861ad6e84&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2447171046-917324971-2953145129-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://
SearchScopes: HKU\S-1-5-21-2447171046-917324971-2953145129-1000 -> {4E90A8EA-9338-4671-8032-C8BD2BFE4645} URL = hxxp://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=971163&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2447171046-917324971-2953145129-1000 -> {D37588AC-A250-478C-90E9-F5F31F0DF8C7} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYBR&apn_uid=43126FFB-EED5-4799-B5D6-E4B7660F1A13&apn_sauid=BAD6D552-A6F5-485D-B85E-893FEF5924E7
BHO-x32: SaveSense -> {0f21b1e5-5afc-43c9-9c66-515046e92ec2} -> C:\Program Files (x86)\SaveSense\SaveSenseIE.dll => Nenhum Arquivo
BHO-x32: PSafe ClikSeguro -> {802D2971-E7C7-4219-8D5C-AFDCD0DA939E} -> C:\Program Files (x86)\PSafe\ClikSeguro\ClikSeguro.dll => Nenhum Arquivo
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll => Nenhum Arquivo
BHO-x32: Sem Nome -> {B922D405-6D13-4A2B-AE89-08A030DA4402} -> Nenhum Arquivo
BHO-x32: LyricXeeker -> {DF89BC70-AC87-4A31-ACD5-7417E2CF1209} -> C:\Program Files (x86)\LyriXeeker\116.dll => Nenhum Arquivo
Toolbar: HKLM - Sem Nome - {ae07101b-46d4-4a98-af68-0333ea26e113} - Nenhum Arquivo
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll Nenhum Arquivo
Toolbar: HKLM-x32 - Sem Nome - {ae07101b-46d4-4a98-af68-0333ea26e113} - Nenhum Arquivo
Toolbar: HKU\S-1-5-21-2447171046-917324971-2953145129-1000 -> Sem Nome - {F999A48B-1950-4D81-9971-79018F807B4B} - Nenhum Arquivo
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Nenhum Arquivo
S2 CimcuBiktal; "C:\Program Files\shopperz301220151513\CakeLumm.exe" -cmd [X]
S2 fokesywyzbt; C:\Program Files (x86)\6CAC2750-1451529584-E011-8068-B870F4DC0856\knsjDAAB.tmpfs [X]
S2 Lhghao; "C:\Users\Alfredo\AppData\Roaming\RevtebCymar\Kolga.exe" -cms [X]
S3 Nydpauyjo; C:\Program Files\shopperz301220151513\Nydpauyjo.exe [X]
S2 shopperz301220151513 Updater; C:\Program Files\shopperz301220151513\Paxmajv.exe [X]
S2 TheDesktopWeatherService; C:\Program Files (x86)\WeatherTool\2.0.0.11150\WeatherService.exe [X]
S2 wucotusy; C:\Program Files (x86)\6CAC2750-1451529584-E011-8068-B870F4DC0856\hnstC33.tmp [X]
S2 zutuzuni; C:\Program Files (x86)\6CAC2750-1451529584-E011-8068-B870F4DC0856\jnszF425.tmp [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
U3 idsvc; não ImagePath
U3 wpcsvc; não ImagePath
2015-12-30 23:51 - 2015-12-30 23:51 - 00003752 _____ C:\WINDOWS\System32\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}
2015-12-30 23:51 - 2015-12-30 23:51 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-01-01 02:13 - 2014-01-06 12:13 - 00000300 _____ C:\WINDOWS\Tasks\Funmoods.job
2015-12-30 23:51 - 2014-01-06 11:56 - 00000000 ____D C:\Users\Todos os Usuários\baidu
2015-12-30 23:51 - 2014-01-06 11:56 - 00000000 ____D C:\ProgramData\baidu
2015-12-30 23:51 - 2013-07-21 15:20 - 00000000 ____D C:\Users\Alfredo\AppData\Roaming\baidu
2015-12-05 23:57 - 2014-02-04 21:12 - 00003306 _____ C:\WINDOWS\System32\Tasks\{1A0CBE13-75AE-4300-82B2-D763359C2602}
2015-12-05 23:57 - 2014-01-06 12:13 - 00004040 _____ C:\WINDOWS\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA
2015-12-05 23:57 - 2014-01-06 12:13 - 00003788 _____ C:\WINDOWS\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore
2015-12-05 23:57 - 2014-01-06 12:13 - 00003358 _____ C:\WINDOWS\System32\Tasks\SaveSense
2015-12-05 23:57 - 2014-01-06 12:13 - 00003354 _____ C:\WINDOWS\System32\Tasks\Funmoods
2015-12-05 23:57 - 2011-07-26 14:09 - 00002932 _____ C:\WINDOWS\System32\Tasks\Adobe ARM
2015-12-04 18:22 - 2013-07-25 12:49 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2015-12-04 18:22 - 2013-07-25 12:49 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-08-18 08:28 - 2014-08-18 08:28 - 0008192 _____ () C:\Users\Alfredo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-31 17:25 - 2014-08-31 21:31 - 0000152 _____ () C:\ProgramData\bc.ini
2013-11-22 08:40 - 2013-11-22 08:40 - 0170344 _____ (Baidu, Inc.) C:\ProgramData\FileSplitUpLoad.dll
Task: {074A478F-A272-4F7E-AA8E-8D155E99F679} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {0F175488-DEB5-44BF-8615-A7CC9E8536D9} - System32\Tasks\RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATENÇÃO
Task: {11810952-7F61-4495-A70C-7171FDE806B2} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {18F69F33-C6BC-4CB6-B4BA-DAE70A3AB956} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {2DAE6639-C725-4BFE-A299-2B511DC2CD39} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATENÇÃO
Task: {34211244-872D-439D-BE97-F7992E45A82A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {3D80D020-66AB-4E21-9314-4E06FD405AF9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {514FA6E1-EB55-4E7B-9327-DB169ACDBE4A} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Alfredo\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATENÇÃO
Task: {53A4668A-CBB3-49D9-AF90-A70F2322F371} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {6F112EB1-12FC-4A2B-8E4E-23F2A4B87710} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {7FB2D5AD-1D42-4E9A-87C6-4806B2D88FAD} - System32\Tasks\Funmoods => C:\Users\Alfredo\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: {893F8BCF-9CEF-4E77-9C80-B6E67A1634CB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {8B14AC36-7B8A-42E3-B9BA-53FCA4CF3D35} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {8EE1D111-631F-43D1-8933-264A5A3ECB9B} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATENÇÃO
Task: {9976C9F3-12BC-458D-A93D-1C315B067F16} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {ACCC9D8B-8C0B-4CBA-9A5D-CA9BE14209C0} - System32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Core => C:\Program Files (x86)\SwiftSearch_1.10.0.25\Update\SwiftSearchAutoUpdateClient.exe <==== ATENÇÃO
Task: {C4043823-BFD0-4ED7-85F1-B5D3E9871962} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {D4B6F08D-CBEF-45FC-8DE8-EDE59E81DC80} - System32\Tasks\SaveSense => C:\Users\Alfredo\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: {D65709C9-194E-4E50-AC47-0EC1BBD4D95B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {E048CD36-7E2B-4A10-83EC-BD3D0D5DFE57} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {F335A3B4-7ED8-4FD0-9BBD-3E6FD59913EF} - System32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Pending Update => C:\Program Files (x86)\SwiftSearch_1.10.0.25\Update\SwiftSearchAutoUpdateClient.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job => C:\Program Files (x86)\baidu\update\baidujp_update.exe
Task: C:\WINDOWS\Tasks\Funmoods.job => C:\Users\Alfredo\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\SaveSense.job => C:\Users\Alfredo\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATENÇÃO
Task: C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATENÇÃO
FirewallRules: [{C2F60317-A258-4513-9BF6-E3DFAE3ED73E}] => (Allow) C:\Program Files (x86)\baidu\Spark\bdtray.exe
FirewallRules: [{BC8CFB78-4B36-4B92-8AF4-96915B34C238}] => (Allow) C:\Program Files (x86)\baidu\Spark\bdtray.exe
FirewallRules: [{EA05CF07-CB55-4A60-9052-B889F619E02F}] => (Allow) C:\Program Files (x86)\baidu\Spark\Spark.exe
FirewallRules: [{F3CA7DCA-166A-435D-94B6-68F8C9D9667F}] => (Allow) C:\Program Files (x86)\baidu\Spark\Spark.exe
FirewallRules: [{0CA8C1D1-4613-45E0-86BD-F77182E4E60D}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
FirewallRules: [{179B59EF-5032-42B4-B772-62E5C3F3E344}] => (Allow) C:\Program Files (x86)\PSafe\PSRsync.exe
FirewallRules: [{502D47F3-C694-4F58-B90E-E6A2A6608289}] => (Allow) C:\Program Files (x86)\PSafe\PSRsync.exe
AlternateDataStreams: C:\WINDOWS\System32:30ADA2F1_Uni.gbp
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4
C:\ProgramData\FileSplitUpLoad.dll
C:\Program Files (x86)\baidu
C:\Program Files (x86)\baidu\update
C:\Program Files (x86)\baidu\update\baidujp_update.exe
C:\Users\Todos os Usuários\FileSplitUpLoad.dll
C:\Users\Alfredo\AppData\Roaming\RevtebCymar\Kolga.exe
C:\Users\Alfredo\AppData\Local\Temp\62DD.tmp.exe
C:\Users\Alfredo\AppData\Local\Temp\6A39.tmp.exe
C:\Users\Alfredo\AppData\Local\Temp\9E9A.tmp.exe
C:\Users\Alfredo\AppData\Local\Temp\amisetup0073__16165.exe
C:\Users\Alfredo\AppData\Local\Temp\C47.tmp.exe
C:\Users\Alfredo\AppData\Local\Temp\DD56.tmp.exe
C:\Users\Alfredo\AppData\Local\Temp\fsd58C3.exe
C:\Users\Alfredo\AppData\Local\Temp\fsdD52E.exe
C:\Users\Alfredo\AppData\Local\Temp\oprun7418.exe
C:\Users\Alfredo\AppData\Local\Temp\oprun9560.exe
C:\Users\Alfredo\AppData\Local\Temp\rnsetup0.exe
C:\Users\Alfredo\AppData\Local\Temp\somoto_VDownloader_1.0.exe
C:\Users\Alfredo\AppData\Local\Temp\SpOrder.dll
C:\Users\Alfredo\AppData\Local\Temp\stubhelper.dll
C:\Users\Alfredo\AppData\Local\Temp\tmpB96A.tmp.exe
C:\Users\Alfredo\AppData\Local\Temp\UninstallModule.exe
Folder: C:\Users\Alfredo\AppData\Roaming\RevtebCymar
CMD: dir /a "C:\Program Files"
CMD: dir /a "C:\Program Files (x86)"
CMD: dir /a C:\ProgramData
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
Reboot:
Hosts:
end
*****************

Processos fechados com sucesso.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SearchSettings => valor não encontrado (a).
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_br_005010192 => valor não encontrado (a).
"HKLM\SOFTWARE\Policies\Google" => chave removido (a) com sucesso.
"HKU\S-1-5-21-2447171046-917324971-2953145129-1000\SOFTWARE\Policies\Google" => chave removido (a) com sucesso.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => valor restaurado com sucesso
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => valor não encontrado (a).
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{B922D405-6D13-4A2B-AE89-08A030DA4402} => valor removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => chave removido (a) com sucesso.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => chave removido (a) com sucesso.
HKCR\Wow6432Node\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => chave não encontrado (a).
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => chave removido (a) com sucesso.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => chave não encontrado (a).
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => chave não encontrado (a).
HKCR\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => chave não encontrado (a).
"HKU\S-1-5-21-2447171046-917324971-2953145129-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => chave removido (a) com sucesso.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => chave não encontrado (a).
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4E90A8EA-9338-4671-8032-C8BD2BFE4645} => chave não encontrado (a).
HKCR\CLSID\{4E90A8EA-9338-4671-8032-C8BD2BFE4645} => chave não encontrado (a).
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D37588AC-A250-478C-90E9-F5F31F0DF8C7} => chave não encontrado (a).
HKCR\CLSID\{D37588AC-A250-478C-90E9-F5F31F0DF8C7} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0f21b1e5-5afc-43c9-9c66-515046e92ec2} => chave não encontrado (a).
"HKCR\Wow6432Node\CLSID\{0f21b1e5-5afc-43c9-9c66-515046e92ec2}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{802D2971-E7C7-4219-8D5C-AFDCD0DA939E}" => chave removido (a) com sucesso.
"HKCR\Wow6432Node\CLSID\{802D2971-E7C7-4219-8D5C-AFDCD0DA939E}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => chave removido (a) com sucesso.
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => chave removido (a) com sucesso.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402} => chave não encontrado (a).
HKCR\Wow6432Node\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402} => chave não encontrado (a).
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF89BC70-AC87-4A31-ACD5-7417E2CF1209} => chave não encontrado (a).
"HKCR\Wow6432Node\CLSID\{DF89BC70-AC87-4A31-ACD5-7417E2CF1209}" => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => valor removido (a) com sucesso.
"HKCR\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}" => chave removido (a) com sucesso.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => valor removido (a) com sucesso.
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => chave removido (a) com sucesso.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => valor removido (a) com sucesso.
"HKCR\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}" => chave removido (a) com sucesso.
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F999A48B-1950-4D81-9971-79018F807B4B} => valor não encontrado (a).
HKCR\CLSID\{F999A48B-1950-4D81-9971-79018F807B4B} => chave não encontrado (a).
"HKCR\PROTOCOLS\Handler\skype4com" => chave removido (a) com sucesso.
HKCR\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => chave não encontrado (a).
CimcuBiktal => serviço removido (a) com sucesso.
fokesywyzbt => serviço removido (a) com sucesso.
Lhghao => serviço removido (a) com sucesso.
Nydpauyjo => serviço removido (a) com sucesso.
shopperz301220151513 Updater => serviço removido (a) com sucesso.
TheDesktopWeatherService => serviço não encontrado (a).
wucotusy => serviço não encontrado (a).
zutuzuni => serviço não encontrado (a).
gbpddreg => serviço removido (a) com sucesso.
idsvc => serviço removido (a) com sucesso.
wpcsvc => serviço removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B} => movido com sucesso
C:\Users\Public\Documents\Baidu => movido com sucesso
C:\WINDOWS\Tasks\Funmoods.job => movido com sucesso
C:\Users\Todos os Usuários\baidu => movido com sucesso
"C:\ProgramData\baidu" => não encontrado (a).
C:\Users\Alfredo\AppData\Roaming\baidu => movido com sucesso
C:\WINDOWS\System32\Tasks\{1A0CBE13-75AE-4300-82B2-D763359C2602} => movido com sucesso
"C:\WINDOWS\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA" => não encontrado (a).
"C:\WINDOWS\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore" => não encontrado (a).
"C:\WINDOWS\System32\Tasks\SaveSense" => não encontrado (a).
C:\WINDOWS\System32\Tasks\Funmoods => movido com sucesso
C:\WINDOWS\System32\Tasks\Adobe ARM => movido com sucesso
C:\Users\Todos os Usuários\boost_interprocess => movido com sucesso
"C:\ProgramData\boost_interprocess" => não encontrado (a).
C:\Users\Alfredo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => movido com sucesso
C:\ProgramData\bc.ini => movido com sucesso
C:\ProgramData\FileSplitUpLoad.dll => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{074A478F-A272-4F7E-AA8E-8D155E99F679}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{074A478F-A272-4F7E-AA8E-8D155E99F679}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F175488-DEB5-44BF-8615-A7CC9E8536D9}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F175488-DEB5-44BF-8615-A7CC9E8536D9}" => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\RunAsStdUser => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{11810952-7F61-4495-A70C-7171FDE806B2}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11810952-7F61-4495-A70C-7171FDE806B2}" => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Adobe ARM => não encontrado (a).
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe ARM" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{18F69F33-C6BC-4CB6-B4BA-DAE70A3AB956}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18F69F33-C6BC-4CB6-B4BA-DAE70A3AB956}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DAE6639-C725-4BFE-A299-2B511DC2CD39} => chave não encontrado (a).
C:\WINDOWS\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SaveSenseLiveUpdateTaskMachineCore => chave não encontrado (a).
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34211244-872D-439D-BE97-F7992E45A82A}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34211244-872D-439D-BE97-F7992E45A82A}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D80D020-66AB-4E21-9314-4E06FD405AF9}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D80D020-66AB-4E21-9314-4E06FD405AF9}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{514FA6E1-EB55-4E7B-9327-DB169ACDBE4A} => chave não encontrado (a).
C:\WINDOWS\System32\Tasks\SmartWeb Upgrade Trigger Task => não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task => chave não encontrado (a).
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53A4668A-CBB3-49D9-AF90-A70F2322F371}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53A4668A-CBB3-49D9-AF90-A70F2322F371}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F112EB1-12FC-4A2B-8E4E-23F2A4B87710}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F112EB1-12FC-4A2B-8E4E-23F2A4B87710}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FB2D5AD-1D42-4E9A-87C6-4806B2D88FAD}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FB2D5AD-1D42-4E9A-87C6-4806B2D88FAD}" => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Funmoods => não encontrado (a).
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funmoods" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{893F8BCF-9CEF-4E77-9C80-B6E67A1634CB}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{893F8BCF-9CEF-4E77-9C80-B6E67A1634CB}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B14AC36-7B8A-42E3-B9BA-53FCA4CF3D35}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B14AC36-7B8A-42E3-B9BA-53FCA4CF3D35}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EE1D111-631F-43D1-8933-264A5A3ECB9B} => chave não encontrado (a).
C:\WINDOWS\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SaveSenseLiveUpdateTaskMachineUA => chave não encontrado (a).
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9976C9F3-12BC-458D-A93D-1C315B067F16}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9976C9F3-12BC-458D-A93D-1C315B067F16}" => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ACCC9D8B-8C0B-4CBA-9A5D-CA9BE14209C0}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACCC9D8B-8C0B-4CBA-9A5D-CA9BE14209C0}" => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Core => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SwiftSearch Auto Updater 1.10.0.25 Core" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4043823-BFD0-4ED7-85F1-B5D3E9871962}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4043823-BFD0-4ED7-85F1-B5D3E9871962}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4B6F08D-CBEF-45FC-8DE8-EDE59E81DC80} => chave não encontrado (a).
C:\WINDOWS\System32\Tasks\SaveSense => não encontrado (a).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SaveSense => chave não encontrado (a).
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D65709C9-194E-4E50-AC47-0EC1BBD4D95B}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D65709C9-194E-4E50-AC47-0EC1BBD4D95B}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E048CD36-7E2B-4A10-83EC-BD3D0D5DFE57}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E048CD36-7E2B-4A10-83EC-BD3D0D5DFE57}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F335A3B4-7ED8-4FD0-9BBD-3E6FD59913EF}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F335A3B4-7ED8-4FD0-9BBD-3E6FD59913EF}" => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Pending Update => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SwiftSearch Auto Updater 1.10.0.25 Pending Update" => chave removido (a) com sucesso.
C:\WINDOWS\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job => movido com sucesso
C:\WINDOWS\Tasks\Funmoods.job => não encontrado (a).
C:\WINDOWS\Tasks\SaveSense.job => não encontrado (a).
C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => não encontrado (a).
C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => não encontrado (a).
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C2F60317-A258-4513-9BF6-E3DFAE3ED73E} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BC8CFB78-4B36-4B92-8AF4-96915B34C238} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA05CF07-CB55-4A60-9052-B889F619E02F} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F3CA7DCA-166A-435D-94B6-68F8C9D9667F} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0CA8C1D1-4613-45E0-86BD-F77182E4E60D} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{179B59EF-5032-42B4-B772-62E5C3F3E344} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{502D47F3-C694-4F58-B90E-E6A2A6608289} => valor removido (a) com sucesso.
C:\WINDOWS\System32 => ":30ADA2F1_Uni.gbp" ADS removido (a) com sucesso..
C:\WINDOWS\system32\Drivers\gbpddfac64.sys => ":X5ZN8aGvT4" ADS removido (a) com sucesso..
C:\WINDOWS\system32\Drivers\wsddfac.sys => ":X5ZN8aGXs4" ADS removido (a) com sucesso..
"C:\ProgramData\FileSplitUpLoad.dll" => não encontrado (a).
"C:\Program Files (x86)\baidu" => não encontrado (a).
"C:\Program Files (x86)\baidu\update" => não encontrado (a).
"C:\Program Files (x86)\baidu\update\baidujp_update.exe" => não encontrado (a).
"C:\Users\Todos os Usuários\FileSplitUpLoad.dll" => não encontrado (a).
"C:\Users\Alfredo\AppData\Roaming\RevtebCymar\Kolga.exe" => não encontrado (a).
C:\Users\Alfredo\AppData\Local\Temp\62DD.tmp.exe => movido com sucesso
C:\Users\Alfredo\AppData\Local\Temp\6A39.tmp.exe => movido com sucesso
C:\Users\Alfredo\AppData\Local\Temp\9E9A.tmp.exe => movido com sucesso
C:\Users\Alfredo\AppData\Local\Temp\amisetup0073__16165.exe => movido com sucesso
C:\Users\Alfredo\AppData\Local\Temp\C47.tmp.exe => movido com sucesso
C:\Users\Alfredo\AppData\Local\Temp\DD56.tmp.exe => movido com sucesso
C:\Users\Alfredo\AppData\Local\Temp\fsd58C3.exe => movido com sucesso
C:\Users\Alfredo\AppData\Local\Temp\fsdD52E.exe => movido com sucesso
C:\Users\Alfredo\AppData\Local\Temp\oprun7418.exe => movido com sucesso
C:\Users\Alfredo\AppData\Local\Temp\oprun9560.exe => movido com sucesso
C:\Users\Alfredo\AppData\Local\Temp\rnsetup0.exe => movido com sucesso
C:\Users\Alfredo\AppData\Local\Temp\somoto_VDownloader_1.0.exe => movido com sucesso
C:\Users\Alfredo\AppData\Local\Temp\SpOrder.dll => movido com sucesso
C:\Users\Alfredo\AppData\Local\Temp\stubhelper.dll => movido com sucesso
C:\Users\Alfredo\AppData\Local\Temp\tmpB96A.tmp.exe => movido com sucesso
C:\Users\Alfredo\AppData\Local\Temp\UninstallModule.exe => movido com sucesso

========================= Folder: C:\Users\Alfredo\AppData\Roaming\RevtebCymar ========================

não encontrado (a).

====== Fim de Folder: ======


========= dir /a "C:\Program Files" =========

O volume na unidade C � Acer
O N�mero de S�rie do Volume � C292-FE12

Pasta de C:\Program Files

31/12/2015 17:48

Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015
Fichier d'export Registre :
Run by Alfredo at 01/01/2016 23:39:02
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (10586)

Reciclagem vazia (00mn 12s)
Prefetcher vazio

========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :

========== Elementos dos dados do Registo ==========
SUBSTITUI Value NoActiveDesktopChanges : Good (0) - Bad (1)
SUBSTITUI Value CheckedValue : Good (1) - Bad (0)

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (4) (5.676 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
ELIMINA REINICIAR: c:\windows\system32\drivers\bsdriver.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\cherimoya.sys

========== Pastas/Ficheiros ocultos restaurados ==========
Mes images (My Pictures) : 0
Ma musique (My Music) : 0
Ma Video (My Video) : 0
Mes Favoris (My Favorites) : 0
Mes Documents (My Documents) : 0
Mon Bureau (My Desktop) : 0
Menu demarrer (Programs) : 0
Dossier utilisateur (AppData) : 1 restaurados com sucesso
Programmes (Program Files) : 1 restaurados com sucesso


========== Recapitulativo ==========
2 : Valores do Registo
2 : Elementos dos dados do Registo
1 : Pastas
4 : Ficheiros
2 : Pastas/Ficheiros ocultos restaurados


End of clean in 00mn 29s

========== Caminho do ficheiro do relatório ==========
C:\Users\Alfredo\AppData\Roaming\ZHP\ZHPFix[R1].txt - 01/01/2016 22:26:15 [6461]
C:\Users\Alfredo\AppData\Roaming\ZHP\ZHPFix[R2].txt - 01/01/2016 22:30:37 [798]
C:\Users\Alfredo\AppData\Roaming\ZHP\ZHPFix[R3].txt - 01/01/2016 23:39:15 [1720]

~ ZHPCleaner v2016.1.1.1 by Nicolas Coolman (2016/01/01)
~ Run by Alfredo (Administrator) (02/01/2016 00:51:58)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparo
~ Report : C:\Users\Alfredo\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Alfredo\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 10586)


---\\ Serviços (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\ Navegadores de Internet (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\ Arquivo hosts (1)
~ O arquivo hosts é legítimo (1)


---\\ Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\ Explorer ( Arquivos, Pastas) (1)
MOVIDO pasta^: C:\Windows\System32\drivers\bsdriver.sys [Copyright (c) 2012 - ] =>PUP.Optional.Shopperz


---\\ Registro ( Chaves, Valores, Dados ) (2)
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}\5.34 [Iminent.Mediator] =>PUP.Optional.IMBooster
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} [Iminent.Mediator] =>PUP.Optional.IMBooster


---\\ Resumo dos elementos encontrados na sua estação de trabalho (2)
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Shopperz
http://www.nicolascoolman.fr/?p=224 =>PUP.Optional.IMBooster


---\\ Dodatkowe oczyszczenie. (19)
~ Chave de registro Tracing Supprimido (19)
~ Remover os relatórios antigos ZHPCleaner. (0)


---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Google Chrome)
~ Este navegador está faltando ! (Opera Software)
~ O sistema foi reiniciado.


---\\ Estatísticas
~ Items scan : 1661
~ Items encontrado : 0
~ items cancelados : 0
~ Items réparo : 3


~ End of clean in 00h00mn37s
===================
ZHPCleaner-[R]-02012016-00_52_35.txt
ZHPCleaner-[S]-02012016-00_26_16.txt
ZHPCleaner-[S]-02012016-00_51_45.txt

[/S][/S]

.txt "]
# AdwCleaner v5.027 - Relatório criado 02/01/2016 às 14:48:59
# Atualizado 30/12/2015 por Xplode
# Banco de dados : 2015-12-30.1 [Servidor]
# Sistema operacional : Windows 10 Home (x64)
# Usuário : Alfredo - ALFREDO-PC
# Executando de : C:\Users\Alfredo\Desktop\AdwCleaner.exe
# Opção : Limpar
# Apoio : http://toolslib.net/forum

***** [ Serviços ] *****

[-] Serviço Excluído : bsdriver
[-] Serviço Excluído : server
[!] Serviço Não Excluído : WinDivert1.1

***** [ Pastas ] *****

[-] Pasta Excluído : C:\Program Files (x86)\yessearches-bnd
[-] Pasta Excluído : C:\Program Files (x86)\Window Update
[-] Pasta Excluído : C:\Users\Alfredo\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}

***** [ Arquivos ] *****

[-] Arquivo Excluído : C:\WINDOWS\SysNative\drivers\bsdriver.sys
[-] Arquivo Excluído : C:\WINDOWS\SysNative\drivers\cherimoya.sys

***** [ DLLs ] *****


***** [ Atalhos ] *****


***** [ Tarefas agendadas ] *****

[-] Tarefa Excluída : OpenCandyHelperRunOnce
[-] Tarefa Excluída : OpenCandyHelperRunAsStandardUser

***** [ Registro ] *****

[-] Chave Excluída : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3COMClassService
[-] Chave Excluída : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3COMClassService.1.0
[-] Chave Excluída : HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.ssliveupdate.oneclickctrl.9
[-] Chave Excluída : HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.ssliveupdate.update3webcontrol.3
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AudioCD\shell\PlayWithiMesh
[-] Chave Excluída : HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\F53E693DDABF57A88A9B12B608B09B26C0608B74
[-] Chave Excluída : HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\D830B6B8939ACB4928401060203BB648456BB4F8
[-] Chave Excluída : HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\A7BD54B233B5B2F70AF86F5BD1A0C0A772A59FC6
[-] Valor Excluída : HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{1070C156-160B-47A0-B7D9-1860396BAB57}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{27CE191D-733B-4450-AFCD-096D105288C3}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{39A29266-D3E4-462D-AB05-F93B1053F6CF}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{44FC7A33-2E5C-48DC-B6F5-B81E8005D122}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{73192D81-6D24-4C40-BF7B-2507C6FA0B1A}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{88C606E7-BA26-41CB-8CC3-D1E313E34E75}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{93D3100A-BBB6-456C-96FC-82CAC5F383AC}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{9E0546FF-D44F-4FE4-A324-995FCACB8D33}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{CDDAB3A4-E64D-4AE0-9E1D-F3132F5F913F}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{E66A759D-367F-433E-85C6-ED7F040BCC32}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{99DCF141-03F9-4363-8D79-640FA646DEED}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{3AF4400F-CDC5-4F2D-B3F1-74348E5D5CCC}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{422E1393-7A4C-44FF-A7E1-8B9D146E0666}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{4807D6D8-ADC8-41AF-AB9D-AE1086D1E62F}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{6E1CD171-29C1-4D56-A223-E31C57A0A25A}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{70E96298-17FC-4020-A7CF-6F81ED8CF3AB}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{84A81B7E-B8CD-4891-BEA0-548D65E9610A}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{867DF9A9-D013-4A1A-B685-DFF65D225ED4}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{889074FC-1456-4CE8-88F7-154264DC275F}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{91F4CF02-F675-4E6A-B4E8-C13DF09B9B1B}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{A902A36E-0C79-4BD7-B561-9C058BD60210}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{AB778974-218E-4734-90F0-731BE7E50E77}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{ADE6A9C0-12B3-457D-9A86-548FA87E04DB}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{B7C67027-15EB-489F-A9EA-286076CF7540}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{CDB98856-BEA3-4073-AF57-23A3583AE9E4}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{CDED8922-BB3D-4E3A-9C2C-89B1C927F48B}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{D79CBD8E-D857-4D05-B3AD-26F722CF5B6E}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{E7EA7058-B19B-4A27-B50A-87A1B8FC5F30}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{0EE6D408-6ED5-40C6-8C42-A041D5DE9AB0}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{13A42355-1F94-4459-B19E-F60B2C607C77}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{293DD661-C540-4AC4-9B4C-42E68369CE1B}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{2EC58BDB-0694-4D54-80DD-A8F2AA0427A1}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{313B508D-596D-4BDF-B0B5-E41F224E184A}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
[!] Chave Não Excluída : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\TypeLib\{9AE7A6AE-162E-44C4-9A2B-A6B4EF19909D}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744}
[!] Chave Não Excluída : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A18D16ED-27B2-4B83-B70C-15E73F099546}
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A18D16ED-27B2-4B83-B70C-15E73F099546}
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
[-] Valor Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Valor Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
[-] Valor Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
[-] Valor Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27CE191D-733B-4450-AFCD-096D105288C3}
[-] Valor Excluída : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
[!] Chave Não Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Chave Excluída : HKCU\Software\Microsoft\Tinstalls
[-] Chave Excluída : HKCU\Software\AppDataLow\Software\lyrixeeker
[-] Chave Excluída : HKLM\SOFTWARE\hdcode
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
[-] Dados Restaurar : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{15802e06-4b43-478c-9128-af954b6d430b} [NameServer]
[-] Dados Restaurar : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{336dc2f4-a1ae-49fb-a27e-6c74e46aee67} [NameServer]
[-] Dados Restaurar : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{479b8da3-2747-4ced-8f81-2df480cab214} [NameServer]
[-] Dados Restaurar : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{83a5d99b-0004-41b1-bea8-746e62f7f72b} [NameServer]
[-] Dados Restaurar : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{e4900bc0-9bc8-11e5-a5ef-806e6f6e6963} [NameServer]
[-] Dados Restaurar : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{15802e06-4b43-478c-9128-af954b6d430b} [NameServer]
[-] Dados Restaurar : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{336dc2f4-a1ae-49fb-a27e-6c74e46aee67} [NameServer]
[-] Dados Restaurar : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{479b8da3-2747-4ced-8f81-2df480cab214} [NameServer]
[-] Dados Restaurar : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{83a5d99b-0004-41b1-bea8-746e62f7f72b} [NameServer]
[-] Dados Restaurar : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{e4900bc0-9bc8-11e5-a5ef-806e6f6e6963} [NameServer]

***** [ Navegadores ] *****


*************************

:: Chaves "Tracing" excluídas
:: Configurações Proxy restauradas
:: Configurações Winsock restauradas
:: Configurações TCP/IP restauradas
:: Configurações IPSec restauradas
:: Fila BITS limpas

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [14877 bytes] ##########

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:31-12-2015
Executado por Alfredo (administrador) em ALFREDO-PC (02-01-2016 15:04:45)
Executando a partir de C:\Users\Alfredo\Desktop
Perfis Carregados: Alfredo (Perfis Disponíveis: Alfredo & Convidado & DefaultAppPool)
Platform: Windows 10 Home Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-21] (Realtek Semiconductor)
HKLM\...\Run: [CertificateRegistration] => C:\Windows\system32\aetcrss1.exe [25600 2013-03-04] (A.E.T. Europe B.V.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-21] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-23] (NTI Corporation)
HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-06-30] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-05-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Sidebar] => "C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-07-06] (Banco Itaú Unibanco)
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\...\Run: [Google Update] => C:\Users\Alfredo\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-04] (Google Inc.)
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [904928 2015-11-04] (GAS Tecnologia LTDA)
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\...\RunOnce: [Uninstall C:\Users\Alfredo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alfredo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\...\RunOnce: [Uninstall C:\Users\Alfredo\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alfredo\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [149504 2015-10-30] (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1945472 2015-10-20] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehuni.dll [1759992 2015-07-06] (Banco Itaú Unibanco)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{15802e06-4b43-478c-9128-af954b6d430b}: [DhcpNameServer] 189.7.152.36 189.7.152.31 201.6.4.116
Tcpip\..\Interfaces\{83a5d99b-0004-41b1-bea8-746e62f7f72b}: [DhcpNameServer] 192.168.25.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130937391269017434&GUID=88B4D041-4CE4-48EE-9E2D-CD3DB838E565
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\S-1-5-21-2447171046-917324971-2953145129-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-15] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2015-10-20] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehuni.dll [2015-07-06] (Banco Itaú Unibanco)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-15] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-2447171046-917324971-2953145129-1000 -> está habilitado.

FireFox:
========
FF ProfilePath: C:\Users\Alfredo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF DefaultSearchEngine: Google
FF Homepage: hxxps://www.google.com.br
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-28] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-28] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll [2015-12-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-15] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.1.13 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-06-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-06-12] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2447171046-917324971-2953145129-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Alfredo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2447171046-917324971-2953145129-1000: @talk.google.com/O1DPlugin -> C:\Users\Alfredo\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2447171046-917324971-2953145129-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Alfredo\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2447171046-917324971-2953145129-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Alfredo\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2447171046-917324971-2953145129-1000: gastecnologia.com.br/sf/cef -> C:\Users\Alfredo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-19] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-2447171046-917324971-2953145129-1000: gastecnologia.com.br/sf/gas64 -> C:\Users\Alfredo\AppData\Local\GAS Tecnologia\GBBD\npsf_gas_64.dll [Nenhum Arquivo]
FF Plugin ProgramFiles/Appdata: C:\Users\Alfredo\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Alfredo\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Alfredo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\7071285EEB18.xml [2015-12-30]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2015-11-09] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [[EMAIL]FFPDFArchitectConverter@pdfarchitect.com[/EMAIL]] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-08] [não assinado]
FF HKU\S-1-5-21-2447171046-917324971-2953145129-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Alfredo\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: GBBD Caixa Economica Federal - C:\Users\Alfredo\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015-12-05] [não assinado]
FF HKU\S-1-5-21-2447171046-917324971-2953145129-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8873}] - C:\Users\Alfredo\AppData\Local\GAS Tecnologia\GBBD\uni\xpi => não encontrado (a)

Chrome:
=======
CHR HKU\S-1-5-21-2447171046-917324971-2953145129-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [aicancafipiklohohmoognddncljhkio] - C:\Users\Alfredo\AppData\Local\CRE\aicancafipiklohohmoognddncljhkio.crx
CHR HKU\S-1-5-21-2447171046-917324971-2953145129-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-07-23]
CHR HKU\S-1-5-21-2447171046-917324971-2953145129-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Alfredo\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx [2013-06-18]
CHR HKLM-x32\...\Chrome\Extension: [aicancafipiklohohmoognddncljhkio] - C:\Users\Alfredo\AppData\Local\CRE\aicancafipiklohohmoognddncljhkio.crx
CHR HKLM-x32\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Alfredo\AppData\Local\Smartbar/Application\1Extension.crx
CHR HKLM-x32\...\Chrome\Extension: [gbdabnfmdemcjjadpkpjibhhacggangd] - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\novo_price_comparison.crx
CHR HKLM-x32\...\Chrome\Extension: [ijblflkdjdopkpdgllkmlbgcffjbnfda] - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-06-12]
CHR HKLM-x32\...\Chrome\Extension: [lkemddiljapcmhicklfpcbpfffahfbja] - C:\Users\Alfredo\AppData\Local\Google\Chrome\User Data\Default\extensions\WebNavigation.crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-10-12] (WildTangent)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [593120 2015-09-22] (GAS Tecnologia)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-23] (NTI Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [904928 2015-11-04] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-30] (AVAST Software)
R3 athr; C:\Windows\System32\drivers\athwnx.sys [4207104 2015-10-30] (Qualcomm Atheros Communications, Inc.)
R1 bsdriver; C:\WINDOWS\system32\drivers\bsdriver.sys [34712 2015-12-31] ()
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-01-02] (GAS Tecnologia)
R3 GBPRCM; C:\PROGRAM FILES (X86)\GBPLUGIN\gbprcm64.sys [29912 2015-11-25] (GAS Tecnologia)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-26] (CACE Technologies, Inc.)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 SzCCID; C:\Windows\system32\DRIVERS\SzCCID.sys [40448 2011-01-21] (Generic)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-11-25] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-07-07] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-01-02] (GAS Tecnologia)
R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
S3 catchme; \??\C:\Users\Alfredo\AppData\Local\Temp\catchme.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-01-02 15:04 - 2016-01-02 15:05 - 00020693 _____ C:\Users\Alfredo\Desktop\FRST.txt
2016-01-02 14:44 - 2016-01-02 14:49 - 00000000 ____D C:\AdwCleaner
2016-01-02 14:41 - 2016-01-02 14:42 - 01745920 _____ C:\Users\Alfredo\Desktop\AdwCleaner.exe
2016-01-02 00:17 - 2016-01-02 00:44 - 00000881 _____ C:\Users\Alfredo\Desktop\ZHPCleaner.lnk
2016-01-02 00:17 - 2016-01-02 00:17 - 01980928 _____ C:\Users\Alfredo\Desktop\ZHPCleaner.exe
2016-01-02 00:15 - 2016-01-02 00:15 - 01980928 _____ C:\Users\Alfredo\ZHPCleaner.exe
2016-01-01 23:17 - 2016-01-01 23:21 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-01-01 23:17 - 2016-01-01 23:17 - 00001922 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-01-01 23:17 - 2016-01-01 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-01-01 23:15 - 2016-01-01 23:16 - 03521617 _____ (Nicolas Coolman ) C:\Users\Alfredo\Desktop\ZHPFix.exe
2016-01-01 17:11 - 2016-01-02 00:52 - 00000000 ____D C:\Users\Alfredo\AppData\Roaming\ZHP
2016-01-01 17:11 - 2016-01-01 17:11 - 00000871 _____ C:\Users\Alfredo\Desktop\ZHPDiag.lnk
2016-01-01 17:10 - 2016-01-01 17:11 - 02054656 _____ C:\Users\Alfredo\Desktop\ZHPDiag3.exe
2016-01-01 14:57 - 2016-01-01 14:58 - 01599336 _____ (Malwarebytes) C:\Users\Alfredo\Desktop\JRT.exe
2016-01-01 03:39 - 2016-01-01 03:39 - 00002109 _____ C:\Users\Alfredo\Desktop\LIVRO CAIXA 01 - janeiro 16.lnk
2016-01-01 02:31 - 2016-01-02 15:04 - 00000000 ____D C:\FRST
2016-01-01 02:31 - 2016-01-01 02:31 - 02370560 _____ (Farbar) C:\Users\Alfredo\Desktop\FRST64.exe
2016-01-01 01:59 - 2016-01-01 02:02 - 00000000 ____D C:\WINDOWS\SysWOW64\GPBAK
2016-01-01 01:59 - 2008-04-14 02:11 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2016-01-01 01:59 - 2001-08-23 13:00 - 00034871 _____ C:\WINDOWS\SysWOW64\gpedit.msc
2016-01-01 01:58 - 2016-01-01 01:59 - 01053829 _____ (Richard ) C:\Users\Alfredo\Downloads\GPEdit_Installer.exe
2015-12-31 18:50 - 2015-12-31 18:50 - 00000654 _____ C:\Users\Alfredo\Desktop\win defender.txt
2015-12-31 01:03 - 2015-12-31 01:03 - 00000000 ___RD C:\Users\Alfredo\3D Objects
2015-12-31 00:50 - 2015-12-31 00:50 - 00000000 ____D C:\WINDOWS\system32\cen
2015-12-31 00:32 - 2015-12-31 03:12 - 00004712 _____ C:\WINDOWS\SysWOW64\Nydpauyjo.ini
2015-12-31 00:32 - 2015-12-31 03:12 - 00002424 _____ C:\WINDOWS\SysWOW64\NydpauyjoOff.ini
2015-12-31 00:32 - 2015-12-31 00:32 - 00034712 _____ () C:\WINDOWS\system32\Drivers\bsdriver.sys
2015-12-31 00:32 - 2015-12-31 00:32 - 00000000 ____D C:\Users\Alfredo\AppData\Local\Tempfolder
2015-12-31 00:32 - 2015-12-30 23:34 - 00768360 _____ C:\WINDOWS\system32\Nydpauyjo64.dll
2015-12-31 00:32 - 2015-12-30 23:34 - 00289128 _____ C:\WINDOWS\SysWOW64\Nydpauyjo.dll
2015-12-30 23:58 - 2015-12-30 23:58 - 00003960 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1451530702
2015-12-30 23:58 - 2015-12-30 23:58 - 00000000 ____D C:\Users\Alfredo\AppData\Local\Opera Software
2015-12-30 23:51 - 2015-12-31 00:00 - 00000000 ____D C:\Users\DefaultAppPool
2015-12-30 23:51 - 2015-12-30 23:51 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2015-12-30 23:51 - 2015-12-30 23:51 - 00000000 _SHDL C:\Users\DefaultAppPool\Modelos
2015-12-30 23:51 - 2015-12-30 23:51 - 00000000 _SHDL C:\Users\DefaultAppPool\Meus Documentos
2015-12-30 23:51 - 2015-12-30 23:51 - 00000000 _SHDL C:\Users\DefaultAppPool\Menu Iniciar
2015-12-30 23:51 - 2015-12-30 23:51 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Minhas Músicas
2015-12-30 23:51 - 2015-12-30 23:51 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Minhas Imagens
2015-12-30 23:51 - 2015-12-30 23:51 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Meus Vídeos
2015-12-30 23:51 - 2015-12-30 23:51 - 00000000 _SHDL C:\Users\DefaultAppPool\Dados de Aplicativos
2015-12-30 23:51 - 2015-12-30 23:51 - 00000000 _SHDL C:\Users\DefaultAppPool\Configurações Locais
2015-12-30 23:51 - 2015-12-30 23:51 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-12-30 23:51 - 2015-12-30 23:51 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Histórico
2015-12-30 23:51 - 2015-12-30 23:51 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Dados de Aplicativos
2015-12-30 23:51 - 2015-12-30 23:51 - 00000000 _SHDL C:\Users\DefaultAppPool\Ambiente de Rede
2015-12-30 23:51 - 2015-12-30 23:51 - 00000000 _SHDL C:\Users\DefaultAppPool\Ambiente de Impressão
2015-12-30 23:51 - 2015-12-05 23:45 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2015-12-30 23:40 - 2015-12-30 23:40 - 00000000 ____D C:\Users\Alfredo\AppData\Roaming\dlg
2015-12-30 23:40 - 2015-12-30 23:38 - 00000967 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-12-30 23:39 - 2015-12-30 23:47 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol
2015-12-30 23:39 - 2015-12-30 23:47 - 00000286 __RSH C:\ProgramData\ntuser.pol
2015-12-30 23:37 - 2015-12-30 23:37 - 00000000 ____D C:\Users\Public\Documents\dmp
2015-12-30 10:16 - 2015-12-31 00:32 - 00056728 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\cherimoya.sys
2015-12-20 20:35 - 2016-01-02 02:32 - 00000000 ____D C:\Users\Alfredo\Desktop\profissional
2015-12-20 20:35 - 2015-12-20 20:35 - 00000000 ____D C:\Users\Alfredo\Desktop\pgto contas
2015-12-18 17:45 - 2015-12-18 17:45 - 00001029 _____ C:\Users\Alfredo\Desktop\Encoder 2002.lnk
2015-12-18 17:45 - 2015-12-18 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Encoder 2002
2015-12-18 17:45 - 2015-12-18 17:45 - 00000000 ____D C:\Program Files (x86)\Encoder 2002
2015-12-18 17:36 - 2015-12-18 17:36 - 01889645 _____ C:\Users\Alfredo\Downloads\Enc2002_v2.zip
2015-12-18 16:04 - 2015-12-18 16:04 - 00000000 ____D C:\Users\Alfredo\AppData\LocalLow\VDownloader
2015-12-18 16:03 - 2015-12-18 16:03 - 00000000 ____D C:\Program Files\WinPcap
2015-12-17 23:06 - 2015-12-07 01:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-17 23:06 - 2015-12-07 01:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-17 23:06 - 2015-12-07 01:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-17 23:06 - 2015-12-07 01:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-17 23:06 - 2015-12-07 01:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-17 23:06 - 2015-12-07 01:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-17 23:06 - 2015-12-07 01:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-17 23:06 - 2015-12-07 01:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-17 23:06 - 2015-12-07 01:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-17 23:06 - 2015-12-07 01:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-17 23:06 - 2015-12-07 01:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-17 23:06 - 2015-12-07 01:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-17 23:06 - 2015-12-07 01:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-17 23:06 - 2015-12-07 01:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-17 23:06 - 2015-12-07 01:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-17 23:06 - 2015-12-07 01:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-17 23:06 - 2015-12-07 01:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-17 23:06 - 2015-12-07 01:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-17 23:06 - 2015-12-07 01:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-17 23:06 - 2015-12-07 01:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-17 23:06 - 2015-12-07 01:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-17 23:06 - 2015-12-07 01:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-17 23:06 - 2015-12-07 01:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-17 23:06 - 2015-12-07 01:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-17 23:06 - 2015-12-07 01:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-17 23:06 - 2015-12-07 01:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-17 23:06 - 2015-12-07 01:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-17 23:06 - 2015-12-07 01:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-17 23:06 - 2015-12-07 00:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-17 23:06 - 2015-12-07 00:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-17 23:06 - 2015-12-07 00:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-17 23:06 - 2015-12-07 00:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-17 23:06 - 2015-12-07 00:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-17 23:06 - 2015-12-07 00:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-17 23:06 - 2015-12-07 00:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-17 23:06 - 2015-12-07 00:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-17 23:06 - 2015-12-07 00:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-17 23:06 - 2015-12-07 00:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-17 23:06 - 2015-12-07 00:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-17 23:06 - 2015-12-07 00:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-17 23:06 - 2015-12-07 00:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-17 23:06 - 2015-12-07 00:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-17 23:06 - 2015-12-07 00:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-17 23:06 - 2015-12-07 00:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-17 23:06 - 2015-12-07 00:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-17 23:06 - 2015-12-07 00:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-17 23:06 - 2015-12-07 00:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-17 23:06 - 2015-12-07 00:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-17 23:06 - 2015-12-07 00:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-17 23:06 - 2015-12-07 00:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-17 23:06 - 2015-12-07 00:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-17 23:06 - 2015-12-07 00:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-17 23:06 - 2015-12-07 00:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-17 23:06 - 2015-12-07 00:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-17 23:06 - 2015-12-07 00:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-17 23:06 - 2015-12-07 00:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-17 23:06 - 2015-12-07 00:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-17 23:06 - 2015-12-07 00:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-17 23:06 - 2015-12-07 00:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-17 23:06 - 2015-12-07 00:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-17 23:06 - 2015-12-07 00:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-17 23:06 - 2015-12-07 00:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-17 23:05 - 2015-12-07 01:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-17 23:05 - 2015-12-07 01:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-17 23:05 - 2015-12-07 01:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-17 23:05 - 2015-12-07 01:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-17 23:05 - 2015-12-07 01:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-17 23:05 - 2015-12-07 01:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-17 23:05 - 2015-12-07 01:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-17 23:05 - 2015-12-07 01:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-17 23:05 - 2015-12-07 01:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-17 23:05 - 2015-12-07 00:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-17 23:05 - 2015-12-07 00:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-17 23:05 - 2015-12-07 00:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-15 22:55 - 2015-12-15 22:55 - 00000000 ____D C:\Users\Todos os Usuários\A.E.T. Europe B.V
2015-12-15 22:55 - 2015-12-15 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeSign Standard
2015-12-15 22:55 - 2015-12-15 22:55 - 00000000 ____D C:\ProgramData\A.E.T. Europe B.V
2015-12-15 22:55 - 2015-12-15 22:55 - 00000000 ____D C:\Program Files\A.E.T. Europe B.V
2015-12-15 22:46 - 2015-12-15 22:46 - 00000929 _____ C:\Users\Public\Desktop\CertiInstaller.lnk
2015-12-15 22:46 - 2015-12-15 22:46 - 00000000 ____D C:\Program Files\CertiInstaller
2015-12-15 22:37 - 2015-12-15 22:46 - 45151107 _____ (Certisign ) C:\Users\Alfredo\Downloads\Setup_CertiInstaller.exe
2015-12-15 19:52 - 2015-12-15 19:34 - 00861088 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\npDeployJava1.dll
2015-12-15 19:52 - 2015-12-15 19:34 - 00782240 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\deployJava1.dll
2015-12-15 19:51 - 2015-12-15 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-15 19:34 - 2015-12-15 19:51 - 00278624 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2015-12-15 18:50 - 2015-12-15 19:51 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-12-15 18:05 - 2016-01-02 13:31 - 00004176 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C9D66360-8EA8-4543-A3A6-2DEEE950C5F6}
2015-12-15 17:39 - 2015-12-15 17:39 - 00000000 ____D C:\Users\Alfredo\AppData\Roaming\Sun
2015-12-15 17:39 - 2015-12-15 17:39 - 00000000 ____D C:\Users\Alfredo\.oracle_jre_usage
2015-12-15 17:35 - 2015-12-15 19:40 - 00584288 _____ (Oracle Corporation) C:\Users\Alfredo\Downloads\JavaSetup8u66.exe
2015-12-11 04:03 - 2015-11-24 10:04 - 00148088 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddin64.sys
2015-12-10 19:59 - 2016-01-02 14:50 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2015-12-10 00:22 - 2015-12-10 00:22 - 00034104 _____ (Basil) C:\WINDOWS\system32\WinDivert.dll
2015-12-09 21:09 - 2016-01-02 14:50 - 00101080 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2015-12-09 21:09 - 2015-03-18 10:23 - 00103640 ____N (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddpp.sys
2015-12-09 21:08 - 2015-12-09 21:08 - 00000000 ____D C:\Program Files\Diebold
2015-12-09 21:08 - 2015-12-09 21:08 - 00000000 ____D C:\Program Files (x86)\GAS Tecnologia
2015-12-09 21:08 - 2015-12-09 21:08 - 00000000 ____D C:\Program Files (x86)\Diebold
2015-12-09 20:25 - 2015-12-01 04:12 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-09 20:25 - 2015-11-24 09:07 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 20:25 - 2015-11-24 08:06 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 20:25 - 2015-11-24 07:26 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 20:25 - 2015-11-24 07:01 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-09 20:25 - 2015-11-24 06:54 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-09 20:25 - 2015-11-24 06:53 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-09 20:25 - 2015-11-24 06:45 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2015-12-09 20:25 - 2015-11-24 06:37 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 20:25 - 2015-11-24 06:26 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 20:25 - 2015-11-24 06:19 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-09 20:25 - 2015-11-24 06:12 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 20:25 - 2015-11-24 05:58 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 20:25 - 2015-11-24 05:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-09 20:25 - 2015-11-24 05:54 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-09 20:25 - 2015-11-24 05:52 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 20:25 - 2015-11-24 05:49 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 20:25 - 2015-11-24 05:14 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 20:25 - 2015-11-24 05:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 20:25 - 2015-11-24 04:59 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 20:25 - 2015-11-24 04:57 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 20:25 - 2015-11-24 04:35 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-09 20:25 - 2015-11-24 04:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 20:25 - 2015-11-24 04:23 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 20:25 - 2015-11-24 04:11 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-09 20:25 - 2015-11-24 04:08 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 20:25 - 2015-11-24 04:04 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-08 13:17 - 2015-12-08 13:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-12-08 05:00 - 2015-12-08 05:00 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-08 01:59 - 2015-12-08 01:59 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-12-08 01:46 - 2015-12-08 01:46 - 00002370 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
2015-12-08 01:34 - 2015-12-08 01:34 - 00000000 ____D C:\Users\Alfredo\AppData\Local\Real
2015-12-08 01:30 - 2015-12-08 01:30 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacks
2015-12-08 01:30 - 2015-12-08 01:30 - 00000000 ____D C:\ProgramData\BlueStacks
2015-12-08 01:27 - 2015-12-08 01:29 - 00000000 ____D C:\Users\Alfredo\AppData\Roaming\WildTangent
2015-12-07 01:34 - 2015-12-07 01:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-12-06 00:25 - 2015-12-06 00:25 - 00000000 ____D C:\Users\Alfredo\AppData\Local\Comms
2015-12-06 00:24 - 2015-12-06 00:00 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-06 00:21 - 2015-12-06 00:21 - 00000000 ____D C:\Windows.old
2015-12-06 00:20 - 2015-12-06 00:20 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-06 00:20 - 2015-12-06 00:20 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-06 00:20 - 2015-12-06 00:20 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-06 00:20 - 2015-12-06 00:20 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-06 00:20 - 2015-12-06 00:20 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-06 00:20 - 2015-12-06 00:20 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-06 00:20 - 2015-12-06 00:20 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-06 00:20 - 2015-12-06 00:20 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-06 00:20 - 2015-12-06 00:20 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-06 00:20 - 2015-12-06 00:20 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-06 00:20 - 2015-12-06 00:20 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-06 00:20 - 2015-12-06 00:20 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-06 00:20 - 2015-12-06 00:20 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-06 00:17 - 2015-12-06 00:17 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-06 00:15 - 2015-12-06 00:15 - 00000000 ____D C:\Users\Alfredo\AppData\Local\NetworkTiles
2015-12-06 00:13 - 2015-12-06 17:07 - 00000000 ____D C:\Users\Alfredo\AppData\Local\MicrosoftEdge
2015-12-06 00:13 - 2015-12-06 00:13 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-06 00:13 - 2015-12-06 00:13 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-12-06 00:13 - 2015-12-06 00:13 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-12-06 00:13 - 2015-12-06 00:13 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-12-06 00:13 - 2015-12-06 00:13 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-06 00:13 - 2015-12-06 00:13 - 00000000 ____D C:\Program Files\MSBuild
2015-12-06 00:13 - 2015-12-06 00:13 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-06 00:13 - 2015-12-06 00:13 - 00000000 ____D C:\inetpub
2015-12-06 00:13 - 2015-12-05 23:47 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-06 00:12 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-06 00:12 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-06 00:12 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-06 00:12 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-06 00:12 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-06 00:12 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-06 00:10 - 2015-10-29 18:43 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-12-06 00:10 - 2015-10-29 18:43 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-12-06 00:10 - 2015-10-29 18:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-12-06 00:10 - 2015-10-29 18:25 - 06359040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-12-06 00:10 - 2015-10-29 18:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-12-06 00:08 - 2015-12-14 21:35 - 00002379 _____ C:\Users\Alfredo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-06 00:08 - 2015-12-14 21:35 - 00000000 ___RD C:\Users\Alfredo\OneDrive
2015-12-06 00:08 - 2015-12-06 00:08 - 00001051 _____ C:\Users\Alfredo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recursos Opcionais.lnk
2015-12-06 00:07 - 2015-12-06 00:07 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2015-12-06 00:07 - 2015-12-06 00:07 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-12-06 00:06 - 2015-12-06 00:06 - 00000000 ____D C:\Users\Alfredo\AppData\Local\ActiveSync
2015-12-06 00:05 - 2015-12-06 00:05 - 00000000 ____D C:\Users\Alfredo\AppData\Local\Publishers
2015-12-06 00:01 - 2015-12-31 00:01 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-06 00:01 - 2015-12-10 20:06 - 00000000 ____D C:\Users\Alfredo\AppData\Local\Packages
2015-12-06 00:00 - 2015-12-06 00:00 - 00000020 ___SH C:\Users\Alfredo\ntuser.ini
2015-12-06 00:00 - 2015-12-06 00:00 - 00000000 ____D C:\Users\Alfredo\AppData\Local\TileDataLayer
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Músicas
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Imagens
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus Vídeos
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de Aplicativos
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default\Modelos
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default\Meus Documentos
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Músicas
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Imagens
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default\Documents\Meus Vídeos
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default\Dados de Aplicativos
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default\Configurações Locais
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default\Ambiente de Rede
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default\Ambiente de Impressão
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Músicas
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Imagens
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default User\Documents\Meus Vídeos
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de Aplicativos
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 ____D C:\Users\Todos os Usuários\USOShared
2015-12-05 23:59 - 2015-12-05 23:59 - 00000000 ____D C:\ProgramData\USOShared
2015-12-05 23:57 - 2016-01-02 14:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-05 23:57 - 2015-12-05 23:57 - 00022956 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-05 23:45 - 2015-12-05 23:45 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-05 23:45 - 2015-12-05 23:45 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\Microsoft Help
2015-12-05 23:45 - 2015-12-05 23:45 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-12-05 23:45 - 2015-12-05 23:45 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-12-05 23:39 - 2015-12-05 23:39 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-12-05 23:34 - 2016-01-02 14:34 - 00000000 ____D C:\Users\Alfredo
2015-12-05 23:34 - 2015-12-28 22:09 - 02092192 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-05 23:34 - 2015-12-05 23:52 - 00000000 ____D C:\Users\Convidado
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Convidado\Modelos
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Convidado\Meus Documentos
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Convidado\Menu Iniciar
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Convidado\Documents\Minhas Músicas
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Convidado\Documents\Minhas Imagens
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Convidado\Documents\Meus Vídeos
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Convidado\Dados de Aplicativos
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Convidado\Configurações Locais
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Convidado\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Convidado\AppData\Local\Histórico
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Convidado\AppData\Local\Dados de Aplicativos
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Convidado\Ambiente de Rede
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Convidado\Ambiente de Impressão
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Alfredo\Modelos
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Alfredo\Meus Documentos
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Alfredo\Menu Iniciar
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Alfredo\Dados de Aplicativos
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Alfredo\Configurações Locais
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Alfredo\AppData\Local\Histórico
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Alfredo\AppData\Local\Dados de Aplicativos
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Alfredo\Ambiente de Rede
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 _SHDL C:\Users\Alfredo\Ambiente de Impressão
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 ___DL C:\Users\Alfredo\Documents\Minhas Músicas
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 ___DL C:\Users\Alfredo\Documents\Minhas Imagens
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 ___DL C:\Users\Alfredo\Documents\Meus Vídeos
2015-12-05 23:34 - 2015-12-05 23:34 - 00000000 ___DL C:\Users\Alfredo\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-12-05 23:33 - 2015-12-05 23:33 - 02004266 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-12-05 23:30 - 2015-12-05 23:30 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-12-05 23:30 - 2015-12-05 23:30 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-05 23:30 - 2015-12-05 23:30 - 00000000 ____D C:\Program Files\Synaptics
2015-12-05 23:30 - 2015-12-05 23:30 - 00000000 ____D C:\Program Files\Realtek
2015-12-05 23:29 - 2015-10-30 04:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-05 23:25 - 2015-12-12 01:56 - 00348936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-05 22:51 - 2015-12-05 23:58 - 00014257 _____ C:\WINDOWS\diagerr.xml
2015-12-05 22:51 - 2015-12-05 23:58 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2015-12-05 15:11 - 2015-12-05 15:11 - 00000000 ____D C:\Users\Alfredo\AppData\Local\GWX
2015-12-05 14:02 - 2015-12-30 23:47 - 00001946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-05 14:02 - 2015-12-30 23:47 - 00001934 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-05 14:02 - 2015-12-30 19:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-05 14:02 - 2015-12-29 08:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-05 13:57 - 2015-12-05 13:58 - 00243976 _____ C:\Users\Alfredo\Downloads\Firefox Setup Stub 42.0.exe
2015-12-04 19:51 - 2015-10-20 15:41 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-12-04 19:47 - 2015-10-30 20:04 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2015-12-04 19:47 - 2015-10-30 19:29 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2015-12-04 19:47 - 2015-10-30 19:09 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-localization-l1-2-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-synch-l1-2-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l2-1-0.dll
2015-12-04 19:42 - 2015-07-18 10:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l1-2-0.dll
2015-12-04 19:40 - 2015-07-22 13:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-01-02 15:05 - 2012-04-04 19:57 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-02 14:56 - 2015-10-30 03:28 - 00000000 ____D C:\Windows
2016-01-02 14:56 - 2012-05-09 18:35 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2447171046-917324971-2953145129-1000UA.job
2016-01-02 14:52 - 2011-12-17 18:06 - 00000000 ____D C:\Users\Todos os Usuários\clear.fi
2016-01-02 14:52 - 2011-12-17 18:06 - 00000000 ____D C:\ProgramData\clear.fi
2016-01-02 14:50 - 2012-02-15 23:25 - 00001066 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-02 14:49 - 2015-10-30 03:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-02 14:49 - 2011-12-17 21:19 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-01-02 14:47 - 2012-02-15 23:25 - 00001070 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-02 00:22 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-01 19:56 - 2012-05-09 18:35 - 00001034 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2447171046-917324971-2953145129-1000Core.job
2016-01-01 15:40 - 2012-04-18 19:42 - 00000000 ____D C:\Users\Alfredo\AppData\LocalLow\Temp
2016-01-01 02:34 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-01 01:59 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-01-01 01:59 - 2009-07-14 00:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-12-31 19:12 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-31 19:00 - 2011-12-17 21:19 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2015-12-31 19:00 - 2011-12-17 21:19 - 00000000 ____D C:\ProgramData\GbPlugin
2015-12-31 17:16 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-31 02:12 - 2014-08-31 19:29 - 00000085 _____ C:\Users\Alfredo\AppData\default.pls
2015-12-31 01:31 - 2014-01-20 20:26 - 00000474 _____ C:\Users\Alfredo\Desktop\antivirus.txt
2015-12-28 22:09 - 2015-10-30 16:11 - 00887432 _____ C:\WINDOWS\system32\prfh0416.dat
2015-12-28 22:09 - 2015-10-30 16:11 - 00192736 _____ C:\WINDOWS\system32\prfc0416.dat
2015-12-27 18:10 - 2015-10-30 04:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-27 18:10 - 2015-10-30 04:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-18 23:43 - 2013-06-18 01:16 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
2015-12-18 23:43 - 2013-06-18 01:16 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2015-12-18 16:23 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-18 16:23 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-18 16:23 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-15 22:47 - 2014-09-19 09:50 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2015-12-15 22:47 - 2014-09-19 09:50 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-15 22:46 - 2013-03-19 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Certisign
2015-12-15 19:52 - 2013-10-21 17:07 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2015-12-15 19:52 - 2013-10-21 17:07 - 00000000 ____D C:\ProgramData\Oracle
2015-12-15 19:52 - 2012-05-03 20:48 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-15 19:32 - 2013-03-19 19:39 - 00896928 _____ (Oracle Corporation) C:\Users\Alfredo\Downloads\JavaSetup7u17.exe
2015-12-15 18:05 - 2014-12-04 18:19 - 00000000 __SHD C:\Users\Alfredo\AppData\LocalLow\EmieUserList
2015-12-15 18:05 - 2014-12-04 18:19 - 00000000 __SHD C:\Users\Alfredo\AppData\LocalLow\EmieSiteList
2015-12-15 18:05 - 2014-08-16 10:20 - 00000000 __SHD C:\Users\Alfredo\AppData\Local\EmieUserList
2015-12-15 18:05 - 2014-08-16 10:20 - 00000000 __SHD C:\Users\Alfredo\AppData\Local\EmieSiteList
2015-12-15 17:57 - 2012-07-29 19:39 - 00000000 ____D C:\Users\Alfredo\AppData\Roaming\Mozilla
2015-12-12 01:55 - 2013-03-13 20:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-12 01:55 - 2013-03-13 20:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-11 06:13 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-11 04:12 - 2011-12-17 17:59 - 00094496 _____ C:\Users\Alfredo\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-10 00:49 - 2011-12-21 19:02 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2015-12-10 00:49 - 2011-12-21 19:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-10 00:48 - 2013-03-13 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 00:46 - 2013-08-05 19:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-10 00:40 - 2011-12-22 00:03 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-09 21:09 - 2011-10-13 20:10 - 00000000 ____D C:\Users\Todos os Usuários\Temp
2015-12-09 21:09 - 2011-10-13 20:10 - 00000000 ____D C:\ProgramData\Temp
2015-12-09 21:06 - 2013-11-08 13:30 - 02612608 _____ (Banco do Brasil SA) C:\Users\Alfredo\Downloads\DiagnosticoBB.exe
2015-12-09 21:06 - 2012-04-04 19:57 - 00003876 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-09 00:39 - 2010-11-21 00:27 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-08 20:52 - 2015-09-07 16:38 - 00000000 ____D C:\Users\Alfredo\Documents\carro
2015-12-08 05:32 - 2012-02-15 19:18 - 00000000 ____D C:\Users\Alfredo\AppData\Roaming\RealNetworks
2015-12-08 05:32 - 2011-12-27 18:52 - 00000000 ____D C:\Users\Todos os Usuários\Real
2015-12-08 05:32 - 2011-12-27 18:52 - 00000000 ____D C:\Users\Alfredo\AppData\Roaming\Real
2015-12-08 05:32 - 2011-12-27 18:52 - 00000000 ____D C:\ProgramData\Real
2015-12-08 05:32 - 2011-12-27 18:52 - 00000000 ____D C:\Program Files (x86)\Real
2015-12-08 01:46 - 2009-07-14 02:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-08 01:30 - 2011-07-26 13:44 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-12-08 01:27 - 2011-07-26 13:44 - 00000000 ____D C:\Users\Todos os Usuários\WildTangent
2015-12-08 01:27 - 2011-07-26 13:44 - 00000000 ____D C:\ProgramData\WildTangent
2015-12-06 09:36 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-06 00:24 - 2015-10-30 04:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-06 00:21 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-06 00:21 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-06 00:21 - 2015-10-30 03:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-06 00:21 - 2015-10-30 03:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-06 00:13 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-06 00:13 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-12-06 00:13 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-06 00:13 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-12-06 00:13 - 2015-10-30 04:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-12-06 00:13 - 2015-10-30 04:19 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-12-06 00:13 - 2015-10-30 04:19 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-12-06 00:13 - 2015-10-30 04:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-12-06 00:13 - 2015-10-30 04:19 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-12-06 00:13 - 2015-10-30 04:19 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-12-06 00:13 - 2015-10-30 04:19 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-12-06 00:13 - 2015-10-30 04:19 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-12-06 00:13 - 2015-10-30 04:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-12-06 00:13 - 2015-10-30 04:19 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-12-06 00:13 - 2015-10-30 04:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-12-06 00:13 - 2015-10-30 04:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-12-06 00:13 - 2015-10-30 04:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-12-06 00:13 - 2015-10-30 04:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-12-06 00:13 - 2015-10-30 04:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-12-06 00:13 - 2015-10-30 04:19 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-12-06 00:13 - 2015-10-30 04:18 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-12-06 00:13 - 2015-10-30 04:18 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-12-06 00:13 - 2015-10-30 04:18 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-12-06 00:13 - 2015-10-30 04:18 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-12-06 00:13 - 2015-10-30 04:18 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-12-06 00:13 - 2015-10-30 04:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-12-06 00:13 - 2015-10-30 04:18 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-12-06 00:13 - 2015-10-30 04:18 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-12-06 00:13 - 2015-10-30 04:18 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-12-06 00:13 - 2015-10-30 04:18 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-12-06 00:13 - 2015-10-30 04:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-12-06 00:13 - 2015-10-30 04:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-12-06 00:13 - 2015-10-30 04:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-12-06 00:13 - 2015-10-30 04:18 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-12-06 00:13 - 2015-10-30 04:18 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-12-06 00:13 - 2015-10-30 04:18 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-12-06 00:13 - 2015-10-30 04:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-12-06 00:13 - 2015-10-30 04:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-12-06 00:13 - 2015-10-30 04:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-12-06 00:13 - 2015-10-30 04:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-12-06 00:13 - 2015-10-30 04:18 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-12-06 00:10 - 2015-10-30 16:11 - 00000000 ____D C:\WINDOWS\OCR
2015-12-06 00:06 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-06 00:03 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-06 00:03 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-06 00:03 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-06 00:01 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-05 23:59 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-05 23:59 - 2015-10-30 04:24 - 00000000 ____D C:\Users\Todos os Usuários\USOPrivate
2015-12-05 23:59 - 2015-10-30 04:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-05 23:59 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files\Windows NT
2015-12-05 23:58 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-05 23:58 - 2015-10-30 03:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-05 23:57 - 2013-10-15 16:15 - 00003744 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Deskjet 1000 J110 series
2015-12-05 23:57 - 2013-03-19 21:47 - 00003168 _____ C:\WINDOWS\System32\Tasks\{CFD17613-3F59-4928-A3D9-467BFCA78BF3}
2015-12-05 23:57 - 2012-05-09 18:35 - 00004170 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2447171046-917324971-2953145129-1000UA
2015-12-05 23:57 - 2012-05-09 18:35 - 00003774 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2447171046-917324971-2953145129-1000Core
2015-12-05 23:57 - 2012-02-16 17:46 - 00003300 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2015-12-05 23:57 - 2012-02-15 23:25 - 00004176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 23:57 - 2012-02-15 23:25 - 00003924 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-05 23:57 - 2011-12-27 18:53 - 00003500 _____ C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2447171046-917324971-2953145129-1000
2015-12-05 23:57 - 2011-12-27 18:53 - 00003370 _____ C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2447171046-917324971-2953145129-1000
2015-12-05 23:57 - 2011-07-26 14:09 - 00002930 _____ C:\WINDOWS\System32\Tasks\Adobe Reader Speed Launcher
2015-12-05 23:56 - 2015-10-30 04:24 - 00000000 __RSD C:\WINDOWS\Media
2015-12-05 23:56 - 2015-10-30 04:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-05 23:50 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-05 23:47 - 2015-10-30 16:14 - 00000000 ____D C:\WINDOWS\ShellNew
2015-12-05 23:47 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\ModemLogs
2015-12-05 23:47 - 2014-08-31 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition
2015-12-05 23:47 - 2013-10-08 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
2015-12-05 23:47 - 2013-10-08 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-12-05 23:47 - 2013-07-14 01:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-12-05 23:47 - 2013-07-14 01:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-12-05 23:47 - 2012-05-09 18:14 - 00000000 ____D C:\WINDOWS\bg
2015-12-05 23:47 - 2012-05-09 18:14 - 00000000 ____D C:\WINDOWS\ar
2015-12-05 23:47 - 2012-05-09 18:13 - 00000000 ____D C:\WINDOWS\he
2015-12-05 23:47 - 2012-05-09 18:13 - 00000000 ____D C:\WINDOWS\fr
2015-12-05 23:47 - 2012-05-09 18:13 - 00000000 ____D C:\WINDOWS\fi
2015-12-05 23:47 - 2012-05-09 18:13 - 00000000 ____D C:\WINDOWS\es
2015-12-05 23:47 - 2012-05-09 18:13 - 00000000 ____D C:\WINDOWS\en
2015-12-05 23:47 - 2012-05-09 18:13 - 00000000 ____D C:\WINDOWS\el
2015-12-05 23:47 - 2012-05-09 18:13 - 00000000 ____D C:\WINDOWS\de
2015-12-05 23:47 - 2012-05-09 18:13 - 00000000 ____D C:\WINDOWS\da
2015-12-05 23:47 - 2012-05-09 18:13 - 00000000 ____D C:\WINDOWS\cs
2015-12-05 23:47 - 2012-05-09 18:12 - 00000000 ____D C:\WINDOWS\sk
2015-12-05 23:47 - 2012-05-09 18:12 - 00000000 ____D C:\WINDOWS\ru
2015-12-05 23:47 - 2012-05-09 18:12 - 00000000 ____D C:\WINDOWS\ro
2015-12-05 23:47 - 2012-05-09 18:12 - 00000000 ____D C:\WINDOWS\pl
2015-12-05 23:47 - 2012-05-09 18:12 - 00000000 ____D C:\WINDOWS\no
2015-12-05 23:47 - 2012-05-09 18:12 - 00000000 ____D C:\WINDOWS\nl
2015-12-05 23:47 - 2012-05-09 18:12 - 00000000 ____D C:\WINDOWS\it
2015-12-05 23:47 - 2012-05-09 18:12 - 00000000 ____D C:\WINDOWS\hu
2015-12-05 23:47 - 2012-05-09 18:12 - 00000000 ____D C:\WINDOWS\hr
2015-12-05 23:47 - 2012-05-09 18:11 - 00000000 ____D C:\WINDOWS\tr
2015-12-05 23:47 - 2012-05-09 18:11 - 00000000 ____D C:\WINDOWS\th
2015-12-05 23:47 - 2012-05-09 18:11 - 00000000 ____D C:\WINDOWS\sv
2015-12-05 23:47 - 2012-05-09 18:11 - 00000000 ____D C:\WINDOWS\sl
2015-12-05 23:47 - 2012-05-09 18:11 - 00000000 ____D C:\WINDOWS\eu
2015-12-05 23:47 - 2012-05-09 18:11 - 00000000 ____D C:\WINDOWS\ca
2015-12-05 23:47 - 2011-12-17 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection
2015-12-05 23:47 - 2011-10-13 20:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam
2015-12-05 23:47 - 2011-10-13 20:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clear.fi
2015-12-05 23:47 - 2011-10-13 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2015-12-05 23:47 - 2011-10-13 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2015-12-05 23:47 - 2011-07-26 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\newsXpresso
2015-12-05 23:47 - 2011-07-26 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
2015-12-05 23:47 - 2011-07-26 14:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-12-05 23:47 - 2011-07-26 14:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-12-05 23:47 - 2011-07-26 13:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-12-05 23:47 - 2011-07-26 13:33 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-05 23:45 - 2009-07-14 00:20 - 00000000 ____D C:\Users\Default.migrated
2015-12-05 23:41 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-12-05 23:41 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-12-05 23:41 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-05 23:41 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\IME
2015-12-05 23:40 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\schemas
2015-12-05 23:39 - 2015-10-30 04:24 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-12-05 23:39 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-05 23:39 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2015-12-05 23:39 - 2013-10-15 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-12-05 23:39 - 2013-03-04 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
2015-12-05 23:39 - 2011-07-26 13:50 - 00000000 ____D C:\Program Files\Acer
2015-12-05 23:39 - 2011-07-26 13:49 - 00000000 ____D C:\Program Files (x86)\Acer
2015-12-05 23:39 - 2011-07-26 13:33 - 00000000 ____D C:\Program Files (x86)\Intel
2015-12-05 23:39 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-12-05 23:39 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-12-05 23:37 - 2013-03-04 21:40 - 00000000 ____D C:\Users\Alfredo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
2015-12-05 23:33 - 2015-10-30 03:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-05 23:25 - 2015-10-30 16:18 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-05 23:03 - 2009-07-14 01:45 - 00022624 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-05 23:03 - 2009-07-14 01:45 - 00022624 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-05 22:51 - 2015-10-30 16:37 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-05 14:18 - 2013-04-27 22:43 - 00002155 _____ C:\WINDOWS\epplauncher.mif
2015-12-05 13:44 - 2009-07-13 23:34 - 00000612 _____ C:\WINDOWS\win.ini
2015-12-05 13:40 - 2013-10-16 23:40 - 00000000 ____D C:\Users\Alfredo\AppData\Local\Research In Motion
2015-12-05 13:33 - 2011-12-21 17:21 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-12-05 13:33 - 2011-07-26 14:09 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-12-04 23:44 - 2012-02-15 23:25 - 00000000 ____D C:\Users\Alfredo\AppData\Local\Google

==================== Arquivos na raiz de alguns diretórios =======

2013-01-24 22:10 - 2013-01-24 22:29 - 0001110 _____ () C:\Users\Alfredo\AppData\Roaming\AltarsoftVideoCapture.ini
2014-08-30 17:07 - 2014-08-30 18:56 - 0007859 _____ () C:\Users\Alfredo\AppData\Roaming\pcouffin.cat
2014-08-30 17:07 - 2014-08-30 18:56 - 0001167 _____ () C:\Users\Alfredo\AppData\Roaming\pcouffin.inf
2014-08-30 17:07 - 2014-08-30 18:56 - 0000055 _____ () C:\Users\Alfredo\AppData\Roaming\pcouffin.log
2014-08-30 17:07 - 2014-08-30 18:56 - 0082816 _____ (VSO Software) C:\Users\Alfredo\AppData\Roaming\pcouffin.sys
2013-10-16 23:40 - 2014-12-04 10:58 - 0003234 _____ () C:\Users\Alfredo\AppData\Roaming\Rim.Desktop.Exception.log
2013-10-16 23:38 - 2015-12-05 13:40 - 0002021 _____ () C:\Users\Alfredo\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-10-16 23:40 - 2014-12-04 10:58 - 0003234 _____ () C:\Users\Alfredo\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-06-18 01:16 - 2013-06-18 01:16 - 0011603 _____ () C:\Users\Alfredo\AppData\Roaming\unins000.dat
2011-10-13 20:10 - 2011-10-13 20:12 - 0015224 _____ () C:\ProgramData\ArcadeDeluxe5.log

Arquivos para serem movidos ou deletados:
====================
C:\Users\Alfredo\ZHPCleaner.exe


Alguns arquivos em TEMP:
====================
C:\Users\Alfredo\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2015-12-26 12:41

==================== Fim de FRST.txt ============================

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:31-12-2015
Executado por Alfredo (2016-01-02 15:05:50)
Executando a partir de C:\Users\Alfredo\Desktop
Windows 10 Home (X64) (2015-12-06 03:00:28)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-2447171046-917324971-2953145129-500 - Administrator - Disabled)
Alfredo (S-1-5-21-2447171046-917324971-2953145129-1000 - Administrator - Enabled) => C:\Users\Alfredo
Convidado (S-1-5-21-2447171046-917324971-2953145129-501 - Limited - Disabled) => C:\Users\Convidado
DefaultAccount (S-1-5-21-2447171046-917324971-2953145129-503 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)


==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3007 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0517.2011 - Acer Incorporated)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Assistente de Instalação OAB (HKLM-x32\...\{6FBA74BD-149F-4521-B921-FFCC84876864}) (Version: 3.13.0.1 - OAB)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
CertiInstaller 1.0.1.1 (HKLM\...\{4E637561-3FE5-4464-A2C1-8E0C44940601}_is1) (Version: 1.0.1.1 - Certisign)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.1720.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7709 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Control ActiveX del Windows Live Mesh per a connexions remotes (HKLM-x32\...\{76C064E2-BB99-4453-8FDA-42BC01AD0734}) (Version: 15.4.5722.2 - Microsoft Corporation)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Encoder 2002 2.0 (HKLM-x32\...\Encoder 2002_is1) (Version: 2.0 - Daniel C. Sitnik)
Estudo de melhoria do produto HP Deskjet 1000 J110 series (HKLM\...\{2F7B0DE8-8265-4173-A6D0-4656C64EC0DF}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.42.716 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.42.716 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Giesecke & Devrient GmbH StarSign CUT (HKLM-x32\...\SZCCID) (Version: 1.7.17.0 - Giesecke & Devrient GmbH)
Giesecke & Devrient GmbH StarSign CUT (x32 Version: 1.7.17.0 - Giesecke & Devrient GmbH) Hidden
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.0.1710.2246 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2013) (Version: 1.0 - Receita Federal do Brasil)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Módulo Adicional de Segurança CAIXA (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: Módulo Adicional de Segurança CAIXA - )
Mozilla Firefox 43.0.3 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 pt-BR)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3.5835 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden
Nero 7 Ultra Edition (HKLM-x32\...\{C6115A28-F277-4E82-B067-84D28BF21046}) (Version: 7.03.1357 - Nero AG)
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6339 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.03 - Serpro - Serviço Federal de Processamento de Dados)
SafeSign 64-bits (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.87 - A.E.T. Europe B.V.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Software básico do dispositivo HP Deskjet 1000 J110 series (HKLM\...\{5CD4705D-8EED-4C6B-9B52-6A1FFC39332B}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Urruneko konexioetarako Windows Live Mesh ActiveX kontrola (HKLM-x32\...\{7BA6DF02-B094-45D7-A3C9-BE3684253922}) (Version: 15.4.5722.2 - Microsoft Corporation)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Warsaw 1.11.0.42826 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.0.42826 - GAS Tecnologia)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
WildTangent Games App (x32 Version: 4.0.11.14 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ตัว ควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) (HKLM-x32\...\{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-2447171046-917324971-2953145129-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Alfredo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2447171046-917324971-2953145129-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\Alfredo\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2447171046-917324971-2953145129-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Alfredo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2447171046-917324971-2953145129-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\Alfredo\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2447171046-917324971-2953145129-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Alfredo\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2447171046-917324971-2953145129-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Alfredo\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2447171046-917324971-2953145129-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Alfredo\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2447171046-917324971-2953145129-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Alfredo\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2447171046-917324971-2953145129-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Alfredo\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2447171046-917324971-2953145129-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Alfredo\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2447171046-917324971-2953145129-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Alfredo\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-2447171046-917324971-2953145129-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Alfredo\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2447171046-917324971-2953145129-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Alfredo\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Nenhum Arquivo

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0802E23B-A738-4ACF-AEB5-8FE60EE7CDB1} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {0E464B7D-5555-4247-9779-A83394D0F064} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {14CDB34E-553E-4191-B188-5535A86F14E1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2447171046-917324971-2953145129-1000Core => C:\Users\Alfredo\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-04] (Google Inc.)
Task: {2B5FD55A-8666-4D58-93B3-377CB5D1B741} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-05-20] (Acer Incorporated)
Task: {2FD25092-F9F9-47C7-8122-0F9F6B6C3329} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2447171046-917324971-2953145129-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {3A5703B3-5B94-4962-9BA2-97FEEF2497C2} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-05-20] (CyberLink)
Task: {3DD67D8E-BFB8-4C03-8825-236E1FE426D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {4BEB0A18-0825-455C-A08A-F982369B7F31} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-05-20] (CyberLink Corp.)
Task: {9314B089-C9A3-49C4-B92F-93A3FDE7AC8A} - System32\Tasks\HPCustParticipation HP Deskjet 1000 J110 series => C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe
Task: {A3CC8C51-7413-4A09-9EA3-D87A9B204539} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {A88597EB-886E-4BC7-9CE8-1E222B439BC4} - \{1A0CBE13-75AE-4300-82B2-D763359C2602} -> Nenhum Arquivo <==== ATENÇÃO
Task: {B9C3D20F-ED5D-42BE-B8ED-3512F45FCF39} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {BDF1C624-7D62-4327-B0F8-A6C098B4AB9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-28] (Adobe Systems Incorporated)
Task: {BF9D04FA-DEDF-4124-B19D-0ED544F11D09} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2447171046-917324971-2953145129-1000UA => C:\Users\Alfredo\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-04] (Google Inc.)
Task: {E694BB86-2EB6-4EFD-B7CC-2372F5515E59} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2015-09-24] (Adobe Systems Incorporated)
Task: {EFBB355E-E7BD-4BF7-94C7-809E8A6E21BB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2447171046-917324971-2953145129-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {F6F00D03-634C-43BC-B220-4899CDC40FB1} - System32\Tasks\{CFD17613-3F59-4928-A3D9-467BFCA78BF3} => C:\Program Files\Acer\Acer eRecovery Management\Recovery Management.exe [2011-06-17] (Acer)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2447171046-917324971-2953145129-1000Core.job => C:\Users\Alfredo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2447171046-917324971-2953145129-1000UA.job => C:\Users\Alfredo\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

==================== Módulos Carregados (Whitelisted) ==============

2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-06 00:20 - 2015-12-06 00:20 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2009-01-21 20:45 - 2009-01-21 20:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2015-12-17 13:50 - 2015-12-17 13:50 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-17 23:05 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-17 23:05 - 2015-12-07 01:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-17 23:06 - 2015-12-07 00:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-17 23:06 - 2015-12-07 00:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-17 23:06 - 2015-12-07 00:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-17 23:06 - 2015-12-07 00:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-04-23 22:29 - 2011-04-23 22:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-23 22:29 - 2011-04-23 22:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-04-23 22:29 - 2011-04-23 22:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2015-12-17 13:50 - 2015-12-17 13:50 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-12-17 13:50 - 2015-12-17 13:50 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2011-05-20 11:13 - 2011-05-20 11:13 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nydpauyjo => ""="service"

==================== EXE Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-2447171046-917324971-2953145129-1000\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-2447171046-917324971-2953145129-1000\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-2447171046-917324971-2953145129-1000\...\itau.com.br -> bankline.itau.com.br

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2009-07-13 23:34 - 2016-01-01 15:40 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-2447171046-917324971-2953145129-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alfredo\Pictures\Apresentação2.jpg
DNS Servers: 192.168.25.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)

MSCONFIG\startupfolder: C:^Users^Alfredo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\Windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Alfredo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PC App Store Uninstall 4.5.1.6176.lnk => C:\Windows\pss\PC App Store Uninstall 4.5.1.6176.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Alfredo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PC App Store Uninstall HK 4.5.1.6176.lnk => C:\Windows\pss\PC App Store Uninstall HK 4.5.1.6176.lnk.Startup

==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{FC8BA518-B1E2-4FAD-963F-0A874C1A0B1D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CE3FB0B0-A670-4362-A001-8E8B6298716B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{B7A0B49F-4E27-4D0D-B582-05CAC015E96C}C:\program files (x86)\nero\nero 7\nero home\nerohome.exe] => (Allow) C:\program files (x86)\nero\nero 7\nero home\nerohome.exe
FirewallRules: [TCP Query User{19D9A166-E7FD-4FEF-A36B-7D27B79F92EC}C:\program files (x86)\nero\nero 7\nero home\nerohome.exe] => (Allow) C:\program files (x86)\nero\nero 7\nero home\nerohome.exe
FirewallRules: [UDP Query User{CA09A25F-9F21-46F4-82D6-705789610206}C:\Program Files (x86)\internet explorer\iexplore.exe] => (Block) C:\Program Files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{BC74D454-D477-4BF7-8583-B6E3106AE00D}C:\Program Files (x86)\internet explorer\iexplore.exe] => (Block) C:\Program Files (x86)\internet explorer\iexplore.exe
FirewallRules: [{884CB4D6-3E6C-438E-81F8-EAD87FDBED85}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{0543E4C2-704D-44B5-84DE-1CAEAB3B92CE}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{879F4630-D5DE-4619-8183-0FA351F4EBA1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{40BC3B6C-D1CB-409A-B174-DCE022A6863A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{2C971525-5693-4467-9801-824CA37566E0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{ED56E7D2-1E33-4F8C-BD62-F4AA556CD092}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{3BAF27FD-6070-4B94-8709-678A19DEA647}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{3C3A497A-E391-40B0-B737-B97C0A50CA91}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{8BD9DEE5-084F-40E0-8EE6-713FBF7B8361}] => (Allow) LPort=1900
FirewallRules: [{E6E29C93-5A91-4279-AAF6-E3F807E9B4D4}] => (Allow) LPort=2869
FirewallRules: [{5A6C950B-CDAA-4047-B997-29EC06FD6FBA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F8E1A558-A95F-4890-8D67-C0A362707772}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{4EC3A2B6-8B8F-4784-8077-7B655CE41CD7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{82F00FB9-5FC1-4571-97CA-043F57B8CC3B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Pontos de Restauração =========================

15-12-2015 19:33:27 Installed Java 7 Update 17
26-12-2015 12:15:22 Windows Update
31-12-2015 19:11:22 Windows Update
01-01-2016 14:59:08 JRT Pre-Junkware Removal
01-01-2016 15:08:25 JRT Pre-Junkware Removal

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (01/02/2016 02:51:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: aetcrss1.exe, versão: 3.0.0.2572, carimbo de data/hora: 0x50acb012
Nome do módulo com falha: aetcrss1.exe, versão: 3.0.0.2572, carimbo de data/hora: 0x50acb012
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000001f47
ID do processo com falha: 0x1434
Hora de início do aplicativo com falha: 0xaetcrss1.exe0
Caminho do aplicativo com falha: aetcrss1.exe1
Caminho do módulo com falha: aetcrss1.exe2
ID do Relatório: aetcrss1.exe3
Nome completo do pacote com falha: aetcrss1.exe4
ID do aplicativo relativo ao pacote com falha: aetcrss1.exe5

Error: (01/02/2016 02:31:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: aetcrss1.exe, versão: 3.0.0.2572, carimbo de data/hora: 0x50acb012
Nome do módulo com falha: aetcrss1.exe, versão: 3.0.0.2572, carimbo de data/hora: 0x50acb012
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000001f47
ID do processo com falha: 0x804
Hora de início do aplicativo com falha: 0xaetcrss1.exe0
Caminho do aplicativo com falha: aetcrss1.exe1
Caminho do módulo com falha: aetcrss1.exe2
ID do Relatório: aetcrss1.exe3
Nome completo do pacote com falha: aetcrss1.exe4
ID do aplicativo relativo ao pacote com falha: aetcrss1.exe5

Error: (01/02/2016 01:29:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: aetcrss1.exe, versão: 3.0.0.2572, carimbo de data/hora: 0x50acb012
Nome do módulo com falha: aetcrss1.exe, versão: 3.0.0.2572, carimbo de data/hora: 0x50acb012
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000001f47
ID do processo com falha: 0x137c
Hora de início do aplicativo com falha: 0xaetcrss1.exe0
Caminho do aplicativo com falha: aetcrss1.exe1
Caminho do módulo com falha: aetcrss1.exe2
ID do Relatório: aetcrss1.exe3
Nome completo do pacote com falha: aetcrss1.exe4
ID do aplicativo relativo ao pacote com falha: aetcrss1.exe5

Error: (01/02/2016 12:55:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: aetcrss1.exe, versão: 3.0.0.2572, carimbo de data/hora: 0x50acb012
Nome do módulo com falha: aetcrss1.exe, versão: 3.0.0.2572, carimbo de data/hora: 0x50acb012
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000001f47
ID do processo com falha: 0x1888
Hora de início do aplicativo com falha: 0xaetcrss1.exe0
Caminho do aplicativo com falha: aetcrss1.exe1
Caminho do módulo com falha: aetcrss1.exe2
ID do Relatório: aetcrss1.exe3
Nome completo do pacote com falha: aetcrss1.exe4
ID do aplicativo relativo ao pacote com falha: aetcrss1.exe5

Error: (01/02/2016 12:44:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa ZHPCleaner.exe versão 2016.1.1.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 13c8

Hora de Início: 01d1450c26f09dc3

Hora de Término: 13

Caminho do Aplicativo: C:\Users\Alfredo\Desktop\ZHPCleaner.exe

ID do Relatório: 8485acd8-b102-11e5-a609-b870f4dc0856

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Error: (01/01/2016 10:56:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: aetcrss1.exe, versão: 3.0.0.2572, carimbo de data/hora: 0x50acb012
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0x00000000
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x1590
Hora de início do aplicativo com falha: 0xaetcrss1.exe0
Caminho do aplicativo com falha: aetcrss1.exe1
Caminho do módulo com falha: aetcrss1.exe2
ID do Relatório: aetcrss1.exe3
Nome completo do pacote com falha: aetcrss1.exe4
ID do aplicativo relativo ao pacote com falha: aetcrss1.exe5

Error: (01/01/2016 07:28:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: aetcrss1.exe, versão: 3.0.0.2572, carimbo de data/hora: 0x50acb012
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0x00000000
Deslocamento da falha: 0x0000000000000000
ID do processo com falha: 0x1930
Hora de início do aplicativo com falha: 0xaetcrss1.exe0
Caminho do aplicativo com falha: aetcrss1.exe1
Caminho do módulo com falha: aetcrss1.exe2
ID do Relatório: aetcrss1.exe3
Nome completo do pacote com falha: aetcrss1.exe4
ID do aplicativo relativo ao pacote com falha: aetcrss1.exe5

Error: (01/01/2016 03:08:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddWin32ServiceFiles: Unable to back up image of service Replicate Exit since QueryServiceConfig API failed

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (01/01/2016 03:08:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddWin32ServiceFiles: Unable to back up image of service Free Space Decimal Point since QueryServiceConfig API failed

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (01/01/2016 03:08:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddWin32ServiceFiles: Unable to back up image of service The Desktop Weather Service since QueryServiceConfig API failed

System Error:
O sistema não pode encontrar o arquivo especificado.
.


Erros de Sistema:
=============
Error: (01/02/2016 02:51:13 PM) (Source: DCOM) (EventID: 10016) (User: Alfredo-PC)
Description: padrão-computadorLocalAtivação{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Alfredo-PCAlfredoS-1-5-21-2447171046-917324971-2953145129-1000LocalHost (Usando LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (01/02/2016 02:50:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (01/02/2016 02:50:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Gbpddreg svc devido ao seguinte erro:
%%2

Error: (01/02/2016 02:49:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço NetTcpActivator depende do serviço NetTcpPortSharing, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1058

Error: (01/02/2016 02:49:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_636b2 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (01/02/2016 02:48:59 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para DeleteFlag com o seguinte erro:
%%5

Error: (01/02/2016 02:48:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Intel(R) Management and Security Application User Notification Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (01/02/2016 02:48:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço GamesAppIntegrationService foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (01/02/2016 02:48:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.

Error: (01/02/2016 02:48:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço NTI IScheduleSvc foi encerrado inesperadamente. Isso aconteceu 1 vez(es).


CodeIntegrity:
===================================
Date: 2016-01-02 00:58:40.820
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-01 23:39:00.704
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Alfredo\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-01 23:39:00.694
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Alfredo\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-01 23:38:58.993
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Alfredo\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-01 23:38:58.983
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Alfredo\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-01 23:25:35.483
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Alfredo\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-01 23:25:35.474
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Alfredo\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-01 23:25:33.945
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Alfredo\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-01 01:08:30.406
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-31 00:45:32.303
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Informações da Memória ===========================

Processador: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
Percentagem de memória em uso: 39%
RAM física total: 3947.86 MB
RAM física disponível: 2370.07 MB
Virtual Total: 7915.86 MB
Virtual disponível: 6370.53 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:578.07 GB) (Free:475.71 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 9A72E0B2)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=578.1 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt ============================