Ir para conteúdo

BABOO e KTS 2018 no YouTube Loja online do BABOO

Duendebr

Participante
  • Postagens

    157
  • Desde

  • Última visita

  1. Solicitação análise de log

    Boa noite, usei o delfix, atualizei os programas. Instalei o unchecky. Obrigado novamente.
  2. Solicitação análise de log

    Boa noite, ta normal agora. As travadas pararam. Valeu, obrigado.
  3. Solicitação análise de log

    SecurityCheck by glax24 & Severnyj v.1.4.0.47 [25.03.17] WebSite: www.safezone.cc DateLog: 12.04.2017 21:08:52 Path starting: C:\Users\Cleto\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: Cleto VersionXML: 4.08is-11.04.2017 ___________________________________________________________________________ Windows 10(6.3.14393) (x64) CoreSingleLanguage Lang: Portuguese(0416) Installation date OS: 18.09.2016 22:49:13 LicenseStatus: Windows(R), CoreSingleLanguage edition The machine is permanently activated. Boot Mode: Normal Default Browser: Microsoft Edge (C:\Windows\system32\LaunchWinApp.exe) SystemDrive: C: FS: [NTFS] Capacity: [78 Gb] Used: [66.4 Gb] Free: [11.6 Gb] ------------------------------- [ Windows ] ------------------------------- Internet Explorer 11.1066.14393.0 [+] User Account Control enabled The elevation prompt for administrators disabled ^It is recommended to enable: Win+R typing UserAccountControlSettings and Enter^ Automatically download and schedule installation Windows Update (wuauserv) - The service is running Central de Segurança (wscsvc) - The service is running Registro remoto (RemoteRegistry) - The service has stopped Descoberta SSDP (SSDPSRV) - The service is running Serviços de Área de Trabalho Remota (TermService) - The service has stopped Windows Remote Management (WS-Management) (WinRM) - The service has stopped ------------------------------ [ MS Office ] ------------------------------ Microsoft Office 2007 v.12.0.4518.1014 ---------------------------- [ Antivirus_WMI ] ---------------------------- Avast antivírus (enabled and up to date) Windows Defender (disabled) Malwarebytes (disabled and up to date) --------------------------- [ FirewallWindows ] --------------------------- Firewall do Windows (MpsSvc) - The service is running --------------------------- [ AntiSpyware_WMI ] --------------------------- Malwarebytes (disabled and up to date) Windows Defender (disabled and up to date) Avast antivírus (enabled and up to date) ---------------------- [ AntiVirusFirewallInstall ] ----------------------- Avast Free antivírus v.17.3.2291 ESET Online Scanner v3 -------------------------- [ SecurityUtilities ] -------------------------- Malwarebytes versão 3.0.6.1469 v.3.0.6.1469 --------------------------- [ OtherUtilities ] ---------------------------- 7-Zip 16.04 (x64) v.16.04 VLC media player v.2.2.4 WinRAR archiver --------------------------------- [ IM ] ---------------------------------- Skype™ 7.33 v.7.33.105 Warning! Download Update ^Optional update.^ -------------------------------- [ Java ] --------------------------------- ArcObjects SDK for the Java Platform v.10.2.3552 --------------------------- [ AppleProduction ] --------------------------- iTunes v.12.4.3.1 Warning! Download Update ^Please use Apple Software Update tool.^ --------------------------- [ AdobeProduction ] --------------------------- Adobe AIR v.21.0.0.215 Warning! Download Update Adobe Flash Player 21 NPAPI v.21.0.0.242 Warning! Download Update Adobe Reader XI (11.0.20) - Português v.11.0.20 [+] ------------------------------- [ Browser ] ------------------------------- Google Chrome v.57.0.2987.133 Mozilla Firefox 46.0.1 (x86 pt-BR) v.46.0.1 Warning! Download Update --------------------------- [ RunningProcess ] ---------------------------- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.57.0.2987.133 ------------------ [ AntivirusFirewallProcessServices ] ------------------- Avast antivírus (avast! antivírus) - The service is running C:\Program Files\AVAST Software\Avast\AvastSvc.exe v.17.3.3443.0 aswbIDSAgent (aswbIDSAgent) - The service is running C:\Program Files\AVAST Software\Avast\AvastUI.exe v.17.3.3443.0 Malwarebytes Service (MBAMService) - The service has stopped Serviço Windows Defender (WinDefend) - The service has stopped Serviço de Inspeção de Rede do Windows Defender (WdNisSvc) - The service has stopped ---------------------------- [ UnwantedApps ] ----------------------------- Unity Web Player v.5.3.4f1 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering. ----------------------------- [ End of Log ] ------------------------------
  4. Solicitação análise de log

    Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 15-03-2017 Executado por Cleto (12-04-2017 18:30:56) Run:1 Executando a partir de C:\Users\Cleto\Desktop Perfis Carregados: Cleto (Perfis Disponíveis: Cleto) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** start CreateRestorePoint: Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll [X] Winlogon\Notify\ GbPluginCef-x32: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [X] ShellExecuteHooks-x32: Sem Nome - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - -> Nenhum Arquivo ShellExecuteHooks-x32: Sem Nome - {E37CB5F0-51F5-4395-A808-5FA49E399003} - -> Nenhum Arquivo GroupPolicy: Restrição <======= ATENÇÃO SearchScopes: HKU\S-1-5-21-613852610-2115194870-4212196456-1001 -> DefaultScope {F7122743-F6EA-4694-83FE-936E138648A6} URL = BHO-x32: Sem Nome -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> Nenhum Arquivo FF HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\bb\xpi FF Extension: (GBBD Banco do Brasil) - C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2015-03-26] [não assinado] FF HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\cef\xpi => não encontrado (a) S1 gbpddfac; system32\drivers\gbpddfac64.sys [X] S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X] S3 Warsaw_PP; \??\C:\Program Files (x86)\GbPlugin\wsftprp64.sys [X] CustomCLSID: HKU\S-1-5-21-613852610-2115194870-4212196456-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-613852610-2115194870-4212196456-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia) EmptyTemp: end ***************** Ponto de Restauração criado com sucesso. HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ GbPluginBb => chave removido (a) com sucesso. HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ GbPluginCef => chave removido (a) com sucesso. HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{E37CB5F0-51F5-4395-A808-5FA49E399F83} => valor removido (a) com sucesso. HKCR\Wow6432Node\CLSID\{E37CB5F0-51F5-4395-A808-5FA49E399F83} => chave não encontrado (a). HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{E37CB5F0-51F5-4395-A808-5FA49E399003} => valor removido (a) com sucesso. HKCR\Wow6432Node\CLSID\{E37CB5F0-51F5-4395-A808-5FA49E399003} => chave não encontrado (a). C:\Windows\system32\GroupPolicy\Machine => movido com sucesso C:\Windows\system32\GroupPolicy\GPT.ini => movido com sucesso C:\Windows\SysWOW64\GroupPolicy\GPT.ini => movido com sucesso HKU\S-1-5-21-613852610-2115194870-4212196456-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A1C0E-EA6C-11D4-B1B8-444553540000} => chave removido (a) com sucesso. HKCR\Wow6432Node\CLSID\{C41A1C0E-EA6C-11D4-B1B8-444553540000} => chave não encontrado (a). HKU\S-1-5-21-613852610-2115194870-4212196456-1001\Software\Mozilla\Firefox\Extensions\\{87F8774F-B485-47E2-A755-A40A8A5E886C} => valor removido (a) com sucesso. C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\bb\xpi => movido com sucesso HKU\S-1-5-21-613852610-2115194870-4212196456-1001\Software\Mozilla\Firefox\Extensions\\{87F8774F-B485-47E2-A755-A40A8A5E886D} => valor removido (a) com sucesso. HKLM\System\CurrentControlSet\Services\gbpddfac => chave removido (a) com sucesso. gbpddfac => serviço removido (a) com sucesso. HKLM\System\CurrentControlSet\Services\GBPRCM => chave removido (a) com sucesso. GBPRCM => serviço removido (a) com sucesso. HKLM\System\CurrentControlSet\Services\Warsaw_PP => chave removido (a) com sucesso. Warsaw_PP => serviço removido (a) com sucesso. HKU\S-1-5-21-613852610-2115194870-4212196456-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000} => chave removido (a) com sucesso. HKU\S-1-5-21-613852610-2115194870-4212196456-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000} => chave removido (a) com sucesso. =========== EmptyTemp: ========== BITS transfer queue => 817565 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27465556 B Java, Flash, Steam htmlcache => 506 B Windows/system/drivers => 637059 B Edge => 6656693 B Chrome => 311761038 B Firefox => 8442473 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 0 B LocalService => 16791888 B NetworkService => 0 B Cleto => 58664586 B RecycleBin => 1108 B EmptyTemp: => 411.3 MB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 18:33:20 ====
  5. Solicitação análise de log

    Segue os logs: Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 15-03-2017 Executado por Cleto (administrador) em CLETO-PC (11-04-2017 21:44:37) Executando a partir de C:\Users\Cleto\Desktop Perfis Carregados: Cleto (Perfis Disponíveis: Cleto) Platform: Windows 10 Home Single Language Versão 1607 (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Edge) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Flexera Software LLC) C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe (Flexera Software LLC) C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe (ESRI) C:\Program Files (x86)\ArcGIS\License10.2\bin\ARCGIS.exe (Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registro (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [5052120 2016-04-08] (Realtek semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-04-16] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-04-16] (Lenovo(beijing) Limited) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-04-11] (AVAST Software) HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe [2086568 2014-03-06] (CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe [254024 2014-02-13] () HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2006-09-28] (SlySoft, Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation) HKLM-x32\...\Run: [DoroServer] => C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe [208896 2016-02-20] (the sz development) Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll [X] Winlogon\Notify\ GbPluginCef-x32: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [X] HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd) HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\Run: [Epson Stylus Photo T50] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFFL.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\MountPoints2: {06e1b01f-b823-11e6-82e1-641c6768a8ff} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\MountPoints2: {4fb16f72-042f-11e7-82f2-641c6768a8ff} - "G:\Lenovo_Suite.exe" HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\MountPoints2: {ea0115fe-f223-11e6-82eb-641c6768a8ff} - "G:\Lenovo_Suite.exe" HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" ShellExecuteHooks-x32: Sem Nome - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - -> Nenhum Arquivo ShellExecuteHooks-x32: Sem Nome - {E37CB5F0-51F5-4395-A808-5FA49E399003} - -> Nenhum Arquivo ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-11] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-11] (AVAST Software) ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\SysWOW64\AcSignIcon.dll [2006-03-05] (Autodesk) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk [2016-08-22] ShortcutTarget: AutoCAD Startup Accelerator.lnk -> C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc) GroupPolicy: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog5-x64 07 C:\Windows\system32\wlidnsp.dll [66048 2016-07-16] (Microsoft Corporation) Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [66048 2016-07-16] (Microsoft Corporation) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 191.187.32.36 191.187.32.31 Tcpip\..\Interfaces\{669c3b34-3e9e-4ad7-9a7e-98622d784563}: [DhcpNameServer] 191.187.32.36 191.187.32.31 Tcpip\..\Interfaces\{6c442597-bb9f-43b4-a644-df4903944c2f}: [DhcpNameServer] 192.168.25.1 Internet Explorer: ================== HKU\S-1-5-21-613852610-2115194870-4212196456-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?PC=LCJB HKU\S-1-5-21-613852610-2115194870-4212196456-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?PC=LCJB HKU\S-1-5-21-613852610-2115194870-4212196456-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com SearchScopes: HKU\S-1-5-21-613852610-2115194870-4212196456-1001 -> DefaultScope {F7122743-F6EA-4694-83FE-936E138648A6} URL = BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation) BHO-x32: Sem Nome -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> Nenhum Arquivo FireFox: ======== FF ProfilePath: C:\Users\Cleto\AppData\Roaming\Mozilla\Firefox\Profiles\j6d811kg.default-1462238443712 [2017-04-11] FF Extension: (Disconnect) - C:\Users\Cleto\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\2.0@disconnect.me [2015-03-14] [não assinado] FF Extension: (Disconnect Search) - C:\Users\Cleto\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\search@disconnect.me [2015-03-14] [não assinado] FF Extension: (Firefox Hotfix) - C:\Users\Cleto\AppData\Roaming\Mozilla\Firefox\Profiles\j6d811kg.default-1462238443712\Extensions\firefox-hotfix@mozilla.org.xpi [2016-12-07] FF HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\bb\xpi FF Extension: (GBBD Banco do Brasil) - C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2015-03-26] [não assinado] FF HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\cef\xpi => não encontrado (a) FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] () FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin64.dll [2014-11-03] (Skype) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin.dll [2014-11-03] (Skype) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-613852610-2115194870-4212196456-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Cleto\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-10] (Unity Technologies ApS) Chrome: ======= CHR Profile: C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default [2017-04-11] CHR Extension: (Google Docs) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-17] CHR Extension: (Google Drive) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-17] CHR Extension: (YouTube) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-17] CHR Extension: (Adblock Plus) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-25] CHR Extension: (Documentos Google off-line) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17] CHR Extension: (Botão do Google Acadêmico) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2016-03-26] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10] CHR Extension: (Hide My IP) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pekcnopmdcbjdgmpnpkndppflpldnkkp [2017-01-26] CHR Extension: (Gmail) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-17] CHR Extension: (Chrome Media Router) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-25] CHR HKU\S-1-5-21-613852610-2115194870-4212196456-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [hmobfennjmjnkdbklhcnnfbhfibedgkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [jeoacafpbcihiomhlakheieifhpjdfeo] - hxxps://clients2.google.com/service/update2/crx ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe [1452408 2014-02-13] (Flexera Software LLC) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-04-11] (AVAST Software s.r.o.) S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2015-01-19] (Autodesk) R2 avast! antivírus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-04-11] (AVAST Software) S3 Disconnect Desktop Updater; C:\Program Files (x86)\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe [358400 2015-02-27] (Disconnect) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Arquivo não assinado] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) S3 OpenVPNService; C:\Program Files (x86)\Disconnect\Disconnect Desktop\openvpn\bin\openvpnserv.exe [32568 2014-08-07] (The OpenVPN Project) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation) S3 Workflow Manager Spatial Notification Service; C:\Program Files (x86)\ArcGIS\WMX\Desktop10.2\Bin\WMXSpatialNotificationService.exe [24512 2014-03-03] (ESRI) ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [307736 2017-04-11] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-04-11] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334088 2017-04-11] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-04-11] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-04-11] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [127112 2017-04-11] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-04-11] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-04-11] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1005048 2017-04-11] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [556784 2017-04-11] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [164064 2017-04-11] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-04-11] (AVAST Software) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [Arquivo não assinado] S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [Arquivo não assinado] S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [Arquivo não assinado] S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [Arquivo não assinado] R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-04-08] (REALiX(tm)) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2016-04-08] (Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3066072 2016-04-08] (Realtek Semiconductor Corp.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) S1 gbpddfac; system32\drivers\gbpddfac64.sys [X] S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X] S3 Warsaw_PP; \??\C:\Program Files (x86)\GbPlugin\wsftprp64.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-04-11 21:44 - 2017-04-11 21:45 - 00020199 _____ C:\Users\Cleto\Desktop\FRST.txt 2017-04-11 21:44 - 2017-04-11 21:44 - 00000000 ____D C:\Users\Todos os Usuários\SWCUTemp 2017-04-11 21:44 - 2017-04-11 21:44 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-04-11 21:44 - 2017-04-11 21:44 - 00000000 ____D C:\FRST 2017-04-11 21:42 - 2017-04-11 21:44 - 02424832 _____ (Farbar) C:\Users\Cleto\Desktop\FRST64.exe 2017-04-11 14:42 - 2017-04-11 14:42 - 00399944 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-04-11 14:23 - 2017-04-11 14:24 - 00008451 _____ C:\Users\Cleto\Desktop\ZHPCleaner.txt 2017-04-11 14:07 - 2017-04-11 14:07 - 00000886 _____ C:\Users\Cleto\Desktop\ZHPCleaner.lnk 2017-04-11 14:05 - 2017-04-11 14:10 - 00000000 ____D C:\Users\Cleto\AppData\Local\ZHP 2017-04-11 14:04 - 2017-04-11 14:04 - 00000623 _____ C:\Users\Cleto\Desktop\JRT.txt 2017-04-11 13:57 - 2017-04-11 14:05 - 02760192 _____ C:\Users\Cleto\Desktop\ZHPCleaner.exe 2017-04-11 13:56 - 2017-04-11 14:01 - 01663672 _____ (Malwarebytes) C:\Users\Cleto\Desktop\JRT (1).exe 2017-04-11 13:56 - 2017-04-11 13:56 - 02760192 _____ C:\Users\Cleto\Downloads\ZHPCleaner.exe 2017-04-11 13:55 - 2017-04-11 13:55 - 01663672 _____ (Malwarebytes) C:\Users\Cleto\Downloads\JRT (1).exe 2017-04-11 13:52 - 2017-04-11 13:57 - 04089296 _____ C:\Users\Cleto\Desktop\AdwCleaner (1).exe 2017-04-11 13:50 - 2017-04-11 13:50 - 04089296 _____ C:\Users\Cleto\Downloads\AdwCleaner (1).exe 2017-04-11 02:15 - 2017-04-11 02:15 - 00106639 _____ C:\Users\Cleto\Downloads\Boleto_0271129204_01_20170401_20170401.pdf 2017-04-11 00:31 - 2017-04-11 00:31 - 00095893 _____ C:\Users\Cleto\Downloads\legendas_tv_20170410224930000000.rar 2017-04-10 20:59 - 2017-04-10 20:59 - 00000000 ____D C:\Program Files (x86)\ESET 2017-04-10 20:57 - 2017-04-10 20:59 - 02870984 _____ (ESET) C:\Users\Cleto\Desktop\esetsmartinstaller_enu.exe 2017-04-10 20:56 - 2017-04-10 20:56 - 02870984 _____ (ESET) C:\Users\Cleto\Downloads\esetsmartinstaller_enu.exe 2017-04-10 19:53 - 2017-04-10 19:53 - 00248448 _____ C:\Users\Cleto\Downloads\POP_04_Coliformes colilert.pdf 2017-04-10 19:49 - 2017-04-10 19:49 - 01946928 _____ C:\Users\Cleto\Downloads\Aplicação do Colilert.pdf 2017-04-10 19:43 - 2017-04-10 19:43 - 02801390 _____ C:\Users\Cleto\Downloads\eng_analAgua.pdf 2017-04-10 19:31 - 2017-04-10 19:31 - 00465273 _____ C:\Users\Cleto\Downloads\7542-01-colilert-18-report-port.pdf 2017-04-10 15:26 - 2017-04-10 15:26 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\513B02EC.sys 2017-04-10 14:25 - 2017-04-10 15:26 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2017-04-10 14:24 - 2017-04-10 17:40 - 00092096 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-04-10 14:24 - 2017-04-10 15:26 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2017-04-10 14:24 - 2017-04-10 15:26 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-04-10 14:24 - 2017-04-10 14:24 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-04-10 14:24 - 2017-04-10 14:24 - 00001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-04-10 14:24 - 2017-04-10 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-04-10 14:24 - 2017-04-10 14:24 - 00000000 ____D C:\Program Files\Malwarebytes 2017-04-10 14:24 - 2017-03-24 04:10 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-04-10 14:22 - 2017-04-10 14:23 - 59272008 _____ (Malwarebytes ) C:\Users\Cleto\Downloads\mb3-setup-consumer-3.0.6.1469-1096.exe 2017-04-10 12:06 - 2017-04-10 12:06 - 00002634 _____ C:\Users\Cleto\Desktop\FSS.txt 2017-04-10 12:03 - 2017-04-10 12:04 - 00000512 _____ C:\Users\Cleto\Desktop\Dump_Hdd0_DR0.mbr 2017-04-10 12:02 - 2017-04-10 12:05 - 00899584 _____ (Farbar) C:\Users\Cleto\Desktop\FSS.exe 2017-04-10 12:02 - 2017-04-10 12:03 - 00147456 _____ (Eric_71) C:\Users\Cleto\Desktop\MbrScan.exe 2017-04-10 01:03 - 2017-04-10 01:23 - 00388608 _____ (Trend Micro Inc.) C:\HijackThis.exe 2017-04-08 21:42 - 2017-04-08 21:42 - 01546394 _____ C:\Users\Cleto\Downloads\toefl_student_test_prep_planner.pdf 2017-04-08 19:38 - 2017-04-08 19:38 - 00324140 _____ C:\Users\Cleto\Downloads\edital_ppgebt_2017_-_retificado.pdf 2017-04-08 19:30 - 2017-04-08 19:30 - 12978718 _____ C:\Users\Cleto\Downloads\DISSERTAÇÃO_ContribuiçõesDiagnósticoAmbiental.pdf 2017-04-06 14:29 - 2017-04-06 14:29 - 02519958 _____ C:\Users\Cleto\Downloads\CartilhaNascentes.PDF 2017-04-06 14:19 - 2017-04-06 14:19 - 00343539 _____ C:\Users\Cleto\Downloads\Pmj2KndsTYtZAUQ_2014-4-16-16-46-29.pdf 2017-04-06 14:19 - 2017-04-06 14:19 - 00171183 _____ C:\Users\Cleto\Downloads\adote_uma_nascente[29486].pdf 2017-04-06 13:32 - 2017-04-06 13:32 - 00587916 _____ C:\Users\Cleto\Downloads\FelippeMagalhaes.pdf 2017-04-06 12:56 - 2017-04-06 12:58 - 02456483 _____ C:\Users\Cleto\Downloads\TCC_LAIS_CORREÇÃO - v2.1.pdf 2017-04-06 12:56 - 2017-04-06 12:56 - 01587948 _____ C:\Users\Cleto\Downloads\TCC Ronualdo V 8.0.pdf 2017-04-06 09:14 - 2017-04-06 09:14 - 00007142 _____ C:\Users\Cleto\Downloads\AVISO_DEPOSITO (4 17).pdf 2017-04-06 00:29 - 2017-04-06 00:29 - 04130381 _____ C:\Users\Cleto\Downloads\FlavioBarony.pdf 2017-04-06 00:10 - 2017-04-06 00:10 - 00018629 _____ C:\Users\Cleto\Downloads\5960AC7068FB8333BE8C12F3E28F43D28E98F7C1.torrent 2017-04-06 00:03 - 2017-04-06 00:03 - 00060886 _____ C:\Users\Cleto\Downloads\legendas_tv_20170405080127000000.rar 2017-04-05 23:48 - 2017-04-05 23:48 - 00088279 _____ C:\Users\Cleto\Downloads\legendas_tv_20170405160230000000.rar 2017-04-05 22:14 - 2017-04-05 22:14 - 00104645 _____ C:\Users\Cleto\Downloads\07_6_Referencias_Bibliograficas.pdf 2017-04-05 21:56 - 2017-04-05 21:56 - 00780536 _____ C:\Users\Cleto\Downloads\IFNMG.pdf 2017-04-05 20:30 - 2017-04-05 20:39 - 221024494 _____ C:\Users\Cleto\Downloads\PS2_SAS_Anti_Terror_Force_PAL.7z 2017-04-04 19:13 - 2017-04-04 19:13 - 00238436 _____ C:\Users\Cleto\Downloads\legendas_tv_20170404090518000000.rar 2017-04-02 10:11 - 2017-04-02 10:11 - 03473358 _____ C:\Users\Cleto\Downloads\MauricioTardivoR.pdf 2017-04-02 10:09 - 2017-04-02 10:09 - 00439706 _____ C:\Users\Cleto\Downloads\NBR-9.898-Coleta-de-Amostras.pdf 2017-04-01 01:11 - 2017-04-01 01:11 - 00473740 _____ C:\Users\Cleto\Downloads\Manual de Técnicas de Laboratório (1).pdf 2017-03-28 11:06 - 2017-03-28 11:10 - 01663904 _____ (Malwarebytes) C:\Users\Cleto\Downloads\JRT.exe 2017-03-28 11:03 - 2017-03-28 11:04 - 04031440 _____ C:\Users\Cleto\Downloads\AdwCleaner.exe 2017-03-28 00:58 - 2017-04-11 14:54 - 00004268 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2017-03-28 00:58 - 2017-03-28 00:58 - 00001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free antivírus.lnk 2017-03-28 00:58 - 2017-03-28 00:58 - 00001978 _____ C:\Users\Public\Desktop\Avast Free antivírus.lnk 2017-03-28 00:58 - 2017-03-28 00:58 - 00000000 ____D C:\Users\Cleto\AppData\Roaming\AVAST Software 2017-03-28 00:57 - 2017-04-11 14:42 - 01005048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-03-28 00:57 - 2017-04-11 14:42 - 00556784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-03-28 00:57 - 2017-04-11 14:42 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2017-03-28 00:57 - 2017-04-11 14:42 - 00334088 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys 2017-03-28 00:57 - 2017-04-11 14:42 - 00307736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2017-03-28 00:57 - 2017-04-11 14:42 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys 2017-03-28 00:57 - 2017-04-11 14:42 - 00164064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2017-03-28 00:57 - 2017-04-11 14:42 - 00127112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-03-28 00:57 - 2017-04-11 14:42 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-03-28 00:57 - 2017-04-11 14:42 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-03-28 00:57 - 2017-04-11 14:42 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys 2017-03-28 00:57 - 2017-04-11 14:42 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-03-28 00:55 - 2017-03-28 00:55 - 00000000 ____D C:\Program Files\AVAST Software 2017-03-28 00:46 - 2017-03-28 00:46 - 00000000 ____D C:\Users\Cleto\AppData\Roaming\Opera 2017-03-28 00:45 - 2017-03-28 00:45 - 13999904 _____ (IObit) C:\Users\Cleto\Downloads\IObit Uninstaller 6 PRO.exe 2017-03-28 00:36 - 2017-03-28 00:54 - 06656568 _____ (AVAST Software) C:\Users\Cleto\Downloads\avast_free_antivirus_setup_online.exe 2017-03-27 18:48 - 2017-03-27 18:49 - 00199683 _____ C:\Users\Cleto\Downloads\legendas_tv_20170327182912000000.rar 2017-03-27 15:32 - 2017-03-27 15:32 - 00007132 _____ C:\Users\Cleto\Downloads\AVISO_DEPOSITO (0317).pdf 2017-03-27 14:55 - 2017-03-27 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2017-03-27 14:55 - 2017-03-27 14:55 - 00000000 ____D C:\Program Files\7-Zip 2017-03-21 11:39 - 2017-03-21 11:39 - 00007164 _____ C:\Users\Cleto\Downloads\AVISO_DEPOSITO (12.pdf 2017-03-21 11:36 - 2017-03-21 11:36 - 01360855 _____ C:\Users\Cleto\Downloads\cartaz dia da agua - final.pdf 2017-03-17 23:30 - 2017-03-17 23:30 - 00112653 _____ C:\Users\Cleto\Downloads\1D282868F3524122AEB48451EB6E787E6FAFCDC4.torrent 2017-03-16 15:41 - 2017-03-16 15:41 - 02278349 _____ C:\Users\Cleto\Downloads\avaliacao%2520substitutiva%2520-%2520sistema%2520de%2520protocolo.pdf 2017-03-16 14:35 - 2017-03-16 14:35 - 02575764 _____ C:\Users\Cleto\Downloads\Cintra.pdf 2017-03-16 14:21 - 2017-03-16 14:21 - 13424152 _____ C:\Users\Cleto\Downloads\manual tecnico da vegetação brasileira liv63011.pdf 2017-03-16 13:50 - 2017-03-16 13:50 - 00007716 _____ C:\Users\Cleto\Downloads\AVISO_DEPOSITO (12).pdf 2017-03-16 13:43 - 2017-03-16 13:43 - 00394699 _____ C:\Users\Cleto\Downloads\MORAES 0100-6762-rarv-39-01-0001.pdf 2017-03-16 13:02 - 2017-03-16 13:02 - 00052294 _____ C:\Users\Cleto\Downloads\DRUMONDa15v29n4.pdf 2017-03-16 00:50 - 2017-03-16 00:50 - 00107031 _____ C:\Users\Cleto\Downloads\Boleto_0271129204_01_20170301_20170301.pdf 2017-03-16 00:46 - 2017-03-16 00:46 - 02340352 _____ C:\Users\Cleto\Downloads\Acessórios para Games - Promoção.xls 2017-03-15 18:55 - 2017-03-15 18:55 - 01809007 _____ C:\Users\Cleto\Downloads\Moura 11730-49666-1-PB.pdf 2017-03-15 18:13 - 2017-03-15 18:13 - 00154743 _____ C:\Users\Cleto\Downloads\SNUC.pdf 2017-03-15 17:54 - 2017-03-15 17:54 - 00034060 _____ C:\Users\Cleto\Downloads\res42810.pdf 2017-03-15 17:47 - 2017-03-15 17:47 - 00461571 _____ C:\Users\Cleto\Downloads\Eucalipto aspectos.pdf 2017-03-15 17:39 - 2017-03-15 17:39 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-03-15 17:39 - 2017-03-15 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-03-15 10:24 - 2017-03-15 10:24 - 00215306 _____ C:\Users\Cleto\Downloads\Diário de bordo.pdf 2017-03-15 05:06 - 2017-03-04 04:57 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2017-03-15 05:06 - 2017-03-04 04:57 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2017-03-15 05:06 - 2017-03-04 04:40 - 00965472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll 2017-03-15 05:06 - 2017-03-04 04:24 - 00090976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys 2017-03-15 05:06 - 2017-03-04 04:09 - 02206496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2017-03-15 05:06 - 2017-03-04 04:09 - 01969912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll 2017-03-15 05:06 - 2017-03-04 04:09 - 00497416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2017-03-15 05:06 - 2017-03-04 04:08 - 00130912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys 2017-03-15 05:06 - 2017-03-04 04:07 - 00557400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2017-03-15 05:06 - 2017-03-04 04:04 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll 2017-03-15 05:06 - 2017-03-04 04:02 - 00184416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL 2017-03-15 05:06 - 2017-03-04 03:56 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll 2017-03-15 05:06 - 2017-03-04 03:56 - 00248992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll 2017-03-15 05:06 - 2017-03-04 03:54 - 02277288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2017-03-15 05:06 - 2017-03-04 03:54 - 00524776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2017-03-15 05:06 - 2017-03-04 03:53 - 05722320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.storage.dll 2017-03-15 05:06 - 2017-03-04 03:53 - 02256080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-03-15 05:06 - 2017-03-04 03:53 - 01431232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2017-03-15 05:06 - 2017-03-04 03:53 - 00975744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll 2017-03-15 05:06 - 2017-03-04 03:53 - 00861024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll 2017-03-15 05:06 - 2017-03-04 03:53 - 00781152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe 2017-03-15 05:06 - 2017-03-04 03:53 - 00493912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2017-03-15 05:06 - 2017-03-04 03:53 - 00313568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll 2017-03-15 05:06 - 2017-03-04 03:53 - 00136032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll 2017-03-15 05:06 - 2017-03-04 03:52 - 00549088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2017-03-15 05:06 - 2017-03-04 03:52 - 00272720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2017-03-15 05:06 - 2017-03-04 03:51 - 01980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2017-03-15 05:06 - 2017-03-04 03:51 - 00576408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2017-03-15 05:06 - 2017-03-04 03:50 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 20969928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 06667528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 04023000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 01853224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 01557808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 01360456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 01344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 01277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 01202384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 01123912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 00981376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 00976184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 00952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 00640976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 00530480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 00374448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 00352760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll 2017-03-15 05:06 - 2017-03-04 03:47 - 00034088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll 2017-03-15 05:06 - 2017-03-04 03:46 - 04312248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2017-03-15 05:06 - 2017-03-04 03:46 - 00321792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe 2017-03-15 05:06 - 2017-03-04 03:45 - 00173408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll 2017-03-15 05:06 - 2017-03-04 03:45 - 00112120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll 2017-03-15 05:06 - 2017-03-04 03:42 - 01415240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll 2017-03-15 05:06 - 2017-03-04 03:42 - 01260784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2017-03-15 05:06 - 2017-03-04 03:42 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe 2017-03-15 05:06 - 2017-03-04 03:42 - 00276832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll 2017-03-15 05:06 - 2017-03-04 03:40 - 00306800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll 2017-03-15 05:06 - 2017-03-04 03:36 - 05685760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2017-03-15 05:06 - 2017-03-04 03:30 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-03-15 05:06 - 2017-03-04 03:30 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll 2017-03-15 05:06 - 2017-03-04 03:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiougc.exe 2017-03-15 05:06 - 2017-03-04 03:25 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCCSEngineShared.dll 2017-03-15 05:06 - 2017-03-04 03:24 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll 2017-03-15 05:06 - 2017-03-04 03:23 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll 2017-03-15 05:06 - 2017-03-04 03:23 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2017-03-15 05:06 - 2017-03-04 03:23 - 00291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2017-03-15 05:06 - 2017-03-04 03:23 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-03-15 05:06 - 2017-03-04 03:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll 2017-03-15 05:06 - 2017-03-04 03:22 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudBackupSettings.dll 2017-03-15 05:06 - 2017-03-04 03:21 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll 2017-03-15 05:06 - 2017-03-04 03:21 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll 2017-03-15 05:06 - 2017-03-04 03:21 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2017-03-15 05:06 - 2017-03-04 03:21 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll 2017-03-15 05:06 - 2017-03-04 03:21 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2017-03-15 05:06 - 2017-03-04 03:21 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2017-03-15 05:06 - 2017-03-04 03:20 - 13873664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2017-03-15 05:06 - 2017-03-04 03:20 - 00562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll 2017-03-15 05:06 - 2017-03-04 03:20 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll 2017-03-15 05:06 - 2017-03-04 03:20 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll 2017-03-15 05:06 - 2017-03-04 03:19 - 00714752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2017-03-15 05:06 - 2017-03-04 03:19 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll 2017-03-15 05:06 - 2017-03-04 03:19 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll 2017-03-15 05:06 - 2017-03-04 03:19 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2017-03-15 05:06 - 2017-03-04 03:19 - 00390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll 2017-03-15 05:06 - 2017-03-04 03:19 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll 2017-03-15 05:06 - 2017-03-04 03:19 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll 2017-03-15 05:06 - 2017-03-04 03:18 - 00819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll 2017-03-15 05:06 - 2017-03-04 03:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll 2017-03-15 05:06 - 2017-03-04 03:18 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2017-03-15 05:06 - 2017-03-04 03:17 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2017-03-15 05:06 - 2017-03-04 03:16 - 01456640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2017-03-15 05:06 - 2017-03-04 03:16 - 00858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll 2017-03-15 05:06 - 2017-03-04 03:16 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll 2017-03-15 05:06 - 2017-03-04 03:16 - 00762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll 2017-03-15 05:06 - 2017-03-04 03:16 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2017-03-15 05:06 - 2017-03-04 03:16 - 00636928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2017-03-15 05:06 - 2017-03-04 03:16 - 00500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll 2017-03-15 05:06 - 2017-03-04 03:15 - 01543680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe 2017-03-15 05:06 - 2017-03-04 03:15 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-03-15 05:06 - 2017-03-04 03:14 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll 2017-03-15 05:06 - 2017-03-04 03:13 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2017-03-15 05:06 - 2017-03-04 03:13 - 04613120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2017-03-15 05:06 - 2017-03-04 03:13 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2017-03-15 05:06 - 2017-03-04 03:13 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll 2017-03-15 05:06 - 2017-03-04 03:13 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll 2017-03-15 05:06 - 2017-03-04 03:13 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll 2017-03-15 05:06 - 2017-03-04 03:13 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll 2017-03-15 05:06 - 2017-03-04 03:12 - 00901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll 2017-03-15 05:06 - 2017-03-04 03:12 - 00884224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-03-15 05:06 - 2017-03-04 03:12 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll 2017-03-15 05:06 - 2017-03-04 03:11 - 01323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll 2017-03-15 05:06 - 2017-03-04 03:11 - 01320448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2017-03-15 05:06 - 2017-03-04 03:11 - 01137152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll 2017-03-15 05:06 - 2017-03-04 03:11 - 00355328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll 2017-03-15 05:06 - 2017-03-04 03:10 - 03307008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2017-03-15 05:06 - 2017-03-04 03:10 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll 2017-03-15 05:06 - 2017-03-04 03:09 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll 2017-03-15 05:06 - 2017-03-04 03:09 - 00570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll 2017-03-15 05:06 - 2017-03-04 03:09 - 00343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll 2017-03-15 05:06 - 2017-03-04 03:08 - 00713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll 2017-03-15 05:06 - 2017-03-04 03:07 - 02748928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll 2017-03-15 05:06 - 2017-03-04 03:07 - 02643456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2017-03-15 05:06 - 2017-03-04 03:07 - 00895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2017-03-15 05:06 - 2017-03-04 03:06 - 06109184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll 2017-03-15 05:06 - 2017-03-04 03:06 - 05380608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll 2017-03-15 05:06 - 2017-03-04 03:06 - 03198464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll 2017-03-15 05:06 - 2017-03-04 03:06 - 02153984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll 2017-03-15 05:06 - 2017-03-04 03:05 - 07468544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2017-03-15 05:06 - 2017-03-04 03:05 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll 2017-03-15 05:06 - 2017-03-04 03:05 - 00545792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll 2017-03-15 05:06 - 2017-03-04 03:05 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll 2017-03-15 05:06 - 2017-03-04 03:04 - 00753152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll 2017-03-15 05:06 - 2017-03-04 03:04 - 00719872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_sr.dll 2017-03-15 05:06 - 2017-03-04 03:04 - 00640000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll 2017-03-15 05:06 - 2017-03-04 03:03 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll 2017-03-15 05:06 - 2017-03-04 03:03 - 02109952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll 2017-03-15 05:06 - 2017-03-04 03:02 - 04423680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2017-03-15 05:06 - 2017-03-04 03:02 - 02740224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2017-03-15 05:06 - 2017-03-04 03:02 - 02484736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll 2017-03-15 05:06 - 2017-03-04 03:02 - 02138112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll 2017-03-15 05:06 - 2017-03-04 03:02 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll 2017-03-15 05:06 - 2017-03-04 03:02 - 01004544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll 2017-03-15 05:06 - 2017-03-04 03:01 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll 2017-03-15 05:06 - 2017-03-04 03:01 - 01993216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2017-03-15 05:06 - 2017-03-04 03:01 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2017-03-15 05:06 - 2017-03-04 03:01 - 01656320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll 2017-03-15 05:06 - 2017-03-04 03:01 - 01595904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-03-15 05:06 - 2017-03-04 03:01 - 01571840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2017-03-15 05:06 - 2017-03-04 03:01 - 01564160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2017-03-15 05:06 - 2017-03-04 03:01 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2017-03-15 05:06 - 2017-03-04 03:01 - 01293312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe 2017-03-15 05:06 - 2017-03-04 03:01 - 01232384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-03-15 05:06 - 2017-03-04 03:01 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll 2017-03-15 05:06 - 2017-03-04 03:01 - 00827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2017-03-15 05:06 - 2017-03-04 03:01 - 00773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2017-03-15 05:06 - 2017-03-04 03:01 - 00620544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll 2017-03-15 05:06 - 2017-03-04 03:01 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll 2017-03-15 05:06 - 2017-03-04 03:01 - 00422400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll 2017-03-15 05:06 - 2017-03-04 03:00 - 04557824 _____ (Microsoft) C:\Windows\SysWOW64\dbgeng.dll 2017-03-15 05:06 - 2017-03-04 03:00 - 02996736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys 2017-03-15 05:06 - 2017-03-04 03:00 - 02483200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-03-15 05:06 - 2017-03-04 03:00 - 02003968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2017-03-15 05:06 - 2017-03-04 03:00 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll 2017-03-15 05:06 - 2017-03-04 03:00 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-03-15 05:06 - 2017-03-04 03:00 - 00862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2017-03-15 05:06 - 2017-03-04 03:00 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2017-03-15 05:06 - 2017-03-04 03:00 - 00751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2017-03-15 05:06 - 2017-03-04 03:00 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll 2017-03-15 05:06 - 2017-03-04 03:00 - 00691200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll 2017-03-15 05:06 - 2017-03-04 03:00 - 00654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll 2017-03-15 05:06 - 2017-03-04 03:00 - 00598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll 2017-03-15 05:06 - 2017-03-04 03:00 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll 2017-03-15 05:06 - 2017-03-04 02:59 - 00353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll 2017-03-15 05:06 - 2017-03-04 02:57 - 03106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2017-03-15 05:06 - 2017-03-04 02:57 - 00449024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll 2017-03-15 05:05 - 2017-03-04 04:24 - 02482280 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2017-03-15 05:05 - 2017-03-04 04:22 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2017-03-15 05:05 - 2017-03-04 04:19 - 02049480 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2017-03-15 05:05 - 2017-03-04 04:18 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2017-03-15 05:05 - 2017-03-04 04:15 - 01000280 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2017-03-15 05:05 - 2017-03-04 04:09 - 07220696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.storage.dll 2017-03-15 05:05 - 2017-03-04 04:09 - 01860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2017-03-15 05:05 - 2017-03-04 04:09 - 01293152 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll 2017-03-15 05:05 - 2017-03-04 04:09 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe 2017-03-15 05:05 - 2017-03-04 04:09 - 00527808 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll 2017-03-15 05:05 - 2017-03-04 04:06 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2017-03-15 05:05 - 2017-03-04 04:04 - 08169536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll 2017-03-15 05:05 - 2017-03-04 04:04 - 01362512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll 2017-03-15 05:05 - 2017-03-04 04:03 - 22223968 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2017-03-15 05:05 - 2017-03-04 04:03 - 04260576 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2017-03-15 05:05 - 2017-03-04 04:03 - 01848072 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll 2017-03-15 05:05 - 2017-03-04 04:03 - 01723560 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe 2017-03-15 05:05 - 2017-03-04 04:03 - 01702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll 2017-03-15 05:05 - 2017-03-04 04:03 - 01473048 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2017-03-15 05:05 - 2017-03-04 04:03 - 01454512 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll 2017-03-15 05:05 - 2017-03-04 04:03 - 01301112 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll 2017-03-15 05:05 - 2017-03-04 04:03 - 01071736 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll 2017-03-15 05:05 - 2017-03-04 03:57 - 02536288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2017-03-15 05:05 - 2017-03-04 03:39 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll 2017-03-15 05:05 - 2017-03-04 03:36 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll 2017-03-15 05:05 - 2017-03-04 03:34 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys 2017-03-15 05:05 - 2017-03-04 03:34 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll 2017-03-15 05:05 - 2017-03-04 03:34 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2017-03-15 05:05 - 2017-03-04 03:33 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.UI.GameBar.dll 2017-03-15 05:05 - 2017-03-04 03:32 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\WinRtTracing.dll 2017-03-15 05:05 - 2017-03-04 03:31 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll 2017-03-15 05:05 - 2017-03-04 03:31 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll 2017-03-15 05:05 - 2017-03-04 03:30 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2017-03-15 05:05 - 2017-03-04 03:30 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll 2017-03-15 05:05 - 2017-03-04 03:30 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe 2017-03-15 05:05 - 2017-03-04 03:30 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll 2017-03-15 05:05 - 2017-03-04 03:29 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2017-03-15 05:05 - 2017-03-04 03:29 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\XblGameSaveExt.dll 2017-03-15 05:05 - 2017-03-04 03:29 - 00112640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll 2017-03-15 05:05 - 2017-03-04 03:29 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfp.dll 2017-03-15 05:05 - 2017-03-04 03:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XInputUap.dll 2017-03-15 05:05 - 2017-03-04 03:29 - 00019968 _____ C:\Windows\SysWOW64\GamePanelExternalHook.dll 2017-03-15 05:05 - 2017-03-04 03:28 - 01507840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.FaceAnalysis.dll 2017-03-15 05:05 - 2017-03-04 03:28 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2017-03-15 05:05 - 2017-03-04 03:28 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll 2017-03-15 05:05 - 2017-03-04 03:28 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll 2017-03-15 05:05 - 2017-03-04 03:27 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2017-03-15 05:05 - 2017-03-04 03:27 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2017-03-15 05:05 - 2017-03-04 03:27 - 00549376 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll 2017-03-15 05:05 - 2017-03-04 03:27 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll 2017-03-15 05:05 - 2017-03-04 03:27 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2017-03-15 05:05 - 2017-03-04 03:27 - 00275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\accountaccessor.dll 2017-03-15 05:05 - 2017-03-04 03:27 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll 2017-03-15 05:05 - 2017-03-04 03:27 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll 2017-03-15 05:05 - 2017-03-04 03:27 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ddrawex.dll 2017-03-15 05:05 - 2017-03-04 03:26 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll 2017-03-15 05:05 - 2017-03-04 03:26 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2017-03-15 05:05 - 2017-03-04 03:26 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll 2017-03-15 05:05 - 2017-03-04 03:26 - 00177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll 2017-03-15 05:05 - 2017-03-04 03:26 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll 2017-03-15 05:05 - 2017-03-04 03:26 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BcastDVRHelper.dll 2017-03-15 05:05 - 2017-03-04 03:26 - 00147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll 2017-03-15 05:05 - 2017-03-04 03:26 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll 2017-03-15 05:05 - 2017-03-04 03:26 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.HostName.dll 2017-03-15 05:05 - 2017-03-04 03:26 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.UI.GameBar.dll 2017-03-15 05:05 - 2017-03-04 03:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll 2017-03-15 05:05 - 2017-03-04 03:26 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll 2017-03-15 05:05 - 2017-03-04 03:25 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll 2017-03-15 05:05 - 2017-03-04 03:25 - 00255488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp 2017-03-15 05:05 - 2017-03-04 03:25 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscandui.dll 2017-03-15 05:05 - 2017-03-04 03:25 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll 2017-03-15 05:05 - 2017-03-04 03:25 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll 2017-03-15 05:05 - 2017-03-04 03:25 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2017-03-15 05:05 - 2017-03-04 03:25 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinRtTracing.dll 2017-03-15 05:05 - 2017-03-04 03:25 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BrowserSettingSync.dll 2017-03-15 05:05 - 2017-03-04 03:25 - 00097792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.SystemManagement.dll 2017-03-15 05:05 - 2017-03-04 03:25 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll 2017-03-15 05:05 - 2017-03-04 03:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll 2017-03-15 05:05 - 2017-03-04 03:24 - 01293312 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll 2017-03-15 05:05 - 2017-03-04 03:24 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll 2017-03-15 05:05 - 2017-03-04 03:24 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll 2017-03-15 05:05 - 2017-03-04 03:24 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SerialCommunication.dll 2017-03-15 05:05 - 2017-03-04 03:24 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfui.dll 2017-03-15 05:05 - 2017-03-04 03:24 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.Ngc.dll 2017-03-15 05:05 - 2017-03-04 03:24 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-03-15 05:05 - 2017-03-04 03:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe 2017-03-15 05:05 - 2017-03-04 03:23 - 00963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll 2017-03-15 05:05 - 2017-03-04 03:23 - 00531456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll 2017-03-15 05:05 - 2017-03-04 03:23 - 00506368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe 2017-03-15 05:05 - 2017-03-04 03:23 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll 2017-03-15 05:05 - 2017-03-04 03:23 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DavSyncProvider.dll 2017-03-15 05:05 - 2017-03-04 03:23 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll 2017-03-15 05:05 - 2017-03-04 03:23 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll 2017-03-15 05:05 - 2017-03-04 03:22 - 01299968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll 2017-03-15 05:05 - 2017-03-04 03:22 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll 2017-03-15 05:05 - 2017-03-04 03:22 - 00265728 _____ C:\Windows\SysWOW64\Windows.Perception.Stub.dll 2017-03-15 05:05 - 2017-03-04 03:22 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2017-03-15 05:05 - 2017-03-04 03:22 - 00237568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll 2017-03-15 05:05 - 2017-03-04 03:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll 2017-03-15 05:05 - 2017-03-04 03:22 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cemapi.dll 2017-03-15 05:05 - 2017-03-04 03:22 - 00183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe 2017-03-15 05:05 - 2017-03-04 03:22 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll 2017-03-15 05:05 - 2017-03-04 03:22 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll 2017-03-15 05:05 - 2017-03-04 03:21 - 06285824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2017-03-15 05:05 - 2017-03-04 03:21 - 01937920 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe 2017-03-15 05:05 - 2017-03-04 03:21 - 01243136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll 2017-03-15 05:05 - 2017-03-04 03:21 - 00631296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\main.cpl 2017-03-15 05:05 - 2017-03-04 03:21 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll 2017-03-15 05:05 - 2017-03-04 03:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapi32.dll 2017-03-15 05:05 - 2017-03-04 03:21 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2017-03-15 05:05 - 2017-03-04 03:20 - 00632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll 2017-03-15 05:05 - 2017-03-04 03:20 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll 2017-03-15 05:05 - 2017-03-04 03:20 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll 2017-03-15 05:05 - 2017-03-04 03:20 - 00424960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msutb.dll 2017-03-15 05:05 - 2017-03-04 03:20 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll 2017-03-15 05:05 - 2017-03-04 03:20 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll 2017-03-15 05:05 - 2017-03-04 03:20 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll 2017-03-15 05:05 - 2017-03-04 03:20 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll 2017-03-15 05:05 - 2017-03-04 03:20 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll 2017-03-15 05:05 - 2017-03-04 03:20 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll 2017-03-15 05:05 - 2017-03-04 03:20 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll 2017-03-15 05:05 - 2017-03-04 03:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll 2017-03-15 05:05 - 2017-03-04 03:20 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll 2017-03-15 05:05 - 2017-03-04 03:19 - 03777536 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2017-03-15 05:05 - 2017-03-04 03:19 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll 2017-03-15 05:05 - 2017-03-04 03:19 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll 2017-03-15 05:05 - 2017-03-04 03:18 - 01231360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcnwiz.dll 2017-03-15 05:05 - 2017-03-04 03:18 - 00896512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll 2017-03-15 05:05 - 2017-03-04 03:18 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll 2017-03-15 05:05 - 2017-03-04 03:18 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll 2017-03-15 05:05 - 2017-03-04 03:18 - 00548352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ddraw.dll 2017-03-15 05:05 - 2017-03-04 03:18 - 00525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll 2017-03-15 05:05 - 2017-03-04 03:18 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll 2017-03-15 05:05 - 2017-03-04 03:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll 2017-03-15 05:05 - 2017-03-04 03:18 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2017-03-15 05:05 - 2017-03-04 03:18 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll 2017-03-15 05:05 - 2017-03-04 03:17 - 07812096 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll 2017-03-15 05:05 - 2017-03-04 03:17 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll 2017-03-15 05:05 - 2017-03-04 03:17 - 00529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2017-03-15 05:05 - 2017-03-04 03:17 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll 2017-03-15 05:05 - 2017-03-04 03:16 - 13441536 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2017-03-15 05:05 - 2017-03-04 03:16 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll 2017-03-15 05:05 - 2017-03-04 03:16 - 00968704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll 2017-03-15 05:05 - 2017-03-04 03:16 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll 2017-03-15 05:05 - 2017-03-04 03:16 - 00816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll 2017-03-15 05:05 - 2017-03-04 03:16 - 00760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl 2017-03-15 05:05 - 2017-03-04 03:16 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2017-03-15 05:05 - 2017-03-04 03:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll 2017-03-15 05:05 - 2017-03-04 03:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll 2017-03-15 05:05 - 2017-03-04 03:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2017-03-15 05:05 - 2017-03-04 03:16 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll 2017-03-15 05:05 - 2017-03-04 03:15 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2017-03-15 05:05 - 2017-03-04 03:15 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll 2017-03-15 05:05 - 2017-03-04 03:15 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll 2017-03-15 05:05 - 2017-03-04 03:14 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2017-03-15 05:05 - 2017-03-04 03:13 - 06474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe 2017-03-15 05:05 - 2017-03-04 03:13 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll 2017-03-15 05:05 - 2017-03-04 03:13 - 02458112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll 2017-03-15 05:05 - 2017-03-04 03:13 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll 2017-03-15 05:05 - 2017-03-04 03:13 - 00256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll 2017-03-15 05:05 - 2017-03-04 03:12 - 07654912 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll 2017-03-15 05:05 - 2017-03-04 03:12 - 04596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe 2017-03-15 05:05 - 2017-03-04 03:12 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll 2017-03-15 05:05 - 2017-03-04 03:12 - 00700416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Search.dll 2017-03-15 05:05 - 2017-03-04 03:12 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll 2017-03-15 05:05 - 2017-03-04 03:11 - 03441664 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll 2017-03-15 05:05 - 2017-03-04 03:11 - 02953216 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll 2017-03-15 05:05 - 2017-03-04 03:11 - 01357312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll 2017-03-15 05:05 - 2017-03-04 03:10 - 02852864 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll 2017-03-15 05:05 - 2017-03-04 03:10 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe 2017-03-15 05:05 - 2017-03-04 03:10 - 01282048 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2017-03-15 05:05 - 2017-03-04 03:10 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll 2017-03-15 05:05 - 2017-03-04 03:10 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll 2017-03-15 05:05 - 2017-03-04 03:10 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll 2017-03-15 05:05 - 2017-03-04 03:10 - 00471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2017-03-15 05:05 - 2017-03-04 03:10 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regedit.exe 2017-03-15 05:05 - 2017-03-04 03:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll 2017-03-15 05:05 - 2017-03-04 03:09 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2017-03-15 05:05 - 2017-03-04 03:09 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll 2017-03-15 05:05 - 2017-03-04 03:09 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll 2017-03-15 05:05 - 2017-03-04 03:09 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ProximityCommon.dll 2017-03-15 05:05 - 2017-03-04 03:08 - 12349952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2017-03-15 05:05 - 2017-03-04 03:08 - 08076288 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2017-03-15 05:05 - 2017-03-04 03:08 - 03405312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2017-03-15 05:05 - 2017-03-04 03:08 - 02424320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll 2017-03-15 05:05 - 2017-03-04 03:08 - 01981440 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2017-03-15 05:05 - 2017-03-04 03:08 - 01266176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll 2017-03-15 05:05 - 2017-03-04 03:08 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2017-03-15 05:05 - 2017-03-04 03:07 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2017-03-15 05:05 - 2017-03-04 03:07 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll 2017-03-15 05:05 - 2017-03-04 03:07 - 00903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2017-03-15 05:05 - 2017-03-04 03:07 - 00545280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll 2017-03-15 05:05 - 2017-03-04 03:07 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll 2017-03-15 05:05 - 2017-03-04 03:06 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2017-03-15 05:05 - 2017-03-04 03:06 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll 2017-03-15 05:05 - 2017-03-04 03:06 - 01369088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll 2017-03-15 05:05 - 2017-03-04 03:06 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2017-03-15 05:05 - 2017-03-04 03:06 - 01013760 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll 2017-03-15 05:05 - 2017-03-04 03:06 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll 2017-03-15 05:05 - 2017-03-04 03:06 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2017-03-15 05:05 - 2017-03-04 03:05 - 03520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe 2017-03-15 05:05 - 2017-03-04 03:05 - 01133568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll 2017-03-15 05:05 - 2017-03-04 03:05 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll 2017-03-15 05:05 - 2017-03-04 03:05 - 00134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll 2017-03-15 05:05 - 2017-03-04 03:05 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CameraCaptureUI.dll 2017-03-15 05:05 - 2017-03-04 03:04 - 01826816 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2017-03-15 05:05 - 2017-03-04 03:04 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll 2017-03-15 05:05 - 2017-03-04 03:03 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2017-03-15 05:05 - 2017-03-04 03:03 - 00409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2017-03-15 05:05 - 2017-03-04 03:03 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll 2017-03-15 05:05 - 2017-03-04 03:03 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxclu.dll 2017-03-15 05:05 - 2017-03-04 03:02 - 01709056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll 2017-03-15 05:05 - 2017-03-04 03:02 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVP9DEC.dll 2017-03-15 05:05 - 2017-03-04 03:02 - 00580608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll 2017-03-15 05:05 - 2017-03-04 03:01 - 02682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll 2017-03-15 05:05 - 2017-03-04 03:01 - 01154560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Pimstore.dll 2017-03-15 05:05 - 2017-03-04 03:01 - 00560640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll 2017-03-15 05:05 - 2017-03-04 03:00 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll 2017-03-15 05:05 - 2017-03-04 03:00 - 00444416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2017-03-15 05:05 - 2017-03-04 02:59 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll 2017-03-15 05:05 - 2017-03-04 02:57 - 00783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2017-03-15 05:05 - 2017-03-04 02:57 - 00299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RADCUI.dll 2017-03-15 05:05 - 2017-03-04 02:36 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll 2017-03-15 05:05 - 2017-02-21 23:17 - 00448285 _____ C:\Windows\system32\ApnDatabase.xml 2017-03-15 05:04 - 2017-03-04 04:26 - 00794416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll 2017-03-15 05:04 - 2017-03-04 04:24 - 02186896 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll 2017-03-15 05:04 - 2017-03-04 04:24 - 00108384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2017-03-15 05:04 - 2017-03-04 04:23 - 02512304 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2017-03-15 05:04 - 2017-03-04 04:22 - 07786336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-03-15 05:04 - 2017-03-04 04:18 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2017-03-15 05:04 - 2017-03-04 04:17 - 00409952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2017-03-15 05:04 - 2017-03-04 04:15 - 00063328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys 2017-03-15 05:04 - 2017-03-04 04:10 - 02828384 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2017-03-15 05:04 - 2017-03-04 04:10 - 02189664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2017-03-15 05:04 - 2017-03-04 04:10 - 00360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe 2017-03-15 05:04 - 2017-03-04 04:09 - 00396168 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll 2017-03-15 05:04 - 2017-03-04 04:04 - 01063472 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2017-03-15 05:04 - 2017-03-04 04:03 - 01989072 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2017-03-15 05:04 - 2017-03-04 04:03 - 01062480 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2017-03-15 05:04 - 2017-03-04 04:03 - 00811416 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll 2017-03-15 05:04 - 2017-03-04 04:03 - 00596040 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2017-03-15 05:04 - 2017-03-04 04:03 - 00443232 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll 2017-03-15 05:04 - 2017-03-04 04:03 - 00382272 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe 2017-03-15 05:04 - 2017-03-04 04:01 - 00137936 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe 2017-03-15 05:04 - 2017-03-04 03:57 - 00387872 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll 2017-03-15 05:04 - 2017-03-04 03:36 - 22565376 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2017-03-15 05:04 - 2017-03-04 03:36 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll 2017-03-15 05:04 - 2017-03-04 03:36 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\DuCsps.dll 2017-03-15 05:04 - 2017-03-04 03:36 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll 2017-03-15 05:04 - 2017-03-04 03:35 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll 2017-03-15 05:04 - 2017-03-04 03:35 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll 2017-03-15 05:04 - 2017-03-04 03:34 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe 2017-03-15 05:04 - 2017-03-04 03:34 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe 2017-03-15 05:04 - 2017-03-04 03:34 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll 2017-03-15 05:04 - 2017-03-04 03:33 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp 2017-03-15 05:04 - 2017-03-04 03:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe 2017-03-15 05:04 - 2017-03-04 03:32 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\ExSMime.dll 2017-03-15 05:04 - 2017-03-04 03:32 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\MCCSEngineShared.dll 2017-03-15 05:04 - 2017-03-04 03:32 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-03-15 05:04 - 2017-03-04 03:31 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll 2017-03-15 05:04 - 2017-03-04 03:31 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll 2017-03-15 05:04 - 2017-03-04 03:30 - 00535552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2017-03-15 05:04 - 2017-03-04 03:30 - 00418304 _____ C:\Windows\system32\Windows.Perception.Stub.dll 2017-03-15 05:04 - 2017-03-04 03:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll 2017-03-15 05:04 - 2017-03-04 03:30 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll 2017-03-15 05:04 - 2017-03-04 03:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2017-03-15 05:04 - 2017-03-04 03:29 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll 2017-03-15 05:04 - 2017-03-04 03:29 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\cemapi.dll 2017-03-15 05:04 - 2017-03-04 03:29 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\tapi32.dll 2017-03-15 05:04 - 2017-03-04 03:29 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll 2017-03-15 05:04 - 2017-03-04 03:29 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll 2017-03-15 05:04 - 2017-03-04 03:28 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll 2017-03-15 05:04 - 2017-03-04 03:28 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll 2017-03-15 05:04 - 2017-03-04 03:28 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll 2017-03-15 05:04 - 2017-03-04 03:27 - 00719872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys 2017-03-15 05:04 - 2017-03-04 03:27 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll 2017-03-15 05:04 - 2017-03-04 03:27 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2017-03-15 05:04 - 2017-03-04 03:27 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll 2017-03-15 05:04 - 2017-03-04 03:27 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll 2017-03-15 05:04 - 2017-03-04 03:27 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll 2017-03-15 05:04 - 2017-03-04 03:27 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll 2017-03-15 05:04 - 2017-03-04 03:26 - 00631296 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll 2017-03-15 05:04 - 2017-03-04 03:26 - 00383488 _____ (Microsoft Corporation) C:\Windows\system32\DavSyncProvider.dll 2017-03-15 05:04 - 2017-03-04 03:26 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll 2017-03-15 05:04 - 2017-03-04 03:26 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs3D.dll 2017-03-15 05:04 - 2017-03-04 03:25 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll 2017-03-15 05:04 - 2017-03-04 03:25 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll 2017-03-15 05:04 - 2017-03-04 03:25 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll 2017-03-15 05:04 - 2017-03-04 03:25 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2017-03-15 05:04 - 2017-03-04 03:25 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll 2017-03-15 05:04 - 2017-03-04 03:24 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll 2017-03-15 05:04 - 2017-03-04 03:23 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll 2017-03-15 05:04 - 2017-03-04 03:23 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll 2017-03-15 05:04 - 2017-03-04 03:23 - 00945152 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll 2017-03-15 05:04 - 2017-03-04 03:23 - 00820224 _____ (Microsoft Corporation) C:\Windows\system32\PrintRenderAPIHost.DLL 2017-03-15 05:04 - 2017-03-04 03:23 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll 2017-03-15 05:04 - 2017-03-04 03:23 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2017-03-15 05:04 - 2017-03-04 03:23 - 00330752 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll 2017-03-15 05:04 - 2017-03-04 03:21 - 00809984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Search.dll 2017-03-15 05:04 - 2017-03-04 03:20 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll 2017-03-15 05:04 - 2017-03-04 03:19 - 23676416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-03-15 05:04 - 2017-03-04 03:19 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll 2017-03-15 05:04 - 2017-03-04 03:19 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll 2017-03-15 05:04 - 2017-03-04 03:19 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2017-03-15 05:04 - 2017-03-04 03:18 - 17198592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2017-03-15 05:04 - 2017-03-04 03:18 - 01762816 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll 2017-03-15 05:04 - 2017-03-04 03:18 - 01189376 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll 2017-03-15 05:04 - 2017-03-04 03:18 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe 2017-03-15 05:04 - 2017-03-04 03:16 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll 2017-03-15 05:04 - 2017-03-04 03:16 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll 2017-03-15 05:04 - 2017-03-04 03:16 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll 2017-03-15 05:04 - 2017-03-04 03:15 - 18362368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2017-03-15 05:04 - 2017-03-04 03:13 - 19411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-03-15 05:04 - 2017-03-04 03:13 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll 2017-03-15 05:04 - 2017-03-04 03:13 - 00858112 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll 2017-03-15 05:04 - 2017-03-04 03:13 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\sdshext.dll 2017-03-15 05:04 - 2017-03-04 03:12 - 13085184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-03-15 05:04 - 2017-03-04 03:12 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll 2017-03-15 05:04 - 2017-03-04 03:12 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll 2017-03-15 05:04 - 2017-03-04 03:11 - 01891328 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll 2017-03-15 05:04 - 2017-03-04 03:10 - 01917440 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll 2017-03-15 05:04 - 2017-03-04 03:10 - 01536000 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll 2017-03-15 05:04 - 2017-03-04 03:10 - 01399296 _____ (Microsoft Corporation) C:\Windows\system32\Pimstore.dll 2017-03-15 05:04 - 2017-03-04 03:09 - 08125952 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2017-03-15 05:04 - 2017-03-04 03:09 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll 2017-03-15 05:04 - 2017-03-04 03:08 - 02800128 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll 2017-03-15 05:04 - 2017-03-04 03:08 - 01780224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-03-15 05:04 - 2017-03-04 03:08 - 00792576 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2017-03-15 05:04 - 2017-03-04 03:07 - 12178944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-03-15 05:04 - 2017-03-04 03:07 - 02895872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-03-15 05:04 - 2017-03-04 03:07 - 02370048 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2017-03-15 05:04 - 2017-03-04 03:07 - 01512448 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll 2017-03-15 05:04 - 2017-03-04 03:06 - 04746752 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-03-15 05:04 - 2017-03-04 03:06 - 02820096 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll 2017-03-15 05:04 - 2017-03-04 03:06 - 02475008 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2017-03-15 05:04 - 2017-03-04 03:06 - 02287104 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2017-03-15 05:04 - 2017-03-04 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2017-03-15 05:04 - 2017-03-04 03:04 - 00998912 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2017-03-15 05:04 - 2017-03-04 03:04 - 00531456 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll 2017-03-15 05:04 - 2017-03-04 03:04 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\RADCUI.dll 2017-03-15 05:04 - 2017-03-04 03:03 - 03666432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-03-15 05:04 - 2017-03-04 03:01 - 01493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll 2017-03-15 05:03 - 2017-03-04 04:27 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll 2017-03-15 05:03 - 2017-03-04 04:24 - 00646688 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2017-03-15 05:03 - 2017-03-04 04:19 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll 2017-03-15 05:03 - 2017-03-04 04:18 - 00219040 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL 2017-03-15 05:03 - 2017-03-04 04:11 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll 2017-03-15 05:03 - 2017-03-04 04:09 - 02750384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-03-15 05:03 - 2017-03-04 04:09 - 01157000 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll 2017-03-15 05:03 - 2017-03-04 04:09 - 00681312 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2017-03-15 05:03 - 2017-03-04 04:09 - 00658784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys 2017-03-15 05:03 - 2017-03-04 04:09 - 00635864 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2017-03-15 05:03 - 2017-03-04 04:09 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2017-03-15 05:03 - 2017-03-04 04:08 - 00450400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-03-15 05:03 - 2017-03-04 04:08 - 00223584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-03-15 05:03 - 2017-03-04 04:07 - 00432992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys 2017-03-15 05:03 - 2017-03-04 04:03 - 01694712 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll 2017-03-15 05:03 - 2017-03-04 04:03 - 00755648 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2017-03-15 05:03 - 2017-03-04 04:03 - 00523712 _____ (Microsoft Corporation) C:\Windows\system32\DMRServer.dll 2017-03-15 05:03 - 2017-03-04 04:03 - 00424616 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll 2017-03-15 05:03 - 2017-03-04 04:03 - 00241496 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll 2017-03-15 05:03 - 2017-03-04 04:03 - 00160096 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll 2017-03-15 05:03 - 2017-03-04 03:37 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll 2017-03-15 05:03 - 2017-03-04 03:36 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys 2017-03-15 05:03 - 2017-03-04 03:35 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ddrawex.dll 2017-03-15 05:03 - 2017-03-04 03:33 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll 2017-03-15 05:03 - 2017-03-04 03:33 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll 2017-03-15 05:03 - 2017-03-04 03:31 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_WorkAccess.dll 2017-03-15 05:03 - 2017-03-04 03:31 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll 2017-03-15 05:03 - 2017-03-04 03:31 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll 2017-03-15 05:03 - 2017-03-04 03:30 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll 2017-03-15 05:03 - 2017-03-04 03:30 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll 2017-03-15 05:03 - 2017-03-04 03:30 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll 2017-03-15 05:03 - 2017-03-04 03:30 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2017-03-15 05:03 - 2017-03-04 03:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll 2017-03-15 05:03 - 2017-03-04 03:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe 2017-03-15 05:03 - 2017-03-04 03:29 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll 2017-03-15 05:03 - 2017-03-04 03:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll 2017-03-15 05:03 - 2017-03-04 03:29 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.Phone.dll 2017-03-15 05:03 - 2017-03-04 03:29 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SerialCommunication.dll 2017-03-15 05:03 - 2017-03-04 03:29 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\BrowserSettingSync.dll 2017-03-15 05:03 - 2017-03-04 03:28 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll 2017-03-15 05:03 - 2017-03-04 03:28 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll 2017-03-15 05:03 - 2017-03-04 03:28 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll 2017-03-15 05:03 - 2017-03-04 03:28 - 00394752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2017-03-15 05:03 - 2017-03-04 03:28 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll 2017-03-15 05:03 - 2017-03-04 03:28 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.HostName.dll 2017-03-15 05:03 - 2017-03-04 03:27 - 00460288 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll 2017-03-15 05:03 - 2017-03-04 03:27 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll 2017-03-15 05:03 - 2017-03-04 03:27 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll 2017-03-15 05:03 - 2017-03-04 03:27 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\CloudBackupSettings.dll 2017-03-15 05:03 - 2017-03-04 03:26 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll 2017-03-15 05:03 - 2017-03-04 03:26 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll 2017-03-15 05:03 - 2017-03-04 03:26 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\ddraw.dll 2017-03-15 05:03 - 2017-03-04 03:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2017-03-15 05:03 - 2017-03-04 03:26 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll 2017-03-15 05:03 - 2017-03-04 03:26 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll 2017-03-15 05:03 - 2017-03-04 03:26 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2017-03-15 05:03 - 2017-03-04 03:26 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll 2017-03-15 05:03 - 2017-03-04 03:25 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll 2017-03-15 05:03 - 2017-03-04 03:25 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll 2017-03-15 05:03 - 2017-03-04 03:24 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\XboxNetApiSvc.dll 2017-03-15 05:03 - 2017-03-04 03:24 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2017-03-15 05:03 - 2017-03-04 03:23 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2017-03-15 05:03 - 2017-03-04 03:23 - 00541696 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll 2017-03-15 05:03 - 2017-03-04 03:23 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll 2017-03-15 05:03 - 2017-03-04 03:22 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll 2017-03-15 05:03 - 2017-03-04 03:21 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll 2017-03-15 05:03 - 2017-03-04 03:21 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-03-15 05:03 - 2017-03-04 03:20 - 01280512 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll 2017-03-15 05:03 - 2017-03-04 03:20 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll 2017-03-15 05:03 - 2017-03-04 03:20 - 00650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll 2017-03-15 05:03 - 2017-03-04 03:19 - 01639424 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2017-03-15 05:03 - 2017-03-04 03:19 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll 2017-03-15 05:03 - 2017-03-04 03:19 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2017-03-15 05:03 - 2017-03-04 03:19 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\Tabbtn.dll 2017-03-15 05:03 - 2017-03-04 03:18 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\indexeddbserver.dll 2017-03-15 05:03 - 2017-03-04 03:17 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll 2017-03-15 05:03 - 2017-03-04 03:17 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll 2017-03-15 05:03 - 2017-03-04 03:17 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll 2017-03-15 05:03 - 2017-03-04 03:17 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll 2017-03-15 05:03 - 2017-03-04 03:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll 2017-03-15 05:03 - 2017-03-04 03:15 - 01837056 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2017-03-15 05:03 - 2017-03-04 03:14 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll 2017-03-15 05:03 - 2017-03-04 03:14 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll 2017-03-15 05:03 - 2017-03-04 03:13 - 00982528 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-03-15 05:03 - 2017-03-04 03:13 - 00937472 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll 2017-03-15 05:03 - 2017-03-04 03:13 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll 2017-03-15 05:03 - 2017-03-04 03:13 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll 2017-03-15 05:03 - 2017-03-04 03:13 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\CameraCaptureUI.dll 2017-03-15 05:03 - 2017-03-04 03:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll 2017-03-15 05:03 - 2017-03-04 03:12 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll 2017-03-15 05:03 - 2017-03-04 03:12 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll 2017-03-15 05:03 - 2017-03-04 03:11 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll 2017-03-15 05:03 - 2017-03-04 03:11 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2017-03-15 05:03 - 2017-03-04 03:11 - 00821248 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2017-03-15 05:03 - 2017-03-04 03:11 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll 2017-03-15 05:03 - 2017-03-04 03:11 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr 2017-03-15 05:03 - 2017-03-04 03:10 - 02208768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll 2017-03-15 05:03 - 2017-03-04 03:10 - 02095616 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-03-15 05:03 - 2017-03-04 03:10 - 01275392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll 2017-03-15 05:03 - 2017-03-04 03:10 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll 2017-03-15 05:03 - 2017-03-04 03:10 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll 2017-03-15 05:03 - 2017-03-04 03:10 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe 2017-03-15 05:03 - 2017-03-04 03:09 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2017-03-15 05:03 - 2017-03-04 03:08 - 00540160 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2017-03-15 05:03 - 2017-03-04 03:07 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll 2017-03-15 05:03 - 2017-03-04 03:07 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2017-03-15 05:03 - 2017-03-04 03:07 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2017-03-15 05:03 - 2017-03-04 03:07 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll 2017-03-15 05:03 - 2017-03-04 03:07 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll 2017-03-15 05:03 - 2017-03-04 03:07 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll 2017-03-15 05:03 - 2017-03-04 03:07 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll 2017-03-15 05:03 - 2017-03-04 03:07 - 00707584 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll 2017-03-15 05:03 - 2017-03-04 03:06 - 03202048 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2017-03-15 05:03 - 2017-03-04 03:05 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll 2017-03-15 05:03 - 2017-03-04 03:05 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll 2017-03-15 05:03 - 2017-03-04 03:05 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2017-03-15 05:03 - 2017-03-04 03:03 - 06044672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2017-03-15 05:03 - 2017-03-04 03:02 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr 2017-03-15 05:03 - 2017-03-04 03:00 - 02026496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-03-15 05:02 - 2017-03-04 04:57 - 00192352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll 2017-03-15 05:02 - 2017-03-04 04:35 - 01617760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2017-03-15 05:02 - 2017-03-04 04:35 - 01294688 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2017-03-15 05:02 - 2017-03-04 04:35 - 00655200 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2017-03-15 05:02 - 2017-03-04 04:35 - 00590952 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2017-03-15 05:02 - 2017-03-04 04:35 - 00565088 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2017-03-15 05:02 - 2017-03-04 04:35 - 00378720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2017-03-15 05:02 - 2017-03-04 04:35 - 00343904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2017-03-15 05:02 - 2017-03-04 04:35 - 00315232 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll 2017-03-15 05:02 - 2017-03-04 04:35 - 00242528 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2017-03-15 05:02 - 2017-03-04 04:35 - 00142176 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2017-03-15 05:02 - 2017-03-04 04:35 - 00086368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2017-03-15 05:02 - 2017-03-04 04:35 - 00038240 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe 2017-03-15 05:02 - 2017-03-04 04:25 - 01117024 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll 2017-03-15 05:02 - 2017-03-04 04:24 - 01051112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-03-15 05:02 - 2017-03-04 04:24 - 00894096 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2017-03-15 05:02 - 2017-03-04 04:24 - 00354264 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe 2017-03-15 05:02 - 2017-03-04 04:22 - 01354312 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-03-15 05:02 - 2017-03-04 04:22 - 01172984 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2017-03-15 05:02 - 2017-03-04 04:21 - 02255712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2017-03-15 05:02 - 2017-03-04 04:20 - 00379744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2017-03-15 05:02 - 2017-03-04 04:20 - 00128352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2017-03-15 05:02 - 2017-03-04 04:18 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll 2017-03-15 05:02 - 2017-03-04 04:15 - 00404320 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2017-03-15 05:02 - 2017-03-04 04:13 - 00635456 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2017-03-15 05:02 - 2017-03-04 04:11 - 00266544 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll 2017-03-15 05:02 - 2017-03-04 04:09 - 00578392 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2017-03-15 05:02 - 2017-03-04 04:09 - 00178520 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll 2017-03-15 05:02 - 2017-03-04 04:08 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2017-03-15 05:02 - 2017-03-04 04:08 - 00509280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2017-03-15 05:02 - 2017-03-04 04:08 - 00342456 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2017-03-15 05:02 - 2017-03-04 04:07 - 02913144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2017-03-15 05:02 - 2017-03-04 04:07 - 02446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2017-03-15 05:02 - 2017-03-04 04:07 - 01267512 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll 2017-03-15 05:02 - 2017-03-04 04:07 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe 2017-03-15 05:02 - 2017-03-04 04:07 - 00989016 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe 2017-03-15 05:02 - 2017-03-04 04:07 - 00947552 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi 2017-03-15 05:02 - 2017-03-04 04:07 - 00811872 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe 2017-03-15 05:02 - 2017-03-04 04:07 - 00682808 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2017-03-15 05:02 - 2017-03-04 04:07 - 00116064 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll 2017-03-15 05:02 - 2017-03-04 04:07 - 00110944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvsocket.sys 2017-03-15 05:02 - 2017-03-04 04:07 - 00080224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys 2017-03-15 05:02 - 2017-03-04 04:03 - 04674360 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2017-03-15 05:02 - 2017-03-04 04:03 - 01600632 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2017-03-15 05:02 - 2017-03-04 04:03 - 00038768 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll 2017-03-15 05:02 - 2017-03-04 04:01 - 00201568 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll 2017-03-15 05:02 - 2017-03-04 04:01 - 00128648 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll 2017-03-15 05:02 - 2017-03-04 03:59 - 01570208 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll 2017-03-15 05:02 - 2017-03-04 03:58 - 01416224 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2017-03-15 05:02 - 2017-03-04 03:58 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe 2017-03-15 05:02 - 2017-03-04 03:58 - 00322912 _____ (Microsoft Corporation) C:\Windows\system32\input.dll 2017-03-15 05:02 - 2017-03-04 03:57 - 00372432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll 2017-03-15 05:02 - 2017-03-04 03:42 - 07216640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2017-03-15 05:02 - 2017-03-04 03:37 - 00025088 _____ C:\Windows\system32\GamePanelExternalHook.dll 2017-03-15 05:02 - 2017-03-04 03:36 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll 2017-03-15 05:02 - 2017-03-04 03:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2017-03-15 05:02 - 2017-03-04 03:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe 2017-03-15 05:02 - 2017-03-04 03:34 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.SystemManagement.dll 2017-03-15 05:02 - 2017-03-04 03:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll 2017-03-15 05:02 - 2017-03-04 03:34 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys 2017-03-15 05:02 - 2017-03-04 03:33 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Family.SyncEngine.dll 2017-03-15 05:02 - 2017-03-04 03:33 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe 2017-03-15 05:02 - 2017-03-04 03:33 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\tzautoupdate.dll 2017-03-15 05:02 - 2017-03-04 03:33 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothDesktopHandlers.dll 2017-03-15 05:02 - 2017-03-04 03:33 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\XInputUap.dll 2017-03-15 05:02 - 2017-03-04 03:32 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll 2017-03-15 05:02 - 2017-03-04 03:32 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll 2017-03-15 05:02 - 2017-03-04 03:32 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll 2017-03-15 05:02 - 2017-03-04 03:32 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\MediaFoundation.DefaultPerceptionProvider.dll 2017-03-15 05:02 - 2017-03-04 03:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll 2017-03-15 05:02 - 2017-03-04 03:31 - 00567296 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll 2017-03-15 05:02 - 2017-03-04 03:31 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll 2017-03-15 05:02 - 2017-03-04 03:30 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll 2017-03-15 05:02 - 2017-03-04 03:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll 2017-03-15 05:02 - 2017-03-04 03:30 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\mscandui.dll 2017-03-15 05:02 - 2017-03-04 03:30 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Flights.dll 2017-03-15 05:02 - 2017-03-04 03:30 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll 2017-03-15 05:02 - 2017-03-04 03:30 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll 2017-03-15 05:02 - 2017-03-04 03:29 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll 2017-03-15 05:02 - 2017-03-04 03:29 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2017-03-15 05:02 - 2017-03-04 03:28 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll 2017-03-15 05:02 - 2017-03-04 03:28 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll 2017-03-15 05:02 - 2017-03-04 03:28 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll 2017-03-15 05:02 - 2017-03-04 03:28 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\icsvcext.dll 2017-03-15 05:02 - 2017-03-04 03:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll 2017-03-15 05:02 - 2017-03-04 03:28 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll 2017-03-15 05:02 - 2017-03-04 03:28 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll 2017-03-15 05:02 - 2017-03-04 03:28 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2017-03-15 05:02 - 2017-03-04 03:27 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll 2017-03-15 05:02 - 2017-03-04 03:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll 2017-03-15 05:02 - 2017-03-04 03:27 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll 2017-03-15 05:02 - 2017-03-04 03:27 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll 2017-03-15 05:02 - 2017-03-04 03:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2017-03-15 05:02 - 2017-03-04 03:27 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll 2017-03-15 05:02 - 2017-03-04 03:26 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl 2017-03-15 05:02 - 2017-03-04 03:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll 2017-03-15 05:02 - 2017-03-04 03:26 - 00450048 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll 2017-03-15 05:02 - 2017-03-04 03:26 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll 2017-03-15 05:02 - 2017-03-04 03:26 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll 2017-03-15 05:02 - 2017-03-04 03:26 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll 2017-03-15 05:02 - 2017-03-04 03:25 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll 2017-03-15 05:02 - 2017-03-04 03:25 - 01016320 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManager.dll 2017-03-15 05:02 - 2017-03-04 03:25 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll 2017-03-15 05:02 - 2017-03-04 03:24 - 01092096 _____ (Microsoft Corporation) C:\Windows\system32\ApplicationFrame.dll 2017-03-15 05:02 - 2017-03-04 03:24 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll 2017-03-15 05:02 - 2017-03-04 03:24 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll 2017-03-15 05:02 - 2017-03-04 03:24 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll 2017-03-15 05:02 - 2017-03-04 03:24 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll 2017-03-15 05:02 - 2017-03-04 03:24 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll 2017-03-15 05:02 - 2017-03-04 03:24 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll 2017-03-15 05:02 - 2017-03-04 03:23 - 03753984 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll 2017-03-15 05:02 - 2017-03-04 03:23 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll 2017-03-15 05:02 - 2017-03-04 03:23 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe 2017-03-15 05:02 - 2017-03-04 03:23 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2017-03-15 05:02 - 2017-03-04 03:23 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll 2017-03-15 05:02 - 2017-03-04 03:22 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2017-03-15 05:02 - 2017-03-04 03:22 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll 2017-03-15 05:02 - 2017-03-04 03:21 - 00776192 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl 2017-03-15 05:02 - 2017-03-04 03:21 - 00347648 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll 2017-03-15 05:02 - 2017-03-04 03:20 - 01913856 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll 2017-03-15 05:02 - 2017-03-04 03:20 - 01361408 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll 2017-03-15 05:02 - 2017-03-04 03:20 - 00893952 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2017-03-15 05:02 - 2017-03-04 03:20 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2017-03-15 05:02 - 2017-03-04 03:20 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll 2017-03-15 05:02 - 2017-03-04 03:19 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll 2017-03-15 05:02 - 2017-03-04 03:19 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll 2017-03-15 05:02 - 2017-03-04 03:19 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe 2017-03-15 05:02 - 2017-03-04 03:18 - 01227264 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2017-03-15 05:02 - 2017-03-04 03:18 - 00320512 _____ (Microsoft Corporation) C:\Windows\regedit.exe 2017-03-15 05:02 - 2017-03-04 03:17 - 01082368 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll 2017-03-15 05:02 - 2017-03-04 03:17 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll 2017-03-15 05:02 - 2017-03-04 03:16 - 03289088 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll 2017-03-15 05:02 - 2017-03-04 03:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe 2017-03-15 05:02 - 2017-03-04 03:16 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll 2017-03-15 05:02 - 2017-03-04 03:15 - 09130496 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2017-03-15 05:02 - 2017-03-04 03:15 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll 2017-03-15 05:02 - 2017-03-04 03:15 - 01443328 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe 2017-03-15 05:02 - 2017-03-04 03:14 - 04749312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll 2017-03-15 05:02 - 2017-03-04 03:14 - 01562112 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll 2017-03-15 05:02 - 2017-03-04 03:14 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe 2017-03-15 05:02 - 2017-03-04 03:14 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll 2017-03-15 05:02 - 2017-03-04 03:14 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll 2017-03-15 05:02 - 2017-03-04 03:14 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe 2017-03-15 05:02 - 2017-03-04 03:13 - 05114368 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll 2017-03-15 05:02 - 2017-03-04 03:13 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll 2017-03-15 05:02 - 2017-03-04 03:13 - 00947200 _____ (Microsoft Corporation) C:\Windows\system32\wsp_sr.dll 2017-03-15 05:02 - 2017-03-04 03:13 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll 2017-03-15 05:02 - 2017-03-04 03:13 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe 2017-03-15 05:02 - 2017-03-04 03:12 - 01692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll 2017-03-15 05:02 - 2017-03-04 03:12 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl 2017-03-15 05:02 - 2017-03-04 03:11 - 02611200 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2017-03-15 05:02 - 2017-03-04 03:11 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2017-03-15 05:02 - 2017-03-04 03:11 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2017-03-15 05:02 - 2017-03-04 03:11 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll 2017-03-15 05:02 - 2017-03-04 03:11 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\SensorDataService.exe 2017-03-15 05:02 - 2017-03-04 03:11 - 00818176 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2017-03-15 05:02 - 2017-03-04 03:10 - 06664192 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe 2017-03-15 05:02 - 2017-03-04 03:10 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2017-03-15 05:02 - 2017-03-04 03:10 - 00960000 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll 2017-03-15 05:02 - 2017-03-04 03:10 - 00770560 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll 2017-03-15 05:02 - 2017-03-04 03:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll 2017-03-15 05:02 - 2017-03-04 03:09 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll 2017-03-15 05:02 - 2017-03-04 03:08 - 01714688 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll 2017-03-15 05:02 - 2017-03-04 03:08 - 00629248 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll 2017-03-15 05:02 - 2017-03-04 03:07 - 02914816 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll 2017-03-15 05:02 - 2017-03-04 03:07 - 02512384 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll 2017-03-15 05:02 - 2017-03-04 03:07 - 01490944 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-03-15 05:02 - 2017-03-04 03:07 - 01064448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2017-03-15 05:02 - 2017-03-04 03:07 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll 2017-03-15 05:02 - 2017-03-04 03:07 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll 2017-03-15 05:02 - 2017-03-04 03:06 - 05384192 _____ (Microsoft) C:\Windows\system32\dbgeng.dll 2017-03-15 05:02 - 2017-03-04 03:06 - 04708864 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2017-03-15 05:02 - 2017-03-04 03:06 - 04060672 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll 2017-03-15 05:02 - 2017-03-04 03:06 - 03614720 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2017-03-15 05:02 - 2017-03-04 03:06 - 02317824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2017-03-15 05:02 - 2017-03-04 03:06 - 00881664 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2017-03-15 05:02 - 2017-03-04 03:06 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll 2017-03-15 05:02 - 2017-03-04 03:05 - 01726976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2017-03-15 05:02 - 2017-03-04 03:05 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll 2017-03-15 05:02 - 2017-03-04 03:04 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\spaceman.exe 2017-03-15 05:02 - 2017-03-04 03:03 - 01817088 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll 2017-03-15 05:02 - 2017-03-04 03:01 - 03478528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll 2017-03-15 05:02 - 2016-07-15 23:29 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\CspCellularSettings.dll 2017-03-15 05:02 - 2016-07-15 23:28 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAPNCsp.dll 2017-03-15 05:02 - 2016-07-15 23:26 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\CfgSPCellular.dll 2017-03-15 05:01 - 2017-03-04 03:35 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll 2017-03-15 05:01 - 2017-03-04 03:26 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll 2017-03-15 05:01 - 2016-05-29 15:38 - 08886976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSetup.exe 2017-03-14 20:14 - 2017-03-14 20:14 - 00152142 _____ C:\Users\Cleto\Downloads\Cálculo de Contribuições - Guia da Previdência Social02.pdf 2017-03-14 19:06 - 2017-03-14 19:06 - 03172825 _____ C:\Users\Cleto\Downloads\Dissertacao Gustavo.pdf 2017-03-14 19:04 - 2017-03-14 19:04 - 01157857 _____ C:\Users\Cleto\Downloads\roteiroparna.pdf 2017-03-12 11:43 - 2017-03-12 11:43 - 00508458 _____ C:\Users\Cleto\Downloads\Seminário NCT.pdf ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-04-11 21:41 - 2016-09-18 19:07 - 00000000 ____D C:\Windows\system32\SleepStudy 2017-04-11 19:43 - 2016-09-22 14:19 - 00004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{482BCEEF-9F2B-406C-99FD-70AEF6B72EEF} 2017-04-11 14:58 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\system32\NDF 2017-04-11 14:47 - 2016-07-16 08:45 - 00000000 ____D C:\Windows\INF 2017-04-11 14:46 - 2016-01-06 16:49 - 00000000 __SHD C:\Users\Cleto\IntelGraphicsProfiles 2017-04-11 14:45 - 2016-09-18 19:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-04-11 14:44 - 2016-07-16 03:04 - 00524288 _____ C:\Windows\system32\config\BBI 2017-04-11 14:24 - 2016-06-08 22:54 - 00000000 ____D C:\Users\Cleto\AppData\Roaming\ZHP 2017-04-11 14:04 - 2016-07-16 08:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-04-11 14:04 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\AppReadiness 2017-04-11 14:00 - 2016-09-05 01:59 - 00000000 ____D C:\AdwCleaner 2017-04-11 13:52 - 2017-03-05 00:20 - 00000000 ____D C:\Users\Cleto\AppData\Local\transmission 2017-04-11 01:31 - 2014-10-09 00:15 - 00000000 ____D C:\Users\Cleto\AppData\Roaming\vlc 2017-04-11 00:01 - 2016-09-18 19:45 - 00003586 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-11 00:01 - 2016-09-18 19:45 - 00003462 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-10 14:24 - 2015-07-12 21:16 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes 2017-04-10 14:24 - 2015-07-12 21:16 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-04-10 01:02 - 2016-01-18 12:35 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-04-08 10:01 - 2016-04-08 00:16 - 00000000 ____D C:\Users\Cleto\AppData\Roaming\IObit 2017-04-07 14:41 - 2016-08-15 20:03 - 00000000 ____D C:\Users\Todos os Usuários\Garmin 2017-04-07 14:41 - 2016-08-15 20:03 - 00000000 ____D C:\ProgramData\Garmin 2017-04-07 14:41 - 2016-08-15 20:03 - 00000000 ____D C:\Program Files (x86)\Garmin 2017-04-07 14:41 - 2015-03-14 20:53 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache 2017-04-07 14:41 - 2015-03-14 20:53 - 00000000 ____D C:\ProgramData\Package Cache 2017-04-07 14:39 - 2016-08-03 00:35 - 00000000 ____D C:\Program Files\Common Files\Apple 2017-03-29 21:03 - 2016-02-17 14:39 - 00002281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-03-29 21:03 - 2016-02-17 14:39 - 00002269 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-03-29 11:53 - 2016-07-16 08:36 - 00000000 ____D C:\Windows\CbsTemp 2017-03-28 11:08 - 2016-09-18 19:15 - 00000000 ____D C:\Users\Cleto 2017-03-28 03:23 - 2015-04-30 23:25 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software 2017-03-28 03:23 - 2015-04-30 23:25 - 00000000 ____D C:\ProgramData\AVAST Software 2017-03-28 00:59 - 2016-07-16 20:04 - 00450086 _____ C:\Windows\system32\prfh0416.dat 2017-03-28 00:59 - 2016-07-16 20:04 - 00116366 _____ C:\Windows\system32\prfc0416.dat 2017-03-28 00:59 - 2016-01-06 08:24 - 01566350 _____ C:\Windows\system32\PerfStringBackup.INI 2017-03-28 00:46 - 2016-04-08 00:16 - 00000000 ____D C:\Users\Cleto\AppData\LocalLow\IObit 2017-03-28 00:46 - 2016-04-08 00:16 - 00000000 ____D C:\Program Files (x86)\IObit 2017-03-28 00:45 - 2016-04-08 00:16 - 00000000 ____D C:\Users\Todos os Usuários\IObit 2017-03-28 00:45 - 2016-04-08 00:16 - 00000000 ____D C:\ProgramData\IObit 2017-03-18 20:00 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\rescache 2017-03-15 22:12 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\system32\appraiser 2017-03-15 21:16 - 2014-10-07 23:08 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-03-15 21:11 - 2016-09-18 19:07 - 00482600 _____ C:\Windows\system32\FNTCACHE.DAT 2017-03-15 21:08 - 2016-07-16 08:47 - 00000000 ___SD C:\Windows\SysWOW64\F12 2017-03-15 21:08 - 2016-07-16 08:47 - 00000000 ___SD C:\Windows\system32\F12 2017-03-15 21:08 - 2016-07-16 08:47 - 00000000 ___RD C:\Windows\PrintDialog 2017-03-15 21:08 - 2016-07-16 08:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2017-03-15 21:08 - 2016-07-16 08:47 - 00000000 ___RD C:\Program Files\Windows Defender 2017-03-15 21:08 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\SysWOW64\setup 2017-03-15 21:08 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\system32\setup 2017-03-15 21:08 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\system32\oobe 2017-03-15 21:08 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\ShellExperiences 2017-03-15 21:08 - 2016-07-16 08:47 - 00000000 ____D C:\Windows\bcastdvr 2017-03-15 21:08 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-03-15 21:08 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-03-15 21:08 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2017-03-15 17:39 - 2015-05-10 19:02 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk 2017-03-15 17:39 - 2015-05-10 19:02 - 00000000 ____D C:\Users\Todos os Usuários\Skype 2017-03-15 17:39 - 2015-05-10 19:02 - 00000000 ____D C:\ProgramData\Skype 2017-03-15 10:52 - 2014-10-08 03:20 - 00000000 ____D C:\Windows\system32\MRT 2017-03-15 10:48 - 2014-10-08 03:20 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Arquivos na raiz de alguns diretórios ======= 2015-01-17 07:57 - 2015-01-17 08:07 - 0035654 _____ () C:\Users\Cleto\AppData\Roaming\unins000.dat 2015-08-08 08:45 - 2015-08-08 08:45 - 0000000 _____ () C:\Users\Cleto\AppData\Local\{0A0DC549-C7F7-4183-9552-15F19C8DB81C} 2016-09-18 19:10 - 2016-09-18 19:10 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2017-04-04 19:48 ==================== Fim de FRST.txt ============================ Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 15-03-2017 Executado por Cleto (11-04-2017 21:46:33) Executando a partir de C:\Users\Cleto\Desktop Windows 10 Home Single Language Versão 1607 (X64) (2016-09-18 22:49:13) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-613852610-2115194870-4212196456-500 - Administrator - Disabled) Cleto (S-1-5-21-613852610-2115194870-4212196456-1001 - Administrator - Enabled) => C:\Users\Cleto Convidado (S-1-5-21-613852610-2115194870-4212196456-501 - Limited - Disabled) DefaultAccount (S-1-5-21-613852610-2115194870-4212196456-503 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Avast antivírus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast antivírus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version: - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) Adobe Reader XI (11.0.19) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) ArcGIS 10.2.2 Data Interoperability for Desktop (HKLM-x32\...\ArcGIS 10.2.2 Data Interoperability for Desktop) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) ArcGIS 10.2.2 Data Interoperability for Desktop (x32 Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) Hidden ArcGIS 10.2.2 for Desktop (HKLM-x32\...\ArcGIS 10.2.2 for Desktop) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) ArcGIS 10.2.2 for Desktop (x32 Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) Hidden ArcGIS 10.2.2 for Desktop Oracle Geodatabase Object Schema Update and Editing Patch (HKLM-x32\...\ArcGIS 10.2.2 for Desktop CR285161) (Version: - Environmental Systems Research Institute, Inc.) ArcGIS 10.2.2 for Desktop Set Shapefile Default Code Page Patch (HKLM-x32\...\ArcGIS 10.2.2 for Desktop CR286131) (Version: - Environmental Systems Research Institute, Inc.) ArcGIS 10.2.2 License Manager (HKLM-x32\...\ArcGIS 10.2.2 License Manager) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) ArcGIS 10.2.2 License Manager (x32 Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) Hidden ArcGIS 10.2.2 Workflow Manager for Desktop (HKLM-x32\...\{C0FA0E70-56D7-4A00-966F-45C0C369020E}) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) ArcGIS Case Tools for Desktop (HKLM-x32\...\ArcGIS Case Tools for Desktop) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) ArcGIS Case Tools for Desktop (x32 Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) Hidden ArcObjects SDK for the Java Platform (HKLM-x32\...\ArcObjects SDK for the Java Platform) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) ArcObjects SDK for the Java Platform (x32 Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) Hidden AutoCAD 2007 - English (HKLM-x32\...\{5783F2D7-5001-0409-0002-0060B0CE6BBA}) (Version: 17.0.54.110 - Autodesk) Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.) Avast Free antivírus (HKLM-x32\...\Avast antivírus) (Version: 17.3.2291 - AVAST Software) CAR - Módulo de Cadastro (HKLM-x32\...\CAR - Módulo de Cadastro) (Version: - Ministério do Meio Ambiente) CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform) CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant) coverXP (remove only) (HKLM-x32\...\coverXP) (Version: - ) Desinstalar impressora EPSON T50 Series (HKLM\...\EPSON T50 Series) (Version: - SEIKO EPSON Corporation) Disconnect Desktop (HKLM-x32\...\Disconnect Desktop 1.0.5) (Version: 1.0.5 - Disconnect) Disconnect Desktop (x32 Version: 1.0.5 - Disconnect) Hidden Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc) Doro 2.07 (HKLM-x32\...\Doro_is1) (Version: - CompSoft) EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS) EaseUS Partition Master 10.1 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.14 - Lenovo) Energy Management (x32 Version: 8.0.2.14 - Lenovo) Hidden Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.41.00 - SEIKO EPSON CORPORATION) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.) Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden Guia de Usuário (x32 Version: 1.0.0.17 - Lenovo) Hidden Hard Disk Sentinel (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 4.71 - Janos Mathe) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.) K-Lite Codec Pack 11.9.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.6 - KLCP) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.) Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10120.11116 - Realtek Semiconductor Corp.) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden Macromedia Flash Player 8 (HKLM-x32\...\ShockwaveFlash) (Version: 8 - Macromedia) Malwarebytes versão 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 46.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 pt-BR)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla) OpenVPN 2.3.4-I603 (HKLM-x32\...\OpenVPN) (Version: 2.3.4-I603 - ) Pacote de Driver do Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Pacote de Driver do Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security) QGIS 2.14 2.14.11 Essen (HKLM\...\QGIS 2.14) (Version: - QGIS Development Team) QGIS Brighton 2.6.1 Brighton (HKLM\...\QGIS Brighton) (Version: - QGIS Development Team) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association) Skype Web Plugin (HKLM-x32\...\{15AF46DB-9EBA-4662-AA52-29EF23585035}) (Version: 3.2.0.23388 - Skype Technologies S.A.) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) Spring 5.4.2 Português_x86 (HKLM-x32\...\Spring 5.4.2 Português_x86) (Version: - ) Spring 5.4.3 Português_x86 (HKLM-x32\...\Spring 5.4.3 Português_x86) (Version: - ) Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 1.5 - Safer-Networking Ltd.) Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.) Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.) TAP-Windows 9.21.0 (HKLM\...\TAP-Windows) (Version: 9.21.0 - ) Transmission 2.92 (14714) (x64) (HKLM\...\{E2B281FA-6236-4F0D-B710-ECDB6B60EB5E}) (Version: 2.92.0 - Transmission Project) Unity Web Player (HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\UnityWebPlayer) (Version: 5.3.4f1 - Unity Technologies ApS) UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - ) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-613852610-2115194870-4212196456-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-613852610-2115194870-4212196456-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-613852610-2115194870-4212196456-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {01E43E56-BE52-4614-ABCB-0ED866086399} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-03-15] (Microsoft Corporation) Task: {0244705E-D1E6-4D5F-9473-D2BED3D5A24E} - System32\Tasks\Disconnect Desktop Updater => C:\Program Files (x86)\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe [2015-02-27] (Disconnect) Task: {041A12D9-9413-4EBA-948C-2E584DECD8E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.) Task: {06644DDE-CE71-4241-8178-8D9E65004FDD} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Cleto => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [2016-01-31] (H.D.S. Hungary) Task: {067AFF45-7441-43FD-8A29-83010A0A2958} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization => C:\Program Files (x86)\Spybot Anti-Beacon\SDAntiBeacon.exe [2015-10-19] (Safer-Networking Ltd.) Task: {0BB470E9-F033-473A-8516-1929B746BA01} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE Task: {0CC44745-33F6-4E6C-8C24-BF50156F30CE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {1BC82127-1AB0-4321-A7D1-73354575F0C3} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe Task: {4CC2442A-841D-4FB5-B20D-23B0CE6AE20B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-11] (AVAST Software) Task: {4F7F9BC0-5522-483A-9D5D-97BFE25A28AA} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] () Task: {7AED02FF-016B-419B-95E6-6FF58F481FB2} - System32\Tasks\{F18B3E27-714A-45BB-88D1-D13BDE76FDB9} => pcalua.exe -a C:\Users\Cleto\Downloads\cp006049.exe -d C:\Users\Cleto\Downloads Task: {8429BE11-660B-41FA-BA00-7E4740454EA8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {8703CB6E-2936-4B1E-B7F9-F39DBE3E1CAF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd) Task: {8B8941DB-16CE-48DD-907C-A468102A75EC} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK Task: {98D58BA8-D5F0-431D-BF53-E51F04D2FB8B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => %ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {A7F6F2E3-A829-41A6-84BB-7DE4AC7E3907} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe Task: {A86AED54-E020-48FB-84A6-78291BDBC2B3} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe Task: {CE70B5B9-96E4-447F-BD3B-63E629F542C7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! antivírus\backup.exe [2017-01-28] (AVAST Software) Task: {D581F46E-16C4-4EE3-8E33-614CFE26176A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12] (Adobe Systems Incorporated) Task: {F0D4D6BA-1EC3-47F7-9068-011C63C7ED19} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ==================== Módulos Carregados (Whitelisted) ============== 2016-07-16 08:42 - 2016-07-16 08:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll 2017-03-15 05:03 - 2017-03-04 04:19 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll 2016-07-19 23:26 - 2014-06-26 19:10 - 00595456 _____ () C:\Program Files (x86)\DoroPDFWriter\Doro.dll 2017-03-15 05:03 - 2017-03-04 04:19 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll 2016-09-18 19:54 - 2016-09-18 19:54 - 00959168 _____ () C:\Users\Cleto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-09-18 19:00 - 2016-09-18 19:00 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-15 05:01 - 2017-03-04 03:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-15 05:03 - 2017-03-04 03:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-15 05:03 - 2017-03-04 03:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-15 05:03 - 2017-03-04 03:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-03-15 05:03 - 2017-03-04 03:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-03-15 05:03 - 2017-03-04 03:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-03-15 05:04 - 2017-03-04 03:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-03-03 15:09 - 2017-03-03 15:09 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll 2017-04-11 14:42 - 2017-04-11 14:42 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-03-28 00:57 - 2017-03-28 00:57 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-04-11 14:42 - 2017-04-11 14:42 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-04-11 14:42 - 2017-04-11 14:42 - 00293936 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-04-11 14:42 - 2017-04-11 14:42 - 00653520 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-03-29 21:03 - 2017-03-28 23:04 - 02187096 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll 2017-03-29 21:03 - 2017-03-28 23:04 - 00086360 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll 2014-04-16 23:16 - 2013-08-08 13:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) HKU\S-1-5-21-613852610-2115194870-4212196456-1001\Software\Classes\.scr: AutoCADScriptFile => ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\bb.com.br -> hxxps://seg.bb.com.br IE trusted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\caixa.gov.br -> imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\123simsen.com -> www.123simsen.com Existem ainda 7902 sites a mais. ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2013-08-22 10:25 - 2017-04-11 14:50 - 00456216 ____A C:\Windows\system32\Drivers\etc\hosts 0.0.0.0 a.ads1.msn.com 0.0.0.0 a.ads2.msads.net 0.0.0.0 a.ads2.msn.com 0.0.0.0 a.rad.msn.com 0.0.0.0 a-0001.a-msedge.net 0.0.0.0 a-0002.a-msedge.net 0.0.0.0 a-0003.a-msedge.net 0.0.0.0 a-0004.a-msedge.net 0.0.0.0 a-0005.a-msedge.net 0.0.0.0 a-0006.a-msedge.net 0.0.0.0 a-0007.a-msedge.net 0.0.0.0 a-0008.a-msedge.net 0.0.0.0 a-0009.a-msedge.net 0.0.0.0 ac3.msn.com 0.0.0.0 ad.doubleclick.net 0.0.0.0 adnexus.net 0.0.0.0 adnxs.com 0.0.0.0 ads.msn.com 0.0.0.0 ads1.msads.net 0.0.0.0 ads1.msn.com 0.0.0.0 aidps.atdmt.com 0.0.0.0 aka-cdn-ns.adtech.de 0.0.0.0 a-msedge.net 0.0.0.0 az361816.vo.msecnd.net 0.0.0.0 az512334.vo.msecnd.net 0.0.0.0 b.ads1.msn.com 0.0.0.0 b.ads2.msads.net 0.0.0.0 b.rad.msn.com 0.0.0.0 bs.serving-sys.com 0.0.0.0 c.atdmt.com Existem ainda 15636 mais linhas. ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-613852610-2115194870-4212196456-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Cleto\Downloads\IMG_208197.jpg DNS Servers: 191.187.32.36 - 191.187.32.31 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == HKLM\...\StartupApproved\StartupFolder: => "AutoCAD Startup Accelerator.lnk" HKLM\...\StartupApproved\Run: => "cAudioFilterAgent" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run: => "ETDCtrl" HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "EnergyUtility" HKLM\...\StartupApproved\Run: => "Energy Management" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "CloneCDTray" HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray" HKLM\...\StartupApproved\Run32: => "EaseUS EPM Tray Agent" HKLM\...\StartupApproved\Run32: => "UpdateP2GShortCut" HKLM\...\StartupApproved\Run32: => "GrooveMonitor" HKLM\...\StartupApproved\Run32: => "SmartAudio" HKLM\...\StartupApproved\Run32: => "ETDCtrl" HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher" HKLM\...\StartupApproved\Run32: => "IAStorIcon" HKLM\...\StartupApproved\Run32: => "DoroServer" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "RtsFT" HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\StartupApproved\Run: => "Epson Stylus Photo T50" HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\StartupApproved\Run: => "GarminExpressTrayApp" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{28614388-7CDE-4795-9000-755C69108B00}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{C995D018-4F36-4956-95AD-0684F08D492F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{909288B3-E279-45CE-951B-994E5634A21B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CA56A033-74DC-414C-AD54-DBBA5319250F}] => (Allow) C:\Program Files (x86)\Disconnect\Disconnect Desktop\\openvpn\bin\openvpn.exe FirewallRules: [{AB273C72-7BB3-48EA-A2E4-B6C8DB7EB76B}] => (Allow) C:\Program Files (x86)\Disconnect\Disconnect Desktop\\openvpn\bin\openvpnserv.exe FirewallRules: [TCP Query User{EA1F9607-AF52-42F3-9D3E-980FAB59ADD3}C:\program files (x86)\ministério do meio ambiente\car - off-line\server\nodejs\node.exe] => (Allow) C:\program files (x86)\ministério do meio ambiente\car - off-line\server\nodejs\node.exe FirewallRules: [UDP Query User{12B309EE-3BC7-4070-9CE8-29E7CEE107DB}C:\program files (x86)\ministério do meio ambiente\car - off-line\server\nodejs\node.exe] => (Allow) C:\program files (x86)\ministério do meio ambiente\car - off-line\server\nodejs\node.exe FirewallRules: [TCP Query User{C18FFBA2-37B2-4608-A6A7-8E781B5591A9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{5DB1BA0A-7257-42F0-8E38-072292ACC1A3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{D0A54991-E6E5-450B-AB07-3FAA16283307}] => (Allow) C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\SkypeWebPlugin.exe FirewallRules: [TCP Query User{E242656E-5F3A-4DCD-9A78-4ECD6AABD214}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{D2995036-7ACD-4D1A-BB2F-B956B859EAA6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{01F9446E-4495-4B45-BB29-C7EC20C8D9CB}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe FirewallRules: [UDP Query User{C8DE248A-61C7-4C53-8F56-A3E8DAD99A23}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe FirewallRules: [{AAD2FF79-6CBA-4609-BE70-BDC6B84A927E}] => (Block) C:\program files\transmission\transmission-qt.exe FirewallRules: [{1A8FB355-49EF-4376-B1B3-CA8DEEE51285}] => (Block) C:\program files\transmission\transmission-qt.exe FirewallRules: [{69396068-1AC0-453A-877D-39E9DCAA5CA3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Pontos de Restauração ========================= 05-04-2017 21:38:43 Ponto de Verificação Agendado 07-04-2017 14:37:41 Removed Apple Mobile Device Support 11-04-2017 14:01:33 JRT Pre-Junkware Removal ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (04/11/2017 02:02:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP. System Error: Acesso negado. . Error: (04/11/2017 01:51:59 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Users\Cleto\Downloads\esetsmartinstaller_enu.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest. Error: (04/11/2017 02:39:11 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Falha no Procedimento Open para o serviço "BITS" na DLL "C:\Windows\System32\bitsperf.dll". Os dados de desempenho para este serviço não estarão disponíveis. Os primeiros quatro bytes (DWORD) da seção de Dados contêm o código do erro. Error: (04/11/2017 12:37:31 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Users\Cleto\Desktop\esetsmartinstaller_enu.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest. Error: (04/10/2017 09:16:37 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Users\Cleto\Desktop\esetsmartinstaller_enu.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest. Error: (04/10/2017 08:59:51 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Users\Cleto\Desktop\esetsmartinstaller_enu.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest. Error: (04/10/2017 08:59:47 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Users\Cleto\Desktop\esetsmartinstaller_enu.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest. Error: (04/10/2017 08:59:47 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Users\Cleto\Desktop\esetsmartinstaller_enu.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest. Error: (04/10/2017 08:57:30 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Users\Cleto\Desktop\esetsmartinstaller_enu.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest. Error: (04/10/2017 08:57:09 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Users\Cleto\Downloads\esetsmartinstaller_enu.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest. Erros de Sistema: ============= Error: (04/11/2017 03:03:21 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} e APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/11/2017 02:50:21 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} e APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/11/2017 02:49:01 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não se registrou no DCOM dentro do tempo limite necessário. Error: (04/11/2017 02:48:01 PM) (Source: DCOM) (EventID: 10010) (User: CLETO-PC) Description: O servidor {21F282D1-A881-49E1-9A3A-26E44E39B86C} não se registrou no DCOM dentro do tempo limite necessário. Error: (04/11/2017 02:45:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço SAService devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (04/11/2017 02:43:51 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT) Description: As configurações de permissão específico do aplicativo não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} e APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} ao usuário AUTORIDADE NT\SISTEMA SID (S-1-5-18) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Não Disponível SID (Não Disponível). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes. Error: (04/11/2017 02:36:14 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: O servidor {F3B4E234-7A68-4E43-B813-E4BA55A065F6} não se registrou no DCOM dentro do tempo limite necessário. Error: (04/11/2017 01:37:54 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: O servidor {F3B4E234-7A68-4E43-B813-E4BA55A065F6} não se registrou no DCOM dentro do tempo limite necessário. Error: (04/10/2017 11:56:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro: O carregamento deste driver foi bloqueado Error: (04/10/2017 11:56:54 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Cleto\AppData\Local\Temp\ehdrv.sys CodeIntegrity: =================================== Date: 2016-09-18 19:11:48.863 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system. Date: 2016-09-18 19:11:48.855 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system. Date: 2016-09-18 19:11:48.847 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system. Date: 2016-09-18 19:11:48.838 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz Percentagem de memória em uso: 70% RAM física total: 3993.77 MB RAM física disponível: 1186.16 MB Virtual Total: 8345.77 MB Virtual disponível: 4626.89 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:77.97 GB) (Free:11.79 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.85 GB) NTFS Drive f: (Novo volume) (Fixed) (Total:346.45 GB) (Free:98.27 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: B4D14766) Partition: GPT. ==================== Fim de Addition.txt ============================
  6. Solicitação análise de log

    Segue os logs: # AdwCleaner v6.045 - Relatório criado 11/04/2017 às 14:00:33 # Atualizado em 28/03/2017 por Malwarebytes # Banco de dados : 2017-04-10.2 [Servidor] # Sistema operacional : Windows 10 Home Single Language (X64) # Usuário : Cleto - CLETO-PC # Executando de : C:\Users\Cleto\Desktop\AdwCleaner (1).exe # Modo: Digitalizar # Apoio : https://www.malwarebytes.com/support ***** [ Serviços ] ***** Não foram encontrados serviços maliciosos. ***** [ Pastas ] ***** Nenhuma pasta maliciosa encontrada. ***** [ Arquivos ] ***** Nenhum arquivo malicioso encontrado. ***** [ DLL ] ***** Não foram encontradas DLLs mal-intencionadas. ***** [ WMI ] ***** Nenhuma chave mal-intencionada encontrada. ***** [ Atalhos ] ***** Nenhum atalho infectado encontrado. ***** [ Atividades agendadas ] ***** Nenhuma tarefa maliciosa encontrada. ***** [ Registro ] ***** Nenhuma entrada de registro malicioso encontrada. ***** [ Navegadores ] ***** Nenhum item de navegador baseado em Firefox malicioso encontrado. Nenhum item de navegador baseado em Chromo malicioso encontrado. ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [3845 Bytes] - [05/09/2016 02:02:04] C:\AdwCleaner\AdwCleaner[C2].txt - [2859 Bytes] - [18/09/2016 00:16:58] C:\AdwCleaner\AdwCleaner[C3].txt - [1738 Bytes] - [28/03/2017 11:07:53] C:\AdwCleaner\AdwCleaner[S0].txt - [3871 Bytes] - [05/09/2016 02:01:10] C:\AdwCleaner\AdwCleaner[S1].txt - [2888 Bytes] - [18/09/2016 00:16:30] C:\AdwCleaner\AdwCleaner[S2].txt - [1880 Bytes] - [28/03/2017 11:06:50] C:\AdwCleaner\AdwCleaner[S3].txt - [1613 Bytes] - [11/04/2017 14:00:33] ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1686 Bytes] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.3 (04.10.2017) Operating System: Windows 10 Home Single Language x64 Ran by Cleto (Administrator) on 11/04/2017 at 14:01:29,35 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 1 Successfully deleted: C:\ProgramData\productdata (Folder) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 11/04/2017 at 14:04:47,55 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~ ZHPCleaner v2017.4.10.62 by Nicolas Coolman (2017/04/10) ~ Run by Cleto (Administrator) (11/04/2017 14:24:04) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version KO ~ Type : Reparo ~ Report : C:\Users\Cleto\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Cleto\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home Single Language, 64-bit (Build 14393) ---\\ Serviços (0) ~ Nenhum ítem malicioso o desnecessários foi encontrado. ---\\ Navegadores de Internet (0) ~ Nenhum ítem malicioso o desnecessários foi encontrado. ---\\ Arquivo hosts (1) ~ O arquivo hosts é legítimo (15697) ---\\ Tarefas automáticas agendadas. (0) ~ Nenhum ítem malicioso o desnecessários foi encontrado. ---\\ Explorer ( Arquivos, Pastas) (74) MOVIDO pasta: C:\Windows\Installer\wix{249CFC92-210D-401D-89AF-5B40B60BC3F4}.SchedServiceConfig.rmi =>.Superfluous.Empty MOVIDO pasta: C:\Windows\Installer\wix{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}.SchedServiceConfig.rmi =>.Superfluous.Empty MOVIDO pasta: C:\Windows\Installer\wix{3966320F-A37D-496C-A274-2AA985E8A0AE}.SchedServiceConfig.rmi =>.Superfluous.Empty MOVIDO pasta: C:\Windows\Installer\wix{4F192902-A341-4321-838F-B92E03D44D27}.SchedServiceConfig.rmi =>.Superfluous.Empty MOVIDO pasta: C:\Windows\Installer\wix{89AFB053-A343-46EF-97E4-D593AD7184E6}.SchedServiceConfig.rmi =>.Superfluous.Empty MOVIDO pasta: C:\Windows\Installer\wix{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}.SchedServiceConfig.rmi =>.Superfluous.Empty MOVIDO pasta: C:\Windows\Installer\wix{CA49099B-D84C-433C-9D94-B60A991BE323}.SchedServiceConfig.rmi =>.Superfluous.Empty MOVIDO pasta: C:\Windows\Installer\wix{D1B261D6-EBAE-4129-8EFB-C04E14DCEF6A}.SchedServiceConfig.rmi =>.Superfluous.Empty MOVIDO pasta: C:\Windows\Installer\wix{DA9DAB72-69A7-4C9A-97A5-EC5865DF72CA}.SchedServiceConfig.rmi =>.Superfluous.Empty MOVIDO pasta: C:\Users\Cleto\Downloads\privoxy-3_0_24.zip =>.Superfluous.Privoxy MOVIDO pasta: C:\Users\Cleto\AppData\Local\Temp\6D26.tmp =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\Cleto\AppData\Local\Temp\A19B.tmp =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\Cleto\AppData\Local\Temp\sa.28AE77A6-53EC-9AF4-C533-9D1D9B11711A_5__.Public.AppUpdate.dat =>.Superfluous.Temporary MOVIDO pasta: C:\Users\Cleto\AppData\Local\Temp\Setup Log 2017-04-10 #001.txt =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\Cleto\AppData\Local\Temp\_iu14D2N.tmp [ - Setup/Uninstall] =>.Superfluous.Temporary.Empty MOVIDO pasta: C:\Users\Cleto\Downloads\privoxy-3_0_24\privoxy.exe [The Privoxy team - www.privoxy.org - Privoxy] =>.Superfluous.Privoxy MOVIDO arquivo: C:\Users\Cleto\Downloads\privoxy-3_0_24 =>.Superfluous.Privoxy MOVIDO arquivo: C:\Windows\Installer\MSI1628.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI19DB.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI1BEF.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI1E76.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI29E8.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI2C96.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI2F76.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI31C8.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI3646.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI3AEB.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI426D.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI4552.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI49B8.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI4A2F.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI4C80.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI51F0.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI579E.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI5844.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI5A68.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI5D6C.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI5DE9.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI5EC3.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI605B.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI6174.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI6BE8.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI6E5A.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI709.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI70BB.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI72C0.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI72F7.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI819F.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI822D.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI854A.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI89A.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI8DE6.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI8FDA.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI946F.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI94DC.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSI9B07.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIACC1.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIB4D1.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSICFC3.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSID5F2.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSID93A.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIDA29.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIDFE3.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIE236.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIE9B9.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIEC9B.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIEDC9.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIEE32.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIEFC0.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIF3DC.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIF636.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIFDD1.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIFF42.tmp- =>.Superfluous.Empty MOVIDO arquivo: C:\Windows\Installer\MSIFF71.tmp- =>.Superfluous.Empty ---\\ Registro ( Chaves, Valores, Dados ) (2) SUPRIMIDO dados: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{669c3b34-3e9e-4ad7-9a7e-98622d784563}\\DhcpNameServer [Bad : 191.187.32.36 191.187.32.31] =>Hijacker.Browser SUPRIMIDO dados: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 191.187.32.36 191.187.32.31] =>Hijacker.Browser ---\\ Resumo dos elementos encontrados na sua estação de trabalho (5) https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty https://www.anti-malware.top/2016/07/07/superfluous-privoxy/ =>.Superfluous.Privoxy https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary.Empty https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser ---\\ Dodatkowe oczyszczenie. (18) ~ Chave de registro Tracing Supprimido (16) ~ Remover os relatórios antigos ZHPCleaner. (2) ---\\ Resultado de reparação Reparação efectuada com sucesso ---\\ Estatísticas ~ Items scan : 32140 ~ Items encontrado : 0 ~ items cancelados : 0 ~ Items réparo : 76 ~ End of clean in 00h00mn40s ~==================== ZHPCleaner-[R]-08062016-23_19_04.txt ZHPCleaner-[R]-11042017-14_24_44.txt ZHPCleaner--11042017-14_23_02.txt
  7. Solicitação análise de log

    Segue o log: C:\Users\Cleto\Downloads\SetupImgBurn_2.5.8.0.exe Win32/FusionCore.L potentially unwanted application cleaned by deleting
  8. Solicitação análise de log

    Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 10/04/17 Hora da análise: 14:26 Arquivo de registro: log.txt Administrador: Sim -Informação do software- Versão: 3.0.6.1469 Versão de componentes: 1.0.96 Versão do pacote de definições: 1.0.1698 Licença: Versão de avaliação -Informação do sistema- Sistema operacional: Windows 10 CPU: x64 Sistema de arquivos: NTFS Usuário: CLETO-PC\Cleto -Resumo da análise- Tipo de análise: Análise de Ameaças Resultado: Concluído Objetos verificados: 467845 Tempo decorrido: 10 min, 42 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Habilitado PUM: Habilitado -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 0 (Nenhum item malicioso detectado) Setor físico: 0 (Nenhum item malicioso detectado) (end)
  9. Solicitação análise de log

    Segue os logs: MBRScan v1.1.1 OS : Windows 8 (64 bit) PROCESSOR : Intel64 Family 6 Model 58 Stepping 9, GenuineIntel BOOT : Normal Boot DATE : 2017/04/10 (ISO 8601) at 12:04:47 ________________________________________________________________________________ DISK : Device\Harddisk0\DR0 __WDC WD5000LPCX-24C6HT0 (01.01A01) BUS_TYPE : (0x0B) S-ATA USE_PIO : YES MAX_TRANSFER : 128 Kb ALIGNMENT_MASK : word aligned ________________________________________________________________________________ Device\Harddisk0\DR0 465.8 Go [Fixed] ==> Unknown MBR Code... MBR_MD5 : 662E530D669961E860268C2EAE6E5D19 MBR_SHA1 : 407F112DE6E817F9A39C993805DDF97CAEE6BC2F Device\Harddisk0\Partition1 2.00 To 0xEE EFI GPT[1] ________________________________________________________________________________ ############################### Additional scan ################################ DRIVER : C:\Windows\system32\ntoskrnl.exe => Invisible on the disk ADDRESS : 0x9707F000 SIZE : 8.09 Mo DRIVER : C:\Windows\system32\hal.dll => Invisible on the disk ADDRESS : 0x9700A000 SIZE : 468.0 Ko DRIVER : C:\Windows\system32\kd.dll => Invisible on the disk ADDRESS : 0x95E7B000 SIZE : 44.0 Ko DRIVER : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk ADDRESS : 0x026F0000 SIZE : 568.0 Ko DRIVER : C:\Windows\System32\drivers\werkernel.sys => Invisible on the disk ADDRESS : 0x02780000 SIZE : 64.0 Ko DRIVER : C:\Windows\System32\drivers\CLFS.SYS => Invisible on the disk ADDRESS : 0x02790000 SIZE : 396.0 Ko DRIVER : C:\Windows\System32\drivers\tm.sys => Invisible on the disk ADDRESS : 0x02600000 SIZE : 148.0 Ko DRIVER : C:\Windows\System32\drivers\FLTMGR.SYS => Invisible on the disk ADDRESS : 0x02660000 SIZE : 392.0 Ko DRIVER : C:\Windows\System32\drivers\msrpc.sys => Invisible on the disk ADDRESS : 0x02C80000 SIZE : 372.0 Ko DRIVER : C:\Windows\System32\drivers\ksecdd.sys => Invisible on the disk ADDRESS : 0x02CE0000 SIZE : 160.0 Ko DRIVER : C:\Windows\System32\drivers\clipsp.sys => Invisible on the disk ADDRESS : 0x02D10000 SIZE : 704.0 Ko DRIVER : C:\Windows\System32\drivers\cmimcext.sys => Invisible on the disk ADDRESS : 0x02DC0000 SIZE : 52.0 Ko DRIVER : C:\Windows\System32\drivers\ntosext.sys => Invisible on the disk ADDRESS : 0x02DD0000 SIZE : 48.0 Ko DRIVER : C:\Windows\system32\CI.dll => Invisible on the disk ADDRESS : 0x02800000 SIZE : 640.0 Ko DRIVER : C:\Windows\System32\drivers\cng.sys => Invisible on the disk ADDRESS : 0x028A0000 SIZE : 632.0 Ko DRIVER : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk ADDRESS : 0x02940000 SIZE : 848.0 Ko DRIVER : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk ADDRESS : 0x02A20000 SIZE : 76.0 Ko DRIVER : C:\Windows\System32\Drivers\acpiex.sys => Invisible on the disk ADDRESS : 0x02A40000 SIZE : 140.0 Ko DRIVER : C:\Windows\System32\Drivers\WppRecorder.sys => Invisible on the disk ADDRESS : 0x02A70000 SIZE : 56.0 Ko DRIVER : C:\Windows\System32\drivers\ACPI.sys => Invisible on the disk ADDRESS : 0x02A80000 SIZE : 716.0 Ko DRIVER : C:\Windows\System32\drivers\WMILIB.SYS => Invisible on the disk ADDRESS : 0x02B40000 SIZE : 48.0 Ko DRIVER : C:\Windows\System32\drivers\intelpep.sys => Invisible on the disk ADDRESS : 0x02B50000 SIZE : 68.0 Ko DRIVER : C:\Windows\system32\drivers\WindowsTrustedRT.sys => Invisible on the disk ADDRESS : 0x02B70000 SIZE : 124.0 Ko DRIVER : C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys => Invisible on the disk ADDRESS : 0x02B90000 SIZE : 44.0 Ko DRIVER : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk ADDRESS : 0x02BA0000 SIZE : 72.0 Ko DRIVER : C:\Windows\System32\drivers\msisadrv.sys => Invisible on the disk ADDRESS : 0x02BC0000 SIZE : 44.0 Ko DRIVER : C:\Windows\System32\drivers\pci.sys => Invisible on the disk ADDRESS : 0x02BD0000 SIZE : 348.0 Ko DRIVER : C:\Windows\System32\drivers\vdrvroot.sys => Invisible on the disk ADDRESS : 0x02C30000 SIZE : 72.0 Ko DRIVER : C:\Windows\system32\drivers\pdc.sys => Invisible on the disk ADDRESS : 0x02C50000 SIZE : 132.0 Ko DRIVER : C:\Windows\system32\drivers\CEA.sys => Invisible on the disk ADDRESS : 0x02DE0000 SIZE : 100.0 Ko DRIVER : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk ADDRESS : 0x02F50000 SIZE : 144.0 Ko DRIVER : C:\Windows\System32\drivers\spaceport.sys => Invisible on the disk ADDRESS : 0x02E00000 SIZE : 564.0 Ko DRIVER : C:\Windows\System32\drivers\volmgr.sys => Invisible on the disk ADDRESS : 0x02E90000 SIZE : 96.0 Ko DRIVER : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk ADDRESS : 0x02EB0000 SIZE : 376.0 Ko DRIVER : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk ADDRESS : 0x02F10000 SIZE : 120.0 Ko DRIVER : C:\Windows\System32\drivers\iaStorA.sys => Invisible on the disk ADDRESS : 0x03380000 SIZE : 2.73 Mo DRIVER : C:\Windows\System32\drivers\storport.sys => Invisible on the disk ADDRESS : 0x03640000 SIZE : 520.0 Ko DRIVER : C:\Windows\System32\drivers\fileinfo.sys => Invisible on the disk ADDRESS : 0x036F0000 SIZE : 100.0 Ko DRIVER : C:\Windows\System32\Drivers\Wof.sys => Invisible on the disk ADDRESS : 0x03710000 SIZE : 224.0 Ko DRIVER : C:\Windows\System32\Drivers\NTFS.sys => Invisible on the disk ADDRESS : 0x03000000 SIZE : 2.20 Mo DRIVER : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk ADDRESS : 0x03240000 SIZE : 52.0 Ko DRIVER : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk ADDRESS : 0x03250000 SIZE : 1.16 Mo DRIVER : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk ADDRESS : 0x03750000 SIZE : 484.0 Ko DRIVER : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk ADDRESS : 0x037D0000 SIZE : 192.0 Ko DRIVER : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk ADDRESS : 0x04670000 SIZE : 2.47 Mo DRIVER : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk ADDRESS : 0x048F0000 SIZE : 420.0 Ko DRIVER : C:\Windows\System32\drivers\wfplwfs.sys => Invisible on the disk ADDRESS : 0x04960000 SIZE : 168.0 Ko DRIVER : C:\Windows\system32\drivers\aswVmm.sys => Invisible on the disk ADDRESS : 0x04990000 SIZE : 332.0 Ko DRIVER : C:\Windows\system32\drivers\aswRvrt.sys => Invisible on the disk ADDRESS : 0x03800000 SIZE : 76.0 Ko DRIVER : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk ADDRESS : 0x03820000 SIZE : 652.0 Ko DRIVER : C:\Windows\System32\drivers\volume.sys => Invisible on the disk ADDRESS : 0x038D0000 SIZE : 44.0 Ko DRIVER : C:\Windows\System32\drivers\volsnap.sys => Invisible on the disk ADDRESS : 0x038E0000 SIZE : 400.0 Ko DRIVER : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk ADDRESS : 0x03950000 SIZE : 288.0 Ko DRIVER : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk ADDRESS : 0x039A0000 SIZE : 148.0 Ko DRIVER : C:\Windows\System32\DRIVERS\LhdX64.sys => Invisible on the disk ADDRESS : 0x039D0000 SIZE : 56.0 Ko DRIVER : C:\Windows\system32\drivers\iorate.sys => Invisible on the disk ADDRESS : 0x039E0000 SIZE : 64.0 Ko DRIVER : C:\Windows\System32\drivers\disk.sys => Invisible on the disk ADDRESS : 0x03A00000 SIZE : 120.0 Ko DRIVER : C:\Windows\System32\drivers\CLASSPNP.SYS => Invisible on the disk ADDRESS : 0x03A20000 SIZE : 392.0 Ko DRIVER : C:\Windows\system32\drivers\aswbuniva.sys => Invisible on the disk ADDRESS : 0x03A90000 SIZE : 56.0 Ko DRIVER : C:\Windows\system32\drivers\aswbloga.sys => Invisible on the disk ADDRESS : 0x03AA0000 SIZE : 320.0 Ko DRIVER : C:\Windows\system32\drivers\aswbidsha.sys => Invisible on the disk ADDRESS : 0x03AF0000 SIZE : 188.0 Ko DRIVER : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk ADDRESS : 0x03B40000 SIZE : 100.0 Ko DRIVER : C:\Windows\System32\drivers\cdrom.sys => Invisible on the disk ADDRESS : 0x04140000 SIZE : 196.0 Ko DRIVER : C:\Windows\system32\drivers\aswSP.sys => Invisible on the disk ADDRESS : 0x04180000 SIZE : 676.0 Ko DRIVER : C:\Windows\system32\drivers\aswSnx.sys => Invisible on the disk ADDRESS : 0x04230000 SIZE : 968.0 Ko DRIVER : C:\Windows\system32\drivers\ks.sys => Invisible on the disk ADDRESS : 0x04330000 SIZE : 416.0 Ko DRIVER : C:\Windows\system32\drivers\filecrypt.sys => Invisible on the disk ADDRESS : 0x043A0000 SIZE : 116.0 Ko DRIVER : C:\Windows\system32\drivers\tbs.sys => Invisible on the disk ADDRESS : 0x043C0000 SIZE : 56.0 Ko DRIVER : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk ADDRESS : 0x043D0000 SIZE : 40.0 Ko DRIVER : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk ADDRESS : 0x043E0000 SIZE : 40.0 Ko DRIVER : C:\Windows\System32\drivers\BasicDisplay.sys => Invisible on the disk ADDRESS : 0x043F0000 SIZE : 80.0 Ko DRIVER : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk ADDRESS : 0x04410000 SIZE : 80.0 Ko DRIVER : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk ADDRESS : 0x04430000 SIZE : 2.12 Mo DRIVER : C:\Windows\System32\drivers\BasicRender.sys => Invisible on the disk ADDRESS : 0x04650000 SIZE : 72.0 Ko DRIVER : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk ADDRESS : 0x02F30000 SIZE : 100.0 Ko DRIVER : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk ADDRESS : 0x049F0000 SIZE : 64.0 Ko DRIVER : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk ADDRESS : 0x02F80000 SIZE : 140.0 Ko DRIVER : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk ADDRESS : 0x039F0000 SIZE : 64.0 Ko DRIVER : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk ADDRESS : 0x02FB0000 SIZE : 300.0 Ko DRIVER : C:\Windows\system32\drivers\aswRdr2.sys => Invisible on the disk ADDRESS : 0x026D0000 SIZE : 104.0 Ko DRIVER : C:\Windows\system32\drivers\afd.sys => Invisible on the disk ADDRESS : 0x05310000 SIZE : 596.0 Ko DRIVER : C:\Windows\System32\drivers\vwififlt.sys => Invisible on the disk ADDRESS : 0x053B0000 SIZE : 100.0 Ko DRIVER : C:\Windows\System32\drivers\pacer.sys => Invisible on the disk ADDRESS : 0x053D0000 SIZE : 172.0 Ko DRIVER : C:\Windows\system32\drivers\netbios.sys => Invisible on the disk ADDRESS : 0x04C00000 SIZE : 72.0 Ko DRIVER : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk ADDRESS : 0x04C20000 SIZE : 468.0 Ko DRIVER : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk ADDRESS : 0x04CA0000 SIZE : 68.0 Ko DRIVER : C:\Windows\System32\drivers\npsvctrig.sys => Invisible on the disk ADDRESS : 0x04CC0000 SIZE : 52.0 Ko DRIVER : C:\Windows\System32\drivers\mssmbios.sys => Invisible on the disk ADDRESS : 0x04CD0000 SIZE : 64.0 Ko DRIVER : C:\Windows\System32\drivers\gpuenergydrv.sys => Invisible on the disk ADDRESS : 0x04CF0000 SIZE : 40.0 Ko DRIVER : C:\Windows\System32\Drivers\ElbyCDIO.sys => Invisible on the disk ADDRESS : 0x04D00000 SIZE : 40.0 Ko DRIVER : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk ADDRESS : 0x04D10000 SIZE : 168.0 Ko DRIVER : C:\Windows\system32\drivers\aswbidsdrivera.sys => Invisible on the disk ADDRESS : 0x04D60000 SIZE : 320.0 Ko DRIVER : C:\Windows\system32\DRIVERS\ahcache.sys => Invisible on the disk ADDRESS : 0x04DB0000 SIZE : 252.0 Ko DRIVER : C:\Windows\System32\drivers\tap0901.sys => Invisible on the disk ADDRESS : 0x04DF0000 SIZE : 48.0 Ko DRIVER : C:\Windows\System32\drivers\kdnic.sys => Invisible on the disk ADDRESS : 0x04E20000 SIZE : 56.0 Ko DRIVER : C:\Windows\System32\drivers\umbus.sys => Invisible on the disk ADDRESS : 0x04E30000 SIZE : 84.0 Ko DRIVER : C:\Windows\system32\DRIVERS\igdkmd64.sys => Invisible on the disk ADDRESS : 0x04E50000 SIZE : 3.72 Mo DRIVER : C:\Windows\System32\drivers\USBXHCI.SYS => Invisible on the disk ADDRESS : 0x05210000 SIZE : 396.0 Ko DRIVER : C:\Windows\system32\drivers\ucx01000.sys => Invisible on the disk ADDRESS : 0x05280000 SIZE : 224.0 Ko DRIVER : C:\Windows\System32\drivers\TeeDriverW8x64.sys => Invisible on the disk ADDRESS : 0x052C0000 SIZE : 192.0 Ko DRIVER : C:\Windows\System32\drivers\usbehci.sys => Invisible on the disk ADDRESS : 0x052F0000 SIZE : 112.0 Ko DRIVER : C:\Windows\System32\drivers\USBPORT.SYS => Invisible on the disk ADDRESS : 0x057B0000 SIZE : 472.0 Ko DRIVER : C:\Windows\System32\drivers\HDAudBus.sys => Invisible on the disk ADDRESS : 0x05830000 SIZE : 108.0 Ko DRIVER : C:\Windows\System32\drivers\portcls.sys => Invisible on the disk ADDRESS : 0x05850000 SIZE : 388.0 Ko DRIVER : C:\Windows\System32\drivers\drmk.sys => Invisible on the disk ADDRESS : 0x058C0000 SIZE : 132.0 Ko DRIVER : C:\Windows\System32\drivers\L1C63x64.sys => Invisible on the disk ADDRESS : 0x058F0000 SIZE : 160.0 Ko DRIVER : C:\Windows\System32\drivers\i8042prt.sys => Invisible on the disk ADDRESS : 0x06860000 SIZE : 136.0 Ko DRIVER : C:\Windows\system32\DRIVERS\ETD.sys => Invisible on the disk ADDRESS : 0x06890000 SIZE : 516.0 Ko DRIVER : C:\Windows\System32\drivers\kbdclass.sys => Invisible on the disk ADDRESS : 0x06920000 SIZE : 76.0 Ko DRIVER : C:\Windows\System32\drivers\mouclass.sys => Invisible on the disk ADDRESS : 0x06940000 SIZE : 72.0 Ko DRIVER : C:\Windows\System32\drivers\AcpiVpc.sys => Invisible on the disk ADDRESS : 0x06960000 SIZE : 96.0 Ko DRIVER : C:\Windows\System32\drivers\CmBatt.sys => Invisible on the disk ADDRESS : 0x06980000 SIZE : 56.0 Ko DRIVER : C:\Windows\System32\drivers\BATTC.SYS => Invisible on the disk ADDRESS : 0x06990000 SIZE : 56.0 Ko DRIVER : C:\Windows\System32\drivers\intelppm.sys => Invisible on the disk ADDRESS : 0x069B0000 SIZE : 172.0 Ko DRIVER : C:\Windows\System32\drivers\NdisVirtualBus.sys => Invisible on the disk ADDRESS : 0x069E0000 SIZE : 52.0 Ko DRIVER : C:\Windows\System32\drivers\swenum.sys => Invisible on the disk ADDRESS : 0x06040000 SIZE : 48.0 Ko DRIVER : C:\Windows\System32\drivers\iwdbus.sys => Invisible on the disk ADDRESS : 0x06050000 SIZE : 48.0 Ko DRIVER : C:\Windows\System32\drivers\rdpbus.sys => Invisible on the disk ADDRESS : 0x06060000 SIZE : 56.0 Ko DRIVER : C:\Windows\System32\drivers\usbhub.sys => Invisible on the disk ADDRESS : 0x06070000 SIZE : 512.0 Ko DRIVER : C:\Windows\System32\drivers\USBD.SYS => Invisible on the disk ADDRESS : 0x060F0000 SIZE : 56.0 Ko DRIVER : C:\Windows\System32\drivers\UsbHub3.sys => Invisible on the disk ADDRESS : 0x06100000 SIZE : 540.0 Ko DRIVER : C:\Windows\system32\drivers\CHDRT64.sys => Invisible on the disk ADDRESS : 0x06190000 SIZE : 1.52 Mo DRIVER : C:\Windows\System32\Drivers\fastfat.SYS => Invisible on the disk ADDRESS : 0x06320000 SIZE : 364.0 Ko DRIVER : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk ADDRESS : 0x06380000 SIZE : 56.0 Ko DRIVER : C:\Windows\system32\DRIVERS\IntcDAud.sys => Invisible on the disk ADDRESS : 0x06390000 SIZE : 460.0 Ko DRIVER : C:\Windows\system32\Drivers\RtsUer.sys => Invisible on the disk ADDRESS : 0x05920000 SIZE : 412.0 Ko DRIVER : C:\Windows\System32\drivers\HIDPARSE.SYS => Invisible on the disk ADDRESS : 0x06000000 SIZE : 72.0 Ko DRIVER : C:\Windows\System32\win32kbase.sys => Invisible on the disk ADDRESS : 0xC6390000 SIZE : 1.50 Mo DRIVER : C:\Windows\System32\Drivers\dump_diskdump.sys => Invisible on the disk ADDRESS : 0x06030000 SIZE : 60.0 Ko DRIVER : C:\Windows\System32\Drivers\dump_iaStorA.sys => Invisible on the disk ADDRESS : 0x03B60000 SIZE : 2.73 Mo DRIVER : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk ADDRESS : 0x056E0000 SIZE : 116.0 Ko DRIVER : C:\Windows\System32\drivers\usbccgp.sys => Invisible on the disk ADDRESS : 0x05700000 SIZE : 192.0 Ko DRIVER : C:\Windows\system32\DRIVERS\rtsuvc.sys => Invisible on the disk ADDRESS : 0x09480000 SIZE : 30.67 Mo DRIVER : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk ADDRESS : 0x0B330000 SIZE : 412.0 Ko DRIVER : C:\Windows\System32\drivers\monitor.sys => Invisible on the disk ADDRESS : 0x0B3A0000 SIZE : 64.0 Ko DRIVER : C:\Windows\System32\drivers\dxgmms2.sys => Invisible on the disk ADDRESS : 0x08A00000 SIZE : 668.0 Ko DRIVER : C:\Windows\System32\TSDDD.dll => Invisible on the disk ADDRESS : 0xC6520000 SIZE : 40.0 Ko DRIVER : C:\Windows\System32\cdd.dll => Invisible on the disk ADDRESS : 0xC6530000 SIZE : 256.0 Ko DRIVER : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk ADDRESS : 0x08AB0000 SIZE : 120.0 Ko DRIVER : C:\Windows\System32\drivers\WUDFRd.sys => Invisible on the disk ADDRESS : 0x08AD0000 SIZE : 240.0 Ko DRIVER : C:\Windows\System32\drivers\mshidumdf.sys => Invisible on the disk ADDRESS : 0x08B10000 SIZE : 44.0 Ko DRIVER : C:\Windows\System32\drivers\HIDCLASS.SYS => Invisible on the disk ADDRESS : 0x08B20000 SIZE : 188.0 Ko DRIVER : C:\Windows\system32\drivers\wcifs.sys => Invisible on the disk ADDRESS : 0x08B50000 SIZE : 128.0 Ko DRIVER : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk ADDRESS : 0x08B70000 SIZE : 152.0 Ko DRIVER : C:\Windows\system32\drivers\mmcss.sys => Invisible on the disk ADDRESS : 0x08BA0000 SIZE : 80.0 Ko DRIVER : C:\Windows\system32\drivers\storqosflt.sys => Invisible on the disk ADDRESS : 0x08BC0000 SIZE : 100.0 Ko DRIVER : C:\Windows\system32\drivers\aswMonFlt.sys => Invisible on the disk ADDRESS : 0x08BE0000 SIZE : 148.0 Ko DRIVER : C:\Windows\system32\drivers\wcnfs.sys => Invisible on the disk ADDRESS : 0x08C10000 SIZE : 88.0 Ko DRIVER : C:\Windows\System32\drivers\registry.sys => Invisible on the disk ADDRESS : 0x08C30000 SIZE : 96.0 Ko DRIVER : C:\Windows\system32\drivers\lltdio.sys => Invisible on the disk ADDRESS : 0x08C50000 SIZE : 88.0 Ko DRIVER : C:\Windows\system32\drivers\aswStm.sys => Invisible on the disk ADDRESS : 0x08C70000 SIZE : 168.0 Ko DRIVER : C:\Windows\system32\drivers\mslldp.sys => Invisible on the disk ADDRESS : 0x08CA0000 SIZE : 96.0 Ko DRIVER : C:\Windows\system32\drivers\rspndr.sys => Invisible on the disk ADDRESS : 0x08CC0000 SIZE : 104.0 Ko DRIVER : C:\Windows\System32\DRIVERS\wanarp.sys => Invisible on the disk ADDRESS : 0x08CE0000 SIZE : 108.0 Ko DRIVER : C:\Windows\system32\drivers\ndisuio.sys => Invisible on the disk ADDRESS : 0x08D00000 SIZE : 88.0 Ko DRIVER : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk ADDRESS : 0x08D20000 SIZE : 548.0 Ko DRIVER : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk ADDRESS : 0x08DD0000 SIZE : 1.07 Mo DRIVER : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk ADDRESS : 0x08EF0000 SIZE : 136.0 Ko DRIVER : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk ADDRESS : 0x08F20000 SIZE : 468.0 Ko DRIVER : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk ADDRESS : 0x08FA0000 SIZE : 236.0 Ko DRIVER : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk ADDRESS : 0x08FE0000 SIZE : 100.0 Ko DRIVER : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk ADDRESS : 0x09000000 SIZE : 308.0 Ko DRIVER : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk ADDRESS : 0x09050000 SIZE : 776.0 Ko DRIVER : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk ADDRESS : 0x09120000 SIZE : 272.0 Ko DRIVER : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk ADDRESS : 0x09170000 SIZE : 720.0 Ko DRIVER : C:\Windows\system32\drivers\Ndu.sys => Invisible on the disk ADDRESS : 0x09230000 SIZE : 152.0 Ko DRIVER : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk ADDRESS : 0x09260000 SIZE : 80.0 Ko DRIVER : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk ADDRESS : 0x09280000 SIZE : 560.0 Ko DRIVER : C:\Windows\System32\drivers\condrv.sys => Invisible on the disk ADDRESS : 0x09310000 SIZE : 72.0 Ko DRIVER : C:\Windows\System32\drivers\rassstp.sys => Invisible on the disk ADDRESS : 0x09330000 SIZE : 104.0 Ko DRIVER : C:\Windows\System32\DRIVERS\NDProxy.sys => Invisible on the disk ADDRESS : 0x09350000 SIZE : 84.0 Ko DRIVER : C:\Windows\System32\drivers\AgileVpn.sys => Invisible on the disk ADDRESS : 0x09370000 SIZE : 156.0 Ko DRIVER : C:\Windows\System32\drivers\rasl2tp.sys => Invisible on the disk ADDRESS : 0x093A0000 SIZE : 128.0 Ko DRIVER : C:\Windows\System32\drivers\raspptp.sys => Invisible on the disk ADDRESS : 0x093C0000 SIZE : 124.0 Ko DRIVER : C:\Windows\System32\DRIVERS\raspppoe.sys => Invisible on the disk ADDRESS : 0x093E0000 SIZE : 108.0 Ko DRIVER : C:\Windows\System32\DRIVERS\ndistapi.sys => Invisible on the disk ADDRESS : 0x09400000 SIZE : 56.0 Ko DRIVER : C:\Windows\System32\drivers\ndiswan.sys => Invisible on the disk ADDRESS : 0x09410000 SIZE : 216.0 Ko DRIVER : C:\Windows\system32\drivers\mrxdav.sys => Invisible on the disk ADDRESS : 0x0B3B0000 SIZE : 176.0 Ko DRIVER : C:\Windows\System32\drivers\tunnel.sys => Invisible on the disk ADDRESS : 0x05990000 SIZE : 188.0 Ko DRIVER : C:\Windows\system32\drivers\qwavedrv.sys => Invisible on the disk ADDRESS : 0x08DB0000 SIZE : 72.0 Ko DRIVER : C:\Windows\System32\drivers\athw8x.sys => Invisible on the disk ADDRESS : 0x06410000 SIZE : 4.15 Mo DRIVER : C:\Windows\System32\drivers\vwifibus.sys => Invisible on the disk ADDRESS : 0x09470000 SIZE : 56.0 Ko DRIVER : C:\Windows\System32\drivers\vwifimp.sys => Invisible on the disk ADDRESS : 0x0B3E0000 SIZE : 68.0 Ko BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020) SystemStartOptions : NOEXECUTE=OPTIN NOVGA ________________________________________________________________________________ _______MBR \Device\Harddisk0\DR0 0x00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000000A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000000B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000000C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000000D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000000E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000001B0 00 00 00 00 00 00 00 00 66 47 D1 B4 00 00 00 00 ........fGÑ´.... 0x000001C0 02 00 EE FF FF FF 01 00 00 00 FF FF FF FF 00 00 ..î............. 0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª Farbar Service Scanner Version: 27-01-2016 Ran by Cleto (administrator) on 10-04-2017 at 12:06:05 Running from "C:\Users\Cleto\Desktop" Microsoft Windows 10 Home Single Language (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Policy: ======================== Security Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Demand. The default start type is Auto. The ImagePath of WinDefend service is OK. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => File is digitally signed C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed C:\Windows\System32\drivers\afd.sys => File is digitally signed C:\Windows\System32\drivers\tdx.sys => File is digitally signed C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed C:\Windows\System32\dnsrslvr.dll => File is digitally signed C:\Windows\System32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\System32\mpssvc.dll => File is digitally signed C:\Windows\System32\bfe.dll => File is digitally signed C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed C:\Windows\System32\SDRSVC.dll => File is digitally signed C:\Windows\System32\vssvc.exe => File is digitally signed C:\Windows\System32\wscsvc.dll => File is digitally signed C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed C:\Windows\System32\wuaueng.dll => File is digitally signed C:\Windows\System32\qmgr.dll => File is digitally signed C:\Windows\System32\es.dll => File is digitally signed C:\Windows\System32\cryptsvc.dll => File is digitally signed C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed **** End of log ****
  10. Solicitação análise de log

    Segui os requisitos do tópico. Depois que tentei retirar os registros do gaz tecnologia, meu notebook trava e depois volta ao normal no chrome e alguns aplicativos. Não sei se foi isso em específico. Segue o log, obrigado. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 01:24:11, on 10/04/2017 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.14393.0953) Boot mode: Normal Running processes: C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\WindowsApps\E046963F.LenovoCompanion_3.71.1.0_x86__k1h2ywk1493x8\Lenovo.Discovery.exe C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?PC=LCJB R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?PC=LCJB R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL O2 - BHO: (no name) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - (no file) O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe O4 - HKLM\..\Run: [EaseUS EPM Tray Agent] "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe" O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [DoroServer] C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKCU\..\Run: [OneDrive] "C:\Users\Cleto\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [Epson Stylus Photo T50] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFFL.EXE /FU "C:\Windows\TEMP\E_S9458.tmp" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: imagem.caixa.gov.br O15 - Trusted Zone: internetbanking.caixa.gov.br O15 - Trusted Zone: internetbankingpf.caixa.gov.br O15 - Trusted Zone: www.caixa.gov.br O15 - Trusted Zone: http://www.caixa.gov.br O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll (file missing) O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ArcGIS License Manager - Flexera Software LLC - C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: Disconnect Desktop Updater - Disconnect - C:\Program Files (x86)\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files (x86)\Disconnect\Disconnect Desktop\openvpn\bin\openvpnserv.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Workflow Manager Spatial Notification Service - ESRI - C:\Program Files (x86)\ArcGIS\WMX\Desktop10.2\Bin\WMXSpatialNotificationService.exe -- End of file - 12006 bytes
  11. Analise de log

    Fiz os procedimentos de atualização dos programas, e executei o delfix. Tudo normal. Obrigado pela atenção.
  12. Analise de log

    Ta abrindo as paginas normais no Chrome,etc. Oque nao entendo é que mesmo com nada aberto a memória fica em 60% de uso. Mas de resto ta funcionando normal. Obrigado.
  13. Analise de log

    Segue o log: SecurityCheck by glax24 & Severnyj v.1.4.0.40 [21.05.16] WebSite: www.safezone.cc DateLog: 11.06.2016 17:39:53 Path starting: C:\Users\Cleto\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: Cleto VersionXML: 3.05is-10.06.2016 ___________________________________________________________________________ Windows 10(6.3.10586) (x64) CoreSingleLanguage Lang: Portuguese(0416) Installation date OS: 06.01.2016 19:48:35 LicenseStatus: Windows(R), CoreSingleLanguage edition The machine is permanently activated. Boot Mode: Normal Default Browser: Internet Explorer (C:\Program Files\Internet Explorer\iexplore.exe) SystemDrive: C: FS: [NTFS] Capacity: [78 Gb] Used: [58.6 Gb] Free: [19.4 Gb] ------------------------------- [ Windows ] ------------------------------- Internet Explorer 11.306.10586.0 User Account Control enabled Automatic download and scheduled installation Windows Update (wuauserv) - The service has stopped Central de Segurança (wscsvc) - The service is running Registro remoto (RemoteRegistry) - The service has stopped Descoberta SSDP (SSDPSRV) - The service is running Serviços de Área de Trabalho Remota (TermService) - The service has stopped Windows Remote Management (WS-Management) (WinRM) - The service has stopped ------------------------------ [ MS Office ] ------------------------------ Microsoft Office XP v.17.0.54.110 Microsoft Office 2007 v.12.0.4518.1014 ---------------------------- [ Antivirus_WMI ] ---------------------------- Windows Defender (disabled) avast! antivírus (enabled and up to date) --------------------------- [ FirewallWindows ] --------------------------- Firewall do Windows (MpsSvc) - The service is running --------------------------- [ AntiSpyware_WMI ] --------------------------- Windows Defender (disabled and up to date) Spybot - Search and Destroy (enabled and out of date) avast! antivírus (enabled and up to date) ---------------------- [ AntiVirusFirewallInstall ] ----------------------- Avast Free antivírus v.11.2.2262 ESET Online Scanner v3 -------------------------- [ SecurityUtilities ] -------------------------- Malwarebytes Anti-Malware versão 2.2.1.1043 v.2.2.1.1043 Spybot - Search & Destroy v.2.4.40 --------------------------- [ OtherUtilities ] ---------------------------- VLC media player v.2.2.2 Warning! Download Update WinRAR 5.00 beta 7 (32-bit) v.5.00.7 Warning! Download Update --------------------------------- [ IM ] ---------------------------------- Skype™ 7.18 v.7.18.112 Warning! Download Update ^Optional update.^ --------------------------------- [ P2P ] --------------------------------- µTorrent v.3.4.7.42330 Warning! P2P-client. -------------------------------- [ Java ] --------------------------------- ArcObjects SDK for the Java Platform v.10.2.3552 --------------------------- [ AdobeProduction ] --------------------------- Adobe AIR v.21.0.0.215 Adobe Flash Player 21 NPAPI v.21.0.0.242 Adobe Reader 9 - Português v.9.0.0 Warning! This software is no longer supported. Please uninstall it and use Adobe Reader XI or Adobe Acrobat Reader DC. ------------------------------- [ Browser ] ------------------------------- Google Chrome v.51.0.2704.84 Mozilla Firefox 46.0.1 (x86 pt-BR) v.46.0.1 Warning! Download Update ------------------ [ AntivirusFirewallProcessServices ] ------------------- Avast antivírus (avast! antivírus) - The service is running C:\Program Files\AVAST Software\Avast\AvastSvc.exe v.11.2.2738.0 C:\Program Files\AVAST Software\Avast\avastui.exe v.11.2.2738.16 Serviço de Inspeção de Rede do Windows Defender (WdNisSvc) - The service has stopped Spybot-S&D 2 Scanner Service (SDScannerService) - The service is running C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe v.2.4.40.217 Spybot-S&D 2 Security Center Service (SDWSCService) - The service is running C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe v.2.3.39.2 Spybot-S&D 2 Updating Service (SDUpdateService) - The service is running C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe v.2.4.40.77 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe v.2.4.40.129 Serviço Windows Defender (WinDefend) - The service has stopped Serviço de Inspeção de Rede do Windows Defender (WdNisSvc) - The service has stopped ---------------------------- [ UnwantedApps ] ----------------------------- Unity Web Player v.5.3.4f1 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering. Driver Booster 3.2 v.3.2 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering. ----------------------------- [ End of Log ] ------------------------------
  14. Analise de log

    Segue o log: Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão:10-06-2016 Executado por Cleto (2016-06-10 22:42:45) Run:1 Executando a partir de C:\Users\Cleto\Desktop Perfis Carregados: Cleto (Perfis Disponíveis: Cleto) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** start CreateRestorePoint: SearchScopes: HKU\S-1-5-21-613852610-2115194870-4212196456-1001 -> DefaultScope {F7122743-F6EA-4694-83FE-936E138648A6} URL = FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-27] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-05-27] Task: {199DFC92-D1F7-4720-9AD9-88AC179978E5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO Task: {2976E402-B100-4B6D-B584-5BA9ABDA7E25} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {528910E3-192A-48AA-9C5F-F1FDBB5DD1CA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {67EB29C8-C5D1-4752-94B3-445A6544B483} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {72120EA0-994E-455F-89AC-C702EABDFEBD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {850D9E61-001F-4AA2-AEFD-1805AC38ABF4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO Task: {88FCD603-F3AA-41D2-928E-6E7557959D7C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO Task: {A956F9A8-9EB3-4CC8-BAA6-30F7F62EC3F6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {E11602B2-AC9A-450E-9744-9AB12580A3D2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO Task: {F13CF50A-4C82-4D7D-8125-3CC77706BBB9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] EmptyTemp: end ***************** Ponto de Restauração criado com sucesso. HKU\S-1-5-21-613852610-2115194870-4212196456-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\sp@avast.com => valor removido (a) com sucesso. "C:\Program Files\AVAST Software\Avast\SafePrice\FF" pasta mover: Não pode ser movido "C:\Program Files\AVAST Software\Avast\SafePrice\FF" => Agendado para ser movido na reinicialização. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => chave removido (a) com sucesso. Não pode ser movido "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx" => Agendado para ser movido na reinicialização. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{199DFC92-D1F7-4720-9AD9-88AC179978E5}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{199DFC92-D1F7-4720-9AD9-88AC179978E5}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2976E402-B100-4B6D-B584-5BA9ABDA7E25}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2976E402-B100-4B6D-B584-5BA9ABDA7E25}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{528910E3-192A-48AA-9C5F-F1FDBB5DD1CA}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{528910E3-192A-48AA-9C5F-F1FDBB5DD1CA}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{67EB29C8-C5D1-4752-94B3-445A6544B483}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67EB29C8-C5D1-4752-94B3-445A6544B483}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72120EA0-994E-455F-89AC-C702EABDFEBD}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72120EA0-994E-455F-89AC-C702EABDFEBD}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{850D9E61-001F-4AA2-AEFD-1805AC38ABF4}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{850D9E61-001F-4AA2-AEFD-1805AC38ABF4}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{88FCD603-F3AA-41D2-928E-6E7557959D7C}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88FCD603-F3AA-41D2-928E-6E7557959D7C}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A956F9A8-9EB3-4CC8-BAA6-30F7F62EC3F6}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A956F9A8-9EB3-4CC8-BAA6-30F7F62EC3F6}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E11602B2-AC9A-450E-9744-9AB12580A3D2}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E11602B2-AC9A-450E-9744-9AB12580A3D2}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F13CF50A-4C82-4D7D-8125-3CC77706BBB9}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F13CF50A-4C82-4D7D-8125-3CC77706BBB9}" => chave removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => chave removido (a) com sucesso. C:\Program Files (x86)\GbPlugin => ":IncompleteStartProcessProtection.cnt" ADS removido (a) com sucesso.. EmptyTemp: => 506.2 MB de dados temporários Removidos. Resultado dos arquivos que foram agendados para serem movidos (Modo de Inicialização: Normal) (Data&Hora: 2016-06-10 22:45:40) "C:\Program Files\AVAST Software\Avast\SafePrice\FF" => Não pode ser movido "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx" => Não pode ser movido ==== Fim de Fixlog 22:45:43 ====
  15. Analise de log

    Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:09-06-2016 Executado por Cleto (administrador) em CLETO-PC (09-06-2016 23:33:31) Executando a partir de C:\Users\Cleto\Desktop Perfis Carregados: Cleto (Perfis Disponíveis: Cleto) Platform: Windows 10 Home Single Language Versão 1511 (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Edge) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Flexera Software LLC) C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe (Flexera Software LLC) C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe (Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ESRI) C:\Program Files (x86)\ArcGIS\License10.2\bin\ARCGIS.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5052120 2016-04-08] (Realtek semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-04-16] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-04-16] (Lenovo(beijing) Limited) HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe [2086568 2014-03-06] (CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe [254024 2014-02-13] () HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2006-09-28] (SlySoft, Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7400064 2016-06-03] (AVAST Software) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-06-02] (Banco do Brasil) Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-04-20] (Caixa Economica Federal) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\Run: [Epson Stylus Photo T50] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFFL.EXE [223232 2008-10-09] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\MountPoints2: {bb279919-1c78-11e5-8286-641c6768a8ff} - "G:\LG_PC_Programs.exe" HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1889664 2015-06-02] (Banco do Brasil) ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1824608 2015-04-20] (Caixa Economica Federal) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-27] (AVAST Software) ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\SysWOW64\AcSignIcon.dll [2006-03-05] (Autodesk) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk [2015-01-19] ShortcutTarget: AutoCAD Startup Accelerator.lnk -> C:\Program Files (x86)\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog5 07 C:\WINDOWS\SysWOW64\wlidNSP.dll [43520 2015-10-30] (Microsoft Corporation) Winsock: Catalog5 08 C:\WINDOWS\SysWOW64\wlidNSP.dll [43520 2015-10-30] (Microsoft Corporation) Winsock: Catalog5-x64 07 C:\WINDOWS\system32\wlidnsp.dll [66048 2015-10-30] (Microsoft Corporation) Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [66048 2015-10-30] (Microsoft Corporation) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.25.1 Tcpip\..\Interfaces\{669c3b34-3e9e-4ad7-9a7e-98622d784563}: [DhcpNameServer] 192.168.25.1 Tcpip\..\Interfaces\{6c442597-bb9f-43b4-a644-df4903944c2f}: [DhcpNameServer] 192.168.25.1 Internet Explorer: ================== HKU\S-1-5-21-613852610-2115194870-4212196456-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?PC=LCJB HKU\S-1-5-21-613852610-2115194870-4212196456-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?PC=LCJB HKU\S-1-5-21-613852610-2115194870-4212196456-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com HKU\S-1-5-21-613852610-2115194870-4212196456-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com SearchScopes: HKU\S-1-5-21-613852610-2115194870-4212196456-1001 -> DefaultScope {F7122743-F6EA-4694-83FE-936E138648A6} URL = BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-06-02] (Banco do Brasil) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-04-20] (Caixa Economica Federal) FireFox: ======== FF ProfilePath: C:\Users\Cleto\AppData\Roaming\Mozilla\Firefox\Profiles\j6d811kg.default-1462238443712 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] () FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin64.dll [2014-11-03] (Skype) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin.dll [2014-11-03] (Skype) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin HKU\S-1-5-21-613852610-2115194870-4212196456-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Cleto\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-10] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-613852610-2115194870-4212196456-1001: gastecnologia.com.br/sf/bb -> C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-03-20] (GAS Tecnologia) FF Plugin HKU\S-1-5-21-613852610-2115194870-4212196456-1001: gastecnologia.com.br/sf/cef64 -> C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [Nenhum Arquivo] FF Plugin HKU\S-1-5-21-613852610-2115194870-4212196456-1001: gastecnologia.com.br/sf/gas64 -> C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\npsf_gas_64.dll [Nenhum Arquivo] FF Extension: Disconnect - C:\Users\Cleto\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\2.0@disconnect.me [2015-03-14] [não assinado] FF Extension: Disconnect Search - C:\Users\Cleto\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\search@disconnect.me [2015-03-14] [não assinado] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-27] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-27] FF HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\bb\xpi FF Extension: GBBD Banco do Brasil - C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2015-03-26] [não assinado] FF HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\cef\xpi => não encontrado (a) Chrome: ======= CHR Profile: C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-17] CHR Extension: (Google Drive) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-17] CHR Extension: (YouTube) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-17] CHR Extension: (Adblock Plus) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-05] CHR Extension: (Documentos Google off-line) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17] CHR Extension: (Botão do Google Acadêmico) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2016-03-26] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04] CHR Extension: (Hide My IP) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pekcnopmdcbjdgmpnpkndppflpldnkkp [2016-04-06] CHR Extension: (Gmail) - C:\Users\Cleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-17] CHR HKU\S-1-5-21-613852610-2115194870-4212196456-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-05-27] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-27] CHR HKLM-x32\...\Chrome\Extension: [hmobfennjmjnkdbklhcnnfbhfibedgkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [jeoacafpbcihiomhlakheieifhpjdfeo] - hxxps://clients2.google.com/service/update2/crx ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe [1452408 2014-02-13] (Flexera Software LLC) S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2015-01-19] (Autodesk) R2 avast! antivírus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-27] (AVAST Software) S3 Disconnect Desktop Updater; C:\Program Files (x86)\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe [358400 2015-02-27] (Disconnect) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.) R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [579896 2015-04-29] (GAS Tecnologia) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Arquivo não assinado] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo) S3 OpenVPNService; C:\Program Files (x86)\Disconnect\Disconnect Desktop\openvpn\bin\openvpnserv.exe [32568 2014-08-07] (The OpenVPN Project) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) S3 Workflow Manager Spatial Notification Service; C:\Program Files (x86)\ArcGIS\WMX\Desktop10.2\Bin\WMXSpatialNotificationService.exe [24512 2014-03-03] (ESRI) ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-27] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-27] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-27] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-27] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-27] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-27] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-27] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-27] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-27] (AVAST Software) R3 athr; C:\Windows\System32\drivers\athw10x.sys [4323976 2016-04-08] (Qualcomm Atheros Communications, Inc.) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [17480 2013-03-07] () [Arquivo não assinado] S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [Arquivo não assinado] S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9800 2013-03-07] () [Arquivo não assinado] S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [Arquivo não assinado] R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [21720 2015-04-29] (GAS Tecnologia) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-04-08] (REALiX(tm)) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185600 2016-04-08] (Intel Corporation) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2016-04-08] (Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3066072 2016-04-08] (Realtek Semiconductor Corp.) R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-11-03] (GAS Tecnologia LTDA) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-04-01] (Basil) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) U4 dmwappushsvc; não ImagePath S1 gbpddfac; system32\drivers\gbpddfac64.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três Meses Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-06-09 23:33 - 2016-06-09 23:34 - 00021814 _____ C:\Users\Cleto\Desktop\FRST.txt 2016-06-09 23:32 - 2016-06-09 23:33 - 00000000 ____D C:\FRST 2016-06-09 23:27 - 2016-06-09 23:32 - 02385408 _____ (Farbar) C:\Users\Cleto\Desktop\FRST64.exe 2016-06-09 01:57 - 2016-06-09 01:57 - 01482502 _____ C:\Users\Cleto\Downloads\Análise da ocupação no entorno da Barragem Bico da Pedra.pdf 2016-06-09 01:55 - 2016-06-09 01:55 - 00888686 _____ C:\Users\Cleto\Downloads\Recuperação natural de uma unidade.pdf 2016-06-09 01:53 - 2016-06-09 01:53 - 00180618 _____ C:\Users\Cleto\Downloads\Gurutubanos, Caatingueiros e Geraizeiros.pdf 2016-06-09 01:49 - 2016-06-09 01:49 - 00491323 _____ C:\Users\Cleto\Downloads\TESE_Avifauna da Mata Seca e Caatinga Arbórea no norte de Minas Gerais.pdf 2016-06-09 00:05 - 2016-06-09 00:05 - 00117303 _____ C:\Users\Cleto\Downloads\DAS-PGMEI-05469249000164 (2).pdf 2016-06-08 23:46 - 2016-06-08 23:46 - 00000000 ____D C:\Users\Cleto\.QtWebEngineProcess 2016-06-08 23:46 - 2016-06-08 23:46 - 00000000 ____D C:\Users\Cleto\.LSC 2016-06-08 23:44 - 2016-06-08 23:44 - 00002169 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk 2016-06-08 23:40 - 2016-06-08 23:40 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\Macromedia 2016-06-08 23:40 - 2016-06-08 23:40 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2016-06-08 23:40 - 2016-06-08 23:40 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2016-06-08 22:54 - 2016-06-08 23:19 - 00000000 ____D C:\Users\Cleto\AppData\Roaming\ZHP 2016-06-08 22:54 - 2016-06-08 22:54 - 00000886 _____ C:\Users\Cleto\Desktop\ZHPCleaner.lnk 2016-06-08 22:47 - 2016-06-08 23:20 - 01610816 _____ (Malwarebytes) C:\Users\Cleto\Desktop\JRT.exe 2016-06-08 22:47 - 2016-06-08 22:54 - 02266624 _____ C:\Users\Cleto\Desktop\ZHPCleaner.exe 2016-06-08 22:47 - 2016-06-08 22:48 - 03677248 _____ C:\Users\Cleto\Desktop\AdwCleaner (1).exe 2016-06-08 22:01 - 2016-06-08 22:01 - 02046391 _____ C:\Users\Cleto\Downloads\Aula+04+-+GRH+03.pdf 2016-06-08 22:00 - 2016-06-08 22:00 - 00181407 _____ C:\Users\Cleto\Downloads\201662_15295_EXERCÍCIO-CARGA+POLUIDORA.pdf 2016-06-08 19:02 - 2016-06-08 19:02 - 00117979 _____ C:\Users\Cleto\Downloads\Home - Sistema - Seleção da forma de pagamento mazans.pdf 2016-06-08 18:54 - 2016-06-08 18:54 - 00117821 _____ C:\Users\Cleto\Downloads\Home - Sistema - Seleção da forma de pagamento.pdf 2016-06-08 00:14 - 2016-06-08 00:14 - 00747336 _____ C:\Users\Cleto\Downloads\lei-21972.pdf 2016-06-08 00:04 - 2016-06-08 00:04 - 00880631 _____ C:\Users\Cleto\Downloads\Lei 21.972 16 Regulariza-o-Ambiental.pdf 2016-06-07 11:22 - 2016-06-07 11:22 - 02870984 _____ (ESET) C:\Users\Cleto\Desktop\esetsmartinstaller_enu.exe 2016-06-07 11:22 - 2016-06-07 11:22 - 00000000 ____D C:\Program Files (x86)\ESET 2016-06-07 11:21 - 2016-06-07 11:21 - 02870984 _____ (ESET) C:\Users\Cleto\Downloads\esetsmartinstaller_enu.exe 2016-06-06 22:46 - 2016-06-06 22:49 - 22851472 _____ (Malwarebytes ) C:\Users\Cleto\Downloads\mbam-setup-2.2.1.1043.exe 2016-06-06 18:45 - 2016-06-06 18:45 - 00315752 _____ C:\Users\Cleto\Downloads\mg_unidades_da_federacao.zip 2016-06-06 18:40 - 2016-06-06 18:40 - 02522099 _____ C:\Users\Cleto\Downloads\tumiritinga_v2.pdf 2016-06-06 18:39 - 2016-06-06 18:39 - 01991518 _____ C:\Users\Cleto\Downloads\capitao_andrade_v2.pdf 2016-06-06 18:37 - 2016-06-06 18:37 - 04123134 _____ C:\Users\Cleto\Downloads\download_landsat8.pdf 2016-06-06 18:36 - 2016-06-06 18:37 - 03037859 _____ C:\Users\Cleto\Downloads\download_glcf_inpe.pdf 2016-06-06 01:42 - 2016-06-06 01:42 - 00899584 _____ (Farbar) C:\Users\Cleto\Desktop\FSS.exe 2016-06-06 01:41 - 2016-06-06 01:41 - 00899584 _____ (Farbar) C:\Users\Cleto\Downloads\FSS.exe 2016-06-06 01:38 - 2016-06-06 01:38 - 00147456 _____ (Eric_71) C:\Users\Cleto\Desktop\MbrScan.exe 2016-06-06 01:36 - 2016-06-06 01:37 - 00147456 _____ (Eric_71) C:\Users\Cleto\Downloads\MbrScan.exe 2016-06-05 23:55 - 2016-06-05 23:58 - 00388608 _____ (Trend Micro Inc.) C:\HijackThis.exe 2016-06-05 18:35 - 2016-06-05 18:35 - 00449903 _____ C:\Users\Cleto\Downloads\Fitoterápicos estudos com plantas.pdf 2016-06-05 18:28 - 2016-06-05 18:29 - 00059405 _____ C:\Users\Cleto\Downloads\SIXEL, 1998 infcaracteristicas(1).pdf 2016-06-05 00:43 - 2016-06-05 00:43 - 00106264 _____ C:\Users\Cleto\Downloads\legendas_tv_20160601132659000000.rar 2016-06-05 00:40 - 2016-06-05 00:40 - 00024105 _____ C:\Users\Cleto\Downloads\legendas_tv_20160424122904000000.rar 2016-06-04 21:14 - 2016-06-04 21:14 - 00014984 _____ C:\Users\Cleto\Downloads\[kat.cr]the.awakening.2011.720p.brrip.x264.700mb.yify.torrent 2016-06-04 16:33 - 2016-06-04 16:33 - 00001085 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard.lnk 2016-06-04 16:33 - 2016-06-04 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 2016-06-04 16:32 - 2016-06-04 16:32 - 15603520 _____ (EaseUS ) C:\Users\Cleto\Downloads\drw_free.exe 2016-06-03 19:10 - 2016-06-03 19:10 - 00289613 _____ C:\Users\Cleto\Downloads\Convite%2520SMA.pdf 2016-06-03 10:10 - 2016-06-03 10:10 - 00046898 _____ C:\Users\Cleto\Downloads\BRSSD_NFGAS_198094_30052016.PDF 2016-06-02 01:01 - 2016-06-02 01:01 - 00124150 _____ C:\Users\Cleto\Downloads\legendas_tv_20160523184436000000 (1).rar 2016-06-02 00:59 - 2016-06-02 00:59 - 00000000 ____D C:\Users\Cleto\AppData\LocalLow\uTorrent 2016-06-01 19:37 - 2016-06-01 19:38 - 47516404 _____ C:\Users\Cleto\Downloads\wetransfer-de1388.zip 2016-06-01 02:53 - 2016-06-01 02:53 - 03677248 _____ C:\Users\Cleto\Downloads\adwcleaner_5.119.exe 2016-06-01 02:52 - 2016-05-27 21:10 - 00456156 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160601-025204.backup 2016-05-31 13:25 - 2016-05-31 13:25 - 02397772 _____ C:\Users\Cleto\Downloads\Tania_Cintra.pdf 2016-05-30 13:43 - 2016-05-30 13:43 - 11689749 _____ C:\Users\Cleto\Downloads\regulamentacao_mel_asf_bahia.pdf 2016-05-30 13:41 - 2016-05-30 13:41 - 00064878 _____ C:\Users\Cleto\Downloads\analise mercosul GMC_RES_1999-089.pdf 2016-05-30 09:47 - 2016-05-30 09:47 - 00004130 _____ C:\Users\Cleto\Downloads\[kat.cr]game.of.thrones.s06e06.hdtv.x264.killers.ettv.torrent 2016-05-30 02:53 - 2016-05-30 02:53 - 00028788 _____ C:\Users\Cleto\Downloads\Fear.the.Walking.Dead.S02E07.HDTV.x264-FLEET[eztv].mkv.torrent 2016-05-30 02:39 - 2016-05-30 02:39 - 05171432 _____ C:\Users\Cleto\Downloads\ideiaNegocio.pdf 2016-05-30 02:37 - 2016-05-30 02:37 - 03136287 _____ C:\Users\Cleto\Downloads\docslide.com.br_apostila-ent-107.pdf 2016-05-30 02:11 - 2016-05-30 02:11 - 00010408 _____ C:\Users\Cleto\Downloads\Instruçao N11-20-10-2000.pdf 2016-05-30 02:10 - 2016-05-30 02:10 - 00642988 _____ C:\Users\Cleto\Downloads\Aula+9.pdf 2016-05-30 02:09 - 2016-05-30 02:09 - 00036430 _____ C:\Users\Cleto\Downloads\analise mel portaria 200.pdf 2016-05-30 02:05 - 2016-05-30 02:05 - 00030208 _____ C:\Users\Cleto\Downloads\Parâmetros FQ e MB Mel_completo para publicacao 04 07 14.xls 2016-05-30 02:03 - 2016-05-30 02:03 - 00049933 _____ C:\Users\Cleto\Downloads\portaria-6-de-1985-mel.pdf 2016-05-28 10:56 - 2016-06-09 17:33 - 00000000 ____D C:\Users\Cleto\Desktop\TCC Final 2016-05-28 09:26 - 2016-05-28 09:26 - 00303444 _____ C:\Users\Cleto\Downloads\ANÁLISE DESCRITIVA QUANTITATIVA APLICADA EM MEL.pdf 2016-05-28 09:11 - 2016-05-28 09:11 - 00093436 _____ C:\Users\Cleto\Downloads\Análises Físico Químicas de Méis do Ceará.pdf 2016-05-28 09:09 - 2016-05-28 09:09 - 00512606 _____ C:\Users\Cleto\Downloads\Cadeia Produtiva do Mel de Abelhas.pdf 2016-05-28 09:06 - 2016-05-28 09:06 - 00179327 _____ C:\Users\Cleto\Downloads\Caracterizaçao Físico-Química de Amostras de Mel.pdf 2016-05-27 21:01 - 2016-05-27 21:01 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2016-05-27 21:00 - 2016-05-27 21:00 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2016-05-26 16:14 - 2016-05-26 16:14 - 00259166 _____ C:\Users\Cleto\Downloads\Propriedades físicas e químicas do mel de Apis mellifera L.pdf 2016-05-26 16:02 - 2016-05-26 16:02 - 01233717 _____ C:\Users\Cleto\Downloads\POLLEN SPECTRUM OF HONEY PRODUCED IN CERRADO.pdf 2016-05-26 00:42 - 2016-05-26 00:42 - 00004160 _____ C:\Users\Cleto\Downloads\TUMIRITINGAMapa.kmz 2016-05-25 20:12 - 2016-05-25 20:12 - 03677760 _____ C:\Users\Cleto\Downloads\adwcleaner_5.118.exe 2016-05-24 01:23 - 2016-05-24 01:23 - 00109691 _____ C:\Users\Cleto\Downloads\INCRA_Primeiro_de_Junho.pdf 2016-05-23 22:56 - 2016-05-23 22:57 - 00124150 _____ C:\Users\Cleto\Downloads\legendas_tv_20160523184436000000.rar 2016-05-23 22:47 - 2016-05-23 22:47 - 00016239 _____ C:\Users\Cleto\Downloads\[kat.cr]game.of.thrones.season.6.episode.05.s06e05.1080p.750mb.torrent 2016-05-23 22:46 - 2016-05-23 22:46 - 00033314 _____ C:\Users\Cleto\Downloads\[kat.cr]game.of.thrones.s06e05.1080p.hdtv.x264.dual.Áudio.legenda.separada.br.en.hipertorrent.torrent 2016-05-23 22:42 - 2016-05-23 22:42 - 00004410 _____ C:\Users\Cleto\Downloads\[kat.cr]fear.the.walking.dead.s02e07.hdtv.xvid.fum.ettv.torrent 2016-05-23 22:35 - 2016-05-23 22:35 - 05770680 _____ C:\Users\Cleto\Downloads\mg.biota v.2 n.2.pdf 2016-05-23 22:35 - 2016-05-23 22:35 - 00712577 _____ C:\Users\Cleto\Downloads\Riqueza de oito remanescentes florestais no norte de Minas.pdf 2016-05-22 20:05 - 2016-05-22 20:05 - 00019290 _____ C:\Users\Cleto\Downloads\game.of.thrones.s06.e05.the.door.(2016).pob.1cd.(6634674).zip 2016-05-22 19:39 - 2016-05-22 19:39 - 00033717 _____ C:\Users\Cleto\Downloads\[kat.cr]game.of.thrones.s06e05.the.door.1080p.x264.sammy.hq.mp4.torrent 2016-05-22 13:32 - 2016-05-22 13:32 - 07760777 _____ C:\Users\Cleto\Downloads\Florestas mudanças climáticas e serviços ecologicos.pdf 2016-05-21 11:34 - 2016-05-21 11:34 - 00012415 _____ C:\Users\Cleto\Downloads\[kat.cr]gozu.unrated.asian.horror.eng.subs.torrent 2016-05-18 20:00 - 2016-05-18 20:00 - 00051881 _____ C:\Users\Cleto\Downloads\Certificado Arcgis na educaçao.pdf 2016-05-18 19:52 - 2016-05-18 19:52 - 00027043 _____ C:\Users\Cleto\Downloads\INFO.dotx 2016-05-18 19:24 - 2016-05-18 19:24 - 00489929 _____ C:\Users\Cleto\Downloads\Lei da mata atlantica retrocesso.pdf 2016-05-18 19:22 - 2016-05-18 19:22 - 02225932 _____ C:\Users\Cleto\Downloads\5ª aula - COLETA E TRANSPORTE DE RESÍDUOS SÓLIDOS.pdf 2016-05-18 19:22 - 2016-05-18 19:22 - 00603352 _____ C:\Users\Cleto\Downloads\4ª aula - ACONDICIONAMENTO DE RESÍDUOS SÓLIDOS.pdf 2016-05-18 02:17 - 2016-05-18 02:17 - 00776552 _____ C:\Users\Cleto\Downloads\Uso e conhecimento da aroeira (Myracrodruon urundeuva) por.pdf 2016-05-18 02:04 - 2016-05-18 02:04 - 02593630 _____ C:\Users\Cleto\Downloads\portaria_mma_443_2014.pdf 2016-05-17 14:55 - 2016-05-17 14:55 - 03020997 _____ C:\Users\Cleto\Downloads\Felipe Pinho Monodominancia, fitossociologia e distribuiçao espacial em Tumiritinga.pdf 2016-05-17 01:43 - 2016-05-17 01:44 - 01056219 _____ C:\Users\Cleto\Downloads\Seminario GRH (1) (1).pdf 2016-05-17 01:31 - 2016-05-17 01:31 - 00217600 _____ C:\Users\Cleto\Downloads\planilha_irrigacao.xls 2016-05-16 23:05 - 2016-05-16 23:05 - 00268693 _____ C:\Users\Cleto\Downloads\legendas_tv_20160516190441000000.rar 2016-05-16 23:04 - 2016-05-16 23:04 - 00150735 _____ C:\Users\Cleto\Downloads\legendas_tv_20160516215401000000.rar 2016-05-16 20:48 - 2016-05-16 20:48 - 01162440 _____ C:\Users\Cleto\Downloads\2016419_1898_Aula+02+-+GRH-03.pdf 2016-05-16 20:48 - 2016-05-16 20:48 - 01069582 _____ C:\Users\Cleto\Downloads\2016329_175026_Aula+01+-+GRH-03.pdf 2016-05-16 20:46 - 2016-05-16 20:46 - 01182887 _____ C:\Users\Cleto\Downloads\2016429_123841_Aula+02+-+GEA+-+04.pdf 2016-05-16 20:46 - 2016-05-16 20:46 - 00592473 _____ C:\Users\Cleto\Downloads\2016429_123323_Aula+01+-+GEA-04.pdf 2016-05-16 20:41 - 2016-05-16 20:41 - 00339355 _____ C:\Users\Cleto\Downloads\ATIVIDADE_03_GEA-05.pdf 2016-05-16 20:39 - 2016-05-16 20:39 - 00147160 _____ C:\Users\Cleto\Downloads\ATIVIDADE_01_GEA-05.pdf 2016-05-16 20:39 - 2016-05-16 20:39 - 00146385 _____ C:\Users\Cleto\Downloads\ATIVIDADE_02_GEA-05.pdf 2016-05-16 03:19 - 2016-05-16 03:19 - 00013203 _____ C:\Users\Cleto\Downloads\[kat.cr]boneco.do.mal.2016.720p.bluray.5.1.x264.dual.bludv.torrent 2016-05-16 03:12 - 2016-05-16 03:12 - 00005378 _____ C:\Users\Cleto\Downloads\[kat.cr]game.of.thrones.s06e04.hdtv.xvid.fum.ettv.torrent 2016-05-16 03:10 - 2016-05-16 03:10 - 00024161 _____ C:\Users\Cleto\Downloads\[kat.cr]fear.the.walking.dead.s02e06.hdtv.x264.fleet.rartv.torrent 2016-05-16 02:07 - 2016-05-16 00:58 - 00004595 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160516-020752.backup 2016-05-16 01:18 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe 2016-05-16 01:14 - 2016-05-16 02:01 - 00000000 ____D C:\Users\Todos os Usuários\Spybot - Search & Destroy 2016-05-16 01:14 - 2016-05-16 02:01 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-05-16 01:14 - 2016-05-16 01:22 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2016-05-16 01:14 - 2016-05-16 01:14 - 00001471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2016-05-16 01:14 - 2016-05-16 01:14 - 00001459 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2016-05-16 01:14 - 2016-05-16 01:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2016-05-16 01:14 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe 2016-05-16 00:43 - 2016-05-16 01:14 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2016-05-16 00:43 - 2016-05-16 00:43 - 00001177 _____ C:\Users\Public\Desktop\Spybot Anti-Beacon.lnk 2016-05-16 00:43 - 2016-05-16 00:43 - 00000000 ____D C:\WINDOWS\SysWOW64\PolicyDefinitions 2016-05-16 00:43 - 2016-05-16 00:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot Anti-Beacon 2016-05-16 00:43 - 2016-05-16 00:43 - 00000000 ____D C:\Program Files (x86)\Spybot Anti-Beacon 2016-05-14 14:28 - 2016-05-14 14:28 - 00143861 _____ C:\Users\Cleto\Downloads\legendas_tv_20160505140537000000.rar 2016-05-14 13:06 - 2016-05-14 13:06 - 00017725 _____ C:\Users\Cleto\Downloads\[kat.cr]mustang.2015.720p.brrip.850mb.mkvcage.torrent 2016-05-14 13:05 - 2016-05-14 13:05 - 00115782 _____ C:\Users\Cleto\Downloads\[kat.cr]louder.than.bombs.2015.hdrip.xvid.ac3.evo.torrent 2016-05-14 13:03 - 2016-05-14 13:03 - 00043046 _____ C:\Users\Cleto\Downloads\legendas_tv_20160506234759000000.rar 2016-05-14 10:58 - 2016-05-14 10:58 - 00690233 _____ C:\Users\Cleto\Downloads\downloads-artigos-aspectos-conceituais-paulo-albuquerque.pdf 2016-05-13 01:57 - 2016-05-13 01:57 - 00000000 ____D C:\Users\Cleto\AppData\Local\Conexant 2016-05-13 01:09 - 2016-05-13 01:09 - 00000000 ____D C:\Users\Todos os Usuários\Hewlett-Packard 2016-05-13 01:09 - 2016-05-13 01:09 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2016-05-12 23:21 - 2016-05-12 23:21 - 00170203 _____ C:\Users\Cleto\Downloads\ACG%27s_CLETO_RODRIGUES (2).pdf 2016-05-12 10:24 - 2016-05-12 10:24 - 00999457 _____ C:\Users\Cleto\Downloads\Characterization of the honey from Myracrodruon urundeuva.pdf 2016-05-11 23:37 - 2016-05-12 00:29 - 01994541 _____ C:\Users\Cleto\Downloads\Seminario GRH.pptx 2016-05-11 01:56 - 2016-05-11 01:56 - 05610496 _____ C:\Users\Cleto\Downloads\DOC_ORADOR_C_13633_K-Comissao-Permanente-CRA-20141106EXT022_parte3701_RESULTADO_1415270832975.ppt 2016-05-10 21:27 - 2016-04-30 03:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-05-10 21:27 - 2016-04-23 03:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-05-10 21:27 - 2016-04-23 03:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-05-10 21:27 - 2016-04-23 03:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-05-10 21:27 - 2016-04-23 03:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-05-10 21:27 - 2016-04-23 03:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-05-10 21:27 - 2016-04-23 03:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-05-10 21:27 - 2016-04-23 02:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-05-10 21:27 - 2016-04-23 02:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-05-10 21:27 - 2016-04-23 02:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-05-10 21:27 - 2016-04-23 02:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-05-10 21:27 - 2016-04-23 02:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-05-10 21:27 - 2016-04-23 02:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-05-10 21:27 - 2016-04-23 02:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-05-10 21:27 - 2016-04-23 01:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-05-10 21:27 - 2016-04-23 01:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-05-10 21:27 - 2016-04-23 01:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-05-10 21:27 - 2016-04-23 01:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-05-10 21:27 - 2016-04-23 01:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-05-10 21:27 - 2016-04-23 01:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-05-10 21:27 - 2016-04-23 01:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-05-10 21:27 - 2016-04-23 01:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-05-10 21:27 - 2016-04-23 01:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-05-10 21:27 - 2016-04-23 01:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-05-10 21:27 - 2016-04-23 01:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-05-10 21:27 - 2016-04-23 01:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-05-10 21:27 - 2016-04-23 01:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-05-10 21:27 - 2016-04-23 01:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-05-10 21:27 - 2016-04-23 01:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-05-10 21:27 - 2016-04-23 01:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-05-10 21:27 - 2016-04-23 01:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-05-10 21:27 - 2016-04-23 01:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-05-10 21:27 - 2016-04-23 01:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2016-05-10 21:27 - 2016-04-23 01:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-05-10 21:27 - 2016-04-23 01:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-05-10 21:27 - 2016-04-23 01:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-05-10 21:27 - 2016-04-23 01:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-05-10 21:27 - 2016-04-23 01:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-05-10 21:27 - 2016-04-23 01:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-05-10 21:27 - 2016-04-23 01:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-05-10 21:27 - 2016-04-23 01:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2016-05-10 21:26 - 2016-05-06 01:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys 2016-05-10 21:26 - 2016-05-06 01:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2016-05-10 21:26 - 2016-05-06 01:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2016-05-10 21:26 - 2016-05-06 00:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2016-05-10 21:26 - 2016-05-06 00:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2016-05-10 21:26 - 2016-05-06 00:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll 2016-05-10 21:26 - 2016-05-06 00:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2016-05-10 21:26 - 2016-05-06 00:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2016-05-10 21:26 - 2016-04-30 03:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-05-10 21:26 - 2016-04-23 03:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-05-10 21:26 - 2016-04-23 03:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-05-10 21:26 - 2016-04-23 02:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-05-10 21:26 - 2016-04-23 02:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-05-10 21:26 - 2016-04-23 02:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2016-05-10 21:26 - 2016-04-23 02:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-05-10 21:26 - 2016-04-23 02:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-05-10 21:26 - 2016-04-23 02:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2016-05-10 21:26 - 2016-04-23 02:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2016-05-10 21:26 - 2016-04-23 02:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2016-05-10 21:26 - 2016-04-23 02:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2016-05-10 21:26 - 2016-04-23 02:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2016-05-10 21:26 - 2016-04-23 02:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-05-10 21:26 - 2016-04-23 02:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-05-10 21:26 - 2016-04-23 02:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2016-05-10 21:26 - 2016-04-23 02:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-05-10 21:26 - 2016-04-23 02:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2016-05-10 21:26 - 2016-04-23 02:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2016-05-10 21:26 - 2016-04-23 02:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2016-05-10 21:26 - 2016-04-23 02:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2016-05-10 21:26 - 2016-04-23 02:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-05-10 21:26 - 2016-04-23 02:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2016-05-10 21:26 - 2016-04-23 02:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2016-05-10 21:26 - 2016-04-23 02:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys 2016-05-10 21:26 - 2016-04-23 02:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-05-10 21:26 - 2016-04-23 02:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-05-10 21:26 - 2016-04-23 02:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-05-10 21:26 - 2016-04-23 02:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-05-10 21:26 - 2016-04-23 02:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-05-10 21:26 - 2016-04-23 02:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2016-05-10 21:26 - 2016-04-23 02:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-05-10 21:26 - 2016-04-23 02:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-05-10 21:26 - 2016-04-23 02:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-05-10 21:26 - 2016-04-23 02:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-05-10 21:26 - 2016-04-23 02:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2016-05-10 21:26 - 2016-04-23 02:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2016-05-10 21:26 - 2016-04-23 02:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2016-05-10 21:26 - 2016-04-23 02:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll 2016-05-10 21:26 - 2016-04-23 02:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll 2016-05-10 21:26 - 2016-04-23 02:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2016-05-10 21:26 - 2016-04-23 02:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-05-10 21:26 - 2016-04-23 02:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-05-10 21:26 - 2016-04-23 02:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll 2016-05-10 21:26 - 2016-04-23 02:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-05-10 21:26 - 2016-04-23 02:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-05-10 21:26 - 2016-04-23 02:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll 2016-05-10 21:26 - 2016-04-23 02:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-05-10 21:26 - 2016-04-23 02:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-05-10 21:26 - 2016-04-23 02:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2016-05-10 21:26 - 2016-04-23 02:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-05-10 21:26 - 2016-04-23 02:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2016-05-10 21:26 - 2016-04-23 02:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-05-10 21:26 - 2016-04-23 02:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-05-10 21:26 - 2016-04-23 02:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-05-10 21:26 - 2016-04-23 02:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll 2016-05-10 21:26 - 2016-04-23 02:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll 2016-05-10 21:26 - 2016-04-23 02:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll 2016-05-10 21:26 - 2016-04-23 01:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2016-05-10 21:26 - 2016-04-23 01:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2016-05-10 21:26 - 2016-04-23 01:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll 2016-05-10 21:26 - 2016-04-23 01:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-05-10 21:26 - 2016-04-23 01:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll 2016-05-10 21:26 - 2016-04-23 01:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2016-05-10 21:26 - 2016-04-23 01:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2016-05-10 21:26 - 2016-04-23 01:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll 2016-05-10 21:26 - 2016-04-23 01:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys 2016-05-10 21:26 - 2016-04-23 01:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe 2016-05-10 21:26 - 2016-04-23 01:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll 2016-05-10 21:26 - 2016-04-23 01:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2016-05-10 21:26 - 2016-04-23 01:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2016-05-10 21:26 - 2016-04-23 01:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-05-10 21:26 - 2016-04-23 01:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-05-10 21:26 - 2016-04-23 01:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll 2016-05-10 21:26 - 2016-04-23 01:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2016-05-10 21:26 - 2016-04-23 01:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2016-05-10 21:26 - 2016-04-23 01:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys 2016-05-10 21:26 - 2016-04-23 01:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2016-05-10 21:26 - 2016-04-23 01:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-05-10 21:26 - 2016-04-23 01:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll 2016-05-10 21:26 - 2016-04-23 01:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe 2016-05-10 21:26 - 2016-04-23 01:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2016-05-10 21:26 - 2016-04-23 01:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2016-05-10 21:26 - 2016-04-23 01:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2016-05-10 21:26 - 2016-04-23 01:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2016-05-10 21:26 - 2016-04-23 01:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-05-10 21:26 - 2016-04-23 01:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll 2016-05-10 21:26 - 2016-04-23 01:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2016-05-10 21:26 - 2016-04-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2016-05-10 21:26 - 2016-04-23 01:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-05-10 21:26 - 2016-04-23 01:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll 2016-05-10 21:26 - 2016-04-23 01:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2016-05-10 21:26 - 2016-04-23 01:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2016-05-10 21:26 - 2016-04-23 01:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-05-10 21:26 - 2016-04-23 01:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2016-05-10 21:26 - 2016-04-23 01:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-05-10 21:26 - 2016-04-23 01:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-05-10 21:26 - 2016-04-23 01:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-05-10 21:26 - 2016-04-23 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2016-05-10 21:26 - 2016-04-23 01:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2016-05-10 21:26 - 2016-04-23 01:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2016-05-10 21:26 - 2016-04-23 01:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2016-05-10 21:26 - 2016-04-23 01:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll 2016-05-10 21:26 - 2016-04-23 01:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll 2016-05-10 21:26 - 2016-04-23 01:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-05-10 21:26 - 2016-04-23 01:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll 2016-05-10 21:26 - 2016-04-23 01:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll 2016-05-10 21:26 - 2016-04-23 01:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2016-05-10 21:26 - 2016-04-23 01:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-05-10 21:26 - 2016-04-23 01:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-05-10 21:26 - 2016-04-23 01:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-05-10 21:26 - 2016-04-23 01:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-05-10 21:26 - 2016-04-23 01:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2016-05-10 21:26 - 2016-04-23 01:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-05-10 21:26 - 2016-04-23 01:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2016-05-10 21:26 - 2016-04-23 01:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2016-05-10 21:26 - 2016-04-23 01:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2016-05-10 21:26 - 2016-04-23 01:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll 2016-05-10 21:26 - 2016-04-23 01:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-05-10 21:26 - 2016-04-23 01:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-05-10 21:26 - 2016-04-23 01:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-05-10 21:26 - 2016-04-23 01:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll 2016-05-10 21:26 - 2016-04-23 01:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll 2016-05-10 21:26 - 2016-04-23 01:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-05-10 21:26 - 2016-04-23 01:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-05-10 21:26 - 2016-04-23 01:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-05-10 21:26 - 2016-04-23 01:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2016-05-10 21:26 - 2016-04-23 01:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-05-10 21:26 - 2016-04-23 01:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-05-10 21:26 - 2016-04-23 01:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-05-10 21:26 - 2016-04-23 01:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2016-05-10 21:26 - 2016-04-23 01:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2016-05-10 21:26 - 2016-04-23 01:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-05-10 21:26 - 2016-04-23 01:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-05-10 21:26 - 2016-04-23 01:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-05-10 21:26 - 2016-04-23 01:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-05-10 21:26 - 2016-04-23 01:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2016-05-10 21:26 - 2016-04-23 01:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-05-10 21:26 - 2016-04-23 01:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll 2016-05-10 21:26 - 2016-04-23 01:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-05-10 21:26 - 2016-04-23 01:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-05-10 21:26 - 2016-04-23 01:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-05-10 21:26 - 2016-04-23 01:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-05-10 21:26 - 2016-04-23 01:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2016-05-10 21:26 - 2016-04-23 01:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-05-10 21:26 - 2016-04-23 01:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-05-10 21:26 - 2016-04-23 01:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2016-05-10 21:26 - 2016-04-23 01:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-05-10 21:26 - 2016-04-23 01:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-05-10 21:26 - 2016-04-23 01:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2016-05-10 21:26 - 2016-04-23 01:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2016-05-10 21:26 - 2016-04-23 01:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-05-10 21:26 - 2016-04-23 01:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-05-10 21:26 - 2016-04-23 01:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-05-10 21:26 - 2016-04-23 01:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-05-10 21:26 - 2016-04-23 01:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-05-10 21:26 - 2016-04-23 01:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-05-10 21:26 - 2016-04-23 01:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2016-05-10 21:26 - 2016-04-23 01:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2016-05-10 21:26 - 2016-04-23 01:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2016-05-10 21:26 - 2016-04-23 01:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2016-05-10 21:26 - 2016-04-23 01:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-05-10 21:26 - 2016-04-23 01:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-05-10 21:26 - 2016-04-23 01:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-05-10 21:26 - 2016-04-23 01:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-05-10 21:26 - 2016-04-23 01:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-05-10 21:26 - 2016-04-23 01:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-05-10 21:26 - 2016-04-23 01:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-05-10 21:26 - 2016-04-23 01:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2016-05-10 21:26 - 2016-04-23 01:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-05-10 21:26 - 2016-04-23 01:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2016-05-10 21:26 - 2016-04-23 01:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-05-10 21:26 - 2016-04-23 01:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2016-05-10 21:26 - 2016-04-23 01:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2016-05-10 21:26 - 2016-04-23 01:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-05-10 21:26 - 2016-04-23 01:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-05-10 21:26 - 2016-04-23 01:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2016-05-10 21:26 - 2016-04-23 01:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-05-10 21:26 - 2016-04-23 01:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-05-10 21:26 - 2016-04-23 00:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2016-05-10 21:26 - 2016-04-22 23:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-05-10 21:26 - 2016-04-22 23:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml 2016-05-10 21:26 - 2016-04-18 19:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml 2016-05-09 23:48 - 2016-05-09 23:49 - 00134997 _____ C:\Users\Cleto\Downloads\legendas_tv_20160509231600000000.rar 2016-05-09 23:48 - 2016-05-09 23:48 - 00175490 _____ C:\Users\Cleto\Downloads\legendas_tv_20160509180017000000.rar 2016-05-09 03:53 - 2016-05-09 03:53 - 00014681 _____ C:\Users\Cleto\Downloads\[kat.cr]fear.the.walking.dead.s02e05.hdtv.xvid.afg.torrent 2016-05-09 03:51 - 2016-05-09 03:51 - 00003646 _____ C:\Users\Cleto\Downloads\[kat.cr]game.of.thrones.s06e03.hdtv.x264.killers.ettv.torrent 2016-05-09 02:39 - 2016-05-09 02:40 - 00915135 _____ C:\Users\Cleto\Downloads\Formularios_Outorga.zip 2016-05-07 01:23 - 2016-05-07 01:23 - 00091264 _____ C:\Users\Cleto\Downloads\Ifinho Modelo.dotx 2016-05-06 12:32 - 2016-05-06 12:32 - 32448434 _____ C:\Users\Cleto\Downloads\Livro_Spring_Alegre_ES.rar 2016-05-05 01:56 - 2016-05-05 01:56 - 00390421 _____ C:\Users\Cleto\Downloads\TEOR DE TANINOS EM TRÊS ESPÉCIES MEDICINAIS ARBÓREAS.pdf 2016-05-05 01:53 - 2016-05-05 01:53 - 00544424 _____ C:\Users\Cleto\Downloads\Sistemas Silvipastoris árvores e pastagens uma.pdf 2016-05-05 01:46 - 2016-05-05 01:46 - 02397772 _____ C:\Users\Cleto\Downloads\Cintra Tania 2009.pdf 2016-05-04 18:41 - 2016-05-04 18:41 - 00174145 _____ C:\Users\Cleto\Downloads\ABNT - NBR 14724 - 2011.pdf 2016-05-03 12:25 - 2016-05-03 12:25 - 01508772 _____ C:\Users\Cleto\Downloads\TCC Diagnóstico RSU Sardoá - EDIVAL TGA.pdf 2016-05-03 12:25 - 2016-05-03 12:25 - 01245203 _____ C:\Users\Cleto\Downloads\TCC final _Lidiana _PDF.pdf 2016-05-02 22:20 - 2016-05-02 22:20 - 00000000 ____D C:\Users\Cleto\Desktop\Dados anteriores do Firefox 2016-05-02 22:18 - 2016-05-14 12:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-05-02 22:18 - 2016-05-02 22:18 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-05-02 22:18 - 2016-05-02 22:18 - 00001227 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-05-02 17:24 - 2016-05-02 17:24 - 00003745 _____ C:\Users\Cleto\Downloads\[kat.cr]game.of.thrones.s06e02.proper.hdtv.x264.batv.ettv.torrent 2016-05-02 16:51 - 2016-05-02 16:51 - 00179279 _____ C:\Users\Cleto\Downloads\legendas_tv_20160502162841000000.rar 2016-05-02 16:29 - 2016-05-02 16:29 - 00236379 _____ C:\Users\Cleto\Downloads\A E.F. Vitória a Minas e suas locomotivas desde 1904 - Google Livros.html 2016-05-02 16:29 - 2016-05-02 16:29 - 00000000 ____D C:\Users\Cleto\Downloads\A E.F. Vitória a Minas e suas locomotivas desde 1904 - Google Livros_files 2016-05-02 16:27 - 2016-05-02 16:27 - 00554861 _____ C:\Users\Cleto\Downloads\apostila-bacia-do-doce.pdf 2016-05-02 16:24 - 2016-05-02 16:24 - 00845409 _____ C:\Users\Cleto\Downloads\Entre o progresso e a incompletude da modernidade.pdf 2016-05-02 16:18 - 2016-05-02 16:18 - 03185437 _____ C:\Users\Cleto\Downloads\BACIA HIDROGRÁFICA DO RIO DOCE.pdf 2016-05-02 16:12 - 2016-05-02 16:13 - 06244841 _____ C:\Users\Cleto\Downloads\Historia de uma formação valadares.pdf 2016-05-02 16:01 - 2016-05-02 16:01 - 00932381 _____ C:\Users\Cleto\Downloads\vale-do-rio-doce-fronteira--industrializacao-e-colapso-socioambiental--haruf-salmen-espindola.pdf 2016-05-02 15:34 - 2016-06-08 23:26 - 00000000 ____D C:\AdwCleaner 2016-05-02 14:58 - 2016-05-02 14:58 - 03615296 _____ C:\Users\Cleto\Downloads\AdwCleaner.exe 2016-05-02 09:32 - 2016-05-02 09:32 - 00004165 _____ C:\Users\Cleto\Downloads\[kat.cr]fear.the.walking.dead.s02e04.hdtv.x264.fum.ettv.torrent 2016-05-01 17:07 - 2016-05-01 17:07 - 00712577 _____ C:\Users\Cleto\Downloads\Santos et al 2007 Riqueza e similaridade florestas do norte de minas.pdf 2016-04-30 23:19 - 2016-04-30 23:20 - 00000000 ____D C:\Users\Cleto\Downloads\Aline 2016-04-29 23:46 - 2016-04-29 23:46 - 00064254 _____ C:\Users\Cleto\Downloads\Proposta de Resolução que dispõe.pdf 2016-04-29 23:28 - 2016-04-29 23:28 - 00776552 _____ C:\Users\Cleto\Downloads\Uso e conhecimento da aroeira (Myracrodruon urundeuva.pdf 2016-04-29 23:19 - 2016-04-29 23:19 - 15675623 _____ C:\Users\Cleto\Downloads\Diagnostico_residuos_solidos.PDF 2016-04-29 23:12 - 2016-04-29 23:12 - 00310596 _____ C:\Users\Cleto\Downloads\Contribuições da Agroecologia e da Homeopatia na Resignificação da.pdf 2016-04-29 10:57 - 2016-04-29 10:57 - 00014814 _____ C:\Users\Cleto\Downloads\DASNSIMEI-Recibo-05469249000164.pdf 2016-04-28 10:42 - 2016-04-28 10:42 - 01158101 _____ C:\Users\Cleto\Downloads\cartaz rio de lama.pdf 2016-04-28 00:10 - 2016-04-28 00:10 - 01048634 _____ C:\Users\Cleto\Downloads\A Queda PT.pdf 2016-04-26 18:07 - 2016-04-26 18:07 - 00561368 _____ C:\Users\Cleto\Downloads\INFORMACOES_SEGURO_ESCOLAR.pdf 2016-04-26 01:18 - 2016-04-26 01:18 - 00049175 _____ C:\Users\Cleto\Downloads\Fear_The_Walking_Dead_S02E02_HDTV_x264-KILLERS.torrent 2016-04-26 01:12 - 2016-04-26 01:12 - 00124683 _____ C:\Users\Cleto\Downloads\legendas_tv_20160425140628000000.rar 2016-04-26 01:11 - 2016-04-26 01:11 - 00168726 _____ C:\Users\Cleto\Downloads\legendas_tv_20160425233442000000.rar 2016-04-24 20:23 - 2016-04-24 20:23 - 05859564 _____ C:\Users\Cleto\Downloads\pdi_ibge.pdf 2016-04-23 20:45 - 2016-04-23 20:45 - 01523357 _____ C:\Users\Cleto\Downloads\Aethina_tumida chega ao Brasil.pdf 2016-04-21 22:32 - 2016-04-21 22:32 - 00026277 _____ C:\Users\Cleto\Downloads\[kat.cr]microsoft.office.proplus.2013.sp1.vl.x86.x64.en.us.jun2014.tradução.pt.br.torrent 2016-04-20 03:32 - 2016-04-20 03:32 - 00117241 _____ C:\Users\Cleto\Downloads\legendas_tv_20160419125634000000.rar 2016-04-20 03:31 - 2016-04-20 03:31 - 00102007 _____ C:\Users\Cleto\Downloads\legendas_tv_20160412202629000000.rar 2016-04-19 21:41 - 2016-04-19 21:41 - 01562602 _____ C:\Users\Cleto\Downloads\GRS_Parte 2 - Acondicionamento, armazenamento, coleta e transporte.pdf 2016-04-19 01:49 - 2016-04-19 01:49 - 00155277 _____ C:\Users\Cleto\Downloads\legendas_tv_20160418151027000000.rar 2016-04-18 23:08 - 2016-04-18 23:08 - 00000000 _____ C:\Users\Cleto\Downloads\[kat.cr]fear.the.walking.dead.s02e02.web.dl.x264.rarbg.torrent 2016-04-18 03:26 - 2016-04-18 03:26 - 00031836 _____ C:\Users\Cleto\Downloads\[kat.cr]star.wars.episode.vii.the.force.awakens.2015.1080p.bluray.dts.x264.etrg.torrent 2016-04-18 03:14 - 2016-04-18 03:14 - 00024496 _____ C:\Users\Cleto\Downloads\[kat.cr]star.wars.episode.vii.the.force.awakens.2015.deleted.scenes.720p.brrip.torrent 2016-04-18 03:12 - 2016-04-18 03:12 - 00012089 _____ C:\Users\Cleto\Downloads\[kat.cr]star.wars.episode.vii.the.force.awakens.2015.bonus.disc.720p.bluray.1gb.mkvcage.torrent 2016-04-17 23:17 - 2016-04-17 23:17 - 00495729 _____ C:\Users\Cleto\Downloads\desenhos Beatriz.pdf 2016-04-15 23:56 - 2016-04-15 23:57 - 00511672 _____ C:\Users\Cleto\Downloads\2016415_184425_trabalho_pratico_01.pdf 2016-04-15 10:23 - 2016-04-15 10:23 - 00169946 _____ C:\Users\Cleto\Downloads\ACG%27s_CLETO_RODRIGUES (1).pdf 2016-04-15 02:09 - 2016-04-15 02:09 - 00091479 _____ C:\Users\Cleto\Downloads\anexo_orientacoes.pdf 2016-04-15 02:06 - 2016-04-15 02:06 - 06332023 _____ C:\Users\Cleto\Downloads\cartilha-descomplicar.pdf 2016-04-15 01:55 - 2016-04-15 01:55 - 00079102 _____ C:\Users\Cleto\Downloads\RESOLUÇÃO CONAMA no 377.pdf 2016-04-14 09:13 - 2016-04-14 09:13 - 00000000 ____D C:\Program Files\EaseUS 2016-04-13 02:14 - 2016-04-13 02:14 - 01462461 _____ C:\Users\Cleto\Downloads\casa vegetaçao_38.pdf 2016-04-13 02:02 - 2016-04-13 02:02 - 02074356 _____ C:\Users\Cleto\Downloads\Tese de Alessandra Brito2000 casa vegetação.pdf 2016-04-13 01:01 - 2016-04-02 01:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-04-13 01:01 - 2016-04-02 00:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-04-13 01:01 - 2016-04-02 00:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-04-13 01:01 - 2016-04-02 00:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-04-13 01:01 - 2016-03-29 07:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-04-13 01:01 - 2016-03-29 07:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-04-13 01:01 - 2016-03-29 07:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-13 01:01 - 2016-03-29 07:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-04-13 01:01 - 2016-03-29 07:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-04-13 01:01 - 2016-03-29 07:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-04-13 01:01 - 2016-03-29 06:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-04-13 01:01 - 2016-03-29 06:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-04-13 01:01 - 2016-03-29 06:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-04-13 01:01 - 2016-03-29 06:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-04-13 01:01 - 2016-03-29 05:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-04-13 01:01 - 2016-03-29 04:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-04-13 01:01 - 2016-03-29 04:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2016-04-13 01:01 - 2016-03-29 04:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-04-13 01:01 - 2016-03-29 04:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll 2016-04-13 01:01 - 2016-03-29 04:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2016-04-13 01:01 - 2016-03-29 04:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-04-13 01:01 - 2016-03-29 04:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-04-13 01:01 - 2016-03-29 04:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-04-13 01:01 - 2016-03-29 04:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-04-13 01:01 - 2016-03-29 04:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2016-04-13 01:01 - 2016-03-29 04:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2016-04-13 01:01 - 2016-03-29 04:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-04-13 01:01 - 2016-03-29 04:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2016-04-13 01:01 - 2016-03-29 03:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2016-04-13 01:01 - 2016-03-29 03:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll 2016-04-13 01:01 - 2016-03-29 03:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2016-04-13 01:01 - 2016-03-29 03:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-04-13 01:01 - 2016-03-29 03:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-04-13 01:01 - 2016-03-29 03:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-04-13 01:01 - 2016-03-29 03:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-04-13 01:01 - 2016-03-29 03:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2016-04-13 01:01 - 2016-03-29 03:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-04-13 01:01 - 2016-03-29 03:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-04-13 01:01 - 2016-03-29 02:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-04-13 01:01 - 2016-03-29 02:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2016-04-13 01:01 - 2016-03-29 02:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-04-13 01:01 - 2016-03-29 02:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-04-13 01:01 - 2016-03-29 02:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2016-04-13 01:01 - 2016-03-29 02:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll 2016-04-13 01:01 - 2016-03-29 02:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2016-04-13 01:00 - 2016-04-02 01:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2016-04-13 01:00 - 2016-04-02 01:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2016-04-13 01:00 - 2016-04-02 01:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-04-13 01:00 - 2016-04-02 00:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll 2016-04-13 01:00 - 2016-04-02 00:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll 2016-04-13 01:00 - 2016-03-29 07:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2016-04-13 01:00 - 2016-03-29 07:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll 2016-04-13 01:00 - 2016-03-29 07:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2016-04-13 01:00 - 2016-03-29 07:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2016-04-13 01:00 - 2016-03-29 07:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2016-04-13 01:00 - 2016-03-29 07:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2016-04-13 01:00 - 2016-03-29 06:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2016-04-13 01:00 - 2016-03-29 06:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys 2016-04-13 01:00 - 2016-03-29 06:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2016-04-13 01:00 - 2016-03-29 06:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2016-04-13 01:00 - 2016-03-29 06:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2016-04-13 01:00 - 2016-03-29 06:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-04-13 01:00 - 2016-03-29 06:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe 2016-04-13 01:00 - 2016-03-29 06:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll 2016-04-13 01:00 - 2016-03-29 06:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll 2016-04-13 01:00 - 2016-03-29 06:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe 2016-04-13 01:00 - 2016-03-29 06:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll 2016-04-13 01:00 - 2016-03-29 05:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-04-13 01:00 - 2016-03-29 05:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-04-13 01:00 - 2016-03-29 05:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2016-04-13 01:00 - 2016-03-29 05:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-04-13 01:00 - 2016-03-29 05:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll 2016-04-13 01:00 - 2016-03-29 05:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll 2016-04-13 01:00 - 2016-03-29 05:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll 2016-04-13 01:00 - 2016-03-29 05:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2016-04-13 01:00 - 2016-03-29 05:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll 2016-04-13 01:00 - 2016-03-29 05:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll 2016-04-13 01:00 - 2016-03-29 05:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll 2016-04-13 01:00 - 2016-03-29 05:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll 2016-04-13 01:00 - 2016-03-29 05:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll 2016-04-13 01:00 - 2016-03-29 05:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-04-13 01:00 - 2016-03-29 05:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-04-13 01:00 - 2016-03-29 05:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe 2016-04-13 01:00 - 2016-03-29 05:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll 2016-04-13 01:00 - 2016-03-29 04:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe 2016-04-13 01:00 - 2016-03-29 04:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-04-13 01:00 - 2016-03-29 04:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-04-13 01:00 - 2016-03-29 04:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-04-13 01:00 - 2016-03-29 04:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll 2016-04-13 01:00 - 2016-03-29 04:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys 2016-04-13 01:00 - 2016-03-29 04:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll 2016-04-13 01:00 - 2016-03-29 04:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-04-13 01:00 - 2016-03-29 04:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll 2016-04-13 01:00 - 2016-03-29 04:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe 2016-04-13 01:00 - 2016-03-29 04:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2016-04-13 01:00 - 2016-03-29 04:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2016-04-13 01:00 - 2016-03-29 04:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll 2016-04-13 01:00 - 2016-03-29 04:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2016-04-13 01:00 - 2016-03-29 04:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll 2016-04-13 01:00 - 2016-03-29 04:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2016-04-13 01:00 - 2016-03-29 04:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-04-13 01:00 - 2016-03-29 04:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2016-04-13 01:00 - 2016-03-29 04:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-04-13 01:00 - 2016-03-29 04:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll 2016-04-13 01:00 - 2016-03-29 04:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll 2016-04-13 01:00 - 2016-03-29 04:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-04-13 01:00 - 2016-03-29 04:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2016-04-13 01:00 - 2016-03-29 04:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-04-13 01:00 - 2016-03-29 04:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2016-04-13 01:00 - 2016-03-29 04:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2016-04-13 01:00 - 2016-03-29 04:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2016-04-13 01:00 - 2016-03-29 04:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2016-04-13 01:00 - 2016-03-29 04:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2016-04-13 01:00 - 2016-03-29 04:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2016-04-13 01:00 - 2016-03-29 04:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-13 01:00 - 2016-03-29 04:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2016-04-13 01:00 - 2016-03-29 04:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2016-04-13 01:00 - 2016-03-29 04:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-04-13 01:00 - 2016-03-29 04:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2016-04-13 01:00 - 2016-03-29 04:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll 2016-04-13 01:00 - 2016-03-29 04:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll 2016-04-13 01:00 - 2016-03-29 04:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2016-04-13 01:00 - 2016-03-29 04:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll 2016-04-13 01:00 - 2016-03-29 04:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll 2016-04-13 01:00 - 2016-03-29 04:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2016-04-13 01:00 - 2016-03-29 04:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-04-13 01:00 - 2016-03-29 04:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-04-13 01:00 - 2016-03-29 04:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2016-04-13 01:00 - 2016-03-29 04:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-04-13 01:00 - 2016-03-29 04:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll 2016-04-13 01:00 - 2016-03-29 04:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2016-04-13 01:00 - 2016-03-29 04:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll 2016-04-13 01:00 - 2016-03-29 04:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2016-04-13 01:00 - 2016-03-29 04:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2016-04-13 01:00 - 2016-03-29 04:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-13 01:00 - 2016-03-29 04:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe 2016-04-13 01:00 - 2016-03-29 04:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2016-04-13 01:00 - 2016-03-29 04:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll 2016-04-13 01:00 - 2016-03-29 04:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2016-04-13 01:00 - 2016-03-29 04:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2016-04-13 01:00 - 2016-03-29 04:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-04-13 01:00 - 2016-03-29 04:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-04-13 01:00 - 2016-03-29 04:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2016-04-13 01:00 - 2016-03-29 04:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-04-13 01:00 - 2016-03-29 03:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-04-13 01:00 - 2016-03-29 03:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe 2016-04-13 01:00 - 2016-03-29 03:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2016-04-13 01:00 - 2016-03-29 03:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-04-13 01:00 - 2016-03-29 03:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2016-04-13 01:00 - 2016-03-29 03:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2016-04-13 01:00 - 2016-03-29 03:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll 2016-04-13 01:00 - 2016-03-29 03:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2016-04-13 01:00 - 2016-03-29 03:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-04-13 01:00 - 2016-03-29 03:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-04-13 01:00 - 2016-03-29 03:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2016-04-13 01:00 - 2016-03-29 03:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2016-04-13 01:00 - 2016-03-29 03:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll 2016-04-13 01:00 - 2016-03-29 03:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2016-04-13 01:00 - 2016-03-29 03:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-04-13 01:00 - 2016-03-29 03:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-04-13 01:00 - 2016-03-29 03:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-04-13 01:00 - 2016-03-29 03:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2016-04-13 01:00 - 2016-03-29 03:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-04-13 01:00 - 2016-03-29 03:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-13 01:00 - 2016-03-29 03:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2016-04-13 01:00 - 2016-03-29 03:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2016-04-13 01:00 - 2016-03-29 03:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-04-13 01:00 - 2016-03-29 03:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2016-04-13 01:00 - 2016-03-29 03:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll 2016-04-13 01:00 - 2016-03-29 03:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2016-04-13 01:00 - 2016-03-29 03:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2016-04-13 01:00 - 2016-03-29 03:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2016-04-13 01:00 - 2016-03-29 03:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll 2016-04-13 01:00 - 2016-03-29 03:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-04-13 01:00 - 2016-03-29 03:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2016-04-13 01:00 - 2016-03-29 03:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-04-13 01:00 - 2016-03-29 03:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-04-13 01:00 - 2016-03-29 03:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2016-04-13 01:00 - 2016-03-29 03:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-04-13 01:00 - 2016-03-29 03:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2016-04-13 01:00 - 2016-03-29 03:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-04-13 01:00 - 2016-03-29 03:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-04-13 01:00 - 2016-03-29 03:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2016-04-13 01:00 - 2016-03-29 03:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2016-04-13 01:00 - 2016-03-29 03:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2016-04-13 01:00 - 2016-03-29 03:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2016-04-13 01:00 - 2016-03-29 02:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll 2016-04-13 01:00 - 2016-03-29 02:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2016-04-13 01:00 - 2016-03-29 02:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2016-04-13 01:00 - 2016-03-29 02:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2016-04-13 01:00 - 2016-03-29 02:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2016-04-13 01:00 - 2016-03-29 02:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2016-04-13 01:00 - 2016-03-29 02:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-13 01:00 - 2016-03-29 02:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2016-04-13 00:59 - 2016-03-29 05:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys 2016-04-13 00:59 - 2016-03-29 05:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-04-13 00:59 - 2016-03-29 04:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-04-13 00:59 - 2016-03-29 04:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-04-13 00:59 - 2016-03-29 04:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-04-13 00:59 - 2016-03-29 04:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-04-13 00:59 - 2016-03-29 04:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll 2016-04-13 00:59 - 2016-03-29 03:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll 2016-04-13 00:59 - 2016-03-29 03:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-04-12 10:45 - 2016-04-12 10:45 - 00131309 _____ C:\Users\Cleto\Downloads\legendas_tv_20160411135201000000.rar 2016-04-08 18:33 - 2016-04-08 18:34 - 00657536 _____ C:\Users\Cleto\Downloads\DIRPF_WALDEMAR.zip 2016-04-08 01:28 - 2016-05-12 17:28 - 05995712 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2016-04-08 00:27 - 2016-04-08 00:27 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll 2016-04-08 00:27 - 2016-04-08 00:27 - 04330200 _____ (TODO: <Company name>) C:\WINDOWS\RtCRU64.exe 2016-04-08 00:26 - 2016-04-08 00:26 - 04323976 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athw10x.sys 2016-04-08 00:24 - 2016-04-08 00:24 - 02627288 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtCamU64.exe 2016-04-08 00:24 - 2016-04-08 00:24 - 01971928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsDecode.dll 2016-04-08 00:24 - 2016-04-08 00:24 - 00498904 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtCamX.dll 2016-04-08 00:21 - 2016-04-08 00:21 - 00185600 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys 2016-04-08 00:17 - 2016-04-08 00:17 - 00000000 ____D C:\WINDOWS\IObit 2016-04-08 00:16 - 2016-06-08 23:21 - 00000000 ____D C:\Users\Todos os Usuários\IObit 2016-04-08 00:16 - 2016-06-08 23:21 - 00000000 ____D C:\Users\Cleto\AppData\Roaming\IObit 2016-04-08 00:16 - 2016-06-08 23:21 - 00000000 ____D C:\ProgramData\IObit 2016-04-08 00:16 - 2016-06-08 23:21 - 00000000 ____D C:\Program Files (x86)\IObit 2016-04-08 00:16 - 2016-04-08 00:30 - 00002234 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk 2016-04-08 00:16 - 2016-04-08 00:17 - 00000000 ____D C:\Users\Cleto\AppData\LocalLow\IObit 2016-04-08 00:16 - 2016-04-08 00:16 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS 2016-04-08 00:16 - 2016-04-08 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 2016-04-07 14:51 - 2016-04-07 14:51 - 00232534 _____ C:\Users\Cleto\Downloads\ETE - roteiro (1).pdf 2016-04-07 14:48 - 2016-04-07 14:48 - 00363129 _____ C:\Users\Cleto\Downloads\ETE Anexo VI - Projeto reúso.pdf 2016-04-07 02:19 - 2016-04-07 02:19 - 00021806 _____ C:\Users\Cleto\Downloads\legendas_tv_20160401132221000000.rar 2016-04-07 01:43 - 2016-04-07 01:43 - 00015778 _____ C:\Users\Cleto\Downloads\legendas_tv_20160406002333000000.rar 2016-04-07 01:32 - 2016-04-07 01:32 - 00001930 _____ C:\Users\Cleto\Downloads\[kat.cr]star.wars.rebels.s02e20.twilight.of.the.apprentice.part.2.1080p.web.dl.dd5.1.h.264.torrent 2016-04-07 01:31 - 2016-04-07 01:31 - 00128119 _____ C:\Users\Cleto\Downloads\legendas_tv_20160403220818000000.rar 2016-04-07 01:23 - 2016-04-07 01:23 - 00228473 _____ C:\Users\Cleto\Downloads\legendas_tv_20160406125254000000.rar 2016-04-07 00:39 - 2016-04-07 00:39 - 00169691 _____ C:\Users\Cleto\Downloads\ACG%27s_CLETO_RODRIGUES.pdf 2016-04-04 20:35 - 2016-04-04 20:35 - 00083936 _____ C:\Users\Cleto\Downloads\Pro.Evolution.Soccer.2016.XBOX360-[COMPLEX] - [torrent-oyun.com].torrent 2016-04-04 01:31 - 2016-04-04 01:31 - 00059782 _____ C:\Users\Cleto\Downloads\[kat.cr]the.walking.dead.s06e16.internal.hdtv.x264.killers.rartv.torrent 2016-04-04 01:28 - 2016-04-04 01:28 - 00015187 _____ C:\Users\Cleto\Downloads\[kat.cr]star.wars.rebels.s02e20.twilight.of.the.apprentice.part.1.720p.web.dl.x264.aac.torrent 2016-04-03 11:42 - 2016-04-03 11:42 - 01069582 _____ C:\Users\Cleto\Downloads\Hidricos Aula+01+-+GRH-03.pdf 2016-04-03 11:42 - 2016-04-03 11:42 - 00801040 _____ C:\Users\Cleto\Downloads\Sensoriamento Aula+01+-+GEP+-+03.pdf 2016-03-31 23:37 - 2016-03-31 23:37 - 00179790 _____ C:\Users\Cleto\Downloads\SELECAO%2520result..pdf 2016-03-30 23:00 - 2016-03-30 23:00 - 00000777 _____ C:\Users\Cleto\Desktop\BHR_Alegre - Atalho.lnk 2016-03-30 22:49 - 2016-03-30 22:49 - 00001173 _____ C:\Users\Cleto\Desktop\Spring 5.3 Português _x86.lnk 2016-03-30 22:49 - 2016-03-30 22:49 - 00000000 ____D C:\Users\Cleto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spring 5.3 Português _x86 2016-03-30 22:49 - 2016-03-30 22:49 - 00000000 ____D C:\Program Files (x86)\Spring53_Portugues_x86 2016-03-30 22:35 - 2016-05-26 01:03 - 00000000 ____D C:\Livro_Spring_Alegre_ES 2016-03-30 10:27 - 2016-03-30 10:27 - 00311955 _____ C:\Users\Cleto\Downloads\RECUPERAÇÃO DE ÁREA DEGRADADA COM SISTEMA AGROFLORESTAL.pdf 2016-03-30 10:19 - 2016-03-30 10:19 - 00298888 _____ C:\Users\Cleto\Downloads\179_05122008033615.pdf 2016-03-30 10:03 - 2016-03-30 10:04 - 14209640 _____ C:\Users\Cleto\Downloads\manual_tecnico_vegetacao_brasileira.pdf 2016-03-30 10:02 - 2016-03-30 10:02 - 02007631 _____ C:\Users\Cleto\Downloads\Mapeamento de Florestas Monodominadas por Myracrodruon.pdf 2016-03-30 09:40 - 2016-03-30 09:40 - 00013192 _____ C:\Users\Cleto\Downloads\3169505_prodext2014.csv 2016-03-30 09:40 - 2016-03-30 09:40 - 00004720 _____ C:\Users\Cleto\Downloads\3169505_prodpec2014.csv 2016-03-30 09:37 - 2016-03-30 09:37 - 00019735 _____ C:\Users\Cleto\Downloads\3169505_censoagro2006.csv 2016-03-30 01:44 - 2016-03-30 01:44 - 00716898 _____ C:\Users\Cleto\Downloads\apicultura_mar_2016[1].pdf 2016-03-29 11:21 - 2016-03-29 11:22 - 04939604 _____ C:\Users\Cleto\Downloads\Fwd%3a_Material_de_aula.zip 2016-03-29 11:07 - 2016-03-29 11:07 - 03526275 _____ C:\Users\Cleto\Downloads\Cartilha_do_PENNA.zip 2016-03-29 11:04 - 2016-03-29 11:05 - 22367412 _____ C:\Users\Cleto\Downloads\Fwd%3a_materia_GRS.zip 2016-03-28 10:10 - 2016-03-28 10:10 - 00006347 _____ C:\Users\Cleto\Downloads\[kat.cr]the.walking.dead.s06e15.hdtv.x264.killers.ettv.torrent 2016-03-27 20:01 - 2016-03-27 20:02 - 08089873 _____ C:\Users\Cleto\Downloads\daphne-v1-n4-b-res analise quimica.pdf 2016-03-27 20:00 - 2016-03-27 20:00 - 04377312 _____ C:\Users\Cleto\Downloads\Masio Servulo Magalhaes.pdf 2016-03-27 19:57 - 2016-03-27 19:57 - 00163325 _____ C:\Users\Cleto\Downloads\Esther 2014_91_8847.pdf 2016-03-27 00:42 - 2016-03-27 00:42 - 00009405 _____ C:\Users\Cleto\Downloads\legendas_tv_20160320020858000000.rar 2016-03-27 00:40 - 2016-03-27 00:40 - 00061793 _____ C:\Users\Cleto\Downloads\legendas_tv_20160326134444000000.rar 2016-03-26 10:32 - 2016-03-26 10:32 - 01349146 _____ C:\Users\Cleto\Downloads\205182.pdf 2016-03-25 21:57 - 2016-03-25 21:57 - 00347813 _____ C:\Users\Cleto\Downloads\Potencial anti-Helicobacter pylori de extratos.pdf 2016-03-25 21:23 - 2016-03-25 21:23 - 00039855 _____ C:\Users\Cleto\Downloads\legendas_tv_20160325010333000000.rar 2016-03-25 21:21 - 2016-03-25 21:21 - 00004846 _____ C:\Users\Cleto\Downloads\CA37216239EDE2C9B83F167405DA2C01A4CC7BE9.torrent 2016-03-24 12:13 - 2016-03-24 12:13 - 00157681 _____ C:\Users\Cleto\Downloads\legendas_tv_20160324010026000000.rar 2016-03-23 14:41 - 2016-03-23 14:41 - 00000000 ____D C:\Users\Cleto\.Spring 2016-03-23 04:18 - 2016-05-27 21:06 - 00004012 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458717500 2016-03-23 04:18 - 2016-05-27 21:06 - 00001093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2016-03-23 04:18 - 2016-05-27 21:00 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2016-03-23 02:00 - 2016-03-23 02:00 - 00013629 _____ C:\Users\Cleto\Downloads\[kat.cr]star.wars.episode.vii.the.force.awakens.2015.1080p.bluray.6ch.2.5gb.shaanig.torrent 2016-03-23 01:55 - 2016-03-23 01:55 - 00055854 _____ C:\Users\Cleto\Downloads\[kat.cr]star.wars.episode.vii.the.force.awakens.2015.1080p.bluray.h264.aac.rarbg.torrent 2016-03-22 21:54 - 2016-03-22 21:54 - 00061932 _____ C:\Users\Cleto\Downloads\ipva.pdf 2016-03-21 01:40 - 2016-03-21 01:40 - 00051625 _____ C:\Users\Cleto\Downloads\legendas_tv_20160119234908.rar 2016-03-21 01:35 - 2016-03-21 01:35 - 00179911 _____ C:\Users\Cleto\Downloads\[kat.cr]gueros.2014.720p.bluray.x264.nodlabs.güeros.torrent 2016-03-21 01:34 - 2016-03-21 01:34 - 00030120 _____ C:\Users\Cleto\Downloads\legendas_tv_20151227224424.rar 2016-03-21 01:21 - 2016-03-21 01:21 - 00014389 _____ C:\Users\Cleto\Downloads\filme_completo_em_Português_720p_HDRip_BluRay_Dual_Áudio_ [Sawlyn].torrent 2016-03-21 01:10 - 2016-03-21 01:10 - 00017724 _____ C:\Users\Cleto\Downloads\[kat.cr]club.sandwich.2013.webrip.x264.horizon.artsubs.torrent 2016-03-21 01:01 - 2016-03-21 01:01 - 00034829 _____ C:\Users\Cleto\Downloads\legendas_tv_20160316164952000000.rar 2016-03-21 00:58 - 2016-03-21 00:58 - 00004717 _____ C:\Users\Cleto\Downloads\[kat.cr]the.walking.dead.s06e14.hdtv.x264.fum.ettv.torrent 2016-03-19 16:56 - 2016-03-19 16:56 - 00035920 _____ C:\Users\Cleto\Downloads\[kat.cr]star.wars.rebels.s02e18.the.forgotten.droid.720p.dsny.webrip.x264.sparrow.torrent 2016-03-17 14:39 - 2016-03-17 14:40 - 16346066 _____ C:\Users\Cleto\Downloads\LivroSPRING512PassoaPassoAplicacaoPratica.pdf 2016-03-17 14:38 - 2016-03-17 14:38 - 01854316 _____ C:\Users\Cleto\Downloads\Sensoriamento remoto.pdf 2016-03-16 11:12 - 2016-03-16 11:12 - 00263518 _____ C:\Users\Cleto\Downloads\legendas_tv_20160121130423.rar 2016-03-16 11:11 - 2016-03-16 11:11 - 00013689 _____ C:\Users\Cleto\Downloads\[kat.cr]making.a.murderer.s01.season.1.mini.series.720p.webrip.reenc.deejayahmed.torrent 2016-03-15 23:56 - 2016-03-15 23:56 - 00104132 _____ C:\Users\Cleto\Downloads\legendas_tv_20160310073605000000.rar 2016-03-15 23:55 - 2016-03-15 23:55 - 00014184 _____ C:\Users\Cleto\Downloads\[kat.cr]better.call.saul.s02e04.1080p.web.dl.x265.hevc.aac.5.1.condo.torrent 2016-03-15 23:53 - 2016-03-15 23:53 - 00018548 _____ C:\Users\Cleto\Downloads\[kat.cr]better.call.saul.s02e05.hdtv.x264.killers.rartv.torrent 2016-03-15 13:54 - 2016-03-15 13:54 - 00084074 _____ C:\Users\Cleto\Downloads\DAS-PGMEI-05469249000164 (1).pdf 2016-03-14 14:17 - 2016-03-14 14:17 - 00372884 _____ C:\Users\Cleto\Downloads\calendario_academico_superior_e_subsequente.pdf 2016-03-13 11:50 - 2016-03-17 14:38 - 00213004 _____ C:\Users\Cleto\Downloads\legendas_tv_20151209041943.rar ==================== Três Meses Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-06-09 23:28 - 2014-11-14 07:33 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-06-09 22:58 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-06-09 15:45 - 2015-01-12 10:21 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-09 15:43 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF 2016-06-09 15:12 - 2016-01-06 16:49 - 00000000 __SHD C:\Users\Cleto\IntelGraphicsProfiles 2016-06-09 15:12 - 2015-04-30 23:30 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2016-06-09 15:12 - 2015-01-12 10:21 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-09 15:11 - 2016-01-06 08:04 - 00000000 ____D C:\Users\Cleto 2016-06-09 15:10 - 2016-01-06 08:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-06-09 15:10 - 2014-10-18 10:40 - 00000000 ____D C:\Program Files (x86)\GbPlugin 2016-06-09 02:04 - 2016-01-06 08:24 - 01822696 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-06-09 02:04 - 2015-10-30 16:12 - 00786498 _____ C:\WINDOWS\system32\prfh0416.dat 2016-06-09 02:04 - 2015-10-30 16:12 - 00154782 _____ C:\WINDOWS\system32\prfc0416.dat 2016-06-09 00:19 - 2014-10-09 00:15 - 00000000 ____D C:\Users\Cleto\AppData\Roaming\vlc 2016-06-08 23:46 - 2015-03-18 14:25 - 00000000 ____D C:\Users\Cleto\AppData\Local\Lenovo 2016-06-08 23:46 - 2014-10-07 23:04 - 00000000 ____D C:\Users\Cleto\AppData\Roaming\Lenovo 2016-06-08 23:44 - 2014-04-16 23:41 - 00000000 ____D C:\Program Files (x86)\Lenovo 2016-06-08 23:44 - 2014-04-16 23:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo 2016-06-08 23:43 - 2014-04-16 23:39 - 00000000 ____D C:\WINDOWS\Downloaded Installations 2016-06-08 23:40 - 2014-04-16 23:39 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-06-08 23:26 - 2015-10-30 03:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-06-08 23:22 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-06-08 18:45 - 2016-02-17 14:39 - 00002281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-08 18:45 - 2016-02-17 14:39 - 00002269 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-06-08 02:19 - 2016-03-03 00:39 - 00000000 ____D C:\Users\Cleto\AppData\Roaming\MPC-HC 2016-06-07 10:32 - 2015-07-12 21:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-06-06 22:55 - 2015-07-12 21:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-06-06 22:50 - 2015-07-12 21:16 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-06-06 22:50 - 2015-07-12 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-06-05 23:57 - 2014-10-09 10:24 - 00000000 ____D C:\Users\Cleto\AppData\Roaming\uTorrent 2016-06-02 17:20 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-05-28 18:00 - 2015-05-10 19:02 - 00000000 ____D C:\Users\Cleto\AppData\Roaming\Skype 2016-05-27 21:01 - 2015-04-30 23:30 - 00465792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2016-05-27 21:01 - 2015-04-30 23:30 - 00287528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2016-05-27 21:01 - 2015-04-30 23:30 - 00166432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2016-05-27 21:01 - 2015-04-30 23:30 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2016-05-27 21:01 - 2015-04-30 23:30 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2016-05-27 21:01 - 2015-04-30 23:30 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2016-05-27 21:01 - 2015-04-30 23:30 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2016-05-27 21:00 - 2015-04-30 23:30 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2016-05-23 20:08 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-05-23 19:47 - 2015-07-31 01:13 - 00000000 ____D C:\Users\Cleto\AppData\Local\ElevatedDiagnostics 2016-05-18 19:17 - 2014-10-07 23:02 - 00000000 ____D C:\Users\Cleto\AppData\Local\Packages 2016-05-16 12:03 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache 2016-05-16 02:13 - 2015-10-30 03:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-05-16 01:18 - 2016-01-05 22:41 - 00000000 ____D C:\Program Files\Common Files\AV 2016-05-14 12:47 - 2014-10-07 23:08 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-05-14 12:39 - 2014-10-08 03:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-05-14 12:35 - 2015-10-30 16:15 - 00000000 ____D C:\Program Files\Windows Journal 2016-05-14 12:35 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-05-14 12:35 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-05-14 12:35 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Provisioning 2016-05-14 12:35 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-05-14 12:34 - 2015-10-30 04:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2016-05-14 02:47 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-05-13 01:57 - 2016-01-06 08:00 - 00000000 ____D C:\Users\Todos os Usuários\Conexant 2016-05-13 01:57 - 2016-01-06 08:00 - 00000000 ____D C:\ProgramData\Conexant 2016-05-11 16:57 - 2015-10-30 04:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-05-11 16:57 - 2015-10-30 04:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-05-10 22:18 - 2014-10-08 03:20 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-05-10 21:56 - 2014-10-08 03:20 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-05-10 17:39 - 2015-01-12 10:21 - 00004152 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-05-10 17:39 - 2015-01-12 10:21 - 00003920 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore ==================== Arquivos na raiz de alguns diretórios ======= 2015-01-17 07:57 - 2015-01-17 08:07 - 0035654 _____ () C:\Users\Cleto\AppData\Roaming\unins000.dat 2015-08-08 08:45 - 2015-08-08 08:45 - 0000000 _____ () C:\Users\Cleto\AppData\Local\{0A0DC549-C7F7-4183-9552-15F19C8DB81C} 2016-01-06 08:01 - 2016-01-06 08:01 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Alguns arquivos em TEMP: ==================== C:\Users\Cleto\AppData\Local\Temp\libeay32.dll C:\Users\Cleto\AppData\Local\Temp\msvcr120.dll C:\Users\Cleto\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-06-01 12:52 ==================== Fim de FRST.txt ============================ Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:09-06-2016 Executado por Cleto (2016-06-09 23:35:10) Executando a partir de C:\Users\Cleto\Desktop Windows 10 Home Single Language Versão 1511 (X64) (2016-01-06 19:48:35) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-613852610-2115194870-4212196456-500 - Administrator - Disabled) Cleto (S-1-5-21-613852610-2115194870-4212196456-1001 - Administrator - Enabled) => C:\Users\Cleto Convidado (S-1-5-21-613852610-2115194870-4212196456-501 - Limited - Disabled) DefaultAccount (S-1-5-21-613852610-2115194870-4212196456-503 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! antivírus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: avast! antivírus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version: - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) Adobe Reader 9 - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated) ArcGIS 10.2.2 Data Interoperability for Desktop (HKLM-x32\...\ArcGIS 10.2.2 Data Interoperability for Desktop) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) ArcGIS 10.2.2 Data Interoperability for Desktop (x32 Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) Hidden ArcGIS 10.2.2 for Desktop (HKLM-x32\...\ArcGIS 10.2.2 for Desktop) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) ArcGIS 10.2.2 for Desktop (x32 Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) Hidden ArcGIS 10.2.2 for Desktop Oracle Geodatabase Object Schema Update and Editing Patch (HKLM-x32\...\ArcGIS 10.2.2 for Desktop CR285161) (Version: - Environmental Systems Research Institute, Inc.) ArcGIS 10.2.2 for Desktop Set Shapefile Default Code Page Patch (HKLM-x32\...\ArcGIS 10.2.2 for Desktop CR286131) (Version: - Environmental Systems Research Institute, Inc.) ArcGIS 10.2.2 License Manager (HKLM-x32\...\ArcGIS 10.2.2 License Manager) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) ArcGIS 10.2.2 License Manager (x32 Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) Hidden ArcGIS 10.2.2 Workflow Manager for Desktop (HKLM-x32\...\{C0FA0E70-56D7-4A00-966F-45C0C369020E}) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) ArcGIS Case Tools for Desktop (HKLM-x32\...\ArcGIS Case Tools for Desktop) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) ArcGIS Case Tools for Desktop (x32 Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) Hidden ArcObjects SDK for the Java Platform (HKLM-x32\...\ArcObjects SDK for the Java Platform) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) ArcObjects SDK for the Java Platform (x32 Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) Hidden AutoCAD 2007 - English (HKLM-x32\...\{5783F2D7-5001-0409-0002-0060B0CE6BBA}) (Version: 17.0.54.110 - Autodesk) Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.) Avast Free antivírus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software) CAR - Módulo de Cadastro (HKLM-x32\...\CAR - Módulo de Cadastro) (Version: - Ministério do Meio Ambiente) CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform) CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant) Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.224.0 - Conexant Systems) coverXP (remove only) (HKLM-x32\...\coverXP) (Version: - ) Desinstalar impressora EPSON T50 Series (HKLM\...\EPSON T50 Series) (Version: - SEIKO EPSON Corporation) Disconnect Desktop (HKLM-x32\...\Disconnect Desktop 1.0.5) (Version: 1.0.5 - Disconnect) Disconnect Desktop (x32 Version: 1.0.5 - Disconnect) Hidden Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc) Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit) EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS) EaseUS Partition Master 10.1 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.14 - Lenovo) Energy Management (x32 Version: 8.0.2.14 - Lenovo) Hidden Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.41.00 - SEIKO EPSON CORPORATION) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Guia de Usuário (x32 Version: 1.0.0.17 - Lenovo) Hidden ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) K-Lite Codec Pack 11.9.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.6 - KLCP) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.) Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10120.11116 - Realtek Semiconductor Corp.) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo) Macromedia Flash Player 8 (HKLM-x32\...\ShockwaveFlash) (Version: 8 - Macromedia) Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.11.0.1 - ) Mozilla Firefox 46.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 pt-BR)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla) OpenVPN 2.3.4-I603 (HKLM-x32\...\OpenVPN) (Version: 2.3.4-I603 - ) Pacote de Driver do Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Pacote de Driver do Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) QGIS Brighton 2.6.1 Brighton (HKLM\...\QGIS Brighton) (Version: - QGIS Development Team) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.) SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden Skype Web Plugin (HKLM-x32\...\{15AF46DB-9EBA-4662-AA52-29EF23585035}) (Version: 3.2.0.23388 - Skype Technologies S.A.) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) Spring 5.3 Português_x86 (HKLM-x32\...\Spring 5.3 Português_x86) (Version: - ) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 1.5 - Safer-Networking Ltd.) TAP-Windows 9.21.0 (HKLM\...\TAP-Windows) (Version: 9.21.0 - ) Unity Web Player (HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\UnityWebPlayer) (Version: 5.3.4f1 - Unity Technologies ApS) UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN) Warsaw 1.8.0.10356 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia) WinRAR 5.00 beta 7 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.7 - win.rar GmbH) ==================== Exame Personalizado CLSID (Whitelisted): ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-613852610-2115194870-4212196456-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-613852610-2115194870-4212196456-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Cleto\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia) CustomCLSID: HKU\S-1-5-21-613852610-2115194870-4212196456-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Cleto\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-613852610-2115194870-4212196456-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Tarefas Agendadas (Whitelisted) ============= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {01E43E56-BE52-4614-ABCB-0ED866086399} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-10] (Microsoft Corporation) Task: {0244705E-D1E6-4D5F-9473-D2BED3D5A24E} - System32\Tasks\Disconnect Desktop Updater => C:\Program Files (x86)\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe [2015-02-27] (Disconnect) Task: {041A12D9-9413-4EBA-948C-2E584DECD8E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.) Task: {067AFF45-7441-43FD-8A29-83010A0A2958} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization => C:\Program Files (x86)\Spybot Anti-Beacon\SDAntiBeacon.exe [2015-10-19] (Safer-Networking Ltd.) Task: {08DB2BB6-9207-46D6-9FD4-1244F1CE76FF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: {0BB470E9-F033-473A-8516-1929B746BA01} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE Task: {199DFC92-D1F7-4720-9AD9-88AC179978E5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO Task: {2411D401-9523-4430-8324-8CD8EEA376C0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.) Task: {2976E402-B100-4B6D-B584-5BA9ABDA7E25} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {528910E3-192A-48AA-9C5F-F1FDBB5DD1CA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {67EB29C8-C5D1-4752-94B3-445A6544B483} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {72120EA0-994E-455F-89AC-C702EABDFEBD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {8429BE11-660B-41FA-BA00-7E4740454EA8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {850D9E61-001F-4AA2-AEFD-1805AC38ABF4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO Task: {8703CB6E-2936-4B1E-B7F9-F39DBE3E1CAF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) Task: {88FCD603-F3AA-41D2-928E-6E7557959D7C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO Task: {9188778D-ED9B-4E4A-9755-D6193F7E8C4B} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo) Task: {98D58BA8-D5F0-431D-BF53-E51F04D2FB8B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {9AA19C73-8104-4047-AEF4-E7AFD54AC119} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] () Task: {9D4A71C6-3D0A-4B69-8E3F-2FFFDF8287BE} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo) Task: {A7C7F3AA-D8B9-4D07-9174-0BE700600DB7} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo) Task: {A7F6F2E3-A829-41A6-84BB-7DE4AC7E3907} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe Task: {A86AED54-E020-48FB-84A6-78291BDBC2B3} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe Task: {A956F9A8-9EB3-4CC8-BAA6-30F7F62EC3F6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO Task: {B3C413B3-3DC2-4D88-B99C-305B32937158} - System32\Tasks\SafeZone scheduled Autoupdate 1458717500 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software) Task: {C3BE5A51-AEB5-4B14-A2DF-8F4FFAA32131} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.) Task: {C825D522-4324-4331-B141-3F339489332C} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-02-19] () Task: {D581F46E-16C4-4EE3-8E33-614CFE26176A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12] (Adobe Systems Incorporated) Task: {E11602B2-AC9A-450E-9744-9AB12580A3D2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO Task: {EC8CA88C-A64F-4270-AB6A-E866F6E55546} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-27] (AVAST Software) Task: {F0D4D6BA-1EC3-47F7-9068-011C63C7ED19} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.) Task: {F13CF50A-4C82-4D7D-8125-3CC77706BBB9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Atalhos ============================= (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\Cleto\Desktop\QGIS Desktop 2.6.1.lnk -> C:\Program Files\QGIS Brighton\bin\nircmd.exe (NirSoft) -> exec hide C:\PROGRA~1\QGISBR~1\bin\qgis.bat ==================== Módulos Carregados (Whitelisted) ============== 2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-13 01:01 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-13 01:01 - 2016-03-29 07:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-01-06 08:51 - 2016-01-06 08:51 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-10 21:26 - 2016-04-23 01:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-05-10 21:27 - 2016-04-23 01:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-05-10 21:26 - 2016-04-23 00:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-05-10 21:27 - 2016-04-23 00:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-05-10 21:27 - 2016-04-23 01:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-05-27 21:00 - 2016-05-27 21:00 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2016-05-27 21:00 - 2016-05-27 21:00 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-06-09 07:29 - 2016-06-09 07:29 - 02924032 _____ () C:\Program Files\AVAST Software\Avast\defs\16060900\algo.dll 2016-05-27 21:00 - 2016-05-27 21:00 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll 2016-05-27 21:00 - 2016-05-27 21:00 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-06-09 22:57 - 2016-06-09 22:57 - 02924032 _____ () C:\Program Files\AVAST Software\Avast\defs\16060901\algo.dll 2016-05-16 01:14 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2016-05-16 01:14 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2016-05-16 01:14 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2016-05-16 01:14 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2016-05-16 01:14 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2016-01-26 22:27 - 2016-01-26 22:27 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-04-16 23:16 - 2013-08-08 13:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-06-08 18:45 - 2016-06-03 22:56 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll 2016-06-08 18:45 - 2016-06-03 22:56 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] ==================== Modo de Segurança (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) ==================== Associação (Whitelisted) =============== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) HKU\S-1-5-21-613852610-2115194870-4212196456-1001\Software\Classes\.scr: AutoCADScriptFile => ==================== Internet Explorer confiável/restrito =============== (Se uma entrada for incluída na fixlist, será removida do Registro.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Existem ainda 7902 sites a mais. IE trusted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\bb.com.br -> hxxps://seg.bb.com.br IE trusted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\caixa.gov.br -> imagem.caixa.gov.br IE trusted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\123simsen.com -> www.123simsen.com Existem ainda 7902 sites a mais. ==================== Hosts Conteúdo: ========================== (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2013-08-22 10:25 - 2016-06-09 15:15 - 00456216 ____A C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 a.ads1.msn.com 0.0.0.0 a.ads2.msads.net 0.0.0.0 a.ads2.msn.com 0.0.0.0 a.rad.msn.com 0.0.0.0 a-0001.a-msedge.net 0.0.0.0 a-0002.a-msedge.net 0.0.0.0 a-0003.a-msedge.net 0.0.0.0 a-0004.a-msedge.net 0.0.0.0 a-0005.a-msedge.net 0.0.0.0 a-0006.a-msedge.net 0.0.0.0 a-0007.a-msedge.net 0.0.0.0 a-0008.a-msedge.net 0.0.0.0 a-0009.a-msedge.net 0.0.0.0 ac3.msn.com 0.0.0.0 ad.doubleclick.net 0.0.0.0 adnexus.net 0.0.0.0 adnxs.com 0.0.0.0 ads.msn.com 0.0.0.0 ads1.msads.net 0.0.0.0 ads1.msn.com 0.0.0.0 aidps.atdmt.com 0.0.0.0 aka-cdn-ns.adtech.de 0.0.0.0 a-msedge.net 0.0.0.0 az361816.vo.msecnd.net 0.0.0.0 az512334.vo.msecnd.net 0.0.0.0 b.ads1.msn.com 0.0.0.0 b.ads2.msads.net 0.0.0.0 b.rad.msn.com 0.0.0.0 bs.serving-sys.com 0.0.0.0 c.atdmt.com Existem ainda 15636 mais linhas. ==================== Outras Áreas ============================ (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-613852610-2115194870-4212196456-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Cleto\Downloads\107763.jpg DNS Servers: 192.168.25.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Atualmente não há nenhuma correção automática para esta seção.) HKLM\...\StartupApproved\StartupFolder: => "AutoCAD Startup Accelerator.lnk" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run: => "ETDCtrl" HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "EnergyUtility" HKLM\...\StartupApproved\Run: => "Energy Management" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run: => "Diebold - Warsaw" HKLM\...\StartupApproved\Run32: => "CloneCDTray" HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray" HKLM\...\StartupApproved\Run32: => "EaseUS EPM Tray Agent" HKLM\...\StartupApproved\Run32: => "UpdateP2GShortCut" HKLM\...\StartupApproved\Run32: => "GrooveMonitor" HKLM\...\StartupApproved\Run32: => "SmartAudio" HKLM\...\StartupApproved\Run32: => "ETDCtrl" HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher" HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-613852610-2115194870-4212196456-1001\...\StartupApproved\Run: => "OneDrive" ==================== Regras do Firewall (Whitelisted) =============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{984F838A-B88C-4014-87B5-C2034FFB6323}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe FirewallRules: [UDP Query User{D2995036-7ACD-4D1A-BB2F-B956B859EAA6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{E242656E-5F3A-4DCD-9A78-4ECD6AABD214}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{D0A54991-E6E5-450B-AB07-3FAA16283307}] => (Allow) C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\SkypeWebPlugin.exe FirewallRules: [UDP Query User{5DB1BA0A-7257-42F0-8E38-072292ACC1A3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{C18FFBA2-37B2-4608-A6A7-8E781B5591A9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{12B309EE-3BC7-4070-9CE8-29E7CEE107DB}C:\program files (x86)\ministério do meio ambiente\car - off-line\server\nodejs\node.exe] => (Allow) C:\program files (x86)\ministério do meio ambiente\car - off-line\server\nodejs\node.exe FirewallRules: [TCP Query User{EA1F9607-AF52-42F3-9D3E-980FAB59ADD3}C:\program files (x86)\ministério do meio ambiente\car - off-line\server\nodejs\node.exe] => (Allow) C:\program files (x86)\ministério do meio ambiente\car - off-line\server\nodejs\node.exe FirewallRules: [{AB273C72-7BB3-48EA-A2E4-B6C8DB7EB76B}] => (Allow) C:\Program Files (x86)\Disconnect\Disconnect Desktop\\openvpn\bin\openvpnserv.exe FirewallRules: [{CA56A033-74DC-414C-AD54-DBBA5319250F}] => (Allow) C:\Program Files (x86)\Disconnect\Disconnect Desktop\\openvpn\bin\openvpn.exe FirewallRules: [{5CF27033-FA58-4574-A302-FBE8D35B2454}] => (Allow) C:\Users\Cleto\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{98F12104-EEA4-4EA7-9AAF-CAEF5A884A18}] => (Allow) C:\Users\Cleto\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BD401E6E-0F96-462F-8968-42FF1BE1CDF4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{B705A6B4-F9F2-4F3F-9868-ABA56D98F55B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{0F072A61-150A-4768-8348-7BE9F1EE5D5B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{C4756075-6BF3-4E8D-B77C-31C3E598699A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{E00207C7-966C-44EA-B8CD-F082B666CE3B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{73A20410-23EC-4393-B1C4-916B1CDC623A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{909288B3-E279-45CE-951B-994E5634A21B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C995D018-4F36-4956-95AD-0684F08D492F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9FE1BA2A-B858-45E7-A250-31B2B05A38D0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Pontos de Restauração ========================= ATENÇÃO: A Restauração do Sistema está desabilitada ==================== Dispositivos Apresentando Falhas No Gerenciador ============= ==================== Erros no Log de eventos: ========================= Erros em Aplicativos: ================== Error: (06/09/2016 11:00:36 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (06/09/2016 01:53:36 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (06/09/2016 01:44:54 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (06/09/2016 12:30:19 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (06/09/2016 12:08:55 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (06/08/2016 11:41:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: SearchUI.exe, versão: 10.0.10586.306, carimbo de data/hora: 0x571af796 Nome do módulo com falha: CortanaApi.dll, versão: 0.0.0.0, carimbo de data/hora: 0x571af3e4 Código de exceção: 0x80000003 Deslocamento da falha: 0x00000000000b5c6d ID do processo com falha: 0xf78 Hora de início do aplicativo com falha: 0xSearchUI.exe0 Caminho do aplicativo com falha: SearchUI.exe1 Caminho do módulo com falha: SearchUI.exe2 ID do Relatório: SearchUI.exe3 Nome completo do pacote com falha: SearchUI.exe4 ID do aplicativo relativo ao pacote com falha: SearchUI.exe5 Error: (06/08/2016 11:26:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: svchost.exe, versão: 10.0.10586.0, carimbo de data/hora: 0x5632d7ba Nome do módulo com falha: ESENT.dll, versão: 10.0.10586.212, carimbo de data/hora: 0x56fa1686 Código de exceção: 0xc0000602 Deslocamento da falha: 0x000000000022885f ID do processo com falha: 0x734 Hora de início do aplicativo com falha: 0xsvchost.exe0 Caminho do aplicativo com falha: svchost.exe1 Caminho do módulo com falha: svchost.exe2 ID do Relatório: svchost.exe3 Nome completo do pacote com falha: svchost.exe4 ID do aplicativo relativo ao pacote com falha: svchost.exe5 Error: (06/08/2016 11:26:33 PM) (Source: ESENT) (EventID: 908) (User: ) Description: svchost (1844) Terminando o processo devido à falha não recuperável: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS) Error: (06/07/2016 09:29:12 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (06/07/2016 11:23:49 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Erro no arquivo de manifesto ou de política "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2", na linha C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Erros de Sistema: ============= Error: (06/09/2016 05:32:15 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT) Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter. Código: 8 0x0 0x0 Error: (06/09/2016 05:32:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT) Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter. Código: 2 0xdeaddeed 0xeeec Error: (06/09/2016 05:32:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT) Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter. Código: 1 0xc 0x4 Error: (06/09/2016 05:29:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT) Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter. Código: 2 0xdeaddeed 0xeeec Error: (06/09/2016 05:29:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT) Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter. Código: 1 0xc 0x4 Error: (06/09/2016 05:24:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT) Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter. Código: 8 0x0 0x0 Error: (06/09/2016 05:24:24 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT) Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter. Código: 2 0xdeaddeed 0xeeec Error: (06/09/2016 05:24:24 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT) Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter. Código: 1 0xc 0x4 Error: (06/09/2016 03:43:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT) Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter. Código: 8 0x0 0x0 Error: (06/09/2016 03:43:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT) Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter. Código: 2 0xdeaddeed 0xeeec CodeIntegrity: =================================== Date: 2016-05-15 07:55:30.151 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-14 12:41:58.970 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-14 04:10:02.453 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-11 03:28:20.762 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-15 05:04:47.215 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-14 08:54:34.280 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-13 08:54:56.349 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-08 00:42:14.023 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-23 04:18:39.927 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-15 04:34:42.476 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== Processador: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz Percentagem de memória em uso: 42% RAM física total: 3993.77 MB RAM física disponível: 2277.19 MB Virtual Total: 6425.77 MB Virtual disponível: 4499.73 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:77.97 GB) (Free:19.99 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.85 GB) NTFS Drive f: (Novo volume) (Fixed) (Total:346.45 GB) (Free:38.05 GB) NTFS ==================== MBR & Tabela de Partições ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: B4D14766) Partition: GPT. ==================== Fim de Addition.txt ============================
×