Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

jguidi

Analise de Log

12 posts neste tópico

Boa noite,

Prezados, solicito que analisem o meu log, já fiz todos os procedimentos de leia-me do fórum.

O meu problema começou quando acessei o site do PDT, e fui solicitado para que instalasse uma nova versão do flash. Instalei e reiniciei a máquina. Acredito que o JAVA da SUN também restou comprometido, após a execução de um programam daquela plataforma, que não me recordo o nome agora.

Bem, no final das contas, toda vez que minha máquina é iniciada recebo uma mesnsagem "file acces denied", alguns sites param de abrir, realmente, nem a página inicial, ou qualquer subdominio ou página do endereço, como o site do Banco do Brasil, site da Linha Defensiva, nada abre... Quanto ao Banco do Brasil, andei pesquisando na Net e já aviso de antemão, que não é problema com o teclado virtual... o que acontece é que nada do site abre, como se o site não existisse, a mesma coisa acontece com o da linha defensiva... uso a versão mais nova do IE, Google Chrome e Mozila, mas em nenhum deles abrem estes sites... Encontrei um complemento no meu IE chamado "Discutir" (nunca ouvi falar) que usa o arquivo shdocvw.dll .

Enfim, segue meu log, ficarei grato no que puderem me ajudar, abraços:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:12:48, on 28/07/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\system\wuaucldt.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Users\Julio Guidi\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe

C:\Windows\system32\conime.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe

C:\Program Files\The Cleaner\cleaner6.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.Microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.Microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.Microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.Microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.Microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: 189.126.119.73 bb.com.br

O1 - Hosts: 189.126.119.73 bancodobrasil.com.br

O1 - Hosts: 189.126.119.73 bradesco.com.br

O1 - Hosts: 189.126.119.73 itau.com.br

O1 - Hosts: 189.126.119.73 itaupersonnalite.com.br

O1 - Hosts: 189.126.119.73 itauprivatebank.com.br

O1 - Hosts: 189.126.119.73 santander.com.br

O1 - Hosts: 189.126.119.73 banespa.com.br

O1 - Hosts: 189.126.119.73 santanderbanespa.com.br

O1 - Hosts: 189.126.119.73 citibank.com.br

O1 - Hosts: 189.126.119.73 citibank.com

O1 - Hosts: 189.126.119.73 infoseg.gov.br

O1 - Hosts: 189.126.119.73 real.com.br

O1 - Hosts: 189.126.119.73 bancoreal.com.br

O1 - Hosts: 189.126.119.73 unibanco.com

O1 - Hosts: 189.126.119.73 unibanco.com.br

O1 - Hosts: 189.126.119.73 serasa.com.br

O1 - Hosts: 189.126.119.73 infobusca.informarketing.com

O1 - Hosts: 189.126.119.73 equifax.com.br

O1 - Hosts: 189.126.119.73 sci.com.br

O1 - Hosts: 189.126.119.73 e-tim.timbrasil.com.br

O1 - Hosts: 189.126.119.73 cbp.3dsolution.com.br

O1 - Hosts: 189.126.119.73 visanet.com.br

O1 - Hosts: 189.126.119.73 cetelem.com.br

O1 - Hosts: 189.126.119.73 banrisul.com.br

O1 - Hosts: 189.126.119.73 paypal.com.br

O1 - Hosts: 189.126.119.73 paypal.com

O1 - Hosts: 189.126.97.116 virustotal.com.br

O1 - Hosts: 189.126.97.116 linhadefensiva.com.br

O1 - Hosts: 189.126.97.116 linhadefensiva.org

O1 - Hosts: 189.126.119.73 www.bb.com.br

O1 - Hosts: 189.126.119.73 www.bancodobrasil.com.br

O1 - Hosts: 189.126.119.73 www.bradesco.com.br

O1 - Hosts: 189.126.119.73 www.itau.com.br

O1 - Hosts: 189.126.119.73 www.itaupersonnalite.com.br

O1 - Hosts: 189.126.119.73 www.itauprivatebank.com.br

O1 - Hosts: 189.126.119.73 www.santander.com.br

O1 - Hosts: 189.126.119.73 www.banespa.com.br

O1 - Hosts: 189.126.119.73 www.santanderbanespa.com.br

O1 - Hosts: 189.126.119.73 www.citibank.com.br

O1 - Hosts: 189.126.119.73 www.citibank.com

O1 - Hosts: 189.126.119.73 www.infoseg.gov.br

O1 - Hosts: 189.126.119.73 www.unibanco.com

O1 - Hosts: 189.126.119.73 www.unibanco.com.br

O1 - Hosts: 189.126.119.73 www.real.com.br

O1 - Hosts: 189.126.119.73 www.bancoreal.com.br

O1 - Hosts: 189.126.119.73 www.serasa.com.br

O1 - Hosts: 189.126.119.73 www.equifax.com.br

O1 - Hosts: 189.126.119.73 www.sci.com.br

O1 - Hosts: 189.126.119.73 www.infobusca.informarketing.com

O1 - Hosts: 189.126.119.73 www.e-tim.timbrasil.com.br

O1 - Hosts: 189.126.119.73 www.cbp.3dsolution.com.br

O1 - Hosts: 189.126.119.73 www.visanet.com.br

O1 - Hosts: 189.126.119.73 www.cetelem.com.br

O1 - Hosts: 189.126.119.73 www.banrisul.com.br

O1 - Hosts: 189.126.119.73 www.paypal.com.br

O1 - Hosts: 189.126.119.73 www.paypal.com

O1 - Hosts: 189.126.119.73 www.virustotal.com.br

O1 - Hosts: 189.126.119.73 www.linhadefensiva.com.br

O1 - Hosts: 189.126.119.73 www.linhadefensiva.org

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Windows Service] C:\WINDOWS\system\wuaucldt.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Julio Guidi\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIÇO DE REDE')

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O13 - Gopher Prefix:

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.Microsoft.com/windowsupdate/...b?1244960040269

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.Microsoft.com/microsoftupdat...b?1248356873049

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...tDetection2.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O20 - Winlogon Notify: GbPluginBb - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe

O23 - Service: Agendador do LiveUpdate automático - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! antivírus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - (no file)

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - (no file)

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 11492 bytes

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! jguidi

<@> Baixe: < LopS&D >

<@> Salve-o no Disco Local-C!

<@> Instale o programa e clique em: LopSD.cmd

<@> Na janela que abrir,aperte o "p" --> Aperte Enter.

Lop_Choix-large.jpg

<@> Em outra janela,aperte a opção: 2 - Fix + Hosts --> Aperte Enter --> Aguarde!

Lop_Lang_en-large.jpg

<@> Ps: Fique atento às notificações de seu antivírus,enviando os ficheiros detectados,para a quarentena.

<@> Terminando,salve e poste o relatório. ( C:\Lop SD\LopR_1.txt )

<@> Poste,também,HijackThis atualizado.

Abraços!

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite, joram. Obrigado ai.

(Y)

Fiz o que você pediu, seguem os logs.

Log do Lop SD:

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Home Basic ( v6.0.6001 ) Service Pack 1

X86-based PC ( Multiprocessor Free : Mobile AMD Sempron Processor 3500+ )

BIOS : PhoenixBIOS 4.0 Release 6.1

USER : Julio Guidi ( Administrator )

BOOT : Normal boot

antivírus : avast! antivírus 4.8.1229 [VPS 090728-0] 4.8.1229 (Activated)

C:\ (Local Disk) - NTFS - Total:69 Go (Free:23 Go)

D:\ (Local Disk) - NTFS - Total:4 Go (Free:1 Go)

E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )

Option : [2] ( 28/07/2009|22:16 )

[ UAC => 1 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Lista de pastas em Local

[17/12/2007|07:24] C:\Users\JULIOG~1\AppData\Local\{C8A2BB40-90D2-4928-AB81-2A84EFB7EA4C}

[16/06/2008|00:01] C:\Users\JULIOG~1\AppData\Local\ABBYY

[12/12/2007|17:01] C:\Users\JULIOG~1\AppData\Local\Adobe

[16/07/2009|11:23] C:\Users\JULIOG~1\AppData\Local\Apps

[12/12/2007|11:40] C:\Users\JULIOG~1\AppData\Local\AtStart.txt

[28/07/2009|18:23] C:\Users\JULIOG~1\AppData\Local\d3d9caps.dat

[12/12/2007|11:30] C:\Users\JULIOG~1\AppData\Local\Dados de aplicativos

[15/06/2009|23:29] C:\Users\JULIOG~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[16/07/2009|11:26] C:\Users\JULIOG~1\AppData\Local\Deployment

[25/10/2008|21:21] C:\Users\JULIOG~1\AppData\Local\DNA

[12/12/2007|11:40] C:\Users\JULIOG~1\AppData\Local\DSwitch.txt

[30/08/2008|10:43] C:\Users\JULIOG~1\AppData\Local\eMule

[26/05/2009|14:35] C:\Users\JULIOG~1\AppData\Local\GDIPFONTCACHEV1.DAT

[16/07/2009|11:27] C:\Users\JULIOG~1\AppData\Local\Google

[12/12/2007|11:30] C:\Users\JULIOG~1\AppData\Local\Hist¢rico

[28/07/2009|19:13] C:\Users\JULIOG~1\AppData\Local\IconCache.db

[29/03/2009|23:36] C:\Users\JULIOG~1\AppData\Local\Microsoft

[02/07/2009|22:53] C:\Users\JULIOG~1\AppData\Local\Microsoft Games

[01/04/2008|19:30] C:\Users\JULIOG~1\AppData\Local\Mozilla

[21/12/2007|20:08] C:\Users\JULIOG~1\AppData\Local\Pando

[12/12/2007|11:40] C:\Users\JULIOG~1\AppData\Local\QSwitch.txt

[15/12/2007|01:37] C:\Users\JULIOG~1\AppData\Local\QuickPlay

[28/07/2009|22:16] C:\Users\JULIOG~1\AppData\Local\Temp

[12/12/2007|11:30] C:\Users\JULIOG~1\AppData\Local\Temporary Internet Files

[25/05/2006|16:52] C:\Users\JULIOG~1\AppData\Local\unrar.dll

[24/02/2008|12:13] C:\Users\JULIOG~1\AppData\Local\VirtualStore

--------------------\\ Tarefas Agendadas na pasta C:\Windows\Tasks

[28/07/2009 19:16][--a------] C:\Windows\tasks\AWC Startup.job

[28/07/2009 21:31][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2172417707-4275060026-1713001662-1000UA.job

[25/07/2009 11:36][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2172417707-4275060026-1713001662-1000Core.job

[28/07/2009 19:16][--ah-----] C:\Windows\tasks\SA.DAT

[28/07/2009 19:14][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Lista de pastas em C:\ProgramData

[15/06/2008|23:53] C:\ProgramData\ABBYY

[11/08/2007|07:58] C:\ProgramData\Adobe

[02/11/2006|09:59] C:\ProgramData\Application Data

[22/05/2008|16:05] C:\ProgramData\CyberLink

[21/11/2006|12:59] C:\ProgramData\Dados de aplicativos

[02/11/2006|09:59] C:\ProgramData\Desktop

[21/11/2006|12:59] C:\ProgramData\Documentos

[02/11/2006|09:59] C:\ProgramData\Documents

[15/12/2007|10:50] C:\ProgramData\eMule

[02/11/2006|09:59] C:\ProgramData\Favorites

[21/11/2006|12:59] C:\ProgramData\Favoritos

[30/06/2009|09:37] C:\ProgramData\GbPlugin

[11/08/2007|08:19] C:\ProgramData\Hewlett-Packard

[05/02/2008|10:39] C:\ProgramData\HotSync

[12/12/2007|15:48] C:\ProgramData\HP

[11/08/2007|07:37] C:\ProgramData\InstallShield

[09/02/2008|08:38] C:\ProgramData\LUUnInstall.LiveUpdate

[21/11/2006|12:59] C:\ProgramData\Menu Iniciar

[21/03/2009|10:46] C:\ProgramData\Microsoft

[21/11/2006|12:59] C:\ProgramData\Modelos

[23/07/2009|10:36] C:\ProgramData\NOS

[23/07/2009|13:50] C:\ProgramData\NVIDIA

[28/07/2009|19:18] C:\ProgramData\nvModes.001

[28/07/2009|18:25] C:\ProgramData\nvModes.dat

[28/07/2009|22:11] C:\ProgramData\pdf995

[26/06/2009|15:56] C:\ProgramData\Roxio

[10/01/2009|21:28] C:\ProgramData\Sonic

[28/07/2009|18:46] C:\ProgramData\Spybot - Search & Destroy

[02/11/2006|09:59] C:\ProgramData\Start Menu

[09/02/2008|08:38] C:\ProgramData\Symantec

[02/11/2006|09:59] C:\ProgramData\Templates

[25/10/2008|01:58] C:\ProgramData\WindowsSearch

[12/12/2007|16:59] C:\ProgramData\WLInstaller

--------------------\\ Lista de pastas em C:\Program Files

[15/06/2008|23:55] C:\Program Files\ABBYY FineReader 7.0 Professional Edition

[24/02/2008|11:37] C:\Program Files\Adobe

[09/02/2008|08:39] C:\Program Files\Alwil Software

[21/11/2006|12:59] C:\Program Files\Arquivos Comuns [c:\Program Files\Common Files]

[25/10/2008|21:21] C:\Program Files\BitTorrent

[12/12/2007|16:48] C:\Program Files\BrOffice.org 2.3

[28/07/2009|18:40] C:\Program Files\Common Files

[23/07/2009|12:43] C:\Program Files\CONEXANT

[24/05/2009|13:19] C:\Program Files\Cool2000

[11/05/2009|07:12] C:\Program Files\Copernic Summarizer

[05/06/2008|00:20] C:\Program Files\Corel

[08/10/2008|00:20] C:\Program Files\CyberLink

[11/05/2009|07:10] C:\Program Files\Despertador do Funcion rio P£blico 2.0

[07/04/2009|01:51] C:\Program Files\DivX

[31/01/2009|17:46] C:\Program Files\DNA

[17/08/2008|10:39] C:\Program Files\docPrint v3.3

[30/08/2008|10:43] C:\Program Files\DreMule

[19/07/2009|00:20] C:\Program Files\Easy Text To HTML Converter

[13/12/2007|00:51] C:\Program Files\FTP Commander

[30/06/2009|09:37] C:\Program Files\GbPlugin

[30/11/2008|01:20] C:\Program Files\GoldWave

[11/08/2007|08:16] C:\Program Files\Hewlett-Packard

[11/08/2007|08:00] C:\Program Files\HP

[11/08/2007|08:09] C:\Program Files\HPQ

[14/06/2009|02:26] C:\Program Files\Image Comparer

[28/03/2009|12:34] C:\Program Files\ImTOO

[11/05/2009|10:58] C:\Program Files\InstallShield Installation Information

[28/01/2008|23:19] C:\Program Files\Internet Download Manager

[22/07/2009|03:00] C:\Program Files\Internet Explorer

[28/07/2009|18:35] C:\Program Files\IObit

[28/07/2009|18:53] C:\Program Files\Java

[21/04/2009|06:05] C:\Program Files\K-Lite Codec Pack

[05/04/2008|22:29] C:\Program Files\Macromedia

[23/07/2009|02:49] C:\Program Files\Megacubo

[21/03/2009|10:49] C:\Program Files\Microsoft

[12/12/2007|22:23] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[07/12/2008|22:30] C:\Program Files\Microsoft FrontPage

[02/11/2006|09:35] C:\Program Files\Microsoft Games

[07/12/2008|22:29] C:\Program Files\Microsoft Office

[23/07/2009|09:57] C:\Program Files\Microsoft Silverlight

[07/12/2008|22:31] C:\Program Files\Microsoft Visual Studio

[11/06/2009|03:02] C:\Program Files\Microsoft Works

[17/09/2008|01:47] C:\Program Files\Movie Maker

[18/07/2009|13:36] C:\Program Files\Mozilla Firefox

[02/11/2006|09:35] C:\Program Files\MSBuild

[12/12/2007|22:10] C:\Program Files\MSXML 4.0

[23/07/2009|10:36] C:\Program Files\NOS

[05/02/2008|10:48] C:\Program Files\Palm

[24/02/2008|12:02] C:\Program Files\pdf995

[06/02/2008|19:30] C:\Program Files\PhotoFiltre

[21/04/2009|11:32] C:\Program Files\Real

[02/11/2006|09:35] C:\Program Files\Reference Assemblies

[11/08/2007|07:43] C:\Program Files\Roxio

[11/08/2007|08:07] C:\Program Files\Servi‡os online

[06/06/2009|00:37] C:\Program Files\SopCast

[28/07/2009|18:37] C:\Program Files\Spybot - Search & Destroy

[09/02/2008|08:37] C:\Program Files\Symantec

[11/08/2007|07:23] C:\Program Files\Synaptics

[28/07/2009|19:49] C:\Program Files\The Cleaner

[28/07/2009|20:00] C:\Program Files\Trend Micro

[27/04/2009|01:20] C:\Program Files\TVUPlayer

[02/11/2006|09:58] C:\Program Files\Uninstall Information

[24/02/2008|12:07] C:\Program Files\Virtual PDF Printer

[24/02/2008|11:52] C:\Program Files\Virtual Pictures

[17/09/2008|01:47] C:\Program Files\Windows Calendar

[17/09/2008|01:47] C:\Program Files\Windows Collaboration

[17/09/2008|01:47] C:\Program Files\Windows Defender

[21/03/2009|10:48] C:\Program Files\Windows Live

[29/03/2009|23:39] C:\Program Files\Windows Live Safety Center

[21/03/2009|10:48] C:\Program Files\Windows Live SkyDrive

[16/07/2009|03:01] C:\Program Files\Windows Mail

[11/03/2009|03:06] C:\Program Files\Windows Media Player

[21/11/2006|12:59] C:\Program Files\Windows NT

[17/09/2008|01:47] C:\Program Files\Windows Photo Gallery

[17/09/2008|01:47] C:\Program Files\Windows Sidebar

[03/01/2008|02:02] C:\Program Files\WinRAR

--------------------\\ Lista de pastas em C:\Program Files\Common Files

[18/10/2008|16:04] C:\Program Files\Common Files\Adobe

[05/06/2008|00:20] C:\Program Files\Common Files\Corel

[07/12/2008|22:31] C:\Program Files\Common Files\Designer

[05/02/2008|10:35] C:\Program Files\Common Files\InstallShield

[11/08/2007|08:08] C:\Program Files\Common Files\LightScribe

[06/03/2009|03:00] C:\Program Files\Common Files\Microsoft shared

[21/04/2009|11:32] C:\Program Files\Common Files\Real

[11/08/2007|07:41] C:\Program Files\Common Files\Roxio Shared

[02/11/2006|08:18] C:\Program Files\Common Files\Services

[21/11/2006|12:59] C:\Program Files\Common Files\Sistema [c:\Program Files\Common Files\System]

[11/08/2007|07:41] C:\Program Files\Common Files\Sonic Shared

[02/11/2006|08:18] C:\Program Files\Common Files\SpeechEngines

[11/08/2007|07:44] C:\Program Files\Common Files\SureThing Shared

[09/02/2008|08:38] C:\Program Files\Common Files\Symantec Shared

[07/12/2008|22:30] C:\Program Files\Common Files\System

[24/02/2008|11:38] C:\Program Files\Common Files\Vbox

[21/03/2009|10:46] C:\Program Files\Common Files\Windows Live

[12/12/2007|17:03] C:\Program Files\Common Files\WindowsLiveInstaller

[21/04/2009|11:32] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 75 Processes )

... OK !

--------------------\\ Procura pelo S_Lop

Não foram encontradas pastas com o Lop!

--------------------\\ Procura por Arquivos/Ficheiros e pastas do Lop

Não foram encontradas pastas com o Lop!

--------------------\\ Procura no Registro

..... OK !

--------------------\\ Verificando o Arquivos/Ficheiros Hosts

Arquivos/Ficheiros Hosts LIMPO

--------------------\\ Procurando Arquivos/Ficheiros ocultos com o Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-07-28 22:16:59

Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

--------------------\\ Procurando por outras infecções

--------------------\\ Cracks & Keygens ..

C:\Users\JULIOG~1\Desktop\M£sicas\HIP HOP\March Hits 2009\The Hidden Corner\Eminem - Crack A Bottle.mp3

C:\Users\JULIOG~1\Documents\ImTOO Software Studio\3GP Video Converter\crack.js

C:\Users\JULIOG~1\Downloads\eMule\Incoming\Abbyy Finereader Pro v70 Keygen

C:\Users\JULIOG~1\Downloads\eMule\Incoming\Tmpgenc Dvd Author 3 With Divx Authoring Crack Full 100% Valid.rar

C:\Users\JULIOG~1\Downloads\eMule\Incoming\Abbyy Finereader Pro v70 Keygen\file_id.diz

C:\Users\JULIOG~1\Downloads\eMule\Incoming\Abbyy Finereader Pro v70 Keygen\frp7kg.exe

C:\Users\JULIOG~1\Downloads\eMule\Incoming\Abbyy Finereader Pro v70 Keygen\ssg.nfo

C:\Users\JULIOG~1\Downloads\Programs\TD.v3.0.5.149.Retail.EN.Crack.Only.L33VaNcL33F

C:\Users\JULIOG~1\Downloads\Programs\TMPGEnc DVD Author 3 with DivX Authoring 3.0.5.149+Crack+License.by Neus&Zeus

C:\Users\JULIOG~1\Downloads\Programs\TMPGEnc DVD Author 3 with DivX Authoring 3.0.5.149+Crack+License.by Neus&Zeus.rar

C:\Users\JULIOG~1\Downloads\Programs\3GP+Video+Converter\keygen.exe

C:\Users\JULIOG~1\Downloads\Programs\TD.v3.0.5.149.Retail.EN.Crack.Only.L33VaNcL33F\file_id.diz

C:\Users\JULIOG~1\Downloads\Programs\TD.v3.0.5.149.Retail.EN.Crack.Only.L33VaNcL33F\L33VaNcL33F.nfo

C:\Users\JULIOG~1\Downloads\Programs\TD.v3.0.5.149.Retail.EN.Crack.Only.L33VaNcL33F\TDA3_Retail_3.0.5.149_install_EN.exe

C:\Users\JULIOG~1\Downloads\Programs\TD.v3.0.5.149.Retail.EN.Crack.Only.L33VaNcL33F\TMPGEncDVDAuthor3.en.lic

C:\Users\JULIOG~1\Downloads\Programs\TD.v3.0.5.149.Retail.EN.Crack.Only.L33VaNcL33F\TMPGEncDVDAuthor3.exe

C:\Users\JULIOG~1\Downloads\Programs\TMPGEnc DVD Author 3 with DivX Authoring 3.0.5.149+Crack+License.by Neus&Zeus\TMPGEnc DVD Author 3.0.5.149

C:\Users\JULIOG~1\Downloads\Programs\TMPGEnc DVD Author 3 with DivX Authoring 3.0.5.149+Crack+License.by Neus&Zeus\TMPGEnc DVD Author 3.0.5.149\TMPGEnc DVD Author 3.0.5.149

C:\Users\JULIOG~1\Downloads\Programs\TMPGEnc DVD Author 3 with DivX Authoring 3.0.5.149+Crack+License.by Neus&Zeus\TMPGEnc DVD Author 3.0.5.149\TMPGEnc DVD Author 3.0.5.149\TD.v3.0.5.149.Retail.EN.Crack.Only.L33VaNcL33F

C:\Users\JULIOG~1\Downloads\Programs\TMPGEnc DVD Author 3 with DivX Authoring 3.0.5.149+Crack+License.by Neus&Zeus\TMPGEnc DVD Author 3.0.5.149\TMPGEnc DVD Author 3.0.5.149\TDA3_Retail_3.0.5.149_install_EN.exe

C:\Users\JULIOG~1\Downloads\Programs\TMPGEnc DVD Author 3 with DivX Authoring 3.0.5.149+Crack+License.by Neus&Zeus\TMPGEnc DVD Author 3.0.5.149\TMPGEnc DVD Author 3.0.5.149\TD.v3.0.5.149.Retail.EN.Crack.Only.L33VaNcL33F\file_id.diz

C:\Users\JULIOG~1\Downloads\Programs\TMPGEnc DVD Author 3 with DivX Authoring 3.0.5.149+Crack+License.by Neus&Zeus\TMPGEnc DVD Author 3.0.5.149\TMPGEnc DVD Author 3.0.5.149\TD.v3.0.5.149.Retail.EN.Crack.Only.L33VaNcL33F\L33VaNcL33F.nfo

C:\Users\JULIOG~1\Downloads\Programs\TMPGEnc DVD Author 3 with DivX Authoring 3.0.5.149+Crack+License.by Neus&Zeus\TMPGEnc DVD Author 3.0.5.149\TMPGEnc DVD Author 3.0.5.149\TD.v3.0.5.149.Retail.EN.Crack.Only.L33VaNcL33F\TMPGEncDVDAuthor3.en.lic

C:\Users\JULIOG~1\Downloads\Programs\TMPGEnc DVD Author 3 with DivX Authoring 3.0.5.149+Crack+License.by Neus&Zeus\TMPGEnc DVD Author 3.0.5.149\TMPGEnc DVD Author 3.0.5.149\TD.v3.0.5.149.Retail.EN.Crack.Only.L33VaNcL33F\TMPGEncDVDAuthor3.exe

C:\Users\JULIOG~1\Sites\Estudio\busca\EMBRACE\submitwolf-keygen.exe

[F:107][D:12]-> C:\Users\JULIOG~1\AppData\Local\Temp

[F:117][D:1]-> C:\Users\JULIOG~1\AppData\Roaming\MICROS~1\Windows\Cookies

[F:52][D:4]-> C:\Users\JULIOG~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

[F:2][D:2]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 28/07/2009|22:21 - Option : [2]

-------------- // -------------------

Log do Hijack:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:32:31, on 28/07/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\system\wuaucldt.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Users\Julio Guidi\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\conime.exe

C:\Windows\System32\mobsync.exe

C:\Users\Julio Guidi\msie81xp.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.Microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.Microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.Microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.Microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.Microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: 189.126.119.73 bb.com.br

O1 - Hosts: 189.126.119.73 bancodobrasil.com.br

O1 - Hosts: 189.126.119.73 bradesco.com.br

O1 - Hosts: 189.126.119.73 itau.com.br

O1 - Hosts: 189.126.119.73 itaupersonnalite.com.br

O1 - Hosts: 189.126.119.73 itauprivatebank.com.br

O1 - Hosts: 189.126.119.73 santander.com.br

O1 - Hosts: 189.126.119.73 banespa.com.br

O1 - Hosts: 189.126.119.73 santanderbanespa.com.br

O1 - Hosts: 189.126.119.73 citibank.com.br

O1 - Hosts: 189.126.119.73 citibank.com

O1 - Hosts: 189.126.119.73 infoseg.gov.br

O1 - Hosts: 189.126.119.73 real.com.br

O1 - Hosts: 189.126.119.73 bancoreal.com.br

O1 - Hosts: 189.126.119.73 unibanco.com

O1 - Hosts: 189.126.119.73 unibanco.com.br

O1 - Hosts: 189.126.119.73 serasa.com.br

O1 - Hosts: 189.126.119.73 infobusca.informarketing.com

O1 - Hosts: 189.126.119.73 equifax.com.br

O1 - Hosts: 189.126.119.73 sci.com.br

O1 - Hosts: 189.126.119.73 e-tim.timbrasil.com.br

O1 - Hosts: 189.126.119.73 cbp.3dsolution.com.br

O1 - Hosts: 189.126.119.73 visanet.com.br

O1 - Hosts: 189.126.119.73 cetelem.com.br

O1 - Hosts: 189.126.119.73 banrisul.com.br

O1 - Hosts: 189.126.119.73 paypal.com.br

O1 - Hosts: 189.126.119.73 paypal.com

O1 - Hosts: 189.126.97.116 virustotal.com.br

O1 - Hosts: 189.126.97.116 linhadefensiva.com.br

O1 - Hosts: 189.126.97.116 linhadefensiva.org

O1 - Hosts: 189.126.119.73 www.bb.com.br

O1 - Hosts: 189.126.119.73 www.bancodobrasil.com.br

O1 - Hosts: 189.126.119.73 www.bradesco.com.br

O1 - Hosts: 189.126.119.73 www.itau.com.br

O1 - Hosts: 189.126.119.73 www.itaupersonnalite.com.br

O1 - Hosts: 189.126.119.73 www.itauprivatebank.com.br

O1 - Hosts: 189.126.119.73 www.santander.com.br

O1 - Hosts: 189.126.119.73 www.banespa.com.br

O1 - Hosts: 189.126.119.73 www.santanderbanespa.com.br

O1 - Hosts: 189.126.119.73 www.citibank.com.br

O1 - Hosts: 189.126.119.73 www.citibank.com

O1 - Hosts: 189.126.119.73 www.infoseg.gov.br

O1 - Hosts: 189.126.119.73 www.unibanco.com

O1 - Hosts: 189.126.119.73 www.unibanco.com.br

O1 - Hosts: 189.126.119.73 www.real.com.br

O1 - Hosts: 189.126.119.73 www.bancoreal.com.br

O1 - Hosts: 189.126.119.73 www.serasa.com.br

O1 - Hosts: 189.126.119.73 www.equifax.com.br

O1 - Hosts: 189.126.119.73 www.sci.com.br

O1 - Hosts: 189.126.119.73 www.infobusca.informarketing.com

O1 - Hosts: 189.126.119.73 www.e-tim.timbrasil.com.br

O1 - Hosts: 189.126.119.73 www.cbp.3dsolution.com.br

O1 - Hosts: 189.126.119.73 www.visanet.com.br

O1 - Hosts: 189.126.119.73 www.cetelem.com.br

O1 - Hosts: 189.126.119.73 www.banrisul.com.br

O1 - Hosts: 189.126.119.73 www.paypal.com.br

O1 - Hosts: 189.126.119.73 www.paypal.com

O1 - Hosts: 189.126.119.73 www.virustotal.com.br

O1 - Hosts: 189.126.119.73 www.linhadefensiva.com.br

O1 - Hosts: 189.126.119.73 www.linhadefensiva.org

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Windows Service] C:\WINDOWS\system\wuaucldt.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Julio Guidi\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIÇO DE REDE')

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O13 - Gopher Prefix:

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.Microsoft.com/windowsupdate/...b?1244960040269

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.Microsoft.com/microsoftupdat...b?1248356873049

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...tDetection2.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O20 - Winlogon Notify: GbPluginBb - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe

O23 - Service: Agendador do LiveUpdate automático - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! antivírus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - (no file)

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - (no file)

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 11653 bytes

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! jguidi

<@> Baixe: < HostsXpert >

<@> Salve-a no Desktop!

<@> Descompacte-a e execute: HostsXpert.exe

<@> Feche todas as janelas e o navegador!

<@> Clique em Restore Microsoft's Hosts file --> Ok.

<@> Ocorrendo algum erro,em sua execução,clique em Make Writable e repita o procedimento.

<@> Finalize o programa e reinicie o computador!

<><><><><><><><><>

<@> Baixe: < desktopicon.png > ( ...by sUBs )

<@> Salve-o no desktop!

<@> Desabilite as proteções residente de: antivírus,antispywares e firewall. ( Menos o do Windows! )

<@> Feche todas as janelas e execute a ferramenta!

<@> Na solicitação: "Negação de garantia de software" --> Clique em Sim!

<@> Não possuindo o "Console de Recuperação",aceite optar pela instalação do mesmo!

<!> Caso aconteça a notificação de: Aplicativo Win32 inválido,delete a ferramenta e faça,novamente,o download.

<!> Salve-a no desktop,renomeada como: Kombo.exe

<!> Ps: Nomeie durante o salvamento,e não após salvá-la!

<!> Ps: Surgindo alguma mensagem de erro,rode o ComboFix.exe em Modo de Segurança.

<!> Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde!

<!> Ps: Evite executar,voluntariamente,esta ferramenta!

<!> Ps: Para evitar problemas,siga todas as recomendações propostas.

<!> Ps: O ComboFix é uma ferramenta que pode danificar o sistema. Utilize-o,somente,sob supervisão profissional.

<@> Abrir-se-á a janela Auto Scan. --> Aguarde!

<@> Àfim de completar as remoções,o ComboFix poderá reiniciar o computador.

<@> Se houver necessidade,digite a opção para continuar! --> ( 1 ) --> Aperte Enter! --> Aguarde a conclusão!

<@> Durante o scan,evite manusear o mouse ou teclado! <-- Importante!

<@> Para parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter!

<><><><><><><><><>

<@> Terminando,poste os relatórios: C:\ComboFix.txt + HijackThis,atualizado.

Abraços!

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

O ComboFix não está rodando. Já tentei renomea-lo para kombo.exe. Já até rodei em modo de segurança e também, como administrador. Está dando uma mensagem de erro,

"Cuidado:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

http://www.forospyware.com/sUBs/ComboFix.exe

ComboFix.exe pode ser baixado em qualquer um dos sites acima. Se você baixou de outro site, é provável que ele esteja infectado. Para sua tranquilidade, recomendo que você delete a cópia atual e baixe uma cópia limpa."

Alguma idéia?

0

Compartilhar este post


Link para o post
Compartilhar em outros sites
O ComboFix não está rodando. Já tentei renomea-lo para kombo.exe. Já até rodei em modo de segurança e também, como administrador. Está dando uma mensagem de erro,

"Cuidado:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

http://www.forospyware.com/sUBs/ComboFix.exe

ComboFix.exe pode ser baixado em qualquer um dos sites acima. Se você baixou de outro site, é provável que ele esteja infectado. Para sua tranquilidade, recomendo que você delete a cópia atual e baixe uma cópia limpa."

Alguma idéia?

<><><><><><><><>

Opa! jguidi

<!> Siga então,com o HostsXpert.

<><><><><><><><>

<@> Baixe: < Malwarebytes >

<@> Atualize o programa!

<@> Escolha o escaneamento Completo!

<@> Desabilite programas de proteção,ao executar o malwarebytes.

<@> Terminando,clique em "Remover itens".

<@> Poste,os relatórios: mbam-log-2009-xx-xx (00-00-00).txt <--

<><><><><><><><>

<@> Baixe: < DDS > ( ...by sUBs )

<@> Salve-o no desktop!

<@> Desabilite seus programas de proteção: antivírus,antimalware,antispyware ou firewall.

<@> Estando desconectado,execute a ferramenta! --> Duplo clique em dds.scr.

<@> Aguarde o término do scan,até obtermos o relatório. ( DDS.txt ) <--

<@> Surgirá,também,uma nova janela: "D.D.S - Optional_Scan" --> Clique em Sim.

<@> O Bloco de Notas irá abrir,com outro relatório. ( Attach.txt ) <--

<@> Ps: Caso o relatório seja incompreensível,renomeie o executável para DDS.exe e repita o scan.

<@> Outra janela,finalmente,abrir-se-à! --> Clique em OK.

<@> Salve os relatórios: DDS.txt + Attach.txt <-- Poste-os!

Abraços!

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro amigo,

No final das contas acabou rodando o ComboFix, apenas dei um ok na mensagem que aparecia e o autoscan foi realizado, vou enviar os logs do ComboFix e do Hijack.

Log do ComboFix:

ComboFix 09-07-28.01 - Julio Guidi 28/07/2009 23:46.1.1 - NTFSx86

Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.55.1046.18.1470.537 [GMT -3:00]

Executando de: c:\users\Julio Guidi\Desktop\ComboFix.exe

AV: avast! antivírus 4.8.1229 [VPS 090728-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

SP: avast! antivírus 4.8.1229 [VPS 090728-0] *disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

* Criado um novo ponto de restauração

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\$recycle.bin\S-1-5-21-2477048456-252282721-4059469227-500

.

(((((((((((((((( Arquivos/Ficheiros criados de 2009-06-28 to 2009-07-29 ))))))))))))))))))))))))))))

.

2009-07-29 02:54 . 2009-07-29 02:55 -------- d-----w- c:\users\Julio Guidi\AppData\Local\temp

2009-07-29 02:18 . 2009-07-29 02:18 -------- d-s---w- C:\Kombo

2009-07-29 01:15 . 2009-07-29 01:21 -------- d-----w- C:\Lop SD

2009-07-29 01:14 . 2009-07-29 01:14 -------- d-----w- C:\Lop

2009-07-29 00:13 . 2009-07-29 00:13 399360 ---h--w- c:\users\Julio Guidi\msie81xp.exe

2009-07-28 23:00 . 2009-07-28 23:00 -------- d-----w- c:\program files\Trend Micro

2009-07-28 22:32 . 2009-07-28 22:44 -------- d-----w- C:\LinhaDefensiva

2009-07-28 21:53 . 2009-07-28 21:53 -------- d-----w- c:\program files\Java

2009-07-28 21:37 . 2009-07-28 21:46 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2009-07-28 21:37 . 2009-07-28 21:37 -------- d-----w- c:\program files\Spybot - Search & Destroy

2009-07-28 21:35 . 2009-07-28 21:35 -------- d-----w- c:\users\Julio Guidi\AppData\Roaming\IObit

2009-07-28 21:31 . 2009-07-28 22:49 -------- d-----w- c:\program files\The Cleaner

2009-07-23 16:29 . 2007-01-03 14:20 1732 ----a-w- c:\windows\system32\drivers\nvphy.bin

2009-07-23 16:02 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll

2009-07-23 16:02 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2009-07-23 16:02 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2009-07-23 16:02 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll

2009-07-23 16:02 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe

2009-07-23 16:02 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll

2009-07-23 16:02 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe

2009-07-23 15:48 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll

2009-07-23 15:48 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll

2009-07-23 15:48 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll

2009-07-23 15:48 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll

2009-07-23 15:47 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll

2009-07-23 13:29 . 2009-07-23 13:36 -------- d-----w- c:\programdata\NOS

2009-07-23 13:29 . 2009-07-23 13:36 -------- d-----w- c:\program files\NOS

2009-07-20 15:07 . 2009-07-20 15:07 -------- d-----w- c:\users\Julio Guidi\AppData\Roaming\Uniblue

2009-07-19 14:37 . 2009-07-19 14:37 2375680 ----a-w- c:\windows\system\jumpm.exe

2009-07-19 14:37 . 2009-07-19 14:37 214528 ---h--w- c:\windows\system\wuaucldt.exe

2009-07-19 03:20 . 2009-07-19 03:20 -------- d-----w- c:\program files\Easy Text To HTML Converter

2009-07-19 03:04 . 2009-07-19 03:04 -------- d-----w- c:\users\Julio Guidi\.fop

2009-07-19 03:04 . 2009-07-19 03:04 -------- d-----w- c:\users\Julio Guidi\.docx4all

2009-07-19 03:02 . 2009-07-19 03:02 -------- d-----w- c:\users\Julio Guidi\.javafxcache

2009-07-19 03:01 . 2009-07-19 03:01 -------- d-----w- c:\users\Julio Guidi\.vfsjfilechooser

2009-07-16 14:26 . 2009-07-16 14:27 -------- d-----w- c:\users\Julio Guidi\AppData\Local\Google

2009-07-16 14:23 . 2009-07-16 14:23 -------- d-----w- c:\users\Julio Guidi\AppData\Local\Apps

2009-07-16 14:23 . 2009-07-16 14:26 -------- d-----w- c:\users\Julio Guidi\AppData\Local\Deployment

2009-07-15 13:39 . 2009-06-15 15:24 156672 ----a-w- c:\windows\system32\t2embed.dll

2009-07-15 13:39 . 2009-06-15 15:20 72704 ----a-w- c:\windows\system32\fontsub.dll

2009-07-15 13:39 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll

2009-07-15 13:39 . 2009-06-15 12:52 289792 ----a-w- c:\windows\system32\atmfd.dll

2009-06-30 05:00 . 2009-06-15 22:19 27056 ----a-w- c:\windows\system32\drivers\gbpkm.sys

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-07-29 02:44 . 2008-02-24 15:02 -------- d-----w- c:\programdata\pdf995

2009-07-29 02:44 . 2008-02-24 15:02 60 ----a-w- c:\windows\wpd99.drv

2009-07-29 02:26 . 2006-11-06 01:23 634202 ----a-w- c:\windows\system32\prfh0416.dat

2009-07-29 02:26 . 2006-11-06 01:23 121888 ----a-w- c:\windows\system32\prfc0416.dat

2009-07-28 21:53 . 2009-02-03 00:13 410984 ----a-w- c:\windows\system32\deploytk.dll

2009-07-28 21:35 . 2008-08-18 23:29 -------- d-----w- c:\program files\IObit

2009-07-28 21:25 . 2009-07-23 16:29 68742 ----a-w- c:\programdata\nvModes.dat

2009-07-28 21:23 . 2008-04-03 23:14 7620 ----a-w- c:\users\Julio Guidi\AppData\Local\d3d9caps.dat

2009-07-23 16:50 . 2007-12-12 19:38 -------- d-----w- c:\programdata\NVIDIA

2009-07-23 15:43 . 2007-08-11 10:20 -------- d-----w- c:\program files\CONEXANT

2009-07-23 12:57 . 2009-03-05 02:41 -------- d-----w- c:\program files\Microsoft Silverlight

2009-07-23 05:49 . 2009-04-27 04:19 -------- d-----w- c:\program files\Megacubo

2009-07-16 06:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2009-06-30 12:37 . 2009-02-28 13:45 -------- d-----w- c:\programdata\GbPlugin

2009-06-30 12:37 . 2009-02-28 13:45 -------- d-----w- c:\program files\GbPlugin

2009-06-26 18:56 . 2009-01-11 01:13 -------- d-----w- c:\programdata\Roxio

2009-06-26 17:20 . 2007-12-12 19:52 1 ----a-w- c:\users\Julio Guidi\AppData\Roaming\BrOffice.org2\user\uno_packages\cache\stamp.sys

2009-06-26 17:20 . 2007-12-12 19:51 -------- d-----w- c:\users\Julio Guidi\AppData\Roaming\BrOffice.org2

2009-06-14 05:26 . 2009-06-14 05:26 -------- d-----w- c:\program files\Image Comparer

2009-06-11 06:02 . 2007-08-11 10:55 -------- d-----w- c:\program files\Microsoft Works

2009-06-06 03:37 . 2009-04-27 04:19 -------- d-----w- c:\program files\SopCast

2009-05-26 17:35 . 2007-12-12 14:40 91728 ----a-w- c:\users\Julio Guidi\AppData\Local\GDIPFONTCACHEV1.DAT

2009-05-25 22:05 . 2009-05-25 22:05 10134 ----a-r- c:\users\Julio Guidi\AppData\Roaming\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe

2009-05-10 23:54 . 2007-12-12 18:48 38079 ----a-w- c:\users\Julio Guidi\AppData\Roaming\nvModes.dat

2009-05-09 05:50 . 2009-06-14 06:39 915456 ----a-w- c:\windows\system32\wininet.dll

2009-05-09 05:34 . 2009-06-14 06:39 71680 ----a-w- c:\windows\system32\iesetup.dll

2009-07-18 16:36 . 2009-05-11 23:28 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll

2008-05-01 16:03 . 2008-05-01 16:03 608 --sha-w- c:\windows\System32\winzvprt5.sys

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="c:\users\Julio Guidi\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-07-16 133104]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]

"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-12-02 167936]

"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2006-10-18 317152]

"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2006-10-18 472800]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-04 92704]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-28 148888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-07 44128]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]

[HKEY_LOCAL_MACHINE\software\Microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\Microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]

2009-06-18 21:00 302368 ----a-w- c:\program files\GbPlugin\gbieh.dll

[HKEY_LOCAL_MACHINE\software\Microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Gerenciador de HotSync.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Gerenciador de HotSync.lnk

backup=c:\windows\pss\Gerenciador de HotSync.lnk.CommonStartup

backupExtension=.CommonStartup

HKEY_LOCAL_MACHINE\software\Microsoft\shared tools\msconfig\startupreg\IDMan

[HKEY_LOCAL_MACHINE\software\Microsoft\security center]

"UacDisableNotify"=dword:00000001

"InternetSettingsDisableNotify"=dword:00000001

"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{F097F5EF-279E-43C9-9853-BBFEE9960587}"= UDP:c:\program files\HP\QuickPlay\QP.exe:QP

"{3782F639-7816-402A-B161-4D3AE8190C4B}"= TCP:c:\program files\HP\QuickPlay\QP.exe:QP

"TCP Query User{9663C8BE-CA3C-4985-9431-6032BDCF9ADA}c:\\program files\\dremule\\emule.exe"= UDP:c:\program files\dremule\emule.exe:Dreamule

"UDP Query User{6F35F484-8446-4B4B-A316-DA2A16D86241}c:\\program files\\dremule\\emule.exe"= TCP:c:\program files\dremule\emule.exe:Dreamule

"TCP Query User{EDB4BC33-C0CB-47C6-8A34-8E2E70F090A4}c:\\program files\\dremule\\emule.exe"= UDP:c:\program files\dremule\emule.exe:Dreamule

"UDP Query User{88C73A6A-4675-49C5-BBBA-91B4A9941D71}c:\\program files\\dremule\\emule.exe"= TCP:c:\program files\dremule\emule.exe:Dreamule

"{1A45DD18-0424-426B-88CD-EB3775A82F2D}"= UDP:c:\program files\Internet Explorer\iexplore.exe:Internet Explorer

"{6B318D8D-E71D-4D91-A522-E9DFE2FBA433}"= TCP:c:\program files\Internet Explorer\iexplore.exe:Internet Explorer

"{5E89CDCC-48B0-4BDD-B53B-F02B8C3D3171}"= UDP:53541:53541

"{8FBBE789-68BA-4386-A7C8-C74514FBFFEC}"= TCP:14931:14931

"TCP Query User{D491449C-08B7-4AC6-90AD-E2117EC925DF}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent

"UDP Query User{ECD70FA5-A8A6-4C11-8B83-02E946CD528E}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent

"TCP Query User{17885EE0-4A51-4906-A1E4-41F7876C08CE}c:\\users\\julio guidi\\program files\\dna\\btdna.exe"= UDP:c:\users\julio guidi\program files\dna\btdna.exe:btdna.exe

"UDP Query User{041BA2AB-1044-4D32-9664-8EFBA726B1BD}c:\\users\\julio guidi\\program files\\dna\\btdna.exe"= TCP:c:\users\julio guidi\program files\dna\btdna.exe:btdna.exe

"{1D9B8AC7-B3FD-4AD4-993A-F9009F9C7471}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)

"{3E550B93-FAFB-4810-8353-6970BAFC6AAD}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)

"TCP Query User{C58791F5-11ED-4247-988E-63C206651F42}c:\\program files\\real\\realplayer\\realplay.exe"= UDP:c:\program files\real\realplayer\realplay.exe:RealPlayer

"UDP Query User{6C6385B7-1DAD-442A-B95A-5C38542C3ADA}c:\\program files\\real\\realplayer\\realplay.exe"= TCP:c:\program files\real\realplayer\realplay.exe:RealPlayer

"{19D5721B-7948-40C4-9D1B-11ACF4AA8857}"= UDP:c:\program files\Megacubo\megacubo.exe:MegaCubo

"{A5A38FD4-CB14-40E7-BB64-F3EB3A154FD7}"= TCP:c:\program files\Megacubo\megacubo.exe:MegaCubo

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]

"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R0 GbpKm;Gbp KernelMode;c:\windows\System32\drivers\gbpkm.sys [30/06/2009 02:00 27056]

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [27/05/2008 01:26 78416]

R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [27/05/2008 01:26 20560]

R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [09/02/2008 08:39 51280]

R2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [28/02/2009 10:45 53552]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [28/07/2009 18:37 1153368]

S3 usb2vcom;USB Data Cable;c:\windows\System32\drivers\usb2vcom.sys [04/10/2008 11:46 28704]

[HKEY_LOCAL_MACHINE\software\Microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

[HKEY_LOCAL_MACHINE\software\Microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

.

Conteúdo da pasta 'Tarefas Agendadas'

2009-07-29 c:\windows\Tasks\AWC Startup.job

- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2009-07-28 12:55]

2009-07-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2172417707-4275060026-1713001662-1000Core.job

- c:\users\Julio Guidi\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-16 14:26]

2009-07-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2172417707-4275060026-1713001662-1000UA.job

- c:\users\Julio Guidi\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-16 14:26]

.

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.globo.com/

DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FF - ProfilePath - c:\users\Julio Guidi\AppData\Roaming\Mozilla\Firefox\Profiles\yjq2dfmr.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pt-BR:official

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\users\Julio Guidi\AppData\Local\Google\Update\1.2.183.7\npGoogleOneClick8.dll

FF - plugin: c:\users\Julio Guidi\Program Files\DNA\plugins\npbtdna.dll

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

.

**************************************************************************

catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-07-28 23:55

Windows 6.0.6001 Service Pack 1 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

**************************************************************************

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_USERS\S-1-5-21-2172417707-4275060026-1713001662-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"scansk"=hex(0):7e,cc,a4,11,28,5c,79,07,19,75,05,e9,4d,9e,9b,8d,20,5c,3e,dd,24,

0b,5f,85,dc,ef,20,8c,c3,18,22,d6,51,60,f9,51,15,85,d7,7f,00,00,00,00,00,00,\

[HKEY_USERS\S-1-5-21-2172417707-4275060026-1713001662-1000_Classes\CLSID\{7a09ffc5-b447-4116-b0b3-5e58888cde6c}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:0000001b

"Therad"=dword:0000001e

"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,

38,95,44,62,3b,0d,e0,83,f3,8a,5e,96,94,16,7a,19,d5,dc,a7,3f,cb,c4,3f,5b,b9,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (Y) (Users)

@Denied: (Y) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Tempo para conclusão: 2009-07-29 23:57

ComboFix-quarantined-files.txt 2009-07-29 02:57

Pré-execução: 24.816.861.184 bytes disponíveis

Pós execução: 24.803.590.144 bytes disponíveis

228 --- E O F --- 2009-07-28 21:36

----------- // -----------------

Log do Hijack:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:03:19, on 29/07/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Users\Julio Guidi\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.Microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.Microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.Microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.Microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.Microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Julio Guidi\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O13 - Gopher Prefix:

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.Microsoft.com/windowsupdate/...b?1244960040269

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.Microsoft.com/microsoftupdat...b?1248356873049

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...tDetection2.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O20 - Winlogon Notify: GbPluginBb - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe

O23 - Service: Agendador do LiveUpdate automático - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! antivírus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - (no file)

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - (no file)

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 7756 bytes

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! jguidi

<!> você possui 2 antivírus: Norton + Avast.

<!> Desinstale o Norton,se for do seu agrado.

<><><><><><><><>

<@> Baixe Malwarebytes e poste seu relatório.

Abraços!

0

Compartilhar este post


Link para o post
Compartilhar em outros sites
Bom Dia! jguidi

<!> você possui 2 antivírus: Norton + Avast.

<!> Desinstale o Norton,se for do seu agrado.

<><><><><><><><>

<@> Baixe Malwarebytes e poste seu relatório.

Abraços!

Bom dia Amigo,

Segue o log do Malwarebytes:

Malwarebytes' Anti-Malware 1.39

Versão do banco de dados: 2525

Windows 6.0.6001 Service Pack 1

29/07/2009 11:16:28

mbam-log-2009-07-29 (11-16-28).txt

Tipo de Verificação: Completa (C:\|D:\|)

Objetos verificados: 266135

Tempo decorrido: 1 hour(s), 19 minute(s), 32 second(s)

Processos da Memória infectados: 0

Módulos de Memória Infectados: 0

Chaves do Registro infectadas: 0

Valores do Registro infectados: 0

Ítens do Registro infectados: 0

Pastas infectadas: 0

Arquivos infectados: 3

Processos da Memória infectados:

(Nenhum ítem malicioso foi detectado)

Módulos de Memória Infectados:

(Nenhum ítem malicioso foi detectado)

Chaves do Registro infectadas:

(Nenhum ítem malicioso foi detectado)

Valores do Registro infectados:

(Nenhum ítem malicioso foi detectado)

Ítens do Registro infectados:

(Nenhum ítem malicioso foi detectado)

Pastas infectadas:

(Nenhum ítem malicioso foi detectado)

Arquivos infectados:

c:\program files\Megacubo\bin\sopcore.exe (Rogue.Installer) -> Quarantined and deleted successfully.

c:\Windows\system\wuaucldt.exe (Spyware.Banker) -> Quarantined and deleted successfully.

C:\Windows\system\jumpm.exe (Trojan.Banker) -> Quarantined and deleted successfully.

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! jguidi

<!> Alguns problemas foram removidos pelo antimalware. ( MBAM )

<!> O log do HijackThis,está limpo! (Y)

°°°°°°°°°°°°°°°°°°°°°°°

<@> Vá em Iniciar --> Executar --> Digite ou cole: combofix.exe /u --> Clique OK.

<@> Abrir-se-á,a seguinte janela: ( Abrir arquivo - Aviso de Segurança )

<@> Clique em Executar --> Aguarde!

<@> Surgirá,finalmente,a mensagem: "ComboFix está desinstalado" --> Clique OK.

<@> Caso encontre,apague: C:\ComboFix <-- A pasta! + C:\ComboFix.txt <-- Relatório!

°°°°°°°°°°°°°°°°°°°°°°°

<!> Tudo Ok?

Abraços!

0

Compartilhar este post


Link para o post
Compartilhar em outros sites
Boa Tarde! jguidi

<!> Alguns problemas foram removidos pelo antimalware. ( MBAM )

<!> O log do HijackThis,está limpo! (Y)

°°°°°°°°°°°°°°°°°°°°°°°

<@> Vá em Iniciar --> Executar --> Digite ou cole: combofix.exe /u --> Clique OK.

<@> Abrir-se-á,a seguinte janela: ( Abrir arquivo - Aviso de Segurança )

<@> Clique em Executar --> Aguarde!

<@> Surgirá,finalmente,a mensagem: "ComboFix está desinstalado" --> Clique OK.

<@> Caso encontre,apague: C:\ComboFix <-- A pasta! + C:\ComboFix.txt <-- Relatório!

°°°°°°°°°°°°°°°°°°°°°°°

<!> Tudo Ok?

Abraços!

Muito obrigado, o problema acho que foi resolvido, resta saber se vou poder acessar o internet banking com tranquilidade.

Abraços.

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

CASO RESOLVIDO

<!> Necessitando de uma nova análise,para este computador,abra um novo Tópico e relate o problema.

Abraços!

0

Compartilhar este post


Link para o post
Compartilhar em outros sites
    • 10 Mensagens
    • 109 Visualizações
    • 11 Mensagens
    • 1002 Visualizações
    • 12 Mensagens
    • 94 Visualizações
    • VMO
    • VMO
    • 12 Mensagens
    • 189 Visualizações
    • 9 Mensagens
    • 120 Visualizações

  • Postagens Recentes

    • Solicitação de análise de log
      r> 2016-06-14 21:04 - 2016-05-28 02:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
      2016-06-14 21:04 - 2016-05-28 02:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
      2016-06-14 21:04 - 2016-05-28 02:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
      2016-06-14 21:04 - 2016-05-28 02:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
      2016-06-14 21:04 - 2016-05-28 02:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
      2016-06-14 21:04 - 2016-05-28 02:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
      2016-06-14 21:04 - 2016-05-28 02:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
      2016-06-14 21:04 - 2016-05-28 02:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
      2016-06-14 21:04 - 2016-05-28 02:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
      2016-06-14 21:04 - 2016-05-28 01:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
      2016-06-14 21:04 - 2016-05-28 01:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
      2016-06-14 21:04 - 2016-05-28 01:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
      2016-06-14 21:04 - 2016-05-28 01:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
      2016-06-14 21:04 - 2016-05-28 01:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
      2016-06-14 21:04 - 2016-05-28 01:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
      2016-06-14 21:04 - 2016-05-28 01:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
      2016-06-14 21:04 - 2016-05-28 01:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
      2016-06-14 21:04 - 2016-05-28 01:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
      2016-06-14 21:04 - 2016-05-28 01:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
      2016-06-14 21:04 - 2016-05-28 01:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
      2016-06-14 21:04 - 2016-05-28 01:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
      2016-06-14 21:04 - 2016-05-28 01:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
      2016-06-14 21:04 - 2016-05-28 01:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
      2016-06-14 21:04 - 2016-05-28 01:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
      2016-06-14 21:04 - 2016-05-28 01:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
      2016-06-14 21:04 - 2016-05-28 01:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
      2016-06-14 21:04 - 2016-05-28 01:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
      2016-06-14 21:04 - 2016-05-28 01:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
      2016-06-14 21:04 - 2016-05-28 01:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
      2016-06-14 21:04 - 2016-05-28 01:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
      2016-06-14 21:04 - 2016-05-28 01:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
      2016-06-14 21:04 - 2016-05-28 01:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
      2016-06-14 21:04 - 2016-05-28 01:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
      2016-06-14 21:04 - 2016-05-28 01:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
      2016-06-14 21:04 - 2016-05-28 01:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
      2016-06-14 21:04 - 2016-05-28 01:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
      2016-06-14 21:04 - 2016-05-28 01:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
      2016-06-14 21:04 - 2016-05-28 01:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
      2016-06-14 21:04 - 2016-05-28 01:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
      2016-06-14 21:04 - 2016-05-28 01:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
      2016-06-14 21:04 - 2016-05-28 01:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
      2016-06-14 21:04 - 2016-05-28 01:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
      2016-06-14 21:04 - 2016-05-28 01:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
      2016-06-14 21:04 - 2016-05-28 01:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
      2016-06-14 21:04 - 2016-05-28 01:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
      2016-06-14 21:04 - 2016-05-28 01:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
      2016-06-14 21:04 - 2016-05-28 01:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
      2016-06-14 21:04 - 2016-05-28 01:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
      2016-06-14 21:04 - 2016-05-28 01:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
      2016-06-14 21:04 - 2016-05-28 01:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
      2016-06-14 21:04 - 2016-05-28 01:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
      2016-06-14 21:04 - 2016-05-28 01:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
      2016-06-14 21:04 - 2016-05-28 01:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
      2016-06-14 21:04 - 2016-05-28 01:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
      2016-06-14 21:04 - 2016-05-28 01:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
      2016-06-14 21:04 - 2016-05-28 01:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
      2016-06-14 21:04 - 2016-05-28 01:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
      2016-06-14 21:04 - 2016-05-28 01:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
      2016-06-14 21:04 - 2016-05-28 01:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
      2016-06-14 21:04 - 2016-05-28 01:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
      2016-06-14 21:04 - 2016-05-28 01:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
      2016-06-14 21:04 - 2016-05-28 01:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
      2016-06-14 21:04 - 2016-05-28 01:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
      2016-06-14 21:04 - 2016-05-28 01:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
      2016-06-14 21:04 - 2016-05-28 01:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
      2016-06-14 21:04 - 2016-05-28 01:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
      2016-06-14 21:04 - 2016-05-28 01:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
      2016-06-14 21:04 - 2016-05-28 01:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
      2016-06-14 21:04 - 2016-05-28 01:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
      2016-06-14 21:04 - 2016-05-28 01:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
      2016-06-14 21:04 - 2016-05-28 01:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
      2016-06-14 21:04 - 2016-05-28 01:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
      2016-06-14 21:04 - 2016-05-28 01:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
      2016-06-14 21:04 - 2016-05-28 01:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
      2016-06-14 21:04 - 2016-05-28 01:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
      2016-06-14 21:04 - 2016-05-28 01:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
      2016-06-14 21:04 - 2016-05-28 01:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
      2016-06-14 21:04 - 2016-05-28 01:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
      2016-06-14 21:04 - 2016-05-28 01:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
      2016-06-14 21:04 - 2016-05-28 01:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
      2016-06-14 21:04 - 2016-05-28 01:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
      2016-06-14 21:04 - 2016-05-28 01:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
      2016-06-14 21:04 - 2016-05-28 01:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
      2016-06-14 21:04 - 2016-05-28 01:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
      2016-06-14 21:04 - 2016-05-28 01:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
      2016-06-14 21:04 - 2016-05-28 01:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
      2016-06-14 21:04 - 2016-05-28 01:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
      2016-06-14 21:04 - 2016-05-28 01:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
      2016-06-14 21:04 - 2016-05-28 01:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
      2016-06-14 21:04 - 2016-05-28 01:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
      2016-06-14 21:04 - 2016-05-28 01:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
      2016-06-14 21:04 - 2016-05-28 01:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
      2016-06-14 21:04 - 2016-05-28 01:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
      2016-06-14 21:04 - 2016-05-28 01:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
      2016-06-14 21:04 - 2016-05-28 01:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
      2016-06-14 21:04 - 2016-05-28 01:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
      2016-06-14 21:04 - 2016-05-28 01:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
      2016-06-14 21:04 - 2016-05-28 01:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
      2016-06-14 21:04 - 2016-05-28 01:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
      2016-06-14 21:04 - 2016-05-28 01:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
      2016-06-14 21:04 - 2016-05-28 01:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
      2016-06-14 21:04 - 2016-05-28 01:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
      2016-06-14 21:04 - 2016-05-28 01:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
      2016-06-14 21:04 - 2016-05-28 00:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
      2016-06-14 21:04 - 2016-05-28 00:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
      2016-06-14 21:04 - 2016-05-28 00:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
      2016-06-14 21:04 - 2016-05-28 00:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
      2016-06-14 21:04 - 2016-05-28 00:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
      2016-06-14 21:04 - 2016-05-28 00:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
      2016-06-14 21:03 - 2016-05-28 03:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
      2016-06-14 21:03 - 2016-05-28 03:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
      2016-06-14 21:03 - 2016-05-28 02:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
      2016-06-14 21:03 - 2016-05-28 02:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
      2016-06-14 21:03 - 2016-05-28 02:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
      2016-06-14 21:03 - 2016-05-28 02:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
      2016-06-14 21:03 - 2016-05-28 02:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
      2016-06-14 21:03 - 2016-05-28 02:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
      2016-06-14 21:03 - 2016-05-28 02:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
      2016-06-14 21:03 - 2016-05-28 02:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
      2016-06-14 21:03 - 2016-05-28 02:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
      2016-06-14 21:03 - 2016-05-28 02:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
      2016-06-14 21:03 - 2016-05-28 02:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
      2016-06-14 21:03 - 2016-05-28 02:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
      2016-06-14 21:03 - 2016-05-28 02:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
      2016-06-14 21:03 - 2016-05-28 02:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
      2016-06-14 21:03 - 2016-05-28 01:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
      2016-06-14 21:03 - 2016-05-28 01:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
      2016-06-14 21:03 - 2016-05-28 01:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
      2016-06-14 21:03 - 2016-05-28 01:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
      2016-06-14 21:03 - 2016-05-28 01:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
      2016-06-14 21:03 - 2016-05-28 01:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
      2016-06-14 21:03 - 2016-05-28 01:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
      2016-06-14 21:03 - 2016-05-28 01:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
      2016-06-14 21:03 - 2016-05-28 01:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
      2016-06-14 21:03 - 2016-05-28 01:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
      2016-06-14 21:03 - 2016-05-28 01:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
      2016-06-14 21:03 - 2016-05-28 01:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
      2016-06-14 21:03 - 2016-05-28 01:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
      2016-06-14 21:03 - 2016-05-28 01:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
      2016-06-14 21:03 - 2016-05-28 01:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
      2016-06-14 21:03 - 2016-05-28 01:25 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
      2016-06-14 21:03 - 2016-05-28 01:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
      2016-06-14 21:03 - 2016-05-28 01:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
      2016-06-14 21:03 - 2016-05-28 01:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
      2016-06-14 21:03 - 2016-05-28 01:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
      2016-06-14 21:03 - 2016-05-28 01:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
      2016-06-14 21:03 - 2016-05-28 01:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
      2016-06-14 21:03 - 2016-05-28 01:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
      2016-06-14 21:03 - 2016-05-28 01:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
      2016-06-14 21:03 - 2016-05-28 01:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
      2016-06-14 21:03 - 2016-05-28 01:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
      2016-06-14 21:03 - 2016-05-28 01:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
      2016-06-14 21:03 - 2016-05-28 01:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
      2016-06-14 21:03 - 2016-05-28 01:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
      2016-06-14 21:03 - 2016-05-28 01:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
      2016-06-14 21:03 - 2016-05-28 01:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
      2016-06-14 21:03 - 2016-05-28 01:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
      2016-06-14 21:03 - 2016-05-28 01:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
      2016-06-14 21:03 - 2016-05-28 01:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
      2016-06-14 21:03 - 2016-05-28 01:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
      2016-06-14 21:03 - 2016-05-28 01:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
      2016-06-14 21:03 - 2016-05-28 01:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
      2016-06-14 21:03 - 2016-05-28 01:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
      2016-06-14 21:03 - 2016-05-28 01:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
      2016-06-14 21:03 - 2016-05-28 01:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
      2016-06-14 21:03 - 2016-05-28 01:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
      2016-06-14 21:03 - 2016-05-28 01:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
      2016-06-14 21:03 - 2016-05-28 01:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
      2016-06-14 21:03 - 2016-05-28 01:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
      2016-06-14 21:03 - 2016-05-28 01:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
      2016-06-14 21:03 - 2016-05-28 01:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
      2016-06-14 21:03 - 2016-05-28 01:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
      2016-06-14 21:03 - 2016-05-28 01:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
      2016-06-14 21:03 - 2016-05-28 01:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
      2016-06-14 21:03 - 2016-05-28 01:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
      2016-06-14 21:03 - 2016-05-28 01:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
      2016-06-14 21:03 - 2016-05-28 01:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
      2016-06-14 21:03 - 2016-05-28 01:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
      2016-06-14 21:03 - 2016-05-28 01:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
      2016-06-14 21:03 - 2016-05-28 01:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
      2016-06-14 21:03 - 2016-05-28 01:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
      2016-06-14 21:03 - 2016-05-28 01:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
      2016-06-14 21:03 - 2016-05-28 01:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
      2016-06-14 21:03 - 2016-05-28 01:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
      2016-06-14 21:03 - 2016-05-28 01:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
      2016-06-14 21:03 - 2016-05-28 01:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
      2016-06-14 21:03 - 2016-05-28 01:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
      2016-06-14 21:03 - 2016-05-28 01:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
      2016-06-14 21:03 - 2016-05-28 01:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
      2016-06-14 21:03 - 2016-05-28 01:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
      2016-06-14 21:03 - 2016-05-28 01:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
      2016-06-14 21:03 - 2016-05-28 01:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
      2016-06-14 21:03 - 2016-05-28 01:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
      2016-06-14 21:03 - 2016-05-28 01:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
      2016-06-14 21:03 - 2016-05-28 01:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
      2016-06-14 21:03 - 2016-05-28 00:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
      2016-06-14 21:03 - 2016-05-28 00:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
      2016-06-14 21:03 - 2016-05-28 00:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
      2016-06-14 10:10 - 2016-06-20 14:50 - 00000000 ____D C:\Users\Geicy\Documents\PDF COM NOVO FORMATO
      2016-06-14 09:26 - 2016-06-20 14:27 - 00000000 ____D C:\Users\Geicy\Documents\PRANCHAS CARIMBO
      2016-05-31 17:52 - 2016-05-31 17:52 - 00236776 _____ C:\Users\Geicy\Downloads\DETRAN_SE - Portal de Serviços.pdf
      2016-05-31 17:12 - 2016-05-31 17:12 - 00002087 _____ C:\Users\Public\Desktop\A360 Desktop.lnk
      2016-05-31 17:10 - 2016-05-31 17:10 - 00002168 _____ C:\Users\Public\Desktop\Autodesk ReCap 2016.lnk
      2016-05-31 17:10 - 2016-05-31 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap 2016
      2016-05-31 17:07 - 2016-05-31 17:07 - 00002182 _____ C:\Users\Public\Desktop\AutoCAD 2016 - English.lnk
      2016-05-31 17:07 - 2016-05-31 17:07 - 00000000 ____D C:\Users\Public\Documents\Autodesk
      2016-05-31 17:06 - 2016-05-31 17:06 - 00000000 ____D C:\Users\Geicy\Documents\Inventor Server SDK ACAD 2016
      2016-05-28 10:58 - 2016-05-28 11:21 - 00047584 _____ C:\Users\Geicy\Downloads\Sinalizacao tatil de alerta e diecional.dwg
      2016-05-26 11:30 - 2016-05-26 11:30 - 00000000 ____D C:\Users\Geicy\Downloads\Certificados
      2016-05-26 11:22 - 2016-05-26 11:23 - 00000000 ____D C:\Users\Geicy\Downloads\Filarmônica
      2016-05-12 07:31 - 2016-07-18 21:30 - 00000000 ____D C:\Users\Geicy\Documents\Revit
      2016-05-11 09:40 - 2016-04-23 02:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
      2016-05-11 09:40 - 2016-04-23 02:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
      2016-05-11 09:40 - 2016-04-23 02:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
      2016-05-11 09:40 - 2016-04-23 02:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
      2016-05-11 09:40 - 2016-04-23 02:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
      2016-05-11 09:40 - 2016-04-23 01:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
      2016-05-11 09:40 - 2016-04-23 01:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
      2016-05-11 09:40 - 2016-04-23 01:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
      2016-05-11 09:40 - 2016-04-23 01:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
      2016-05-11 09:40 - 2016-04-23 01:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
      2016-05-11 09:40 - 2016-04-23 01:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
      2016-05-11 09:40 - 2016-04-23 01:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
      2016-05-11 09:40 - 2016-04-23 01:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
      2016-05-11 09:40 - 2016-04-23 01:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
      2016-05-11 09:39 - 2016-05-06 01:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
      2016-05-11 09:39 - 2016-05-06 01:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
      2016-05-11 09:39 - 2016-05-06 01:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
      2016-05-11 09:39 - 2016-05-06 00:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
      2016-05-11 09:39 - 2016-05-06 00:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
      2016-05-11 09:39 - 2016-05-06 00:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
      2016-05-11 09:39 - 2016-05-06 00:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
      2016-05-11 09:39 - 2016-04-23 03:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
      2016-05-11 09:39 - 2016-04-23 03:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
      2016-05-11 09:39 - 2016-04-23 02:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
      2016-05-11 09:39 - 2016-04-23 02:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
      2016-05-11 09:39 - 2016-04-23 02:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
      2016-05-11 09:39 - 2016-04-23 02:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
      2016-05-11 09:39 - 2016-04-23 02:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
      2016-05-11 09:39 - 2016-04-23 02:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
      2016-05-11 09:39 - 2016-04-23 02:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
      2016-05-11 09:39 - 2016-04-23 02:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
      2016-05-11 09:39 - 2016-04-23 02:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
      2016-05-11 09:39 - 2016-04-23 02:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
      2016-05-11 09:39 - 2016-04-23 02:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
      2016-05-11 09:39 - 2016-04-23 02:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
      2016-05-11 09:39 - 2016-04-23 02:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
      2016-05-11 09:39 - 2016-04-23 02:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
      2016-05-11 09:39 - 2016-04-23 02:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
      2016-05-11 09:39 - 2016-04-23 02:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
      2016-05-11 09:39 - 2016-04-23 02:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
      2016-05-11 09:39 - 2016-04-23 02:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
      2016-05-11 09:39 - 2016-04-23 02:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
      2016-05-11 09:39 - 2016-04-23 02:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
      2016-05-11 09:39 - 2016-04-23 02:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
      2016-05-11 09:39 - 2016-04-23 02:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
      2016-05-11 09:39 - 2016-04-23 02:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
      2016-05-11 09:39 - 2016-04-23 02:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
      2016-05-11 09:39 - 2016-04-23 02:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
      2016-05-11 09:39 - 2016-04-23 02:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
      2016-05-11 09:39 - 2016-04-23 02:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
      2016-05-11 09:39 - 2016-04-23 02:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
      2016-05-11 09:39 - 2016-04-23 02:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
      2016-05-11 09:39 - 2016-04-23 02:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
      2016-05-11 09:39 - 2016-04-23 02:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
      2016-05-11 09:39 - 2016-04-23 02:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
      2016-05-11 09:39 - 2016-04-23 02:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
      2016-05-11 09:39 - 2016-04-23 02:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
      2016-05-11 09:39 - 2016-04-23 02:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
      2016-05-11 09:39 - 2016-04-23 02:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
      2016-05-11 09:39 - 2016-04-23 02:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
      2016-05-11 09:39 - 2016-04-23 01:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
      2016-05-11 09:39 - 2016-04-23 01:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
      2016-05-11 09:39 - 2016-04-23 01:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
      2016-05-11 09:39 - 2016-04-23 01:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
      2016-05-11 09:39 - 2016-04-23 01:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
      2016-05-11 09:39 - 2016-04-23 01:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
      2016-05-11 09:39 - 2016-04-23 01:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
      2016-05-11 09:39 - 2016-04-23 01:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
      2016-05-11 09:39 - 2016-04-23 01:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
      2016-05-11 09:39 - 2016-04-23 01:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
      2016-05-11 09:39 - 2016-04-23 01:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
      2016-05-11 09:39 - 2016-04-23 01:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
      2016-05-11 09:39 - 2016-04-23 01:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
      2016-05-11 09:39 - 2016-04-23 01:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
      2016-05-11 09:39 - 2016-04-23 01:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
      2016-05-11 09:39 - 2016-04-23 01:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
      2016-05-11 09:39 - 2016-04-23 01:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
      2016-05-11 09:39 - 2016-04-23 01:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
      2016-05-11 09:39 - 2016-04-23 01:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
      2016-05-11 09:39 - 2016-04-23 01:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
      2016-05-11 09:39 - 2016-04-23 01:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
      2016-05-11 09:39 - 2016-04-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
      2016-05-11 09:39 - 2016-04-23 01:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
      2016-05-11 09:39 - 2016-04-23 01:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
      2016-05-11 09:39 - 2016-04-23 01:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
      2016-05-11 09:39 - 2016-04-23 01:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
      2016-05-11 09:39 - 2016-04-23 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
      2016-05-11 09:39 - 2016-04-23 01:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
      2016-05-11 09:39 - 2016-04-23 01:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
      2016-05-11 09:39 - 2016-04-23 01:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
      2016-05-11 09:39 - 2016-04-23 01:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
      2016-05-11 09:39 - 2016-04-23 01:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
      2016-05-11 09:39 - 2016-04-23 01:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
      2016-05-11 09:39 - 2016-04-23 01:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
      2016-05-11 09:39 - 2016-04-23 01:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
      2016-05-11 09:39 - 2016-04-23 01:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
      2016-05-11 09:39 - 2016-04-23 01:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
      2016-05-11 09:39 - 2016-04-23 01:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
      2016-05-11 09:39 - 2016-04-23 01:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
      2016-05-11 09:39 - 2016-04-23 01:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
      2016-05-11 09:39 - 2016-04-23 01:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
      2016-05-11 09:39 - 2016-04-23 01:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
      2016-05-11 09:39 - 2016-04-23 01:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
      2016-05-11 09:39 - 2016-04-23 01:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
      2016-05-11 09:39 - 2016-04-23 01:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
      2016-05-11 09:39 - 2016-04-23 01:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
      2016-05-11 09:39 - 2016-04-23 01:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
      2016-05-11 09:39 - 2016-04-23 01:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
      2016-05-11 09:39 - 2016-04-23 01:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
      2016-05-11 09:39 - 2016-04-23 01:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
      2016-05-11 09:39 - 2016-04-23 01:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
      2016-05-11 09:39 - 2016-04-23 01:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
      2016-05-11 09:39 - 2016-04-23 01:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
      2016-05-11 09:39 - 2016-04-23 01:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
      2016-05-11 09:39 - 2016-04-23 01:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
      2016-05-11 09:39 - 2016-04-23 01:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
      2016-05-11 09:39 - 2016-04-23 01:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
      2016-05-11 09:39 - 2016-04-23 01:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
      2016-05-11 09:39 - 2016-04-23 01:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
      2016-05-11 09:39 - 2016-04-23 01:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
      2016-05-11 09:39 - 2016-04-23 01:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
      2016-05-11 09:39 - 2016-04-23 01:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
      2016-05-11 09:39 - 2016-04-23 01:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
      2016-05-11 09:39 - 2016-04-23 01:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
      2016-05-11 09:39 - 2016-04-23 01:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
      2016-05-11 09:39 - 2016-04-23 01:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
      2016-05-11 09:39 - 2016-04-23 01:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
      2016-05-11 09:39 - 2016-04-23 01:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
      2016-05-11 09:39 - 2016-04-23 01:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
      2016-05-11 09:39 - 2016-04-23 01:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
      2016-05-11 09:39 - 2016-04-23 01:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
      2016-05-11 09:39 - 2016-04-23 01:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
      2016-05-11 09:39 - 2016-04-23 01:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
      2016-05-11 09:39 - 2016-04-23 01:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
      2016-05-11 09:39 - 2016-04-23 01:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
      2016-05-11 09:39 - 2016-04-23 01:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
      2016-05-11 09:39 - 2016-04-23 01:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
      2016-05-11 09:39 - 2016-04-23 01:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
      2016-05-11 09:39 - 2016-04-23 00:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
      2016-05-11 09:39 - 2016-04-22 23:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
      2016-05-11 09:39 - 2016-04-22 23:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
      2016-05-11 09:39 - 2016-04-18 19:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
      2016-05-08 11:41 - 2016-05-08 11:42 - 12237952 _____ C:\Users\Geicy\Downloads\VID-20160507-WA0014.mp4
      2016-05-06 10:42 - 2016-07-13 13:44 - 00130760 _____ C:\Users\Geicy\AppData\Local\GDIPFONTCACHEV1.DAT
      2016-05-06 10:31 - 2016-05-06 10:31 - 00000000 ____D C:\Users\Geicy\Documents\Autodesk Application Manager
      2016-05-06 10:27 - 2016-05-06 10:27 - 00002059 _____ C:\Users\Public\Desktop\Revit 2016.lnk
      2016-05-06 08:53 - 2016-05-06 08:53 - 00002123 _____ C:\Users\Public\Desktop\Autodesk ReCap.lnk
      2016-05-06 08:53 - 2016-05-06 08:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap
      2016-05-06 08:43 - 2016-05-31 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
      2016-05-06 08:43 - 2016-05-31 17:12 - 00000000 ____D C:\Program Files (x86)\Autodesk
      2016-05-06 07:50 - 2016-05-31 16:29 - 00000000 ____D C:\Users\Geicy\Downloads\Instaladores CAD e Revit
      2016-05-05 23:55 - 2016-05-06 00:11 - 00388608 _____ (Trend Micro Inc.) C:\HijackThis.exe
      2016-05-05 22:41 - 2016-05-05 23:05 - 22851472 _____ (Malwarebytes ) C:\Users\Geicy\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe
      2016-05-05 22:20 - 2016-06-27 16:17 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.146705510676502
      2016-05-05 22:03 - 2016-07-21 16:43 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
      2016-05-05 22:03 - 2016-07-21 16:43 - 00000000 ____D C:\ProgramData\AVAST Software
      2016-05-05 22:02 - 2016-05-05 22:03 - 05168776 _____ (AVAST Software) C:\Users\Geicy\Downloads\avast_free_antivirus_setup_online.exe
      2016-05-04 13:09 - 2016-05-04 13:09 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
      2016-05-04 13:00 - 2016-05-06 10:31 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
      2016-05-04 13:00 - 2016-05-06 10:31 - 00000000 ____D C:\ProgramData\Package Cache
      2016-05-04 12:50 - 2016-05-31 16:41 - 00000000 ____D C:\Autodesk
      2016-05-03 09:23 - 2016-07-21 16:05 - 00000000 ___RD C:\Users\Geicy\Dropbox
      2016-05-03 09:23 - 2016-05-03 09:23 - 00001225 _____ C:\Users\Geicy\Desktop\Dropbox.lnk
      2016-05-03 09:20 - 2016-07-11 17:00 - 00000000 ____D C:\Users\Geicy\AppData\Roaming\Dropbox
      2016-05-03 08:58 - 2016-07-22 18:03 - 00001050 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1883175002-3615411677-2762873912-1001UA.job
      2016-05-03 08:58 - 2016-06-15 09:03 - 00000998 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1883175002-3615411677-2762873912-1001Core.job
      2016-05-03 08:58 - 2016-05-13 09:27 - 00000000 ____D C:\Users\Geicy\AppData\Local\Dropbox
      2016-05-03 08:58 - 2016-05-03 08:58 - 00004170 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1883175002-3615411677-2762873912-1001UA
      2016-05-03 08:58 - 2016-05-03 08:58 - 00003794 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1883175002-3615411677-2762873912-1001Core
      2016-05-03 08:58 - 2016-05-03 08:58 - 00000000 ____D C:\Users\Todos os Usuários\Dropbox
      2016-05-03 08:58 - 2016-05-03 08:58 - 00000000 ____D C:\ProgramData\Dropbox
      2016-05-03 08:57 - 2016-05-03 08:58 - 00690072 _____ (Dropbox, Inc.) C:\Users\Geicy\Downloads\DropboxInstaller.exe
      2016-05-02 09:45 - 2016-04-02 00:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
      2016-05-02 09:45 - 2016-04-02 00:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
      2016-05-02 09:45 - 2016-03-29 07:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
      2016-05-02 09:45 - 2016-03-29 07:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
      2016-05-02 09:45 - 2016-03-29 06:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
      2016-05-02 09:45 - 2016-03-29 06:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
      2016-05-02 09:45 - 2016-03-29 05:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
      2016-05-02 09:45 - 2016-03-29 05:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
      2016-05-02 09:45 - 2016-03-29 05:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
      2016-05-02 09:45 - 2016-03-29 05:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
      2016-05-02 09:45 - 2016-03-29 05:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
      2016-05-02 09:45 - 2016-03-29 05:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
      2016-05-02 09:45 - 2016-03-29 05:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
      2016-05-02 09:45 - 2016-03-29 04:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
      2016-05-02 09:45 - 2016-03-29 04:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
      2016-05-02 09:45 - 2016-03-29 04:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
      2016-05-02 09:45 - 2016-03-29 04:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
      2016-05-02 09:45 - 2016-03-29 04:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
      2016-05-02 09:45 - 2016-03-29 04:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
      2016-05-02 09:45 - 2016-03-29 04:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
      2016-05-02 09:45 - 2016-03-29 04:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
      2016-05-02 09:45 - 2016-03-29 04:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
      2016-05-02 09:45 - 2016-03-29 04:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
      2016-05-02 09:45 - 2016-03-29 04:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
      2016-05-02 09:45 - 2016-03-29 04:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
      2016-05-02 09:45 - 2016-03-29 04:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
      2016-05-02 09:45 - 2016-03-29 04:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
      2016-05-02 09:45 - 2016-03-29 04:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
      2016-05-02 09:45 - 2016-03-29 04:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
      2016-05-02 09:45 - 2016-03-29 04:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
      2016-05-02 09:45 - 2016-03-29 04:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
      2016-05-02 09:45 - 2016-03-29 04:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
      2016-05-02 09:45 - 2016-03-29 04:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
      2016-05-02 09:45 - 2016-03-29 04:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
      2016-05-02 09:45 - 2016-03-29 04:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
      2016-05-02 09:45 - 2016-03-29 04:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
      2016-05-02 09:45 - 2016-03-29 04:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
      2016-05-02 09:45 - 2016-03-29 04:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
      2016-05-02 09:45 - 2016-03-29 04:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
      2016-05-02 09:45 - 2016-03-29 04:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
      2016-05-02 09:45 - 2016-03-29 04:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
      2016-05-02 09:45 - 2016-03-29 04:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
      2016-05-02 09:45 - 2016-03-29 04:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
      2016-05-02 09:45 - 2016-03-29 04:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
      2016-05-02 09:45 - 2016-03-29 04:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
      2016-05-02 09:45 - 2016-03-29 03:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
      2016-05-02 09:45 - 2016-03-29 03:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
      2016-05-02 09:45 - 2016-03-29 03:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
      2016-05-02 09:45 - 2016-03-29 03:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
      2016-05-02 09:45 - 2016-03-29 03:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
      2016-05-02 09:45 - 2016-03-29 03:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
      2016-05-02 09:45 - 2016-03-29 03:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
      2016-05-02 09:45 - 2016-03-29 03:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
      2016-05-02 09:45 - 2016-03-29 03:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
      2016-05-02 09:45 - 2016-03-29 03:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
      2016-05-02 09:45 - 2016-02-24 04:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
      2016-05-02 09:45 - 2016-02-24 04:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
      2016-05-02 09:45 - 2016-02-24 04:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
      2016-05-02 09:45 - 2016-02-24 04:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
      2016-05-02 09:45 - 2016-02-24 04:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
      2016-05-02 09:45 - 2016-02-24 04:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
      2016-05-02 09:45 - 2016-02-24 04:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
      2016-05-02 09:45 - 2016-02-24 04:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
      2016-05-02 09:45 - 2016-02-24 04:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
      2016-05-02 09:45 - 2016-02-24 04:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
      2016-05-02 09:45 - 2016-02-24 04:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
      2016-05-02 09:45 - 2016-02-24 04:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
      2016-05-02 09:45 - 2016-02-24 04:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
      2016-05-02 09:45 - 2016-02-24 04:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
      2016-05-02 09:45 - 2016-02-24 04:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
      2016-05-02 09:45 - 2016-02-24 03:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
      2016-05-02 09:45 - 2016-02-24 03:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
      2016-05-02 09:45 - 2016-02-24 03:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
      2016-05-02 09:45 - 2016-02-24 03:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
      2016-05-02 09:45 - 2016-02-24 03:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
      2016-05-02 09:45 - 2016-02-24 03:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
      2016-05-02 09:45 - 2016-02-24 03:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
      2016-05-02 09:45 - 2016-02-24 03:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
      2016-05-02 09:45 - 2016-02-24 03:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
      2016-05-02 09:45 - 2016-02-24 03:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
      2016-05-02 09:45 - 2016-02-24 03:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
      2016-05-02 09:45 - 2016-02-24 03:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
      2016-05-02 09:45 - 2016-02-23 08:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
      2016-05-02 09:45 - 2016-02-23 07:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
      2016-05-02 09:45 - 2016-02-23 06:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
      2016-05-02 09:45 - 2016-02-23 06:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
      2016-05-02 09:45 - 2016-02-23 06:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
      2016-05-02 09:45 - 2016-02-23 06:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
      2016-05-02 09:45 - 2016-02-23 05:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
      2016-05-02 09:45 - 2016-02-23 05:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
      2016-05-02 09:45 - 2016-02-23 05:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
      2016-05-02 09:45 - 2016-02-23 05:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
      2016-05-02 09:45 - 2016-02-23 05:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
      2016-05-02 09:45 - 2016-02-23 05:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
      2016-05-02 09:45 - 2016-02-23 04:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
      2016-05-02 09:45 - 2016-02-23 04:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
      2016-05-02 09:45 - 2016-02-09 00:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
      2016-05-02 09:45 - 2016-02-09 00:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
      2016-05-02 09:44 - 2016-04-02 01:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
      2016-05-02 09:44 - 2016-04-02 01:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
      2016-05-02 09:44 - 2016-04-02 01:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
      2016-05-02 09:44 - 2016-04-02 00:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
      2016-05-02 09:44 - 2016-03-29 07:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
      2016-05-02 09:44 - 2016-03-29 07:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
      2016-05-02 09:44 - 2016-03-29 07:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
      2016-05-02 09:44 - 2016-03-29 07:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
      2016-05-02 09:44 - 2016-03-29 07:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
      2016-05-02 09:44 - 2016-03-29 07:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
      2016-05-02 09:44 - 2016-03-29 07:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
      2016-05-02 09:44 - 2016-03-29 07:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
      2016-05-02 09:44 - 2016-03-29 06:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
      2016-05-02 09:44 - 2016-03-29 06:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
      2016-05-02 09:44 - 2016-03-29 06:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
      2016-05-02 09:44 - 2016-03-29 06:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
      2016-05-02 09:44 - 2016-03-29 06:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
      2016-05-02 09:44 - 2016-03-29 06:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
      2016-05-02 09:44 - 2016-03-29 06:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
      2016-05-02 09:44 - 2016-03-29 06:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
      2016-05-02 09:44 - 2016-03-29 06:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
      2016-05-02 09:44 - 2016-03-29 06:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
      2016-05-02 09:44 - 2016-03-29 05:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
      2016-05-02 09:44 - 2016-03-29 05:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
      2016-05-02 09:44 - 2016-03-29 05:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
      2016-05-02 09:44 - 2016-03-29 05:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
      2016-05-02 09:44 - 2016-03-29 05:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
      2016-05-02 09:44 - 2016-03-29 05:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
      2016-05-02 09:44 - 2016-03-29 05:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
      2016-05-02 09:44 - 2016-03-29 05:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
      2016-05-02 09:44 - 2016-03-29 04:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
      2016-05-02 09:44 - 2016-03-29 04:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
      2016-05-02 09:44 - 2016-03-29 04:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
      2016-05-02 09:44 - 2016-03-29 04:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
      2016-05-02 09:44 - 2016-03-29 04:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
      2016-05-02 09:44 - 2016-03-29 04:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
      2016-05-02 09:44 - 2016-03-29 04:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
      2016-05-02 09:44 - 2016-03-29 04:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
      2016-05-02 09:44 - 2016-03-29 04:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
      2016-05-02 09:44 - 2016-03-29 04:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
      2016-05-02 09:44 - 2016-03-29 04:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
      2016-05-02 09:44 - 2016-03-29 04:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
      2016-05-02 09:44 - 2016-03-29 04:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
      2016-05-02 09:44 - 2016-03-29 04:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
      2016-05-02 09:44 - 2016-03-29 04:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
      2016-05-02 09:44 - 2016-03-29 04:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
      2016-05-02 09:44 - 2016-03-29 04:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
      2016-05-02 09:44 - 2016-03-29 04:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
      2016-05-02 09:44 - 2016-03-29 04:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
      2016-05-02 09:44 - 2016-03-29 04:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
      2016-05-02 09:44 - 2016-03-29 04:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
      2016-05-02 09:44 - 2016-03-29 04:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
      2016-05-02 09:44 - 2016-03-29 04:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
      2016-05-02 09:44 - 2016-03-29 04:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
      2016-05-02 09:44 - 2016-03-29 04:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
      2016-05-02 09:44 - 2016-03-29 04:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
      2016-05-02 09:44 - 2016-03-29 04:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
      2016-05-02 09:44 - 2016-03-29 04:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
      2016-05-02 09:44 - 2016-03-29 04:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
      2016-05-02 09:44 - 2016-03-29 03:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
      2016-05-02 09:44 - 2016-03-29 03:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
      2016-05-02 09:44 - 2016-03-29 03:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
      2016-05-02 09:44 - 2016-03-29 03:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
      2016-05-02 09:44 - 2016-03-29 03:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
      2016-05-02 09:44 - 2016-03-29 03:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
      2016-05-02 09:44 - 2016-03-29 03:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
      2016-05-02 09:44 - 2016-03-29 03:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
      2016-05-02 09:44 - 2016-03-29 03:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
      2016-05-02 09:44 - 2016-03-29 03:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
      2016-05-02 09:44 - 2016-03-29 03:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
      2016-05-02 09:44 - 2016-03-29 03:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
      2016-05-02 09:44 - 2016-03-29 03:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
      2016-05-02 09:44 - 2016-03-29 03:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
      2016-05-02 09:44 - 2016-03-29 03:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
      2016-05-02 09:44 - 2016-03-29 03:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
      2016-05-02 09:44 - 2016-03-29 03:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
      2016-05-02 09:44 - 2016-03-29 03:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
      2016-05-02 09:44 - 2016-03-29 02:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
      2016-05-02 09:44 - 2016-03-29 02:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
      2016-05-02 09:44 - 2016-03-29 02:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
      2016-05-02 09:44 - 2016-03-29 02:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
      2016-05-02 09:44 - 2016-03-29 02:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
      2016-05-02 09:44 - 2016-03-29 02:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
      2016-05-02 09:44 - 2016-03-29 02:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
      2016-05-02 09:44 - 2016-03-29 02:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
      2016-05-02 09:44 - 2016-03-29 02:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
      2016-05-02 09:44 - 2016-03-29 02:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
      2016-05-02 09:44 - 2016-03-29 02:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
      2016-05-02 09:44 - 2016-03-29 02:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
      2016-05-02 09:44 - 2016-03-01 02:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
      2016-05-02 09:44 - 2016-03-01 02:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
      2016-05-02 09:44 - 2016-02-24 06:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
      2016-05-02 09:44 - 2016-02-24 06:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
      2016-05-02 09:44 - 2016-02-24 05:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
      2016-05-02 09:44 - 2016-02-24 05:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
      2016-05-02 09:44 - 2016-02-24 05:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
      2016-05-02 09:44 - 2016-02-24 05:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
      2016-05-02 09:44 - 2016-02-24 05:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
      2016-05-02 09:44 - 2016-02-24 05:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
      2016-05-02 09:44 - 2016-02-24 05:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
      2016-05-02 09:44 - 2016-02-24 04:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
      2016-05-02 09:44 - 2016-02-24 04:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
      2016-05-02 09:44 - 2016-02-24 04:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
      2016-05-02 09:44 - 2016-02-24 04:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
      2016-05-02 09:44 - 2016-02-24 04:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
      2016-05-02 09:44 - 2016-02-24 04:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
      2016-05-02 09:44 - 2016-02-24 04:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
      2016-05-02 09:44 - 2016-02-24 04:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
      2016-05-02 09:44 - 2016-02-24 04:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
      2016-05-02 09:44 - 2016-02-24 04:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
      2016-05-02 09:44 - 2016-02-24 04:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
      2016-05-02 09:44 - 2016-02-24 04:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
      2016-05-02 09:44 - 2016-02-24 04:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
      2016-05-02 09:44 - 2016-02-24 03:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
      2016-05-02 09:44 - 2016-02-24 03:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
      2016-05-02 09:44 - 2016-02-24 03:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
      2016-05-02 09:44 - 2016-02-24 03:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
      2016-05-02 09:44 - 2016-02-24 03:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
      2016-05-02 09:44 - 2016-02-24 03:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
      2016-05-02 09:44 - 2016-02-24 03:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
      2016-05-02 09:44 - 2016-02-24 03:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
      2016-05-02 09:44 - 2016-02-24 03:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
      2016-05-02 09:44 - 2016-02-24 03:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
      2016-05-02 09:44 - 2016-02-24 03:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
      2016-05-02 09:44 - 2016-02-24 03:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
      2016-05-02 09:44 - 2016-02-24 03:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
      2016-05-02 09:44 - 2016-02-24 03:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
      2016-05-02 09:44 - 2016-02-24 03:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
      2016-05-02 09:44 - 2016-02-24 03:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
      2016-05-02 09:44 - 2016-02-24 03:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
      2016-05-02 09:44 - 2016-02-24 03:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
      2016-05-02 09:44 - 2016-02-24 03:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
      2016-05-02 09:44 - 2016-02-24 03:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
      2016-05-02 09:44 - 2016-02-24 03:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
      2016-05-02 09:44 - 2016-02-24 03:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
      2016-05-02 09:44 - 2016-02-24 03:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
      2016-05-02 09:44 - 2016-02-24 03:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
      2016-05-02 09:44 - 2016-02-24 03:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
      2016-05-02 09:44 - 2016-02-24 03:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
      2016-05-02 09:44 - 2016-02-24 03:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
      2016-05-02 09:44 - 2016-02-24 03:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
      2016-05-02 09:44 - 2016-02-24 03:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
      2016-05-02 09:44 - 2016-02-24 03:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
      2016-05-02 09:44 - 2016-02-24 02:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
      2016-05-02 09:44 - 2016-02-24 02:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
      2016-05-02 09:44 - 2016-02-23 07:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
      2016-05-02 09:44 - 2016-02-23 07:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
      2016-05-02 09:44 - 2016-02-23 07:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
      2016-05-02 09:44 - 2016-02-23 06:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
      2016-05-02 09:44 - 2016-02-23 06:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
      2016-05-02 09:44 - 2016-02-23 06:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
      2016-05-02 09:44 - 2016-02-23 06:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
      2016-05-02 09:44 - 2016-02-23 06:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
      2016-05-02 09:44 - 2016-02-23 06:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
      2016-05-02 09:44 - 2016-02-23 06:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
      2016-05-02 09:44 - 2016-02-23 06:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
      2016-05-02 09:44 - 2016-02-23 05:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
      2016-05-02 09:44 - 2016-02-23 05:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
      2016-05-02 09:44 - 2016-02-23 05:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
      2016-05-02 09:44 - 2016-02-23 05:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
      2016-05-02 09:44 - 2016-02-23 05:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
      2016-05-02 09:44 - 2016-02-23 05:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
      2016-05-02 09:44 - 2016-02-23 05:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
      2016-05-02 09:44 - 2016-02-23 05:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
      2016-05-02 09:44 - 2016-02-23 05:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
      2016-05-02 09:44 - 2016-02-23 05:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
      2016-05-02 09:44 - 2016-02-23 05:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
      2016-05-02 09:44 - 2016-02-23 05:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
      2016-05-02 09:44 - 2016-02-23 05:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
      2016-05-02 09:44 - 2016-02-23 05:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
      2016-05-02 09:44 - 2016-02-23 05:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
      2016-05-02 09:44 - 2016-02-23 05:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
      2016-05-02 09:44 - 2016-02-23 05:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
      2016-05-02 09:44 - 2016-02-23 05:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
      2016-05-02 09:44 - 2016-02-23 04:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
      2016-05-02 09:44 - 2016-02-23 04:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
      2016-05-02 09:44 - 2016-02-23 04:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
      2016-05-02 09:44 - 2016-02-23 04:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
      2016-05-02 09:44 - 2016-02-23 04:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
      2016-05-02 09:44 - 2016-02-23 04:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
      2016-05-02 09:44 - 2016-02-23 04:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
      2016-05-02 09:44 - 2016-02-23 04:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
      2016-05-02 09:43 - 2016-03-29 07:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
      2016-05-02 09:43 - 2016-03-29 07:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
      2016-05-02 09:43 - 2016-03-29 06:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
      2016-05-02 09:43 - 2016-03-29 05:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
      2016-05-02 09:43 - 2016-03-29 04:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
      2016-05-02 09:43 - 2016-03-29 04:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
      2016-05-02 09:43 - 2016-03-29 04:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
      2016-05-02 09:43 - 2016-03-29 04:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
      2016-05-02 09:43 - 2016-03-29 04:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
      2016-05-02 09:43 - 2016-03-29 03:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
      2016-05-02 09:43 - 2016-03-29 03:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
      2016-05-02 09:43 - 2016-03-29 03:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
      2016-05-02 09:43 - 2016-03-29 03:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
      2016-05-02 09:43 - 2016-03-29 03:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
      2016-05-02 09:43 - 2016-03-29 03:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
      2016-05-02 09:43 - 2016-03-29 03:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
      2016-05-02 09:43 - 2016-03-29 03:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
      2016-05-02 09:43 - 2016-03-29 03:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
      2016-05-02 09:43 - 2016-03-29 03:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
      2016-05-02 09:43 - 2016-03-29 03:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
      2016-05-02 09:43 - 2016-03-29 03:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
      2016-05-02 09:43 - 2016-03-29 03:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
      2016-05-02 09:43 - 2016-03-29 02:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
      2016-05-02 09:43 - 2016-03-29 02:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
      2016-05-02 09:43 - 2016-02-24 05:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
      2016-05-02 09:43 - 2016-02-24 03:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
      2016-05-02 09:43 - 2016-02-24 03:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
      2016-05-02 09:43 - 2016-02-24 03:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
      2016-05-02 09:43 - 2016-02-24 03:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
      2016-05-02 09:43 - 2016-02-24 03:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
      2016-05-02 09:43 - 2016-02-24 03:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
      2016-05-02 09:43 - 2016-02-24 03:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
      2016-05-02 09:43 - 2016-02-24 03:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
      2016-05-02 09:43 - 2016-02-24 02:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
      2016-05-02 09:43 - 2016-02-24 02:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
      2016-05-02 09:43 - 2016-02-23 08:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
      2016-05-02 09:43 - 2016-02-23 07:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
      2016-05-02 09:43 - 2016-02-23 07:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
      2016-05-02 09:43 - 2016-02-23 07:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
      2016-05-02 09:43 - 2016-02-23 07:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
      2016-05-02 09:43 - 2016-02-23 07:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
      2016-05-02 09:43 - 2016-02-23 07:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
      2016-05-02 09:43 - 2016-02-23 07:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
      2016-05-02 09:43 - 2016-02-23 06:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
      2016-05-02 09:43 - 2016-02-23 06:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
      2016-05-02 09:43 - 2016-02-23 06:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
      2016-05-02 09:43 - 2016-02-23 06:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
      2016-05-02 09:43 - 2016-02-23 06:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
      2016-05-02 09:43 - 2016-02-23 06:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
      2016-05-02 09:43 - 2016-02-23 06:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
      2016-05-02 09:43 - 2016-02-23 05:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
      2016-05-02 09:43 - 2016-02-23 05:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
      2016-05-02 09:43 - 2016-02-23 05:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
      2016-05-02 09:43 - 2016-02-23 05:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
      2016-05-02 09:43 - 2016-02-23 05:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
      2016-05-02 09:43 - 2016-02-23 05:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
      2016-05-02 09:43 - 2016-02-23 05:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
      2016-05-02 09:43 - 2016-02-23 04:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
      2016-05-02 09:43 - 2016-02-23 04:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
      2016-05-02 09:43 - 2016-02-23 04:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
      2016-05-02 09:43 - 2016-02-23 04:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
      2016-05-02 09:43 - 2016-02-23 04:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
      2016-05-02 09:43 - 2016-02-23 04:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
      2016-05-02 09:43 - 2016-02-23 03:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
      2016-05-02 09:43 - 2016-02-23 03:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
      2016-05-02 09:43 - 2016-02-23 03:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
      2016-05-02 09:43 - 2016-02-23 03:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
      2016-05-02 09:43 - 2016-02-23 03:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
      2016-05-02 07:14 - 2016-05-02 07:14 - 00000000 ____D C:\Users\Geicy\AppData\Local\NetworkTiles
      2016-04-29 21:02 - 2016-05-05 17:51 - 00000000 ____D C:\Users\Geicy\AppData\Local\MicrosoftEdge
      2016-04-29 21:00 - 2016-04-29 21:00 - 00002395 _____ C:\Users\Geicy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2016-04-29 20:58 - 2016-04-29 20:58 - 00000000 ____D C:\Users\Geicy\AppData\Local\ActiveSync
      2016-04-29 20:57 - 2016-04-29 20:57 - 00000000 ____D C:\Users\Geicy\AppData\Local\Publishers
      2016-04-29 20:56 - 2016-05-02 07:28 - 00000000 ____D C:\Users\Geicy\AppData\Local\Comms
      2016-04-29 20:56 - 2016-04-29 20:56 - 00000020 ___SH C:\Users\Geicy\ntuser.ini
      2016-04-29 20:56 - 2016-04-29 20:56 - 00000000 ____D C:\Users\Geicy\AppData\Local\TileDataLayer
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Músicas
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Imagens
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus Vídeos
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de Aplicativos
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default\Modelos
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default\Meus Documentos
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Músicas
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Imagens
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default\Documents\Meus Vídeos
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default\Dados de Aplicativos
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default\Configurações Locais
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default\Ambiente de Rede
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default\Ambiente de Impressão
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Músicas
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Imagens
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default User\Documents\Meus Vídeos
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
      2016-04-29 20:53 - 2016-04-29 20:53 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de Aplicativos
      2016-04-29 20:52 - 2016-07-04 12:14 - 01822696 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2016-04-29 20:48 - 2016-04-29 20:48 - 00022956 _____ C:\WINDOWS\system32\emptyregdb.dat
      2016-04-29 20:42 - 2016-04-29 20:42 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
      2016-04-29 20:42 - 2016-04-29 20:42 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\Macromedia
      2016-04-29 20:42 - 2016-04-29 20:42 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
      2016-04-29 20:42 - 2016-04-29 20:42 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
      2016-04-29 20:37 - 2016-04-29 20:43 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
      2016-04-29 20:35 - 2016-05-05 21:10 - 00000000 ____D C:\Users\Geicy
      2016-04-29 20:35 - 2016-04-29 20:35 - 00000000 _SHDL C:\Users\Geicy\Modelos
      2016-04-29 20:35 - 2016-04-29 20:35 - 00000000 _SHDL C:\Users\Geicy\Meus Documentos
      2016-04-29 20:35 - 2016-04-29 20:35 - 00000000 _SHDL C:\Users\Geicy\Menu Iniciar
      2016-04-29 20:35 - 2016-04-29 20:35 - 00000000 _SHDL C:\Users\Geicy\Documents\Minhas Músicas
      2016-04-29 20:35 - 2016-04-29 20:35 - 00000000 _SHDL C:\Users\Geicy\Documents\Minhas Imagens
      2016-04-29 20:35 - 2016-04-29 20:35 - 00000000 _SHDL C:\Users\Geicy\Documents\Meus Vídeos
      2016-04-29 20:35 - 2016-04-29 20:35 - 00000000 _SHDL C:\Users\Geicy\Dados de Aplicativos
      2016-04-29 20:35 - 2016-04-29 20:35 - 00000000 _SHDL C:\Users\Geicy\Configurações Locais
      2016-04-29 20:35 - 2016-04-29 20:35 - 00000000 _SHDL C:\Users\Geicy\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
      2016-04-29 20:35 - 2016-04-29 20:35 - 00000000 _SHDL C:\Users\Geicy\AppData\Local\Histórico
      2016-04-29 20:35 - 2016-04-29 20:35 - 00000000 _SHDL C:\Users\Geicy\AppData\Local\Dados de Aplicativos
      2016-04-29 20:35 - 2016-04-29 20:35 - 00000000 _SHDL C:\Users\Geicy\Ambiente de Rede
      2016-04-29 20:35 - 2016-04-29 20:35 - 00000000 _SHDL C:\Users\Geicy\Ambiente de Impressão
      2016-04-29 20:32 - 2016-07-22 17:24 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
      2016-04-29 20:32 - 2016-04-29 20:38 - 00000000 ____D C:\Users\Todos os Usuários\Conexant
      2016-04-29 20:32 - 2016-04-29 20:38 - 00000000 ____D C:\ProgramData\Conexant
      2016-04-29 20:32 - 2016-04-29 20:37 - 00000000 ____D C:\Program Files\CONEXANT
      2016-04-29 20:32 - 2016-04-29 20:32 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
      2016-04-29 20:32 - 2016-04-29 20:32 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
      2016-04-29 20:32 - 2016-04-29 20:32 - 00000000 ____H C:\Users\Todos os Usuários\DP45977C.lfl
      2016-04-29 20:32 - 2016-04-29 20:32 - 00000000 ____H C:\ProgramData\DP45977C.lfl
      2016-04-29 20:32 - 2016-04-29 20:32 - 00000000 ____D C:\Program Files\Common Files\Atheros
      2016-04-29 20:32 - 2015-12-19 01:08 - 00103944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
      2016-04-29 20:32 - 2015-12-19 01:08 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
      2016-04-29 20:31 - 2016-04-29 20:37 - 00000000 ____D C:\Program Files\Intel
      2016-04-29 20:31 - 2016-04-29 20:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
      2016-04-29 20:31 - 2016-04-29 20:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
      2016-04-29 20:31 - 2016-04-29 20:31 - 00000000 ____D C:\Program Files\Synaptics
      2016-04-29 20:29 - 2016-05-05 22:34 - 00000000 ___DC C:\WINDOWS\Panther
      2016-04-29 20:25 - 2016-04-29 20:25 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
      2016-04-29 20:23 - 2016-04-29 20:43 - 00000000 ____D C:\Program Files (x86)\MSBuild
      2016-04-29 20:23 - 2016-04-29 20:23 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
      2016-04-29 20:23 - 2016-04-29 20:23 - 00000000 ____D C:\Program Files\Reference Assemblies
      2016-04-29 20:23 - 2016-04-29 20:23 - 00000000 ____D C:\Program Files\MSBuild
      2016-04-29 20:23 - 2016-04-29 20:23 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
      2016-04-29 20:23 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
      2016-04-29 20:23 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
      2016-04-29 20:23 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
      2016-04-29 20:22 - 2016-04-29 20:22 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
      2016-04-29 20:22 - 2016-04-29 20:22 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
      2016-04-29 20:22 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
      2016-04-29 20:22 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
      2016-04-29 20:22 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
      2016-04-29 20:08 - 2016-04-29 20:52 - 00009528 _____ C:\WINDOWS\diagwrn.xml
      2016-04-29 20:08 - 2016-04-29 20:52 - 00009528 _____ C:\WINDOWS\diagerr.xml
      2016-04-26 09:10 - 2016-04-26 09:10 - 00000000 ____D C:\Users\Geicy\AppData\Local\cache
      2016-04-25 17:36 - 2016-04-25 17:36 - 00000000 ____D C:\Users\Geicy\AppData\Local\VirtualStore
      2016-04-25 17:34 - 2016-04-25 17:08 - 00024064 _____ C:\WINDOWS\zoek-delete.exe ==================== Três Meses Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-07-22 18:01 - 2016-03-27 16:00 - 00000000 ____D C:\WINDOWS\system32\MRT
      2016-07-22 18:01 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
      2016-07-22 17:52 - 2016-03-27 16:00 - 144749672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
      2016-07-22 17:50 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
      2016-07-22 17:50 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
      2016-07-22 17:39 - 2015-08-21 14:49 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
      2016-07-22 17:24 - 2015-08-21 14:49 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
      2016-07-22 17:24 - 2015-08-21 13:14 - 00000000 __SHD C:\Users\Geicy\IntelGraphicsProfiles
      2016-07-21 16:43 - 2016-02-13 14:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2016-07-21 16:43 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
      2016-07-21 15:01 - 2015-08-21 14:47 - 00004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{250C93A8-23FA-4344-B921-D70E600FD1A6}
      2016-07-20 10:17 - 2016-03-08 10:38 - 00000000 ____D C:\Users\Geicy\Documents\AutoCAD
      2016-07-13 16:22 - 2015-11-22 15:41 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
      2016-07-13 16:21 - 2015-11-22 15:40 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2016-07-13 16:01 - 2016-02-24 15:34 - 00000000 ____D C:\AdwCleaner
      2016-07-10 10:54 - 2015-11-14 08:42 - 00000000 ____D C:\Users\Geicy\Downloads\plantas baixas
      2016-07-09 19:45 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
      2016-07-06 21:39 - 2015-09-19 10:19 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
      2016-07-04 12:14 - 2016-02-13 14:31 - 00786498 _____ C:\WINDOWS\system32\prfh0416.dat
      2016-07-04 12:14 - 2016-02-13 14:31 - 00154782 _____ C:\WINDOWS\system32\prfc0416.dat
      2016-06-27 20:54 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache ==================== Arquivos na raiz de alguns diretórios ======= 2016-04-29 20:32 - 2016-04-29 20:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Alguns arquivos em TEMP:
      ====================
      C:\Users\Geicy\AppData\Local\Temp\libeay32.dll
      C:\Users\Geicy\AppData\Local\Temp\msvcr120.dll
      C:\Users\Geicy\AppData\Local\Temp\sqlite3.dll
      C:\Users\Geicy\AppData\Local\Temp\{3D3CEC53-4033-4FDD-B612-300705C329D7}-DropboxClient_5.4.24.exe
      C:\Users\Geicy\AppData\Local\Temp\{3E97EDD8-813F-42E6-8C8D-D849CAD322B9}-DropboxClient_5.4.24.exe
      C:\Users\Geicy\AppData\Local\Temp\{7E059758-C237-4B67-BDC2-F6B0B829BE92}-DropboxClient_5.4.24.exe
      C:\Users\Geicy\AppData\Local\Temp\{9C1221FE-3ECE-4019-BE46-E1E82EB1AA8C}-DropboxClient_5.4.24.exe
      ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
      C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
      C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
      C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
      C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
      C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
      C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
      C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
      C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
      C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
      C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
      C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
      C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
      C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
      C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
      LastRegBack: 2016-06-27 17:15 ==================== Fim de FRST.txt ============================ -->