Ir para conteúdo

Stefany

Participante
  • Postagens

    40
  • Desde

  • Última visita

Sobre Stefany

  • Data de Nascimento 28/03/1993

Perfil

  • Escolaridade
    Superior cursando
  • Área Profissional
    Administração
  • Nível Profissional
    Autônomo
  • Estado
    Bahia
  • Sexo
    feminino
  1. 12gb para jogos vale a pena?

    Desculpe a demora, semana cheia! Fiz o teste com o MSI Afterburner e notei que meus 4 nucleos CPU's chegam a 100% de uso, embora mantenha uma boa temperatura. E a RAM, dos 8GB, utilizam 7GB no jogo. Devo fazer algum upgrade no PC?
  2. 12gb para jogos vale a pena?

    Configuração: placa-mãe Gigabyte Z97M-D3H Intel Core i5 4570 3.2Ghz Watercooler Corsair H55 GTX 980 EVGA ACX 2.0 2 x 4gb RAM Corsair Vengeance 1600 MHz 1x 120GB SSD Kingston 1 x HD Seagate Barracuda 1tb Fonte Corsair CX600w Reais Tenho observado umas travadas no GTA V e dropando muito fps, antes não travava nada, sempre jogo no high, pode ser apenas a att do jogo, mas gostaria de saber se 3x 4gb faria diferença para jogos? Não será outra vengeance, mas uma xms3 da mesma frequencia.
  3. Solicitação de Analise de Log

    Não resolveu, mas eu voltei ao Ponto de Restauração que você pediu para criar, que foi o momentos antes de realizar a Limpeza pelo OTL, e voltou a pegar.
  4. Solicitação de Analise de Log

    Depois dessa última limpeza o botão do Windows e o botão da ferramenta de Busca não estão abrindo, da barra Iniciar.
  5. Solicitação de Analise de Log

    Está tudo funcionando perfeitamente... Muito obrigada mesmo! Estou sem antivírus porque sempre estava dando conflito com o Windows Defender, me recomenda algum para evitar esses problemas? Novamente, muito obrigada!
  6. Solicitação de Analise de Log

    All processes killed ========== OTL ========== No active process named utorrentie.exe was found! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy| /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Use Chrome's Settings page to remove the default_search_provider items. Use Chrome's Settings page to remove the default_search_provider items. Use Chrome's Settings page to remove the default_search_provider items. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_metadata folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\zh_TW folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\zh_CN folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\vi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\uk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\tr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\th folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ru folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ro folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\pt_PT folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\pt_BR folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\pl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\no folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\nl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ms folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\lv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\lt folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ko folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ja folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\it folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\id folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\hu folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\hi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\he folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\fr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\fil folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\fi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\et folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\es_419 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\es folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\en_US folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\en_GB folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\el folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\de folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\da folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\cs folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ca folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\bg folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ar folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_metadata folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_TW folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_CN folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\vi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\uk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\tr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\th folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ru folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ro folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_PT folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_BR folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\no folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\nl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ms folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lt folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ko folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ja folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\it folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\id folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hu folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\he folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fil folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\et folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es_419 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_US folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_GB folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\el folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\de folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\da folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\cs folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ca folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\bg folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ar folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_metadata folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_TW folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_CN folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\vi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\uk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\tr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\th folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ru folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ro folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_PT folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_BR folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\no folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\nl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ms folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lt folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ko folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ja folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\it folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\id folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hu folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\he folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fil folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\eu folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\et folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es_419 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_US folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_GB folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\el folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\de folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\da folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\cs folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ca folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\bg folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ar folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_metadata folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_TW folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_CN folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\vi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\uk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\tr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\th folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ru folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ro folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_PT folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_BR folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\no folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\nl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lt folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ko folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ja folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\it folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\id folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hu folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\he folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fil folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\es folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\en folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\el folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\de folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\da folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\cs folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ca folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\bg folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ar folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_metadata folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\zh folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\vi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\uk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\tr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\sv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\ru folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\ro folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\pt folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\pl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\lv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\ka folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\it folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\fr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\es folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\en folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\de folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\cs folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales\bg folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\_locales folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\userscripts folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\js\steam folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\js\pages folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\js\long folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\js\lang folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\js\json folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\js\jquery folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\js\highchart\themes folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\js\highchart\modules folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\js\highchart folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\js\common folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\js\ad folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\js folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\html folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\css folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\bundle folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\assets folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_metadata folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\zh_TW folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\zh_CN folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\vi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\uk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\tr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\th folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ru folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ro folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\pt_PT folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\pt_BR folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\pl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\no folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\nl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ms folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\lv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\lt folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ko folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ja folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\it folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\id folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\hu folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\hi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\he folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\fr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\fil folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\fi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\et folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\es_419 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\es folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\en_US folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\en_GB folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\el folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\de folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\da folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\cs folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ca folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\bg folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ar folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fialekndleeclflilkpdcgdbboiibdab\1.2_0\_metadata folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fialekndleeclflilkpdcgdbboiibdab\1.2_0\images folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fialekndleeclflilkpdcgdbboiibdab\1.2_0 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_metadata folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\zu folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\zh_TW folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\zh_HK folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\zh_CN folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\vi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ur folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\uk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\tr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\th folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\te folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ta folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sw folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\si folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ru folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ro folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\pt_PT folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\pt_BR folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\pl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\no folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\nl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ne folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ms folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\mr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\mn folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ml folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\lv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\lt folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\lo folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ko folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\kn folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\km folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ka folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ja folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\iw folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\it folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\is folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\id folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hy folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hu folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\gu folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\gl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fr_CA folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fil folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fa folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\eu folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\et folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\es_419 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\es folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\en_US folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\en_GB folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\el folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\de folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\da folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\cs folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ca folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\bn folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\bg folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\az folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ar folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\am folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\af folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_metadata folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\zh_TW folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\zh_CN folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\vi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\uk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\tr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\th folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\sk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ru folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ro folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\pt_PT folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\pt_BR folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\pl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\nl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\nb folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\lv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\lt folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ko folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ja folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\it folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\id folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\hu folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\hr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\hi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\fr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\fil folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\fi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\et folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\es_419 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\es folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\en_GB folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\en folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\el folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\de folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\da folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\cs folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\ca folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales\bg folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\_locales folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\images folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\html folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\css folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi\3.7.2_0\_metadata folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi\3.7.2_0\_locales\pt_BR folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi\3.7.2_0\_locales\es folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi\3.7.2_0\_locales\en folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi\3.7.2_0\_locales folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi\3.7.2_0 folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_metadata folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_TW folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_CN folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\vi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\uk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\tr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\th folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sk folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\se folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ru folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ro folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_PT folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_BR folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\no folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\nl folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lv folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lt folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ko folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ja folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\it folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\id folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hu folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fr folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fil folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fi folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\es folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\en folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\el folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\de folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\da folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\cs folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ca folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\bg folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ar folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales folder moved successfully. C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0 folder moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_D56F3B76F5A9637417A66989E698E414 deleted successfully. C:\Program Files (x86)\Google\Chrome\Application\chrome.exe moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully. C:\Users\stefa\AppData\Roaming\uTorrent\uTorrent.exe moved successfully. C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk moved successfully. C:\Users\stefa\AppData\Local\MEGAsync\MEGAsync.exe moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully. C:\Users\stefa\AppData\Local\Tempzxpsign49ded06830306c43 folder moved successfully. C:\Users\stefa\AppData\Local\Tempzxpsignc6184000926d7af6 folder moved successfully. C:\Users\stefa\AppData\Local\Tempzxpsignf73a8fa11b1604cb folder moved successfully. C:\Users\stefa\AppData\Local\Tempzxpsign441c4a9449becd10 folder moved successfully. C:\Users\stefa\AppData\Local\Tempzxpsigne77dc7af4634e601 folder moved successfully. C:\Users\stefa\AppData\Local\Tempzxpsign3c9df4de26397b10 folder moved successfully. C:\Users\stefa\AppData\Local\Tempzxpsign0cf05c394ea246d2 folder moved successfully. C:\Users\stefa\AppData\Local\Tempzxpsign07a3c1a08b08de7e folder moved successfully. C:\Users\stefa\AppData\Local\Tempzxpsignd74031f055956f7c folder moved successfully. C:\Users\stefa\AppData\Local\Tempzxpsign89eee270e30d3a60 folder moved successfully. C:\Users\stefa\AppData\Local\Tempzxpsign5a0ed1f9c1f48b2c folder moved successfully. C:\Users\stefa\AppData\Local\Tempzxpsign0a520ac08de6f837 folder moved successfully. C:\Windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat moved successfully. ========== FILES ========== C:\Program Files (x86)\Marcos Velasco Security\MV AntiSpy 4.0\skins folder moved successfully. C:\Program Files (x86)\Marcos Velasco Security\MV AntiSpy 4.0 folder moved successfully. C:\Program Files (x86)\Marcos Velasco Security folder moved successfully. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\ deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\"DefaultConnectionSettings"|hex:3c,00,00,00,15,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,50,b1,0a,41,70,27,c9,01,01,00,00,00,c0,a8,83,41,00,00,00,00,00,00,00,00 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\"SavedLegacySettings"|hex:3c,00,00,00,e6,01,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,50,b1,0a,41,70,27,c9,01,01,00,00,00,c0,a8,83,41,00,00,00,00,00,00,00,00 /E : value set successfully! ========== COMMANDS ========== Restore point Set: OTL Restore Point [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default.migrated User: Public User: stefa ->Temp folder emptied: 2392835 bytes ->Temporary Internet Files folder emptied: 5401228 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 1797 bytes User: Todos os Usuários User: Usuário Padrão ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 223538050 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 32808 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 221,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 10092016_115904 Files\Folders moved on Reboot... File\Folder C:\Users\stefa\AppData\Local\Temp\etilqs_wylhYTDvjgsZhPy not found! C:\Users\stefa\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully. File move failed. C:\Windows\temp\CreativeCloud\ACC\ACC.log scheduled to be moved on reboot. File move failed. C:\Windows\temp\adobegc.log scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:05:11, on 09/10/2016 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.14393.0000) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Users\stefa\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe C:\Users\stefa\Desktop\HijackThis.exe C:\Users\stefa\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe C:\Windows\SysWoW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll O4 - HKCU\..\Run: [EADM] "F:\Arquivos e Programas\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE') O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O17 - HKLM\System\CCS\Services\Tcpip\..\{079e4a8b-93cc-4c6d-98e6-18d2352d0cdb}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{079e4a8b-93cc-4c6d-98e6-18d2352d0cdb}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - F:\Arquivos e Programas\Origin\OriginClientService.exe O23 - Service: Origin Web Helper Service - Electronic Arts - F:\Arquivos e Programas\Origin\OriginWebHelperService.exe O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: WindowsDefenderGASTecnologia - Unknown owner - C:\Program Files (x86)\Windows Defender\WindowsDefenderGASTecnologia.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9794 bytes ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Após o último uso do OTL o Google Chrome não abre mais. Segue em anexo o erro que apresenta:
  7. Solicitação de Analise de Log

    OTL logfile created on: 09/10/2016 07:27:39 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\stefa\Desktop 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.14393.0) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 7,86 Gb Total Physical Memory | 5,50 Gb Available Physical Memory | 69,95% Memory free 9,67 Gb Paging File | 7,14 Gb Available in Paging File | 73,77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 111,30 Gb Total Space | 37,06 Gb Free Space | 33,30% Space Free | Partition Type: NTFS Drive D: | 500,00 Mb Total Space | 177,70 Mb Free Space | 35,54% Space Free | Partition Type: NTFS Drive E: | 390,14 Gb Total Space | 296,97 Gb Free Space | 76,12% Space Free | Partition Type: NTFS Drive F: | 540,89 Gb Total Space | 256,67 Gb Free Space | 47,45% Space Free | Partition Type: NTFS Computer Name: DESKTOP-9L5P09H | User Name: stefa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days ========== Processes (SafeList) ========== PRC - File not found -- PRC - [2016/10/09 07:26:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\stefa\Desktop\OTL.exe PRC - [2016/10/08 22:21:44 | 000,387,072 | ---- | M] (BitTorrent Inc.) -- C:\Users\stefa\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe PRC - [2016/10/08 22:21:42 | 002,375,360 | ---- | M] (BitTorrent Inc.) -- C:\Users\stefa\AppData\Roaming\uTorrent\uTorrent.exe PRC - [2016/09/30 01:24:23 | 000,419,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe PRC - [2016/09/30 01:24:21 | 009,188,800 | ---- | M] (Node.js) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe PRC - [2016/09/26 13:55:26 | 002,207,960 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe PRC - [2016/09/26 10:50:18 | 000,633,024 | ---- | M] (Microsoft Corporation) -- C:\Users\stefa\AppData\Local\Microsoft\OneDrive\OneDrive.exe PRC - [2016/09/20 12:27:16 | 002,206,224 | ---- | M] (Electronic Arts) -- F:\Arquivos e Programas\Origin\OriginWebHelperService.exe PRC - [2016/09/16 11:24:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2016/08/24 08:45:06 | 000,744,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe PRC - [2016/08/18 17:18:06 | 005,128,144 | ---- | M] (Mega Limited) -- C:\Users\stefa\AppData\Local\MEGAsync\MEGAsync.exe PRC - [2016/08/10 15:58:12 | 000,631,520 | ---- | M] (GAS Tecnologia) -- C:\PROGRA~2\GbPlugin\GbpSv.exe PRC - [2016/07/19 21:11:05 | 000,187,824 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe ========== Modules (No Company Name) ========== MOD - [2016/09/30 01:24:21 | 000,018,880 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll MOD - [2016/09/29 14:20:53 | 002,801,208 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node MOD - [2016/09/29 14:20:53 | 000,516,152 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node MOD - [2016/09/29 14:20:53 | 000,500,792 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node MOD - [2016/09/29 14:20:53 | 000,439,232 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node MOD - [2016/09/29 14:20:53 | 000,430,648 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node MOD - [2016/09/29 14:20:53 | 000,373,696 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node MOD - [2016/09/29 14:20:53 | 000,356,288 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node MOD - [2016/09/29 14:20:53 | 000,336,832 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node MOD - [2016/09/29 14:20:53 | 000,255,936 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node MOD - [2016/09/29 14:20:53 | 000,244,672 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node MOD - [2016/09/26 10:50:37 | 000,118,976 | ---- | M] () -- C:\Users\stefa\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll MOD - [2016/09/26 10:50:19 | 001,383,616 | ---- | M] () -- C:\Users\stefa\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll MOD - [2016/04/13 05:38:34 | 000,482,304 | ---- | M] () -- C:\Users\stefa\AppData\Local\MEGAsync\libsodium.dll ========== Services (SafeList) ========== SRV:64bit: - [2016/09/26 03:40:18 | 000,804,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer) SRV:64bit: - [2016/09/26 03:40:18 | 000,447,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2016/09/26 03:40:12 | 002,264,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:64bit: - [2016/09/26 03:40:12 | 001,312,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService) SRV:64bit: - [2016/09/26 03:40:12 | 001,232,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc) SRV:64bit: - [2016/09/26 03:40:12 | 000,781,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc) SRV:64bit: - [2016/09/26 03:40:10 | 000,770,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2016/09/26 03:40:10 | 000,539,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc) SRV:64bit: - [2016/09/26 03:40:10 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager) SRV:64bit: - [2016/09/26 03:40:06 | 001,014,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager) SRV:64bit: - [2016/09/26 03:40:06 | 000,764,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV:64bit: - [2016/09/26 03:40:06 | 000,095,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate) SRV:64bit: - [2016/09/26 03:40:06 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker) SRV:64bit: - [2016/09/26 03:40:06 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:64bit: - [2016/09/24 22:51:38 | 000,374,360 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService2.0.0.0) SRV:64bit: - [2016/07/16 20:15:50 | 001,227,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AgentService.exe -- (UevAgentService) SRV:64bit: - [2016/07/16 20:15:42 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2016/07/16 20:15:37 | 000,823,136 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AppVClient.exe -- (AppVClient) SRV:64bit: - [2016/07/16 08:43:51 | 000,650,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo) SRV:64bit: - [2016/07/16 08:43:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2016/07/16 08:43:47 | 000,560,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:64bit: - [2016/07/16 08:43:47 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService) SRV:64bit: - [2016/07/16 08:43:18 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2016/07/16 08:43:10 | 001,836,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:64bit: - [2016/07/16 08:42:43 | 000,691,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2016/07/16 08:42:42 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2016/07/16 08:42:39 | 000,285,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc) SRV:64bit: - [2016/07/16 08:42:39 | 000,161,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc) SRV:64bit: - [2016/07/16 08:42:38 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc) SRV:64bit: - [2016/07/16 08:42:38 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV:64bit: - [2016/07/16 08:42:38 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc) SRV:64bit: - [2016/07/16 08:42:38 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice) SRV:64bit: - [2016/07/16 08:42:38 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2016/07/16 08:42:37 | 000,718,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2016/07/16 08:42:36 | 001,020,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager) SRV:64bit: - [2016/07/16 08:42:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc) SRV:64bit: - [2016/07/16 08:42:28 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService) SRV:64bit: - [2016/07/16 08:42:27 | 001,980,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack) SRV:64bit: - [2016/07/16 08:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2016/07/16 08:42:27 | 000,614,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc) SRV:64bit: - [2016/07/16 08:42:27 | 000,265,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc) SRV:64bit: - [2016/07/16 08:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2016/07/16 08:42:27 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service) SRV:64bit: - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_76f005) SRV:64bit: - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_76f005) SRV:64bit: - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_76f005) SRV:64bit: - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_76f005) SRV:64bit: - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_76f005) SRV:64bit: - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_76f005) SRV:64bit: - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_76f005) SRV:64bit: - [2016/07/16 08:42:23 | 000,366,592 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc) SRV:64bit: - [2016/07/16 08:42:22 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2016/07/16 08:42:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:64bit: - [2016/07/16 08:42:19 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:64bit: - [2016/07/16 08:42:16 | 000,287,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService) SRV:64bit: - [2016/07/16 08:42:16 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2016/07/16 08:42:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2016/07/16 08:42:13 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter) SRV:64bit: - [2016/07/16 08:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2016/07/16 08:42:12 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService) SRV:64bit: - [2016/07/16 08:42:09 | 001,512,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc) SRV:64bit: - [2016/07/16 08:42:09 | 001,184,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,983,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2016/07/16 08:42:09 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:64bit: - [2016/07/16 08:42:09 | 000,326,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,234,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService) SRV:64bit: - [2016/07/16 08:42:09 | 000,203,776 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService) SRV:64bit: - [2016/07/16 08:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker) SRV:64bit: - [2016/07/16 08:42:07 | 001,159,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave) SRV:64bit: - [2016/07/16 08:42:06 | 004,136,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository) SRV:64bit: - [2016/07/16 08:42:06 | 000,729,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC) SRV:64bit: - [2016/07/16 08:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter) SRV:64bit: - [2016/07/16 08:42:05 | 002,104,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2016/07/16 08:42:05 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc) SRV:64bit: - [2016/07/16 08:42:05 | 000,337,408 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc) SRV:64bit: - [2016/07/16 08:42:05 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2016/07/16 08:42:05 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc) SRV:64bit: - [2016/07/16 08:42:05 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode) SRV:64bit: - [2016/07/16 08:42:04 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost) SRV:64bit: - [2016/07/16 08:42:02 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss) SRV:64bit: - [2016/07/16 08:42:02 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv) SRV:64bit: - [2016/07/16 08:42:02 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession) SRV:64bit: - [2016/07/16 08:42:02 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2016/07/16 08:42:02 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2016/07/16 08:42:02 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2016/07/16 08:42:02 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:64bit: - [2016/07/16 08:42:02 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:64bit: - [2016/07/16 08:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2016/07/16 08:41:50 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv) SRV - [2016/10/05 18:21:30 | 001,459,488 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2016/10/01 16:25:04 | 000,424,384 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe -- (Stereo Service) SRV - [2016/09/30 01:24:25 | 000,455,616 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerNetworkService) SRV - [2016/09/30 01:24:25 | 000,455,616 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerLocalSystem) SRV - [2016/09/30 01:24:20 | 001,163,712 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe -- (NVIDIA Wireless Controller Service) SRV - [2016/09/26 13:55:26 | 002,207,960 | ---- | M] (Adobe Systems, Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe -- (AGSService) SRV - [2016/09/26 11:03:09 | 000,275,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Sejergecoocety\Kgteng.dll -- (Rotution) SRV - [2016/09/26 03:40:06 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV - [2016/09/26 03:40:06 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2016/09/24 22:51:39 | 000,302,176 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2016/09/20 12:27:16 | 002,206,224 | ---- | M] (Electronic Arts) [Auto | Running] -- F:\Arquivos e Programas\Origin\OriginWebHelperService.exe -- (Origin Web Helper Service) SRV - [2016/09/20 12:27:15 | 002,141,192 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- F:\Arquivos e Programas\Origin\OriginClientService.exe -- (Origin Client Service) SRV - [2016/09/16 11:24:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2016/08/24 08:45:06 | 000,744,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe -- (AdobeUpdateService) SRV - [2016/08/10 15:58:12 | 000,631,520 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv) SRV - [2016/08/01 09:12:37 | 001,404,936 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService) SRV - [2016/07/19 21:11:05 | 000,187,824 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe -- (Razer Game Scanner Service) SRV - [2016/07/16 08:43:02 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV - [2016/07/16 08:42:55 | 003,369,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository) SRV - [2016/07/16 08:42:55 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc) SRV - [2016/07/16 08:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2016/06/22 08:44:20 | 000,925,744 | ---- | M] (GAS Tecnologia LTDA) [Auto | Running] -- C:\Arquivos de Programas\Diebold\Warsaw\core.exe -- (Warsaw Technology) SRV - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) ========== Driver Services (SafeList) ========== DRV:64bit: - [2016/10/08 23:35:35 | 000,028,888 | ---- | M] (GAS Tecnologia) [File_System | System | Running] -- C:\Windows\SysNative\drivers\gbpddfac64.sys -- (gbpddfac) DRV:64bit: - [2016/10/08 23:35:16 | 000,101,080 | ---- | M] (GAS Tecnologia) [File_System | System | Running] -- C:\Windows\SysNative\drivers\wsddfac.sys -- (wsddfac) DRV:64bit: - [2016/10/05 02:19:56 | 014,249,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\nv_dispi.inf_amd64_3baaab0007230109\nvlddmkm.sys -- (nvlddmkm) DRV:64bit: - [2016/10/01 18:11:43 | 000,223,304 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2016/09/26 03:40:18 | 000,108,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:64bit: - [2016/09/26 03:40:12 | 000,062,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:64bit: - [2016/09/26 03:40:06 | 000,279,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2016/09/26 03:40:06 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2016/09/26 03:40:06 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:64bit: - [2016/09/26 03:40:06 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice) DRV:64bit: - [2016/09/26 03:40:06 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid) DRV:64bit: - [2016/09/26 03:36:54 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof) DRV:64bit: - [2016/09/24 22:51:37 | 007,936,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2016/09/02 08:17:39 | 000,046,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:64bit: - [2016/08/16 19:45:55 | 000,202,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64) DRV:64bit: - [2016/07/16 20:16:02 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2016/07/16 20:15:55 | 000,179,040 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mssecflt.sys -- (MsSecFlt) DRV:64bit: - [2016/07/16 20:15:50 | 000,040,288 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\UevAgentDriver.sys -- (UevAgentDriver) DRV:64bit: - [2016/07/16 20:15:42 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2016/07/16 20:15:39 | 000,123,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) DRV:64bit: - [2016/07/16 20:15:37 | 000,157,024 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVemgr.sys -- (AppvVemgr) DRV:64bit: - [2016/07/16 20:15:37 | 000,141,152 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVfs.sys -- (AppvVfs) DRV:64bit: - [2016/07/16 20:15:37 | 000,126,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppVStrm.sys -- (AppvStrm) DRV:64bit: - [2016/07/16 08:44:01 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2016/07/16 08:43:06 | 000,123,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:64bit: - [2016/07/16 08:43:04 | 000,290,144 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2016/07/16 08:43:04 | 000,044,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2016/07/16 08:42:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2016/07/16 08:42:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2016/07/16 08:42:36 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2016/07/16 08:42:36 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr) DRV:64bit: - [2016/07/16 08:42:35 | 000,928,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refsv1.sys -- (ReFSv1) DRV:64bit: - [2016/07/16 08:42:35 | 000,376,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:64bit: - [2016/07/16 08:42:35 | 000,227,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:64bit: - [2016/07/16 08:42:35 | 000,045,920 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate) DRV:64bit: - [2016/07/16 08:42:28 | 000,107,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT) DRV:64bit: - [2016/07/16 08:42:28 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv) DRV:64bit: - [2016/07/16 08:42:27 | 000,263,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000) DRV:64bit: - [2016/07/16 08:42:27 | 000,201,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2016/07/16 08:42:27 | 000,151,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:64bit: - [2016/07/16 08:42:27 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101) DRV:64bit: - [2016/07/16 08:42:27 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101) DRV:64bit: - [2016/07/16 08:42:27 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2016/07/16 08:42:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt) DRV:64bit: - [2016/07/16 08:42:27 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2016/07/16 08:42:27 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000) DRV:64bit: - [2016/07/16 08:42:27 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:64bit: - [2016/07/16 08:42:27 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd) DRV:64bit: - [2016/07/16 08:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2016/07/16 08:42:27 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2016/07/16 08:42:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist) DRV:64bit: - [2016/07/16 08:42:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS) DRV:64bit: - [2016/07/16 08:42:18 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2016/07/16 08:42:13 | 000,719,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi) DRV:64bit: - [2016/07/16 08:42:12 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda) DRV:64bit: - [2016/07/16 08:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:64bit: - [2016/07/16 08:42:09 | 000,168,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2016/07/16 08:42:09 | 000,156,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2016/07/16 08:42:09 | 000,119,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs) DRV:64bit: - [2016/07/16 08:42:09 | 000,070,144 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg) DRV:64bit: - [2016/07/16 08:42:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs) DRV:64bit: - [2016/07/16 08:42:03 | 000,210,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000) DRV:64bit: - [2016/07/16 08:42:03 | 000,126,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2016/07/16 08:42:03 | 000,090,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx) DRV:64bit: - [2016/07/16 08:42:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt) DRV:64bit: - [2016/07/16 08:42:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt) DRV:64bit: - [2016/07/16 08:42:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx) DRV:64bit: - [2016/07/16 08:42:03 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf) DRV:64bit: - [2016/07/16 08:41:55 | 000,535,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2016/07/16 08:41:55 | 000,381,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2016/07/16 08:41:55 | 000,220,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2016/07/16 08:41:55 | 000,137,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys) DRV:64bit: - [2016/07/16 08:41:55 | 000,096,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea) DRV:64bit: - [2016/07/16 08:41:55 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2016/07/16 08:41:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi) DRV:64bit: - [2016/07/16 08:41:55 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea) DRV:64bit: - [2016/07/16 08:41:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys) DRV:64bit: - [2016/07/16 08:41:55 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn) DRV:64bit: - [2016/07/16 08:41:55 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy) DRV:64bit: - [2016/07/16 08:41:54 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip) DRV:64bit: - [2016/07/16 08:41:54 | 000,176,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C) DRV:64bit: - [2016/07/16 08:41:54 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c) DRV:64bit: - [2016/07/16 08:41:54 | 000,064,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2) DRV:64bit: - [2016/07/16 08:41:54 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2016/07/16 08:41:54 | 000,050,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2016/07/16 08:41:54 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt) DRV:64bit: - [2016/07/16 08:41:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter) DRV:64bit: - [2016/07/16 08:41:54 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2016/07/16 08:41:54 | 000,033,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio) DRV:64bit: - [2016/07/16 08:41:54 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2016/07/16 08:41:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2016/07/16 08:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd) DRV:64bit: - [2016/07/16 08:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:64bit: - [2016/07/16 08:41:53 | 000,842,584 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus) DRV:64bit: - [2016/07/16 08:41:53 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:64bit: - [2016/07/16 08:41:53 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64) DRV:64bit: - [2016/07/16 08:41:53 | 000,544,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2016/07/16 08:41:53 | 000,526,176 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus) DRV:64bit: - [2016/07/16 08:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi) DRV:64bit: - [2016/07/16 08:41:53 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2016/07/16 08:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2016/07/16 08:41:53 | 000,131,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:64bit: - [2016/07/16 08:41:53 | 000,123,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scmdisk0101.sys -- (scmdisk0101) DRV:64bit: - [2016/07/16 08:41:53 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg) DRV:64bit: - [2016/07/16 08:41:53 | 000,108,896 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr) DRV:64bit: - [2016/07/16 08:41:53 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:64bit: - [2016/07/16 08:41:53 | 000,105,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i) DRV:64bit: - [2016/07/16 08:41:53 | 000,101,216 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i) DRV:64bit: - [2016/07/16 08:41:53 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus) DRV:64bit: - [2016/07/16 08:41:53 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2016/07/16 08:41:53 | 000,082,776 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2016/07/16 08:41:53 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2016/07/16 08:41:53 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2016/07/16 08:41:53 | 000,064,864 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs) DRV:64bit: - [2016/07/16 08:41:53 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2016/07/16 08:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2016/07/16 08:41:53 | 000,061,792 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i) DRV:64bit: - [2016/07/16 08:41:53 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i) DRV:64bit: - [2016/07/16 08:41:53 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2016/07/16 08:41:53 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2016/07/16 08:41:53 | 000,032,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs) DRV:64bit: - [2016/07/16 08:41:53 | 000,032,096 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad) DRV:64bit: - [2016/07/16 08:41:53 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2016/07/16 08:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:64bit: - [2016/07/16 08:41:53 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2016/07/16 08:41:53 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev) DRV:64bit: - [2016/07/16 08:41:53 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume) DRV:64bit: - [2016/07/16 08:41:53 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2016/07/16 08:41:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2016/07/16 08:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:64bit: - [2016/07/16 08:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn) DRV:64bit: - [2016/07/16 08:41:52 | 003,418,976 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2016/07/16 08:41:52 | 000,533,856 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2016/07/16 08:41:52 | 000,048,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:64bit: - [2016/07/16 08:41:52 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:64bit: - [2016/07/16 08:41:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:64bit: - [2016/07/16 08:41:50 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:64bit: - [2016/07/16 08:41:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2016/07/16 08:41:50 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:64bit: - [2016/07/16 08:41:50 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2016/07/16 08:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus) DRV:64bit: - [2016/07/16 08:41:50 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2016/07/16 08:41:50 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2016/07/16 08:41:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2016/07/16 08:41:50 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2016/07/16 08:41:50 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid) DRV:64bit: - [2016/06/27 18:53:44 | 000,136,312 | ---- | M] (Razer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rzpnk.sys -- (rzpnk) DRV:64bit: - [2016/06/23 08:55:34 | 000,203,288 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd) DRV:64bit: - [2016/06/23 08:55:20 | 000,051,736 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt) DRV:64bit: - [2016/05/06 19:50:37 | 000,044,144 | ---- | M] (Razer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rzpmgrk.sys -- (rzpmgrk) DRV:64bit: - [2016/03/10 14:09:10 | 000,065,408 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl) DRV:64bit: - [2016/03/10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2016/02/15 04:57:36 | 000,040,640 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RzSurroundVAD.sys -- (RZSURROUNDVADService) DRV:64bit: - [2015/07/16 18:04:28 | 000,472,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2015/03/18 10:23:04 | 000,103,640 | ---- | M] (GAS Tecnologia) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wsddpp.sys -- (wsddpp) DRV - [2016/10/05 02:19:56 | 014,249,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3baaab0007230109\nvlddmkm.sys -- (nvlddmkm) DRV - [2016/09/30 01:24:05 | 000,027,584 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Arquivos de Programas\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms) DRV - [2016/08/10 15:58:12 | 000,029,912 | ---- | M] (GAS Tecnologia) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\GbPlugin\gbprcm64.sys -- (GBPRCM) DRV - [2016/08/10 15:58:12 | 000,024,792 | ---- | M] (GAS Tecnologia LTDA) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\GbPlugin\wsftprp64.sys -- (Warsaw_PP) DRV - [2016/07/16 08:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus) DRV - [2015/07/07 16:06:58 | 000,038,104 | ---- | M] (Basil) [Kernel | Disabled | Running] -- C:\Arquivos de Programas\Diebold\Warsaw\WinDivert64.sys -- (WinDivert1.1) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 48 00 00 00 49 0A 58 BF 80 97 C0 33 31 BC 66 8A CD FF 14 15 BE 43 21 28 43 DB 65 67 5C 78 D8 3D 60 62 9D 4E DF 9C D5 A0 9F 84 5F 77 DD 40 9F 72 97 91 69 1B F2 F6 94 3A 04 E0 87 C9 22 D4 0C 19 E1 2E 24 04 24 3B C7 60 49 BC 60 AE 02 00 00 00 0E 00 00 00 41 43 35 46 52 69 45 42 35 56 77 25 33 64 [Binary data over 200 bytes] IE - HKCU\..\SearchScopes,DefaultScope = {012E1000-F331-11DB-8314-0800200C9A66} IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - Extension: No name found = C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\ CHR - Extension: No name found = C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\ CHR - Extension: No name found = C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\ CHR - Extension: No name found = C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\ CHR - Extension: No name found = C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl\1.9.11.2_0\ CHR - Extension: No name found = C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\ CHR - Extension: No name found = C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fialekndleeclflilkpdcgdbboiibdab\1.2_0\ CHR - Extension: No name found = C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\ CHR - Extension: No name found = C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\ CHR - Extension: No name found = C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi\3.7.2_0\ CHR - Extension: No name found = C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ CHR - Extension: No name found = C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5316.725.0.15_0\ O1 HOSTS File: ([2016/10/08 13:08:37 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil) O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal) O4:64bit: - HKLM..\Run: [WindowsDefender] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation) O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) O4 - HKCU..\Run: [EADM] F:\Arquivos e Programas\Origin\Origin.exe (Electronic Arts) O4 - HKCU..\Run: [GoogleChromeAutoLaunch_D56F3B76F5A9637417A66989E698E414] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) O4 - HKCU..\Run: [uTorrent] C:\Users\stefa\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) O4 - Startup: C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk = C:\Users\stefa\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www14] https in Trusted sites) O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www2] https in Trusted sites) O15 - HKCU\..Trusted Domains: bb.com.br ([seg] https in Trusted sites) O15 - HKCU\..Trusted Domains: bb.com.br ([www] http in Trusted sites) O15 - HKCU\..Trusted Domains: caixa.gov.br ([imagem] https in Trusted sites) O15 - HKCU\..Trusted Domains: caixa.gov.br ([imagem2] https in Trusted sites) O15 - HKCU\..Trusted Domains: caixa.gov.br ([internetbanking] https in Trusted sites) O15 - HKCU\..Trusted Domains: caixa.gov.br ([internetbankingpf] https in Trusted sites) O15 - HKCU\..Trusted Domains: caixa.gov.br ([www] http in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{079e4a8b-93cc-4c6d-98e6-18d2352d0cdb}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32280bf5-4196-4adc-bf22-35d5aa9f646d}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\Windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\Windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil) O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\Program Files (x86)\GbPlugin\gbiehCef.dll) - C:\Program Files (x86)\GbPlugin\gbiehCef.dll (Caixa Economica Federal) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal) O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2016/10/08 12:20:26 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) CREATERESTOREPOINT Restore point Set: OTL Restore Point NetSvcs:64bit: shpamsvc - C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) NetSvcs:64bit: XblGameSave - C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation) NetSvcs:64bit: UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation) NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) NetSvcs:64bit: lfsvc - C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation) NetSvcs:64bit: DmEnrollmentSvc - C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation) NetSvcs:64bit: dmwappushservice - C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation) NetSvcs:64bit: wisvc - C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation) NetSvcs:64bit: WpnService - C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation) NetSvcs:64bit: XboxNetApiSvc - C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation) NetSvcs:64bit: DcpSvc - C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation) NetSvcs:64bit: RetailDemo - C:\Windows\SysNative\RDXService.dll (Microsoft Corporation) NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) NetSvcs:64bit: NetSetupSvc - C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation) NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) NetSvcs:64bit: dosvc - C:\Windows\SysNative\dosvc.dll (Microsoft Corporation) NetSvcs:64bit: XblAuthManager - C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation) NetSvcs:64bit: UsoSvc - C:\Windows\SysNative\usocore.dll (Microsoft Corporation) ========== Files/Folders - Created Within 90 Days ========== [2016/10/09 07:28:29 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp [2016/10/09 07:25:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\stefa\Desktop\OTL.exe [2016/10/08 23:35:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2016/10/08 23:34:25 | 000,000,000 | ---D | C] -- C:\Windows\Temp [2016/10/08 23:34:25 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Temp [2016/10/08 21:57:55 | 000,000,000 | ---D | C] -- C:\zoek_backup [2016/10/08 19:38:16 | 000,044,144 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\rzpmgrk.sys [2016/10/08 19:27:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2016/10/08 19:25:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marcos Velasco Security [2016/10/08 19:25:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marcos Velasco Security [2016/10/08 17:52:15 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\stefa\Desktop\HijackThis.exe [2016/10/08 17:33:00 | 001,631,928 | ---- | C] (Malwarebytes) -- C:\Users\stefa\Desktop\JRT.exe [2016/10/08 13:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2016/10/08 13:33:25 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2016/10/08 13:31:00 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Apps [2016/10/08 13:16:54 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2016/10/08 13:16:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [2016/10/08 13:16:35 | 000,140,672 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamchameleon.sys [2016/10/08 13:16:35 | 000,065,408 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys [2016/10/08 13:16:35 | 000,027,008 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys [2016/10/08 13:16:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware [2016/10/08 13:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2016/10/08 12:47:54 | 001,016,704 | ---- | C] (Enigma Software Group USA, LLC.) -- C:\Windows\SysNative\ExecutionGuard.dll [2016/10/08 12:42:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2016/10/08 12:33:21 | 000,000,000 | ---D | C] -- C:\Users\stefa\Desktop\www.ratondownloads.com.br-SpyHunter [2016/10/08 12:20:14 | 000,000,000 | ---D | C] -- C:\Users\stefa\Start Menu [2016/10/08 11:33:59 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Bangboat [2016/10/08 11:33:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bangboat [2016/10/08 11:32:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log [2016/10/06 18:56:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VulkanRT [2016/10/05 11:18:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AdobeGC [2016/10/02 20:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire [2016/10/02 20:27:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FinalWire [2016/09/29 11:30:40 | 000,000,000 | ---D | C] -- C:\Users\stefa\OneDrive\Documentos\MEGAsync Downloads [2016/09/29 11:30:16 | 000,000,000 | ---D | C] -- C:\Users\stefa\OneDrive\Documentos\MEGA [2016/09/29 11:29:51 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Mega Limited [2016/09/29 11:29:49 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync [2016/09/29 11:29:48 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\MEGAsync [2016/09/26 17:16:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diebold [2016/09/26 17:15:11 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2016/09/26 11:04:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SSL [2016/09/26 11:04:07 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\BrowserModule [2016/09/26 11:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2016/09/26 11:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg [2016/09/26 11:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2016/09/26 11:03:09 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\Profiles [2016/09/26 11:03:09 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Gwchhuzught [2016/09/26 11:03:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sejergecoocety [2016/09/26 10:50:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive [2016/09/26 10:48:39 | 000,000,000 | R--D | C] -- C:\Users\stefa\Downloads [2016/09/26 10:48:37 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\ConnectedDevicesPlatform [2016/09/26 03:48:31 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared [2016/09/26 03:48:00 | 000,000,000 | -HSD | C] -- C:\Recovery [2016/09/26 03:48:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop [2016/09/26 03:44:17 | 000,000,000 | --SD | C] -- C:\Users\stefa\AppData\Roaming\Microsoft [2016/09/26 03:44:17 | 000,000,000 | R--D | C] -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [2016/09/26 03:44:17 | 000,000,000 | R--D | C] -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2016/09/26 03:44:17 | 000,000,000 | R--D | C] -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2016/09/26 03:44:17 | 000,000,000 | R--D | C] -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2016/09/26 03:44:17 | 000,000,000 | -HSD | C] -- C:\Users\stefa\AppData\Local\Temporary Internet Files [2016/09/26 03:44:17 | 000,000,000 | -HSD | C] -- C:\Users\stefa\SendTo [2016/09/26 03:44:17 | 000,000,000 | -HSD | C] -- C:\Users\stefa\Recent [2016/09/26 03:44:17 | 000,000,000 | -HSD | C] -- C:\Users\stefa\Modelos [2016/09/26 03:44:17 | 000,000,000 | -HSD | C] -- C:\Users\stefa\Meus Documentos [2016/09/26 03:44:17 | 000,000,000 | -HSD | C] -- C:\Users\stefa\Menu Iniciar [2016/09/26 03:44:17 | 000,000,000 | -HSD | C] -- C:\Users\stefa\AppData\Local\Histórico [2016/09/26 03:44:17 | 000,000,000 | -HSD | C] -- C:\Users\stefa\Dados de Aplicativos [2016/09/26 03:44:17 | 000,000,000 | -HSD | C] -- C:\Users\stefa\AppData\Local\Dados de Aplicativos [2016/09/26 03:44:17 | 000,000,000 | -HSD | C] -- C:\Users\stefa\Cookies [2016/09/26 03:44:17 | 000,000,000 | -HSD | C] -- C:\Users\stefa\Configurações Locais [2016/09/26 03:44:17 | 000,000,000 | -HSD | C] -- C:\Users\stefa\Ambiente de Rede [2016/09/26 03:44:17 | 000,000,000 | -HSD | C] -- C:\Users\stefa\Ambiente de Impressão [2016/09/26 03:44:17 | 000,000,000 | -H-D | C] -- C:\Users\stefa\AppData [2016/09/26 03:44:17 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Microsoft [2016/09/26 03:44:17 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2016/09/26 03:43:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer [2016/09/26 03:43:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer [2016/09/26 03:43:33 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2016/09/26 03:43:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2016/09/26 03:43:19 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2016/09/26 03:43:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2016/09/26 03:43:14 | 000,100,488 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.DLL [2016/09/26 03:43:13 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2016/09/26 03:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel [2016/09/26 03:42:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SleepStudy [2016/09/26 03:42:45 | 000,000,000 | ---D | C] -- C:\Windows\ServiceProfiles [2016/09/26 03:42:45 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2016/09/26 03:42:18 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2016/09/26 03:40:54 | 000,000,000 | ---D | C] -- C:\Windows.old [2016/09/26 03:40:15 | 000,141,824 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysWow64\DscCoreConfProv.dll [2016/09/26 03:40:10 | 000,204,288 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\DscCoreConfProv.dll [2016/09/26 03:38:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Microsoft [2016/09/26 03:37:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer [2016/09/26 03:37:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies [2016/09/26 03:37:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild [2016/09/26 03:37:15 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2016/09/26 03:37:15 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2016/09/24 22:51:40 | 000,104,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\Intel_OpenCL_ICD32.dll [2016/09/24 22:51:40 | 000,100,488 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\Intel_OpenCL_ICD64.dll [2016/09/19 00:09:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EMACLab [2016/09/19 00:09:52 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gamersclub Anti Cheat [2016/09/19 00:09:43 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\EMACLab [2016/09/16 15:28:31 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Tempzxpsign7a604c3cad3d7f90 [2016/09/16 15:27:57 | 000,000,000 | ---D | C] -- C:\Users\stefa\OneDrive\Documentos\Minhas paletas [2016/09/16 15:22:45 | 000,000,000 | ---D | C] -- C:\ProgramData\VsTelemetry [2016/09/16 15:22:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel [2016/09/16 15:22:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel [2016/09/16 15:22:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Corel [2016/09/16 15:22:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit) [2016/09/16 15:22:06 | 000,000,000 | ---D | C] -- C:\Users\stefa\OneDrive\Documentos\Corel [2016/09/16 15:22:06 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\Corel [2016/09/16 15:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel [2016/09/16 15:21:51 | 000,000,000 | ---D | C] -- C:\Program Files\Corel [2016/09/16 14:46:45 | 000,000,000 | ---D | C] -- C:\ProgramData\UniqueId [2016/09/16 12:44:44 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Tempzxpsign22abbaf7581597e3 [2016/09/16 11:43:05 | 000,028,888 | ---- | C] (GAS Tecnologia) -- C:\Windows\SysNative\drivers\gbpddfac64.sys [2016/09/14 17:16:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT [2016/09/12 12:46:00 | 000,000,000 | ---D | C] -- C:\Users\stefa\.QtWebEngineProcess [2016/09/12 12:45:59 | 000,000,000 | ---D | C] -- C:\Users\stefa\.Origin [2016/09/10 15:50:54 | 000,000,000 | ---D | C] -- C:\Users\stefa\OneDrive\Documentos\FIFA 16 [2016/09/10 15:48:04 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\Macromedia [2016/09/10 15:44:19 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\MotioninJoy [2016/09/10 15:34:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy [2016/09/10 15:34:44 | 000,000,000 | ---D | C] -- C:\Program Files\MotioninJoy [2016/09/10 15:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16 [2016/09/10 15:32:19 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller [2016/09/07 18:23:23 | 000,000,000 | ---D | C] -- C:\Users\stefa\OneDrive\Documentos\Battlefield 1 Open Beta [2016/09/07 09:03:38 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\Origin [2016/09/07 09:03:35 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Origin [2016/09/07 09:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2016/09/07 09:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2016/09/07 09:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2016/09/06 19:21:49 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Tempzxpsign49ded06830306c43 [2016/09/06 19:11:09 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Tempzxpsignc6184000926d7af6 [2016/09/06 14:06:52 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Tempzxpsignf73a8fa11b1604cb [2016/09/05 16:58:51 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Tempzxpsign441c4a9449becd10 [2016/09/04 19:39:53 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Tempzxpsigne77dc7af4634e601 [2016/09/04 18:48:13 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Tempzxpsign3c9df4de26397b10 [2016/09/02 15:13:19 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Tempzxpsign0cf05c394ea246d2 [2016/09/02 15:08:05 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Tempzxpsign07a3c1a08b08de7e [2016/09/02 14:46:44 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Tempzxpsignd74031f055956f7c [2016/09/02 14:46:44 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Tempzxpsign89eee270e30d3a60 [2016/09/02 14:39:37 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Tempzxpsign5a0ed1f9c1f48b2c [2016/09/02 14:39:37 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Tempzxpsign0a520ac08de6f837 [2016/09/02 14:39:33 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\NVIDIA [2016/09/02 14:39:32 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2016/09/02 14:39:24 | 000,000,000 | ---D | C] -- C:\Users\stefa\OneDrive\Documentos\Adobe [2016/09/02 14:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2016/09/02 14:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2016/09/02 14:06:59 | 000,000,000 | R--D | C] -- C:\Users\stefa\Creative Cloud Files [2016/09/02 14:06:59 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2016/08/29 18:52:48 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\Skype [2016/08/26 13:21:07 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\RzStats [2016/08/23 19:44:58 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft [2016/08/23 19:44:04 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Ubisoft Game Launcher [2016/08/23 17:51:31 | 000,103,640 | ---- | C] (GAS Tecnologia) -- C:\Windows\SysNative\drivers\wsddpp.sys [2016/08/23 17:51:31 | 000,101,080 | ---- | C] (GAS Tecnologia) -- C:\Windows\SysNative\drivers\wsddfac.sys [2016/08/23 17:51:24 | 000,000,000 | ---D | C] -- C:\Program Files\Diebold [2016/08/23 17:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\GAS Tecnologia [2016/08/23 17:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\GbPlugin [2016/08/23 17:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GbPlugin [2016/08/21 21:09:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BattlEye [2016/08/21 21:07:36 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\SCE [2016/08/21 21:07:34 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Daybreak Game Company [2016/08/20 08:41:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2016/08/19 15:04:43 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\vlc [2016/08/19 15:04:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2016/08/19 15:04:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2016/08/19 05:12:50 | 000,015,816 | ---- | C] (Razer Inc.) -- C:\Windows\SysWow64\RzStats.IPC.dll [2016/08/17 21:32:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2016/08/17 18:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tradução de Life is Strange Todos Episódios [2016/08/17 18:49:41 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\Steam [2016/08/17 17:23:23 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Rockstar Games [2016/08/17 17:23:22 | 000,000,000 | ---D | C] -- C:\Users\stefa\OneDrive\Documentos\Rockstar Games [2016/08/17 17:22:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games [2016/08/17 17:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games [2016/08/17 17:08:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2016/08/17 16:57:11 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2016/08/17 16:56:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2016/08/17 16:56:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2016/08/17 16:56:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2016/08/17 16:55:42 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\CrashDumps [2016/08/17 16:54:35 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Adobe [2016/08/17 16:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\RzSurroundVAD_1.1.61.0 [2016/08/17 16:30:59 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\TS3Client [2016/08/17 16:30:52 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\TeamSpeak 3 Client [2016/08/17 15:43:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2016/08/17 15:43:40 | 000,000,000 | -HSD | C] -- C:\Users\stefa\IntelGraphicsProfiles [2016/08/17 15:43:39 | 000,000,000 | ---D | C] -- C:\Intel [2016/08/17 09:02:36 | 000,000,000 | ---D | C] -- C:\Users\stefa\OneDrive\Documentos\my games [2016/08/17 01:18:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [2016/08/17 01:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID [2016/08/17 01:18:14 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Programs [2016/08/17 00:57:57 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\uTorrent [2016/08/17 00:45:33 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\ElevatedDiagnostics [2016/08/17 00:43:23 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2016/08/17 00:37:15 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp [2016/08/17 00:37:11 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\WhatsApp [2016/08/17 00:37:10 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\SquirrelTemp [2016/08/17 00:37:10 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\CEF [2016/08/17 00:37:09 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Steam [2016/08/17 00:32:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2016/08/17 00:31:08 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\NVIDIA Corporation [2016/08/17 00:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer [2016/08/17 00:29:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2016/08/17 00:28:10 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2016/08/17 00:28:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2016/08/17 00:27:40 | 000,000,000 | ---D | C] -- C:\NVIDIA [2016/08/17 00:24:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2016/08/17 00:22:05 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\NVIDIA [2016/08/16 23:53:04 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Razer [2016/08/16 20:17:49 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Razer_Inc [2016/08/16 20:17:42 | 000,136,312 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\rzpnk.sys [2016/08/16 20:05:43 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\WinRAR [2016/08/16 19:57:41 | 000,095,400 | ---- | C] (Razer Inc) -- C:\Windows\SysNative\RazerCoinstaller.dll [2016/08/16 19:48:12 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Google [2016/08/16 19:46:55 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\MicrosoftEdge [2016/08/16 19:45:13 | 000,000,000 | R--D | C] -- C:\Users\stefa\OneDrive [2016/08/16 19:44:13 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Comms [2016/08/16 19:43:44 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Publishers [2016/08/16 19:43:26 | 000,000,000 | R--D | C] -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2016/08/16 19:43:26 | 000,000,000 | R--D | C] -- C:\Users\stefa\Searches [2016/08/16 19:43:26 | 000,000,000 | R--D | C] -- C:\Users\stefa\Contacts [2016/08/16 19:43:26 | 000,000,000 | R--D | C] -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2016/08/16 19:43:26 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\VirtualStore [2016/08/16 19:43:26 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\TileDataLayer [2016/08/16 19:43:26 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Local\Packages [2016/08/16 19:43:26 | 000,000,000 | ---D | C] -- C:\Users\stefa\AppData\Roaming\Adobe [2016/08/16 19:42:47 | 000,000,000 | R--D | C] -- C:\Users\stefa\Videos [2016/08/16 19:42:47 | 000,000,000 | R--D | C] -- C:\Users\stefa\Saved Games [2016/08/16 19:42:47 | 000,000,000 | R--D | C] -- C:\Users\stefa\Pictures [2016/08/16 19:42:47 | 000,000,000 | R--D | C] -- C:\Users\stefa\Music [2016/08/16 19:42:47 | 000,000,000 | R--D | C] -- C:\Users\stefa\Links [2016/08/16 19:42:47 | 000,000,000 | R--D | C] -- C:\Users\stefa\Favorites [2016/08/16 19:42:47 | 000,000,000 | R--D | C] -- C:\Users\stefa\Documents [2016/08/16 19:42:47 | 000,000,000 | R--D | C] -- C:\Users\stefa\Desktop [2016/08/16 19:39:45 | 000,000,000 | ---D | C] -- C:\Windows\CSC [2016/08/16 19:39:32 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2016/08/16 19:39:31 | 000,000,000 | -HSD | C] -- C:\Program Files\Common Files\Sistema [2016/08/16 19:39:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelos [2016/08/16 19:39:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas Músicas [2016/08/16 19:39:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas Imagens [2016/08/16 19:39:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Meus Vídeos [2016/08/16 19:39:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Iniciar [2016/08/16 19:39:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documentos [2016/08/16 19:39:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dados de Aplicativos [2016/08/16 19:39:31 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas [2016/08/16 19:39:31 | 000,000,000 | -HSD | C] -- C:\Program Files\Arquivos Comuns [2016/08/16 19:34:06 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2016/07/16 20:16:18 | 000,104,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\opencl.dll [2016/07/16 20:16:13 | 000,000,000 | -HSD | C] -- C:\Windows\BitLockerDiscoveryVolumeContents [2016/07/16 20:16:13 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender Advanced Threat Protection [2016/07/16 20:16:13 | 000,000,000 | ---D | C] -- C:\Windows\RemotePackages [2016/07/16 20:10:58 | 000,000,000 | ---D | C] -- C:\Windows\OCR [2016/07/16 20:10:32 | 000,000,000 | ---D | C] -- C:\Windows\SKB [2016/07/16 20:09:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\winrm [2016/07/16 20:09:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WCN [2016/07/16 20:09:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sysprep [2016/07/16 20:09:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\slmgr [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\winrm [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WCN [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF\pt-BR [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\pt-BR [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Printing_Admin_Scripts [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF\en-US [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\en-US [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0409 [2016/07/16 20:09:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\slmgr [2016/07/16 20:09:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\UMDF\pt-BR [2016/07/16 20:09:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR [2016/07/16 20:09:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Printing_Admin_Scripts [2016/07/16 20:09:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\UMDF\en-US [2016/07/16 20:09:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\en-US [2016/07/16 20:09:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en [2016/07/16 20:09:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0409 [2016/07/16 20:09:55 | 000,000,000 | ---D | C] -- C:\Windows\pt-BR [2016/07/16 20:09:55 | 000,000,000 | ---D | C] -- C:\Windows\en-US [2016/07/16 20:09:55 | 000,000,000 | ---D | C] -- C:\Windows\DigitalLocker [2016/07/16 08:49:46 | 000,000,000 | ---D | C] -- C:\Windows\Setup [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Nui [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\Nui [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\F12 [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\F12 [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\dsc [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\Downloaded Program Files [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\DiagSvcs [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\DiagSvcs [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Configuration [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\Configuration [2016/07/16 08:47:48 | 000,000,000 | R-SD | C] -- C:\Windows\Media [2016/07/16 08:47:48 | 000,000,000 | R-SD | C] -- C:\Windows\Fonts [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\Windows\PrintDialog [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\Windows\Offline Web Pages [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\Windows\MiracastView [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\Windows\ImmersiveControlPanel [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [2016/07/16 08:47:48 | 000,000,000 | -HSD | C] -- C:\Program Files (x86)\Windows Sidebar [2016/07/16 08:47:48 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2016/07/16 08:47:48 | 000,000,000 | -H-D | C] -- C:\ProgramData [2016/07/16 08:47:48 | 000,000,000 | -H-D | C] -- C:\Windows\ELAMBKUP [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-TW [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-TW [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-HK [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-HK [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-CN [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-CN [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WinMetadata [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WinMetadata [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\winevt [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WindowsPowerShell [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Photo Viewer [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows NT [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Multimedia Platform [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Player [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Mail [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Defender [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WinBioPlugIns [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WinBioDatabase [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Web [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WDI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\wbem [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\wbem [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Vss [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\ProgramData\USOPrivate [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\uk-UA [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\uk-UA [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\twain_32 [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\tr-TR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\tr-TR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\tracing [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\th-TH [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\th-TH [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Tasks [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Tasks [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\TAPI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SystemResources [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SystemResetPlatform [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SystemApps [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\System [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\System [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sv-SE [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sv-SE [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sru [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sru [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sr-Latn-RS [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sr-Latn-RS [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sr-Latn-CS [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sr-Latn-CS [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sppui [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sppui [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spp [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\spp [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\spool [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Speech_OneCore [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Speech_OneCore [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Speech_OneCore [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Speech [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\System\Speech [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Speech [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Speech [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SMI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sl-SI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sl-SI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sk-SK [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sk-SK [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\ShellExperiences [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\setup [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\setup [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Services [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\security [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SecureBootUpdates [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\schemas [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SchCache [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ru-RU [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ru-RU [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ro-RO [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ro-RO [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\restore [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\restore [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Resources [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\rescache [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Registration [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Recovery [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Recovery [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RasToast [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RasToast [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ras [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ras [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pt-PT [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\pt-PT [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pt-BR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\pt-BR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ProximityToast [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Provisioning [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\PolicyDefinitions [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\PointOfService [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pl-PL [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\pl-PL [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\PLA [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Performance [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\oobe [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oobe [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\nl-NL [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nl-NL [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\networklist [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\networklist [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NDF [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NDF [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\nb-NO [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nb-NO [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MUI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MUI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MsDtc [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MsDtc [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MSDRM [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MSDRM [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\ModemLogs [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\migwiz [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\migwiz [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\migration [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\migration [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Migration [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Shared [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MailContactsCalendarSync [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MailContactsCalendarSync [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\lv-LV [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\lv-LV [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\lt-LT [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\lt-LT [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\LogFiles [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\LogFiles [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\LiveKernelReports [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Licenses [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Licenses [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\L2Schemas [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ko-KR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ko-KR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ja-JP [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ja-jp [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\it-IT [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\it-IT [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Ipmi [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Ipmi [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Explorer [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\InstallShield [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\InputMethod [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\InputMethod [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\InputMethod [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\InfusedApps [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\inetsrv [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\inetsrv [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\IME [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\IME [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\IME [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\icsxml [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\icsxml [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\hu-HU [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\hu-HU [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\hr-HR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\hr-HR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Help [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\he-IL [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\he-IL [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\GroupPolicyUsers [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Globalization [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\GameBarPresenceWriter [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\FxsTmp [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\FxsTmp [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr-FR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fr-FR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr-CA [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fr-CA [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fi-FI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fi-FI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\et-EE [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\et-EE [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\etc [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\es-MX [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\es-MX [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\es-ES [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\es-ES [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en-US [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en-US [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en-GB [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en-GB [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\el-GR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\el-GR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\DriverStore [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\diagnostics [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de-DE [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de-DE [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\debug [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DDFs [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\da-DK [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\da-DK [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Cursors [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\cs-CZ [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\cs-CZ [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\config [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Com [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Com [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\CodeIntegrity [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2 [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\catroot [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Bthprops [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Bthprops [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Branding [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Boot [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Boot [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\bg-BG [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\bg-BG [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\bcastdvr [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ar-SA [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ar-SA [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\AppReadiness [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\AppPatch [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AppLocker [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\AppLocker [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\appcompat [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\addins [2016/07/16 08:47:47 | 000,000,000 | R--D | C] -- C:\Program Files\Windows Defender [2016/07/16 08:47:47 | 000,000,000 | R--D | C] -- C:\Windows\Microsoft.NET [2016/07/16 08:47:47 | 000,000,000 | R--D | C] -- C:\Windows\assembly [2016/07/16 08:47:47 | 000,000,000 | -HSD | C] -- C:\Program Files\Windows Sidebar [2016/07/16 08:47:47 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsApps [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\WindowsPowerShell [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Photo Viewer [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Multimedia Platform [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Mail [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\PerfLogs [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\microsoft shared [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2016/07/16 08:47:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\UMDF [2016/07/16 08:47:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers [2016/07/16 08:45:54 | 000,000,000 | ---D | C] -- C:\Windows\INF [2016/07/16 08:42:54 | 000,584,664 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\winsqlite3.dll [2016/07/16 08:42:05 | 000,772,568 | ---- | C] (SQLite Development Team) -- C:\Windows\SysNative\winsqlite3.dll [2016/07/16 08:41:53 | 002,104,160 | ---- | C] (Chelsio Communications) -- C:\Windows\SysNative\drivers\cht4vx64.sys [2016/07/16 08:41:53 | 001,135,456 | ---- | C] (PMC-Sierra) -- C:\Windows\SysNative\drivers\adp80xx.sys [2016/07/16 08:41:53 | 000,842,584 | ---- | C] (Mellanox) -- C:\Windows\SysNative\drivers\mlx4_bus.sys [2016/07/16 08:41:53 | 000,589,824 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\rt640x64.sys [2016/07/16 08:41:53 | 000,526,176 | ---- | C] (Mellanox) -- C:\Windows\SysNative\drivers\ibbus.sys [2016/07/16 08:41:53 | 000,346,976 | ---- | C] (Chelsio Communications) -- C:\Windows\SysNative\drivers\cht4sx64.sys [2016/07/16 08:41:53 | 000,305,504 | ---- | C] (VIA Corporation) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS [2016/07/16 08:41:53 | 000,259,424 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys [2016/07/16 08:41:53 | 000,108,896 | ---- | C] (Mellanox) -- C:\Windows\SysNative\drivers\ndfltr.sys [2016/07/16 08:41:53 | 000,107,360 | ---- | C] (LSI) -- C:\Windows\SysNative\drivers\3ware.sys [2016/07/16 08:41:53 | 000,105,824 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys [2016/07/16 08:41:53 | 000,102,752 | ---- | C] (Chelsio Communications) -- C:\Windows\SysNative\drivers\cht4dx64.sys [2016/07/16 08:41:53 | 000,101,216 | ---- | C] (Avago Technologies) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys [2016/07/16 08:41:53 | 000,082,776 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sss.sys [2016/07/16 08:41:53 | 000,064,864 | ---- | C] (Mellanox) -- C:\Windows\SysNative\drivers\winverbs.sys [2016/07/16 08:41:53 | 000,063,840 | ---- | C] (Marvell Semiconductor, Inc.) -- C:\Windows\SysNative\drivers\mvumis.sys [2016/07/16 08:41:53 | 000,061,792 | ---- | C] (Avago Technologies) -- C:\Windows\SysNative\drivers\percsas3i.sys [2016/07/16 08:41:53 | 000,058,720 | ---- | C] (Avago Technologies) -- C:\Windows\SysNative\drivers\percsas2i.sys [2016/07/16 08:41:53 | 000,032,096 | ---- | C] (Mellanox) -- C:\Windows\SysNative\drivers\winmad.sys [2016/07/16 08:41:53 | 000,009,728 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\bcmfn2.sys [2016/07/16 08:41:53 | 000,009,728 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\bcmfn.sys [2016/07/16 08:36:22 | 000,000,000 | ---D | C] -- C:\Windows\CbsTemp [2016/07/16 03:04:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AdvancedInstallers [2016/07/16 03:04:29 | 000,000,000 | ---D | C] -- C:\Windows\Logs [2016/07/16 03:04:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\AdvancedInstallers [2016/07/16 03:04:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWOW64 [2016/07/16 03:04:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Sysprep [2016/07/16 03:04:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\downlevel [2016/07/16 03:04:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\downlevel [2016/07/16 03:04:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Dism [2016/07/16 03:04:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Dism [2016/07/16 03:04:24 | 000,000,000 | R--D | C] -- C:\Users [2016/07/16 03:04:24 | 000,000,000 | R--D | C] -- C:\Program Files [2016/07/16 03:04:24 | 000,000,000 | R--D | C] -- C:\Program Files (x86) [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows\WinSxS [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows\System32 [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SMI [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows\servicing [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DriverStore [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\config [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\CatRoot [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2016/10/09 07:26:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\stefa\Desktop\OTL.exe [2016/10/09 07:22:03 | 000,000,180 | ---- | M] () -- C:\Windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [2016/10/09 07:21:36 | 3376,320,512 | -HS- | M] () -- C:\hiberfil.sys [2016/10/09 07:21:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2016/10/08 23:41:17 | 001,535,942 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2016/10/08 23:41:17 | 000,794,492 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2016/10/08 23:41:17 | 000,427,436 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat [2016/10/08 23:41:17 | 000,195,586 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2016/10/08 23:41:17 | 000,107,988 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat [2016/10/08 23:36:42 | 000,010,395 | ---- | M] () -- C:\Users\stefa\Desktop\hijackthis3 [2016/10/08 23:35:35 | 000,028,888 | ---- | M] (GAS Tecnologia) -- C:\Windows\SysNative\drivers\gbpddfac64.sys [2016/10/08 23:35:28 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2016/10/08 23:35:22 | 000,000,008 | RHS- | M] () -- C:\Users\stefa\ntuser.pol [2016/10/08 23:35:16 | 000,101,080 | ---- | M] (GAS Tecnologia) -- C:\Windows\SysNative\drivers\wsddfac.sys [2016/10/08 23:35:15 | 000,000,008 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2016/10/08 23:35:13 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys [2016/10/08 22:21:36 | 000,002,684 | ---- | M] () -- C:\Users\stefa\Desktop\µTorrent.lnk [2016/10/08 21:59:49 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe [2016/10/08 19:33:10 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2016/10/08 19:33:10 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2016/10/08 19:30:07 | 000,002,330 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2016/10/08 19:25:42 | 000,001,353 | ---- | M] () -- C:\Users\Public\Desktop\MV AntiSpy 4.0.lnk [2016/10/08 19:13:17 | 000,000,000 | ---- | M] () -- C:\Users\Public\Documents\temp.dat [2016/10/08 17:32:47 | 001,631,928 | ---- | M] (Malwarebytes) -- C:\Users\stefa\Desktop\JRT.exe [2016/10/08 17:25:42 | 003,874,368 | ---- | M] () -- C:\Users\stefa\Desktop\AdwCleaner.exe [2016/10/08 16:16:11 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\stefa\Desktop\HijackThis.exe [2016/10/08 16:06:19 | 000,001,171 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2016/10/08 15:52:24 | 000,080,264 | ---- | M] () -- C:\Users\stefa\Desktop\Sem título.png [2016/10/08 13:34:29 | 000,077,360 | ---- | M] () -- C:\Users\stefa\Desktop\CCleaner.reg [2016/10/08 13:33:26 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2016/10/08 13:08:37 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2016/10/08 13:07:02 | 000,174,966 | ---- | M] () -- C:\spyhunter.fix [2016/10/08 12:20:26 | 000,000,000 | ---- | M] () -- C:\autoexec.bat [2016/10/08 11:30:06 | 000,000,000 | ---- | M] () -- C:\Users\Public\Documents\report.dat [2016/10/06 18:45:36 | 000,001,485 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk [2016/10/02 20:27:21 | 000,001,248 | ---- | M] () -- C:\Users\stefa\Desktop\AIDA64 Extreme.lnk [2016/10/01 18:11:43 | 040,068,544 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll [2016/10/01 18:11:43 | 035,180,992 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll [2016/10/01 18:11:43 | 000,616,832 | ---- | M] () -- C:\Windows\SysNative\nvmcumd.dll [2016/10/01 18:11:43 | 000,040,826 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2016/10/01 16:53:21 | 007,422,645 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [2016/09/30 01:24:33 | 000,120,256 | ---- | M] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll [2016/09/29 16:27:26 | 000,001,951 | ---- | M] () -- C:\Windows\NvContainerRecovery.bat [2016/09/29 11:30:35 | 000,001,093 | ---- | M] () -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016/09/29 11:29:49 | 000,001,125 | ---- | M] () -- C:\Users\stefa\Desktop\MEGAsync.lnk [2016/09/26 17:16:56 | 000,324,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2016/09/26 13:34:47 | 392,196,734 | R--- | M] () -- C:\Users\stefa\OneDrive\Documentos\Pets.A.Vida.Secreta.dos.Bichos.2016.1080p.HDRip.x26.mkv [2016/09/26 03:47:31 | 000,007,623 | ---- | M] () -- C:\Windows\diagwrn.xml [2016/09/26 03:47:31 | 000,007,623 | ---- | M] () -- C:\Windows\diagerr.xml [2016/09/26 03:46:57 | 000,022,956 | ---- | M] () -- C:\Windows\SysNative\emptyregdb.dat [2016/09/26 03:43:14 | 000,000,200 | ---- | M] () -- C:\Windows\SysNative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat [2016/09/26 03:43:14 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\GfxValDisplayLog.bin [2016/09/26 03:40:15 | 000,141,824 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysWow64\DscCoreConfProv.dll [2016/09/26 03:40:10 | 000,204,288 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\DscCoreConfProv.dll [2016/09/26 03:40:06 | 002,681,200 | ---- | M] () -- C:\Windows\SysNative\CoreUIComponents.dll [2016/09/26 03:40:06 | 002,048,496 | ---- | M] () -- C:\Windows\SysWow64\CoreUIComponents.dll [2016/09/24 22:51:40 | 000,104,584 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\opencl.dll [2016/09/24 22:51:40 | 000,104,584 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\Intel_OpenCL_ICD32.dll [2016/09/24 22:51:40 | 000,100,488 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.DLL [2016/09/24 22:51:40 | 000,100,488 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\Intel_OpenCL_ICD64.dll [2016/09/24 22:51:39 | 002,813,952 | ---- | M] () -- C:\Windows\SysNative\iglhxa64.cpa [2016/09/24 22:51:39 | 001,027,680 | ---- | M] () -- C:\Windows\SysNative\igfxSDK.exe [2016/09/24 22:51:39 | 000,403,671 | ---- | M] () -- C:\Windows\SysNative\ImageStabilization.wmv [2016/09/24 22:51:39 | 000,402,520 | ---- | M] () -- C:\Windows\SysNative\igfxTray.exe [2016/09/24 22:51:39 | 000,112,256 | ---- | M] ( ) -- C:\Windows\SysNative\igfxSDKLibv2_0.dll [2016/09/24 22:51:39 | 000,101,512 | ---- | M] ( ) -- C:\Windows\SysNative\igfxSDKLib.dll [2016/09/24 22:51:39 | 000,041,296 | ---- | M] () -- C:\Windows\SysNative\iglhxc64_dev.vp [2016/09/24 22:51:39 | 000,040,931 | ---- | M] () -- C:\Windows\SysNative\iglhxo64_dev.vp [2016/09/24 22:51:39 | 000,040,343 | ---- | M] () -- C:\Windows\SysNative\iglhxo64.vp [2016/09/24 22:51:39 | 000,040,316 | ---- | M] () -- C:\Windows\SysNative\iglhxc64.vp [2016/09/24 22:51:39 | 000,039,798 | ---- | M] () -- C:\Windows\SysNative\iglhxg64_dev.vp [2016/09/24 22:51:39 | 000,039,658 | ---- | M] () -- C:\Windows\SysNative\iglhxg64.vp [2016/09/24 22:51:39 | 000,029,832 | ---- | M] ( ) -- C:\Windows\SysNative\igfxDILibv2_0.dll [2016/09/24 22:51:39 | 000,029,832 | ---- | M] ( ) -- C:\Windows\SysNative\igfxDILib.dll [2016/09/24 22:51:39 | 000,028,296 | ---- | M] ( ) -- C:\Windows\SysNative\igfxEMLibv2_0.dll [2016/09/24 22:51:39 | 000,028,296 | ---- | M] ( ) -- C:\Windows\SysNative\igfxEMLib.dll [2016/09/24 22:51:39 | 000,023,176 | ---- | M] ( ) -- C:\Windows\SysNative\igfxLHMLibv2_0.dll [2016/09/24 22:51:39 | 000,023,168 | ---- | M] ( ) -- C:\Windows\SysNative\igfxLHMLib.dll [2016/09/24 22:51:39 | 000,004,850 | ---- | M] () -- C:\Windows\SysNative\iglhxs64.vp [2016/09/24 22:51:39 | 000,001,125 | ---- | M] () -- C:\Windows\SysNative\iglhxa64.vp [2016/09/24 22:51:38 | 000,274,056 | ---- | M] () -- C:\Windows\SysNative\igfxCPL.cpl [2016/09/24 22:51:38 | 000,104,064 | ---- | M] () -- C:\Windows\SysNative\igfxCUIServicePS.dll [2016/09/24 22:51:38 | 000,095,872 | ---- | M] ( ) -- C:\Windows\SysNative\igfxDHLibv2_0.dll [2016/09/24 22:51:38 | 000,085,128 | ---- | M] ( ) -- C:\Windows\SysNative\igfxDHLib.dll [2016/09/24 22:51:37 | 005,799,386 | ---- | M] () -- C:\Windows\SysNative\igdclbif.bin [2016/09/24 22:51:35 | 000,843,068 | ---- | M] () -- C:\Windows\SysNative\DisplayAudiox64.cab [2016/09/24 22:51:35 | 000,641,530 | ---- | M] () -- C:\Windows\SysNative\FilmModeDetection.wmv [2016/09/24 22:51:35 | 000,511,260 | ---- | M] () -- C:\Windows\SysNative\cp_resources.bin [2016/09/24 22:51:35 | 000,375,173 | ---- | M] () -- C:\Windows\SysNative\ColorImageEnhancement.wmv [2016/09/24 22:51:35 | 000,000,935 | ---- | M] () -- C:\Windows\SysNative\Gfxv4_0.exe.config [2016/09/24 22:51:35 | 000,000,935 | ---- | M] () -- C:\Windows\SysNative\DPTopologyApp.exe.config [2016/09/24 22:51:35 | 000,000,895 | ---- | M] () -- C:\Windows\SysNative\Gfxv2_0.exe.config [2016/09/24 22:51:35 | 000,000,895 | ---- | M] () -- C:\Windows\SysNative\DPTopologyAppv2_0.exe.config [2016/09/22 12:52:42 | 000,441,526 | ---- | M] () -- C:\Windows\e535ae8af0f418dfce90f90844a7b175.exe [2016/09/19 00:09:54 | 000,002,231 | ---- | M] () -- C:\Users\stefa\Desktop\GCLauncher.lnk [2016/09/16 21:45:29 | 000,000,669 | ---- | M] () -- C:\Windows\SysNative\nv-vk64.json [2016/09/16 21:45:29 | 000,000,669 | ---- | M] () -- C:\Windows\SysWow64\nv-vk32.json [2016/09/16 15:22:15 | 000,002,420 | ---- | M] () -- C:\Users\Public\Desktop\Corel CONNECT X8 (64-Bit).lnk [2016/09/16 15:22:13 | 000,002,975 | ---- | M] () -- C:\Users\Public\Desktop\Corel CAPTURE X8 (64-Bit).lnk [2016/09/16 15:22:12 | 000,002,333 | ---- | M] () -- C:\Users\Public\Desktop\Corel Font Manager X8 (64-Bit).lnk [2016/09/16 15:22:11 | 000,002,974 | ---- | M] () -- C:\Users\Public\Desktop\Corel PHOTO-PAINT X8 (64-Bit).lnk [2016/09/16 15:22:09 | 000,002,942 | ---- | M] () -- C:\Users\Public\Desktop\CorelDRAW X8 (64-Bit).lnk [2016/09/14 13:27:52 | 000,000,932 | ---- | M] () -- C:\Users\stefa\Desktop\Uplay.lnk [2016/09/12 18:48:22 | 000,002,238 | ---- | M] () -- C:\Users\stefa\Desktop\WhatsApp.lnk [2016/09/10 19:58:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [2016/09/10 15:34:45 | 000,000,968 | ---- | M] () -- C:\Users\Public\Desktop\DS3 Tool.lnk [2016/09/10 15:32:20 | 000,000,889 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 16.lnk [2016/09/09 15:25:58 | 000,269,600 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1-1-0-26-0.dll [2016/09/09 15:25:58 | 000,269,600 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1.dll [2016/09/09 15:25:28 | 000,110,880 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-26-0.exe [2016/09/09 15:25:28 | 000,110,880 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo.exe [2016/09/09 15:25:10 | 000,261,920 | ---- | M] () -- C:\Windows\SysNative\vulkan-1-1-0-26-0.dll [2016/09/09 15:25:10 | 000,261,920 | ---- | M] () -- C:\Windows\SysNative\vulkan-1.dll [2016/09/09 15:24:38 | 000,125,216 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-26-0.exe [2016/09/09 15:24:38 | 000,125,216 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo.exe [2016/09/07 09:00:22 | 000,000,750 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk [2016/09/05 17:27:44 | 000,000,112 | ---- | M] () -- C:\Users\stefa\AppData\Roaming\JP2K CS6 Prefs [2016/09/02 13:56:56 | 000,001,286 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk [2016/08/26 13:26:25 | 000,000,219 | ---- | M] () -- C:\Users\stefa\Desktop\Counter-Strike Global Offensive.url [2016/08/23 17:51:49 | 000,001,024 | ---- | M] () -- C:\.rnd [2016/08/20 10:04:51 | 000,000,222 | ---- | M] () -- C:\Users\stefa\Desktop\Grand Theft Auto V.url [2016/08/20 09:26:43 | 000,000,222 | ---- | M] () -- C:\Users\stefa\Desktop\Rocket League.url [2016/08/20 09:25:31 | 000,000,222 | ---- | M] () -- C:\Users\stefa\Desktop\H1Z1 King of the Kill.url [2016/08/20 08:41:46 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2016/08/19 15:04:26 | 000,001,139 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2016/08/19 05:12:50 | 000,015,816 | ---- | M] (Razer Inc.) -- C:\Windows\SysWow64\RzStats.IPC.dll [2016/08/18 07:32:27 | 000,001,873 | ---- | M] () -- C:\Users\stefa\Desktop\Life is Strange.lnk [2016/08/17 16:57:14 | 000,000,030 | ---- | M] () -- C:\AVScanner.ini [2016/08/17 16:56:50 | 000,002,124 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk [2016/08/17 16:30:53 | 000,001,280 | ---- | M] () -- C:\Users\stefa\Desktop\TeamSpeak 3 Client.lnk [2016/08/17 01:18:17 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk [2016/08/16 20:07:13 | 000,004,608 | ---- | M] () -- C:\Windows\SECOH-QAD.exe [2016/08/16 20:07:13 | 000,003,584 | ---- | M] () -- C:\Windows\SECOH-QAD.dll [2016/08/16 19:57:41 | 000,095,400 | ---- | M] (Razer Inc) -- C:\Windows\SysNative\RazerCoinstaller.dll [2016/08/16 19:43:24 | 000,016,148 | ---- | M] () -- C:\Windows\SysNative\DESKTOP-9L5P09H_defaultuser0_HistoryPrediction.bin [2016/08/16 19:38:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2016/07/16 20:16:03 | 000,147,439 | ---- | M] () -- C:\Windows\SysNative\gpedit.msc [2016/07/16 20:16:03 | 000,108,544 | ---- | M] () -- C:\Windows\SysNative\RDVGHelper.exe [2016/07/16 20:16:03 | 000,043,566 | ---- | M] () -- C:\Windows\SysNative\rsop.msc [2016/07/16 20:15:48 | 000,120,458 | ---- | M] () -- C:\Windows\SysNative\secpol.msc [2016/07/16 20:15:40 | 000,147,439 | ---- | M] () -- C:\Windows\SysWow64\gpedit.msc [2016/07/16 20:15:40 | 000,043,566 | ---- | M] () -- C:\Windows\SysWow64\rsop.msc [2016/07/16 20:15:36 | 000,146,389 | ---- | M] () -- C:\Windows\SysNative\printmanagement.msc [2016/07/16 20:09:46 | 000,328,278 | ---- | M] () -- C:\Windows\SysNative\prfi0416.dat [2016/07/16 20:09:46 | 000,040,752 | ---- | M] () -- C:\Windows\SysNative\prfd0416.dat [2016/07/16 20:08:55 | 000,000,727 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2016/07/16 20:08:55 | 000,000,727 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2016/07/16 08:45:38 | 000,000,741 | ---- | M] () -- C:\Windows\SysWow64\NOISE.DAT [2016/07/16 08:45:37 | 000,215,943 | ---- | M] () -- C:\Windows\SysWow64\dssec.dat [2016/07/16 08:45:37 | 000,003,683 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\lmhosts.sam [2016/07/16 08:45:36 | 000,215,943 | ---- | M] () -- C:\Windows\SysNative\dssec.dat [2016/07/16 08:45:36 | 000,015,462 | ---- | M] () -- C:\Windows\SysNative\OEMDefaultAssociations.xml [2016/07/16 08:45:36 | 000,000,858 | ---- | M] () -- C:\Windows\SysNative\DefaultQuestions.json [2016/07/16 08:45:36 | 000,000,741 | ---- | M] () -- C:\Windows\SysNative\NOISE.DAT [2016/07/16 08:45:35 | 000,296,742 | ---- | M] () -- C:\Windows\SysNative\perfi009.dat [2016/07/16 08:45:35 | 000,033,362 | ---- | M] () -- C:\Windows\SysNative\perfd009.dat [2016/07/16 08:44:03 | 000,076,060 | ---- | M] () -- C:\Windows\SysWow64\xpsrchvw.xml [2016/07/16 08:44:03 | 000,076,060 | ---- | M] () -- C:\Windows\SysNative\xpsrchvw.xml [2016/07/16 08:44:03 | 000,000,874 | ---- | M] () -- C:\Windows\SysNative\manage-bde.wsf [2016/07/16 08:43:59 | 000,003,458 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2016/07/16 08:43:52 | 000,006,886 | ---- | M] () -- C:\Windows\SysWow64\SecurityAndMaintenance_Error.png [2016/07/16 08:43:52 | 000,005,796 | ---- | M] () -- C:\Windows\SysWow64\SecurityAndMaintenance.png [2016/07/16 08:43:52 | 000,002,626 | ---- | M] () -- C:\Windows\SysWow64\SecurityAndMaintenance_Alert.png [2016/07/16 08:43:51 | 000,006,886 | ---- | M] () -- C:\Windows\SysNative\SecurityAndMaintenance_Error.png [2016/07/16 08:43:51 | 000,005,796 | ---- | M] () -- C:\Windows\SysNative\SecurityAndMaintenance.png [2016/07/16 08:43:51 | 000,002,626 | ---- | M] () -- C:\Windows\SysNative\SecurityAndMaintenance_Alert.png [2016/07/16 08:43:50 | 000,013,091 | ---- | M] () -- C:\Windows\SysNative\DevModeRunAsUserConfig.msc [2016/07/16 08:43:50 | 000,010,429 | ---- | M] () -- C:\Windows\SysNative\ScavengeSpace.xml [2016/07/16 08:43:22 | 000,033,882 | ---- | M] () -- C:\Windows\Professional.xml [2016/07/16 08:43:20 | 000,003,420 | ---- | M] () -- C:\Windows\SysWow64\UevCustomActionTypes.tlb [2016/07/16 08:43:20 | 000,003,420 | ---- | M] () -- C:\Windows\SysNative\UevCustomActionTypes.tlb [2016/07/16 08:43:20 | 000,001,720 | ---- | M] () -- C:\Windows\SysNative\SyncAppvPublishingServer.vbs [2016/07/16 08:43:20 | 000,000,191 | ---- | M] () -- C:\Windows\SysNative\AppVStreamingUX.exe.config [2016/07/16 08:43:20 | 000,000,146 | ---- | M] () -- C:\Windows\SysNative\UevAppMonitor.exe.config [2016/07/16 08:43:08 | 000,316,640 | ---- | M] () -- C:\Windows\WMSysPr9.prx [2016/07/16 08:43:08 | 000,003,458 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2016/07/16 08:43:04 | 000,211,938 | ---- | M] () -- C:\Windows\SysWow64\lcphrase.tbl [2016/07/16 08:43:04 | 000,055,296 | ---- | M] () -- C:\Windows\SysWow64\BWContextHandler.dll [2016/07/16 08:43:04 | 000,024,114 | ---- | M] () -- C:\Windows\SysWow64\lcptr.tbl [2016/07/16 08:43:02 | 000,003,666 | ---- | M] () -- C:\Windows\SysWow64\sysprtj.sep [2016/07/16 08:43:02 | 000,003,317 | ---- | M] () -- C:\Windows\SysWow64\sysprint.sep [2016/07/16 08:43:02 | 000,001,673 | ---- | M] () -- C:\Windows\SysWow64\tcpbidi.xml [2016/07/16 08:43:02 | 000,000,404 | ---- | M] () -- C:\Windows\SysWow64\@VpnToastIcon.png [2016/07/16 08:43:02 | 000,000,330 | ---- | M] () -- C:\Windows\SysWow64\@EnrollmentToastIcon.png [2016/07/16 08:43:02 | 000,000,150 | ---- | M] () -- C:\Windows\SysWow64\pcl.sep [2016/07/16 08:43:02 | 000,000,051 | ---- | M] () -- C:\Windows\SysWow64\pscript.sep [2016/07/16 08:43:00 | 000,115,091 | ---- | M] () -- C:\Windows\SysWow64\WF.msc [2016/07/16 08:43:00 | 000,019,968 | ---- | M] () -- C:\Windows\SysWow64\GamePanelExternalHook.dll [2016/07/16 08:43:00 | 000,004,014 | ---- | M] () -- C:\Windows\SysWow64\xwizard.dtd [2016/07/16 08:43:00 | 000,001,820 | ---- | M] () -- C:\Windows\SysWow64\rasctrnm.h [2016/07/16 08:43:00 | 000,000,308 | ---- | M] () -- C:\Windows\SysWow64\@AudioToastIcon.png [2016/07/16 08:42:58 | 000,144,998 | ---- | M] () -- C:\Windows\SysWow64\lusrmgr.msc [2016/07/16 08:42:58 | 000,002,711 | ---- | M] () -- C:\Windows\SysWow64\AppxProvisioning.xml [2016/07/16 08:42:57 | 000,000,565 | ---- | M] () -- C:\Windows\SysWow64\NdfEventView.xml [2016/07/16 08:42:56 | 000,204,105 | ---- | M] () -- C:\Windows\SysWow64\winrm.vbs [2016/07/16 08:42:56 | 000,185,368 | ---- | M] () -- C:\Windows\SysWow64\weretw.dll [2016/07/16 08:42:56 | 000,004,675 | ---- | M] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml [2016/07/16 08:42:56 | 000,002,426 | ---- | M] () -- C:\Windows\SysWow64\WsmTxt.xsl [2016/07/16 08:42:56 | 000,001,559 | ---- | M] () -- C:\Windows\SysWow64\WsmPty.xsl [2016/07/16 08:42:56 | 000,000,199 | ---- | M] () -- C:\Windows\SysWow64\winrm.cmd [2016/07/16 08:42:55 | 000,167,640 | ---- | M] () -- C:\Windows\SysWow64\chs_singlechar_pinyin.dat [2016/07/16 08:42:55 | 000,038,400 | ---- | M] () -- C:\Windows\SysWow64\dtdump.exe [2016/07/16 08:42:54 | 000,584,664 | ---- | M] (SQLite Development Team) -- C:\Windows\SysWow64\winsqlite3.dll [2016/07/16 08:42:54 | 000,265,728 | ---- | M] () -- C:\Windows\SysWow64\Windows.Perception.Stub.dll [2016/07/16 08:42:53 | 000,673,088 | ---- | M] () -- C:\Windows\SysWow64\mlang.dat [2016/07/16 08:42:49 | 003,440,660 | ---- | M] () -- C:\Windows\SysWow64\drivers\gm.dls [2016/07/16 08:42:49 | 000,304,640 | ---- | M] () -- C:\Windows\SysWow64\HrtfApo.dll [2016/07/16 08:42:48 | 000,364,544 | ---- | M] () -- C:\Windows\SysWow64\msjetoledb40.dll [2016/07/16 08:42:48 | 000,004,453 | ---- | M] () -- C:\Windows\SysWow64\odbcconf.rsp [2016/07/16 08:42:48 | 000,002,233 | ---- | M] () -- C:\Windows\SysWow64\12520850.cpx [2016/07/16 08:42:48 | 000,002,151 | ---- | M] () -- C:\Windows\SysWow64\12520437.cpx [2016/07/16 08:42:46 | 003,170,304 | ---- | M] () -- C:\Windows\SysWow64\boot.sdi [2016/07/16 08:42:46 | 000,145,519 | ---- | M] () -- C:\Windows\SysWow64\perfmon.msc [2016/07/16 08:42:46 | 000,142,904 | ---- | M] () -- C:\Windows\SysWow64\slmgr.vbs [2016/07/16 08:42:46 | 000,124,118 | ---- | M] () -- C:\Windows\SysWow64\comexp.msc [2016/07/16 08:42:46 | 000,109,056 | ---- | M] () -- C:\Windows\SysWow64\chartv.dll [2016/07/16 08:42:46 | 000,047,682 | ---- | M] () -- C:\Windows\SysWow64\diskmgmt.msc [2016/07/16 08:42:46 | 000,031,232 | ---- | M] () -- C:\Windows\SysWow64\efsext.dll [2016/07/16 08:42:45 | 000,336,896 | ---- | M] () -- C:\Windows\SysWow64\msinfo32.exe [2016/07/16 08:42:45 | 000,145,640 | ---- | M] () -- C:\Windows\SysWow64\devmgmt.msc [2016/07/16 08:42:45 | 000,144,862 | ---- | M] () -- C:\Windows\SysWow64\tpm.msc [2016/07/16 08:42:45 | 000,000,714 | ---- | M] () -- C:\Windows\SysWow64\RestartManager.mof [2016/07/16 08:42:45 | 000,000,176 | ---- | M] () -- C:\Windows\SysWow64\RestartManagerUninstall.mof [2016/07/16 08:42:43 | 000,211,938 | ---- | M] () -- C:\Windows\SysNative\lcphrase.tbl [2016/07/16 08:42:43 | 000,145,127 | ---- | M] () -- C:\Windows\SysWow64\eventvwr.msc [2016/07/16 08:42:43 | 000,145,059 | ---- | M] () -- C:\Windows\SysWow64\taskschd.msc [2016/07/16 08:42:43 | 000,144,909 | ---- | M] () -- C:\Windows\SysWow64\fsmgmt.msc [2016/07/16 08:42:43 | 000,113,256 | ---- | M] () -- C:\Windows\SysWow64\compmgmt.msc [2016/07/16 08:42:43 | 000,092,746 | ---- | M] () -- C:\Windows\SysWow64\services.msc [2016/07/16 08:42:43 | 000,063,081 | ---- | M] () -- C:\Windows\SysWow64\certlm.msc [2016/07/16 08:42:43 | 000,063,070 | ---- | M] () -- C:\Windows\SysWow64\certmgr.msc [2016/07/16 08:42:43 | 000,041,587 | ---- | M] () -- C:\Windows\SysWow64\azman.msc [2016/07/16 08:42:43 | 000,024,114 | ---- | M] () -- C:\Windows\SysNative\lcptr.tbl [2016/07/16 08:42:43 | 000,017,935 | ---- | M] () -- C:\Windows\SysWow64\EventViewer_EventDetails.xsl [2016/07/16 08:42:43 | 000,002,307 | ---- | M] () -- C:\Windows\SysWow64\WimBootCompress.ini [2016/07/16 08:42:41 | 000,000,600 | ---- | M] () -- C:\Windows\SysNative\@language_notification_icon.png [2016/07/16 08:42:40 | 000,063,488 | ---- | M] () -- C:\Windows\SysNative\BWContextHandler.dll [2016/07/16 08:42:40 | 000,000,520 | ---- | M] () -- C:\Windows\SysNative\@optionalfeatures.png [2016/07/16 08:42:39 | 000,060,124 | ---- | M] () -- C:\Windows\SysNative\tcpmon.ini [2016/07/16 08:42:39 | 000,003,666 | ---- | M] () -- C:\Windows\SysNative\sysprtj.sep [2016/07/16 08:42:39 | 000,003,317 | ---- | M] () -- C:\Windows\SysNative\sysprint.sep [2016/07/16 08:42:39 | 000,001,673 | ---- | M] () -- C:\Windows\SysNative\tcpbidi.xml [2016/07/16 08:42:39 | 000,000,150 | ---- | M] () -- C:\Windows\SysNative\pcl.sep [2016/07/16 08:42:39 | 000,000,051 | ---- | M] () -- C:\Windows\SysNative\pscript.sep [2016/07/16 08:42:38 | 000,015,106 | ---- | M] () -- C:\Windows\SysNative\@WiFiNotificationIcon.png [2016/07/16 08:42:38 | 000,010,540 | ---- | M] () -- C:\Windows\SysNative\TransformPPSToWlan.xslt [2016/07/16 08:42:38 | 000,001,688 | ---- | M] () -- C:\Windows\SysNative\TransformPPSToWlanCredentials.xslt [2016/07/16 08:42:38 | 000,000,404 | ---- | M] () -- C:\Windows\SysNative\@VpnToastIcon.png [2016/07/16 08:42:38 | 000,000,330 | ---- | M] () -- C:\Windows\SysNative\@EnrollmentToastIcon.png [2016/07/16 08:42:37 | 000,009,129 | ---- | M] () -- C:\Windows\SysNative\ResPriHMImageList [2016/07/16 08:42:37 | 000,008,598 | ---- | M] () -- C:\Windows\SysNative\ResPriImageList [2016/07/16 08:42:36 | 000,092,324 | ---- | M] () -- C:\Windows\SysNative\DiskSnapshot.conf [2016/07/16 08:42:35 | 000,174,592 | ---- | M] () -- C:\Windows\SysNative\IHDS.dll [2016/07/16 08:42:35 | 000,025,088 | ---- | M] () -- C:\Windows\SysNative\GamePanelExternalHook.dll [2016/07/16 08:42:35 | 000,004,687 | ---- | M] () -- C:\Windows\SysNative\wpcmon.png [2016/07/16 08:42:35 | 000,000,308 | ---- | M] () -- C:\Windows\SysNative\@AudioToastIcon.png [2016/07/16 08:42:35 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2016/07/16 08:42:35 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01019_Inbox_Critical.Wdf [2016/07/16 08:42:34 | 000,144,998 | ---- | M] () -- C:\Windows\SysNative\lusrmgr.msc [2016/07/16 08:42:34 | 000,008,192 | ---- | M] () -- C:\Windows\SysNative\settings.dat [2016/07/16 08:42:34 | 000,002,711 | ---- | M] () -- C:\Windows\SysNative\AppxProvisioning.xml [2016/07/16 08:42:31 | 000,236,488 | ---- | M] () -- C:\Windows\SysNative\weretw.dll [2016/07/16 08:42:31 | 000,204,105 | ---- | M] () -- C:\Windows\SysNative\winrm.vbs [2016/07/16 08:42:31 | 000,004,675 | ---- | M] () -- C:\Windows\SysNative\wsmanconfig_schema.xml [2016/07/16 08:42:31 | 000,004,148 | ---- | M] () -- C:\Windows\SysNative\psmodulediscoveryprovider.mof [2016/07/16 08:42:31 | 000,002,426 | ---- | M] () -- C:\Windows\SysNative\WsmTxt.xsl [2016/07/16 08:42:31 | 000,001,559 | ---- | M] () -- C:\Windows\SysNative\WsmPty.xsl [2016/07/16 08:42:31 | 000,000,199 | ---- | M] () -- C:\Windows\SysNative\winrm.cmd [2016/07/16 08:42:27 | 000,673,088 | ---- | M] () -- C:\Windows\SysNative\mlang.dat [2016/07/16 08:42:27 | 000,000,726 | ---- | M] () -- C:\Windows\SysNative\wpr.config.xml [2016/07/16 08:42:23 | 000,020,792 | ---- | M] () -- C:\Windows\SysNative\@WindowsHelloFaceToastIcon.png [2016/07/16 08:42:22 | 004,227,116 | ---- | M] () -- C:\Windows\SysNative\DefaultHrtfs.bin [2016/07/16 08:42:22 | 003,440,660 | ---- | M] () -- C:\Windows\SysNative\drivers\gm.dls [2016/07/16 08:42:22 | 000,361,984 | ---- | M] () -- C:\Windows\SysNative\HrtfApo.dll [2016/07/16 08:42:22 | 000,149,044 | ---- | M] () -- C:\Windows\SysNative\LargeRoom.bin [2016/07/16 08:42:22 | 000,110,024 | ---- | M] () -- C:\Windows\SysNative\MediumRoom.bin [2016/07/16 08:42:22 | 000,069,776 | ---- | M] () -- C:\Windows\SysNative\SmallRoom.bin [2016/07/16 08:42:22 | 000,046,908 | ---- | M] () -- C:\Windows\SysNative\OutdoorAudioEnvironment.bin [2016/07/16 08:42:20 | 000,142,904 | ---- | M] () -- C:\Windows\SysNative\slmgr.vbs [2016/07/16 08:42:20 | 000,000,263 | ---- | M] () -- C:\Windows\SysNative\odbcconf.rsp [2016/07/16 08:42:19 | 000,160,768 | ---- | M] () -- C:\Windows\SysNative\EditionUpgradeHelper.dll [2016/07/16 08:42:19 | 000,039,424 | ---- | M] () -- C:\Windows\SysNative\efsext.dll [2016/07/16 08:42:19 | 000,000,760 | ---- | M] () -- C:\Windows\SysNative\@edptoastimage.png [2016/07/16 08:42:17 | 000,144,862 | ---- | M] () -- C:\Windows\SysNative\tpm.msc [2016/07/16 08:42:17 | 000,124,118 | ---- | M] () -- C:\Windows\SysNative\comexp.msc [2016/07/16 08:42:16 | 003,170,304 | ---- | M] () -- C:\Windows\SysNative\boot.sdi [2016/07/16 08:42:16 | 000,145,519 | ---- | M] () -- C:\Windows\SysNative\perfmon.msc [2016/07/16 08:42:16 | 000,130,048 | ---- | M] () -- C:\Windows\SysNative\chartv.dll [2016/07/16 08:42:16 | 000,056,119 | ---- | M] () -- C:\Windows\SysNative\srms.dat [2016/07/16 08:42:16 | 000,047,682 | ---- | M] () -- C:\Windows\SysNative\diskmgmt.msc [2016/07/16 08:42:15 | 000,145,640 | ---- | M] () -- C:\Windows\SysNative\devmgmt.msc [2016/07/16 08:42:15 | 000,000,714 | ---- | M] () -- C:\Windows\SysNative\RestartManager.mof [2016/07/16 08:42:15 | 000,000,176 | ---- | M] () -- C:\Windows\SysNative\RestartManagerUninstall.mof [2016/07/16 08:42:14 | 000,369,664 | ---- | M] () -- C:\Windows\SysNative\msinfo32.exe [2016/07/16 08:42:13 | 000,145,127 | ---- | M] () -- C:\Windows\SysNative\eventvwr.msc [2016/07/16 08:42:13 | 000,145,059 | ---- | M] () -- C:\Windows\SysNative\taskschd.msc [2016/07/16 08:42:13 | 000,144,909 | ---- | M] () -- C:\Windows\SysNative\fsmgmt.msc [2016/07/16 08:42:13 | 000,144,673 | ---- | M] () -- C:\Windows\SysNative\WmiMgmt.msc [2016/07/16 08:42:13 | 000,113,256 | ---- | M] () -- C:\Windows\SysNative\compmgmt.msc [2016/07/16 08:42:13 | 000,092,746 | ---- | M] () -- C:\Windows\SysNative\services.msc [2016/07/16 08:42:13 | 000,063,081 | ---- | M] () -- C:\Windows\SysNative\certlm.msc [2016/07/16 08:42:13 | 000,063,070 | ---- | M] () -- C:\Windows\SysNative\certmgr.msc [2016/07/16 08:42:13 | 000,041,587 | ---- | M] () -- C:\Windows\SysNative\azman.msc [2016/07/16 08:42:13 | 000,017,935 | ---- | M] () -- C:\Windows\SysNative\EventViewer_EventDetails.xsl [2016/07/16 08:42:12 | 000,435,095 | ---- | M] () -- C:\Windows\SysNative\ApnDatabase.xml [2016/07/16 08:42:12 | 000,115,091 | ---- | M] () -- C:\Windows\SysNative\WF.msc [2016/07/16 08:42:12 | 000,093,696 | ---- | M] () -- C:\Windows\SysNative\BthpanContextHandler.dll [2016/07/16 08:42:12 | 000,091,132 | ---- | M] () -- C:\Windows\SysNative\gatherNetworkInfo.vbs [2016/07/16 08:42:12 | 000,043,131 | ---- | M] () -- C:\Windows\mib.bin [2016/07/16 08:42:12 | 000,021,656 | ---- | M] () -- C:\Windows\SysNative\NetTrace.PLA.Diagnostics.xml [2016/07/16 08:42:12 | 000,009,728 | ---- | M] () -- C:\Windows\SysNative\VpnSohDesktop.dll [2016/07/16 08:42:12 | 000,001,820 | ---- | M] () -- C:\Windows\SysNative\rasctrnm.h [2016/07/16 08:42:12 | 000,000,565 | ---- | M] () -- C:\Windows\SysNative\NdfEventView.xml [2016/07/16 08:42:11 | 000,004,014 | ---- | M] () -- C:\Windows\SysNative\xwizard.dtd [2016/07/16 08:42:11 | 000,002,307 | ---- | M] () -- C:\Windows\SysNative\WimBootCompress.ini [2016/07/16 08:42:11 | 000,000,843 | ---- | M] () -- C:\Windows\SysNative\onlinesetup.cmd [2016/07/16 08:42:11 | 000,000,614 | ---- | M] () -- C:\Windows\SysNative\WdsUnattendTemplate.xml [2016/07/16 08:42:09 | 000,326,656 | ---- | M] () -- C:\Windows\SysNative\wc_storage.dll [2016/07/16 08:42:09 | 000,231,424 | ---- | M] () -- C:\Windows\SysNative\ism32k.dll [2016/07/16 08:42:09 | 000,167,640 | ---- | M] () -- C:\Windows\SysNative\chs_singlechar_pinyin.dat [2016/07/16 08:42:06 | 000,418,304 | ---- | M] () -- C:\Windows\SysNative\Windows.Perception.Stub.dll [2016/07/16 08:42:05 | 000,772,568 | ---- | M] (SQLite Development Team) -- C:\Windows\SysNative\winsqlite3.dll [2016/07/16 08:42:05 | 000,000,450 | ---- | M] () -- C:\Windows\SysNative\@BackgroundAccessToastIcon.png [2016/07/16 08:42:04 | 000,045,228 | ---- | M] () -- C:\Windows\SysNative\hypervisor.mof [2016/07/16 08:42:04 | 000,000,167 | ---- | M] () -- C:\Windows\SysNative\removehypervisor.mof [2016/07/16 08:42:03 | 000,090,624 | ---- | M] () -- C:\Windows\SysNative\drivers\NetAdapterCx.sys [2016/07/16 08:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) -- C:\Windows\SysNative\drivers\cht4vx64.sys [2016/07/16 08:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) -- C:\Windows\SysNative\drivers\adp80xx.sys [2016/07/16 08:41:53 | 000,842,584 | ---- | M] (Mellanox) -- C:\Windows\SysNative\drivers\mlx4_bus.sys [2016/07/16 08:41:53 | 000,589,824 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\rt640x64.sys [2016/07/16 08:41:53 | 000,526,176 | ---- | M] (Mellanox) -- C:\Windows\SysNative\drivers\ibbus.sys [2016/07/16 08:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) -- C:\Windows\SysNative\drivers\cht4sx64.sys [2016/07/16 08:41:53 | 000,305,504 | ---- | M] (VIA Corporation) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS [2016/07/16 08:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys [2016/07/16 08:41:53 | 000,108,896 | ---- | M] (Mellanox) -- C:\Windows\SysNative\drivers\ndfltr.sys [2016/07/16 08:41:53 | 000,107,360 | ---- | M] (LSI) -- C:\Windows\SysNative\drivers\3ware.sys [2016/07/16 08:41:53 | 000,105,824 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys [2016/07/16 08:41:53 | 000,102,752 | ---- | M] (Chelsio Communications) -- C:\Windows\SysNative\drivers\cht4dx64.sys [2016/07/16 08:41:53 | 000,101,216 | ---- | M] (Avago Technologies) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys [2016/07/16 08:41:53 | 000,082,776 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sss.sys [2016/07/16 08:41:53 | 000,064,864 | ---- | M] (Mellanox) -- C:\Windows\SysNative\drivers\winverbs.sys [2016/07/16 08:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\Windows\SysNative\drivers\mvumis.sys [2016/07/16 08:41:53 | 000,061,792 | ---- | M] (Avago Technologies) -- C:\Windows\SysNative\drivers\percsas3i.sys [2016/07/16 08:41:53 | 000,058,720 | ---- | M] (Avago Technologies) -- C:\Windows\SysNative\drivers\percsas2i.sys [2016/07/16 08:41:53 | 000,032,096 | ---- | M] (Mellanox) -- C:\Windows\SysNative\drivers\winmad.sys [2016/07/16 08:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\bcmfn2.sys [2016/07/16 08:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\bcmfn.sys [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2016/10/08 23:36:42 | 000,010,395 | ---- | C] () -- C:\Users\stefa\Desktop\hijackthis3 [2016/10/08 23:34:26 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe [2016/10/08 22:21:36 | 000,002,684 | ---- | C] () -- C:\Users\stefa\Desktop\µTorrent.lnk [2016/10/08 19:30:07 | 000,002,330 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2016/10/08 19:27:21 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2016/10/08 19:27:20 | 000,001,094 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2016/10/08 19:25:42 | 000,001,353 | ---- | C] () -- C:\Users\Public\Desktop\MV AntiSpy 4.0.lnk [2016/10/08 17:19:27 | 003,874,368 | ---- | C] () -- C:\Users\stefa\Desktop\AdwCleaner.exe [2016/10/08 15:52:24 | 000,080,264 | ---- | C] () -- C:\Users\stefa\Desktop\Sem título.png [2016/10/08 13:34:23 | 000,077,360 | ---- | C] () -- C:\Users\stefa\Desktop\CCleaner.reg [2016/10/08 13:33:26 | 000,000,863 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2016/10/08 13:16:37 | 000,001,171 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2016/10/08 12:57:36 | 000,174,966 | ---- | C] () -- C:\spyhunter.fix [2016/10/08 12:20:26 | 000,000,000 | ---- | C] () -- C:\autoexec.bat [2016/10/08 11:30:06 | 000,000,000 | ---- | C] () -- C:\Users\Public\Documents\report.dat [2016/10/08 11:30:05 | 000,000,000 | ---- | C] () -- C:\Users\Public\Documents\temp.dat [2016/10/06 18:56:29 | 000,269,600 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll [2016/10/06 18:56:29 | 000,261,920 | ---- | C] () -- C:\Windows\SysNative\vulkan-1.dll [2016/10/06 18:56:29 | 000,125,216 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo.exe [2016/10/06 18:56:29 | 000,110,880 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe [2016/10/06 18:55:09 | 040,068,544 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll [2016/10/06 18:55:09 | 035,180,992 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll [2016/10/06 18:55:09 | 000,616,832 | ---- | C] () -- C:\Windows\SysNative\nvmcumd.dll [2016/10/02 20:27:21 | 000,001,248 | ---- | C] () -- C:\Users\stefa\Desktop\AIDA64 Extreme.lnk [2016/09/29 11:30:35 | 000,001,093 | ---- | C] () -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016/09/29 11:29:49 | 000,001,125 | ---- | C] () -- C:\Users\stefa\Desktop\MEGAsync.lnk [2016/09/26 18:56:34 | 392,196,734 | R--- | C] () -- C:\Users\stefa\OneDrive\Documentos\Pets.A.Vida.Secreta.dos.Bichos.2016.1080p.HDRip.x26.mkv [2016/09/26 17:17:05 | 000,000,008 | RHS- | C] () -- C:\Users\stefa\ntuser.pol [2016/09/26 11:11:29 | 000,002,342 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [2016/09/26 11:04:38 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2016/09/26 03:47:26 | 000,007,623 | ---- | C] () -- C:\Windows\diagwrn.xml [2016/09/26 03:47:26 | 000,007,623 | ---- | C] () -- C:\Windows\diagerr.xml [2016/09/26 03:46:57 | 000,022,956 | ---- | C] () -- C:\Windows\SysNative\emptyregdb.dat [2016/09/26 03:46:11 | 3376,320,512 | -HS- | C] () -- C:\hiberfil.sys [2016/09/26 03:45:36 | 000,001,576 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2016/09/26 03:43:32 | 007,422,645 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin [2016/09/26 03:43:27 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2016/09/26 03:43:14 | 000,000,200 | ---- | C] () -- C:\Windows\SysNative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat [2016/09/26 03:43:14 | 000,000,180 | ---- | C] () -- C:\Windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [2016/09/26 03:43:14 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\GfxValDisplayLog.bin [2016/09/26 03:42:41 | 000,324,600 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2016/09/26 03:42:18 | 000,000,727 | ---- | C] () -- C:\Windows\SysWow64\license.rtf [2016/09/26 03:42:18 | 000,000,727 | ---- | C] () -- C:\Windows\SysNative\license.rtf [2016/09/26 03:40:06 | 002,681,200 | ---- | C] () -- C:\Windows\SysNative\CoreUIComponents.dll [2016/09/26 03:40:06 | 002,048,496 | ---- | C] () -- C:\Windows\SysWow64\CoreUIComponents.dll [2016/09/24 22:51:39 | 002,813,952 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa [2016/09/24 22:51:39 | 001,027,680 | ---- | C] () -- C:\Windows\SysNative\igfxSDK.exe [2016/09/24 22:51:39 | 000,403,671 | ---- | C] () -- C:\Windows\SysNative\ImageStabilization.wmv [2016/09/24 22:51:39 | 000,402,520 | ---- | C] () -- C:\Windows\SysNative\igfxTray.exe [2016/09/24 22:51:39 | 000,112,256 | ---- | C] ( ) -- C:\Windows\SysNative\igfxSDKLibv2_0.dll [2016/09/24 22:51:39 | 000,101,512 | ---- | C] ( ) -- C:\Windows\SysNative\igfxSDKLib.dll [2016/09/24 22:51:39 | 000,041,296 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp [2016/09/24 22:51:39 | 000,040,931 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp [2016/09/24 22:51:39 | 000,040,343 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp [2016/09/24 22:51:39 | 000,040,316 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp [2016/09/24 22:51:39 | 000,039,798 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp [2016/09/24 22:51:39 | 000,039,658 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp [2016/09/24 22:51:39 | 000,029,832 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDILibv2_0.dll [2016/09/24 22:51:39 | 000,029,832 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDILib.dll [2016/09/24 22:51:39 | 000,028,296 | ---- | C] ( ) -- C:\Windows\SysNative\igfxEMLibv2_0.dll [2016/09/24 22:51:39 | 000,028,296 | ---- | C] ( ) -- C:\Windows\SysNative\igfxEMLib.dll [2016/09/24 22:51:39 | 000,023,176 | ---- | C] ( ) -- C:\Windows\SysNative\igfxLHMLibv2_0.dll [2016/09/24 22:51:39 | 000,023,168 | ---- | C] ( ) -- C:\Windows\SysNative\igfxLHMLib.dll [2016/09/24 22:51:39 | 000,004,850 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp [2016/09/24 22:51:39 | 000,001,125 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp [2016/09/24 22:51:38 | 000,274,056 | ---- | C] () -- C:\Windows\SysNative\igfxCPL.cpl [2016/09/24 22:51:38 | 000,104,064 | ---- | C] () -- C:\Windows\SysNative\igfxCUIServicePS.dll [2016/09/24 22:51:38 | 000,095,872 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDHLibv2_0.dll [2016/09/24 22:51:38 | 000,085,128 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDHLib.dll [2016/09/24 22:51:37 | 005,799,386 | ---- | C] () -- C:\Windows\SysNative\igdclbif.bin [2016/09/24 22:51:35 | 000,843,068 | ---- | C] () -- C:\Windows\SysNative\DisplayAudiox64.cab [2016/09/24 22:51:35 | 000,641,530 | ---- | C] () -- C:\Windows\SysNative\FilmModeDetection.wmv [2016/09/24 22:51:35 | 000,511,260 | ---- | C] () -- C:\Windows\SysNative\cp_resources.bin [2016/09/24 22:51:35 | 000,375,173 | ---- | C] () -- C:\Windows\SysNative\ColorImageEnhancement.wmv [2016/09/24 22:51:35 | 000,000,935 | ---- | C] () -- C:\Windows\SysNative\Gfxv4_0.exe.config [2016/09/24 22:51:35 | 000,000,935 | ---- | C] () -- C:\Windows\SysNative\DPTopologyApp.exe.config [2016/09/24 22:51:35 | 000,000,895 | ---- | C] () -- C:\Windows\SysNative\Gfxv2_0.exe.config [2016/09/24 22:51:35 | 000,000,895 | ---- | C] () -- C:\Windows\SysNative\DPTopologyAppv2_0.exe.config [2016/09/24 20:28:04 | 000,040,826 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2016/09/24 20:28:04 | 000,000,669 | ---- | C] () -- C:\Windows\SysNative\nv-vk64.json [2016/09/24 20:28:04 | 000,000,669 | ---- | C] () -- C:\Windows\SysWow64\nv-vk32.json [2016/09/22 12:52:42 | 000,441,526 | ---- | C] () -- C:\Windows\e535ae8af0f418dfce90f90844a7b175.exe [2016/09/19 00:09:53 | 000,002,231 | ---- | C] () -- C:\Users\stefa\Desktop\GCLauncher.lnk [2016/09/19 00:09:53 | 000,001,263 | ---- | C] () -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCLauncher.lnk [2016/09/16 15:23:20 | 000,002,975 | ---- | C] () -- C:\Users\Public\Desktop\Corel CAPTURE X8 (64-Bit).lnk [2016/09/16 15:23:20 | 000,002,974 | ---- | C] () -- C:\Users\Public\Desktop\Corel PHOTO-PAINT X8 (64-Bit).lnk [2016/09/16 15:23:20 | 000,002,942 | ---- | C] () -- C:\Users\Public\Desktop\CorelDRAW X8 (64-Bit).lnk [2016/09/16 15:23:20 | 000,002,420 | ---- | C] () -- C:\Users\Public\Desktop\Corel CONNECT X8 (64-Bit).lnk [2016/09/16 15:23:20 | 000,002,333 | ---- | C] () -- C:\Users\Public\Desktop\Corel Font Manager X8 (64-Bit).lnk [2016/09/10 19:58:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [2016/09/10 15:34:45 | 000,000,968 | ---- | C] () -- C:\Users\Public\Desktop\DS3 Tool.lnk [2016/09/10 15:32:20 | 000,000,889 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 16.lnk [2016/09/09 20:36:08 | 000,001,485 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk [2016/09/09 20:36:07 | 000,120,256 | ---- | C] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll [2016/09/09 20:35:51 | 000,001,951 | ---- | C] () -- C:\Windows\NvContainerRecovery.bat [2016/09/09 15:25:58 | 000,269,600 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-26-0.dll [2016/09/09 15:25:28 | 000,110,880 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-26-0.exe [2016/09/09 15:25:10 | 000,261,920 | ---- | C] () -- C:\Windows\SysNative\vulkan-1-1-0-26-0.dll [2016/09/09 15:24:38 | 000,125,216 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-26-0.exe [2016/09/07 09:00:22 | 000,000,750 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk [2016/09/05 17:27:44 | 000,000,112 | ---- | C] () -- C:\Users\stefa\AppData\Roaming\JP2K CS6 Prefs [2016/09/02 14:39:23 | 000,001,101 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5.lnk [2016/09/02 13:56:56 | 000,001,298 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk [2016/09/02 13:56:56 | 000,001,286 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk [2016/08/23 19:44:58 | 000,000,932 | ---- | C] () -- C:\Users\stefa\Desktop\Uplay.lnk [2016/08/23 17:51:42 | 000,001,024 | ---- | C] () -- C:\.rnd [2016/08/20 09:41:37 | 000,000,222 | ---- | C] () -- C:\Users\stefa\Desktop\Grand Theft Auto V.url [2016/08/20 09:26:43 | 000,000,222 | ---- | C] () -- C:\Users\stefa\Desktop\Rocket League.url [2016/08/20 08:53:39 | 000,000,222 | ---- | C] () -- C:\Users\stefa\Desktop\H1Z1 King of the Kill.url [2016/08/20 08:53:39 | 000,000,219 | ---- | C] () -- C:\Users\stefa\Desktop\Counter-Strike Global Offensive.url [2016/08/20 08:41:46 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2016/08/19 15:04:26 | 000,001,139 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2016/08/18 07:32:27 | 000,001,873 | ---- | C] () -- C:\Users\stefa\Desktop\Life is Strange.lnk [2016/08/17 16:57:59 | 000,000,030 | ---- | C] () -- C:\AVScanner.ini [2016/08/17 16:56:50 | 000,002,457 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [2016/08/17 16:56:50 | 000,002,124 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk [2016/08/17 16:30:53 | 000,001,280 | ---- | C] () -- C:\Users\stefa\Desktop\TeamSpeak 3 Client.lnk [2016/08/17 16:30:53 | 000,001,238 | ---- | C] () -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk [2016/08/17 01:18:17 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk [2016/08/17 00:37:15 | 000,002,238 | ---- | C] () -- C:\Users\stefa\Desktop\WhatsApp.lnk [2016/08/16 20:07:13 | 000,004,608 | ---- | C] () -- C:\Windows\SECOH-QAD.exe [2016/08/16 20:07:13 | 000,003,584 | ---- | C] () -- C:\Windows\SECOH-QAD.dll [2016/08/16 19:48:46 | 001,535,942 | ---- | C] () -- C:\Windows\SysNative\PerfStringBackup.INI [2016/08/16 19:45:13 | 000,002,369 | ---- | C] () -- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [2016/08/16 19:43:24 | 000,016,148 | ---- | C] () -- C:\Windows\SysNative\DESKTOP-9L5P09H_defaultuser0_HistoryPrediction.bin [2016/08/16 19:38:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2016/08/16 19:36:48 | 016,777,216 | -HS- | C] () -- C:\swapfile.sys [2016/07/16 20:17:26 | 000,033,882 | ---- | C] () -- C:\Windows\Professional.xml [2016/07/16 20:10:12 | 000,427,436 | ---- | C] () -- C:\Windows\SysNative\prfh0416.dat [2016/07/16 20:10:12 | 000,328,278 | ---- | C] () -- C:\Windows\SysNative\prfi0416.dat [2016/07/16 20:10:12 | 000,107,988 | ---- | C] () -- C:\Windows\SysNative\prfc0416.dat [2016/07/16 20:10:12 | 000,040,752 | ---- | C] () -- C:\Windows\SysNative\prfd0416.dat [2016/07/16 08:49:35 | 000,296,742 | ---- | C] () -- C:\Windows\SysNative\perfi009.dat [2016/07/16 08:49:35 | 000,033,362 | ---- | C] () -- C:\Windows\SysNative\perfd009.dat [2016/07/16 08:49:31 | 000,794,492 | ---- | C] () -- C:\Windows\SysNative\perfh009.dat [2016/07/16 08:49:31 | 000,195,586 | ---- | C] () -- C:\Windows\SysNative\perfc009.dat [2016/07/16 08:47:57 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2016/07/16 08:47:57 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2016/07/16 08:47:54 | 000,003,683 | ---- | C] () -- C:\Windows\SysNative\drivers\etc\lmhosts.sam [2016/07/16 08:47:53 | 000,015,462 | ---- | C] () -- C:\Windows\SysNative\OEMDefaultAssociations.xml [2016/07/16 08:47:53 | 000,000,741 | ---- | C] () -- C:\Windows\SysNative\NOISE.DAT [2016/07/16 08:47:52 | 000,215,943 | ---- | C] () -- C:\Windows\SysNative\dssec.dat [2016/07/16 08:47:52 | 000,000,858 | ---- | C] () -- C:\Windows\SysNative\DefaultQuestions.json [2016/07/16 08:44:03 | 000,076,060 | ---- | C] () -- C:\Windows\SysWow64\xpsrchvw.xml [2016/07/16 08:44:03 | 000,076,060 | ---- | C] () -- C:\Windows\SysNative\xpsrchvw.xml [2016/07/16 08:44:03 | 000,000,874 | ---- | C] () -- C:\Windows\SysNative\manage-bde.wsf [2016/07/16 08:43:59 | 000,003,458 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2016/07/16 08:43:52 | 000,006,886 | ---- | C] () -- C:\Windows\SysWow64\SecurityAndMaintenance_Error.png [2016/07/16 08:43:52 | 000,005,796 | ---- | C] () -- C:\Windows\SysWow64\SecurityAndMaintenance.png [2016/07/16 08:43:52 | 000,002,626 | ---- | C] () -- C:\Windows\SysWow64\SecurityAndMaintenance_Alert.png [2016/07/16 08:43:51 | 000,006,886 | ---- | C] () -- C:\Windows\SysNative\SecurityAndMaintenance_Error.png [2016/07/16 08:43:51 | 000,005,796 | ---- | C] () -- C:\Windows\SysNative\SecurityAndMaintenance.png [2016/07/16 08:43:51 | 000,002,626 | ---- | C] () -- C:\Windows\SysNative\SecurityAndMaintenance_Alert.png [2016/07/16 08:43:50 | 000,013,091 | ---- | C] () -- C:\Windows\SysNative\DevModeRunAsUserConfig.msc [2016/07/16 08:43:50 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml [2016/07/16 08:43:50 | 000,002,349 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [2016/07/16 08:43:50 | 000,002,199 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk [2016/07/16 08:43:20 | 000,003,420 | ---- | C] () -- C:\Windows\SysWow64\UevCustomActionTypes.tlb [2016/07/16 08:43:20 | 000,003,420 | ---- | C] () -- C:\Windows\SysNative\UevCustomActionTypes.tlb [2016/07/16 08:43:20 | 000,001,720 | ---- | C] () -- C:\Windows\SysNative\SyncAppvPublishingServer.vbs [2016/07/16 08:43:20 | 000,000,191 | ---- | C] () -- C:\Windows\SysNative\AppVStreamingUX.exe.config [2016/07/16 08:43:20 | 000,000,146 | ---- | C] () -- C:\Windows\SysNative\UevAppMonitor.exe.config [2016/07/16 08:43:18 | 000,146,389 | ---- | C] () -- C:\Windows\SysNative\printmanagement.msc [2016/07/16 08:43:18 | 000,108,544 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe [2016/07/16 08:43:17 | 000,147,439 | ---- | C] () -- C:\Windows\SysWow64\gpedit.msc [2016/07/16 08:43:17 | 000,147,439 | ---- | C] () -- C:\Windows\SysNative\gpedit.msc [2016/07/16 08:43:17 | 000,120,458 | ---- | C] () -- C:\Windows\SysNative\secpol.msc [2016/07/16 08:43:17 | 000,043,566 | ---- | C] () -- C:\Windows\SysWow64\rsop.msc [2016/07/16 08:43:17 | 000,043,566 | ---- | C] () -- C:\Windows\SysNative\rsop.msc [2016/07/16 08:43:08 | 000,316,640 | ---- | C] () -- C:\Windows\WMSysPr9.prx [2016/07/16 08:43:08 | 000,003,458 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2016/07/16 08:43:04 | 000,211,938 | ---- | C] () -- C:\Windows\SysWow64\lcphrase.tbl [2016/07/16 08:43:04 | 000,055,296 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2016/07/16 08:43:04 | 000,024,114 | ---- | C] () -- C:\Windows\SysWow64\lcptr.tbl [2016/07/16 08:43:02 | 000,003,666 | ---- | C] () -- C:\Windows\SysWow64\sysprtj.sep [2016/07/16 08:43:02 | 000,003,317 | ---- | C] () -- C:\Windows\SysWow64\sysprint.sep [2016/07/16 08:43:02 | 000,001,673 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml [2016/07/16 08:43:02 | 000,000,404 | ---- | C] () -- C:\Windows\SysWow64\@VpnToastIcon.png [2016/07/16 08:43:02 | 000,000,330 | ---- | C] () -- C:\Windows\SysWow64\@EnrollmentToastIcon.png [2016/07/16 08:43:02 | 000,000,150 | ---- | C] () -- C:\Windows\SysWow64\pcl.sep [2016/07/16 08:43:02 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\pscript.sep [2016/07/16 08:43:00 | 000,115,091 | ---- | C] () -- C:\Windows\SysWow64\WF.msc [2016/07/16 08:43:00 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\GamePanelExternalHook.dll [2016/07/16 08:43:00 | 000,004,014 | ---- | C] () -- C:\Windows\SysWow64\xwizard.dtd [2016/07/16 08:43:00 | 000,001,820 | ---- | C] () -- C:\Windows\SysWow64\rasctrnm.h [2016/07/16 08:43:00 | 000,000,308 | ---- | C] () -- C:\Windows\SysWow64\@AudioToastIcon.png [2016/07/16 08:42:58 | 000,144,998 | ---- | C] () -- C:\Windows\SysWow64\lusrmgr.msc [2016/07/16 08:42:58 | 000,002,711 | ---- | C] () -- C:\Windows\SysWow64\AppxProvisioning.xml [2016/07/16 08:42:57 | 000,000,565 | ---- | C] () -- C:\Windows\SysWow64\NdfEventView.xml [2016/07/16 08:42:56 | 000,204,105 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs [2016/07/16 08:42:56 | 000,185,368 | ---- | C] () -- C:\Windows\SysWow64\weretw.dll [2016/07/16 08:42:56 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml [2016/07/16 08:42:56 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl [2016/07/16 08:42:56 | 000,001,559 | ---- | C] () -- C:\Windows\SysWow64\WsmPty.xsl [2016/07/16 08:42:56 | 000,000,199 | ---- | C] () -- C:\Windows\SysWow64\winrm.cmd [2016/07/16 08:42:55 | 000,167,640 | ---- | C] () -- C:\Windows\SysWow64\chs_singlechar_pinyin.dat [2016/07/16 08:42:55 | 000,038,400 | ---- | C] () -- C:\Windows\SysWow64\dtdump.exe [2016/07/16 08:42:54 | 000,265,728 | ---- | C] () -- C:\Windows\SysWow64\Windows.Perception.Stub.dll [2016/07/16 08:42:53 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2016/07/16 08:42:49 | 003,440,660 | ---- | C] () -- C:\Windows\SysWow64\drivers\gm.dls [2016/07/16 08:42:49 | 000,304,640 | ---- | C] () -- C:\Windows\SysWow64\HrtfApo.dll [2016/07/16 08:42:48 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2016/07/16 08:42:48 | 000,004,453 | ---- | C] () -- C:\Windows\SysWow64\odbcconf.rsp [2016/07/16 08:42:48 | 000,002,233 | ---- | C] () -- C:\Windows\SysWow64\12520850.cpx [2016/07/16 08:42:48 | 000,002,151 | ---- | C] () -- C:\Windows\SysWow64\12520437.cpx [2016/07/16 08:42:46 | 003,170,304 | ---- | C] () -- C:\Windows\SysWow64\boot.sdi [2016/07/16 08:42:46 | 000,145,519 | ---- | C] () -- C:\Windows\SysWow64\perfmon.msc [2016/07/16 08:42:46 | 000,142,904 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs [2016/07/16 08:42:46 | 000,124,118 | ---- | C] () -- C:\Windows\SysWow64\comexp.msc [2016/07/16 08:42:46 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\chartv.dll [2016/07/16 08:42:46 | 000,047,682 | ---- | C] () -- C:\Windows\SysWow64\diskmgmt.msc [2016/07/16 08:42:46 | 000,031,232 | ---- | C] () -- C:\Windows\SysWow64\efsext.dll [2016/07/16 08:42:45 | 000,336,896 | ---- | C] () -- C:\Windows\SysWow64\msinfo32.exe [2016/07/16 08:42:45 | 000,145,640 | ---- | C] () -- C:\Windows\SysWow64\devmgmt.msc [2016/07/16 08:42:45 | 000,144,862 | ---- | C] () -- C:\Windows\SysWow64\tpm.msc [2016/07/16 08:42:45 | 000,000,714 | ---- | C] () -- C:\Windows\SysWow64\RestartManager.mof [2016/07/16 08:42:45 | 000,000,176 | ---- | C] () -- C:\Windows\SysWow64\RestartManagerUninstall.mof [2016/07/16 08:42:43 | 000,211,938 | ---- | C] () -- C:\Windows\SysNative\lcphrase.tbl [2016/07/16 08:42:43 | 000,145,127 | ---- | C] () -- C:\Windows\SysWow64\eventvwr.msc [2016/07/16 08:42:43 | 000,145,059 | ---- | C] () -- C:\Windows\SysWow64\taskschd.msc [2016/07/16 08:42:43 | 000,144,909 | ---- | C] () -- C:\Windows\SysWow64\fsmgmt.msc [2016/07/16 08:42:43 | 000,113,256 | ---- | C] () -- C:\Windows\SysWow64\compmgmt.msc [2016/07/16 08:42:43 | 000,092,746 | ---- | C] () -- C:\Windows\SysWow64\services.msc [2016/07/16 08:42:43 | 000,063,081 | ---- | C] () -- C:\Windows\SysWow64\certlm.msc [2016/07/16 08:42:43 | 000,063,070 | ---- | C] () -- C:\Windows\SysWow64\certmgr.msc [2016/07/16 08:42:43 | 000,041,587 | ---- | C] () -- C:\Windows\SysWow64\azman.msc [2016/07/16 08:42:43 | 000,024,114 | ---- | C] () -- C:\Windows\SysNative\lcptr.tbl [2016/07/16 08:42:43 | 000,017,935 | ---- | C] () -- C:\Windows\SysWow64\EventViewer_EventDetails.xsl [2016/07/16 08:42:43 | 000,002,307 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini [2016/07/16 08:42:41 | 000,000,600 | ---- | C] () -- C:\Windows\SysNative\@language_notification_icon.png [2016/07/16 08:42:40 | 000,063,488 | ---- | C] () -- C:\Windows\SysNative\BWContextHandler.dll [2016/07/16 08:42:40 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\@optionalfeatures.png [2016/07/16 08:42:39 | 000,060,124 | ---- | C] () -- C:\Windows\SysNative\tcpmon.ini [2016/07/16 08:42:39 | 000,003,666 | ---- | C] () -- C:\Windows\SysNative\sysprtj.sep [2016/07/16 08:42:39 | 000,003,317 | ---- | C] () -- C:\Windows\SysNative\sysprint.sep [2016/07/16 08:42:39 | 000,001,673 | ---- | C] () -- C:\Windows\SysNative\tcpbidi.xml [2016/07/16 08:42:39 | 000,000,150 | ---- | C] () -- C:\Windows\SysNative\pcl.sep [2016/07/16 08:42:39 | 000,000,051 | ---- | C] () -- C:\Windows\SysNative\pscript.sep [2016/07/16 08:42:38 | 000,015,106 | ---- | C] () -- C:\Windows\SysNative\@WiFiNotificationIcon.png [2016/07/16 08:42:38 | 000,010,540 | ---- | C] () -- C:\Windows\SysNative\TransformPPSToWlan.xslt [2016/07/16 08:42:38 | 000,001,688 | ---- | C] () -- C:\Windows\SysNative\TransformPPSToWlanCredentials.xslt [2016/07/16 08:42:38 | 000,000,404 | ---- | C] () -- C:\Windows\SysNative\@VpnToastIcon.png [2016/07/16 08:42:38 | 000,000,330 | ---- | C] () -- C:\Windows\SysNative\@EnrollmentToastIcon.png [2016/07/16 08:42:37 | 000,009,129 | ---- | C] () -- C:\Windows\SysNative\ResPriHMImageList [2016/07/16 08:42:37 | 000,008,598 | ---- | C] () -- C:\Windows\SysNative\ResPriImageList [2016/07/16 08:42:36 | 000,092,324 | ---- | C] () -- C:\Windows\SysNative\DiskSnapshot.conf [2016/07/16 08:42:35 | 000,174,592 | ---- | C] () -- C:\Windows\SysNative\IHDS.dll [2016/07/16 08:42:35 | 000,025,088 | ---- | C] () -- C:\Windows\SysNative\GamePanelExternalHook.dll [2016/07/16 08:42:35 | 000,004,687 | ---- | C] () -- C:\Windows\SysNative\wpcmon.png [2016/07/16 08:42:35 | 000,000,308 | ---- | C] () -- C:\Windows\SysNative\@AudioToastIcon.png [2016/07/16 08:42:35 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2016/07/16 08:42:35 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01019_Inbox_Critical.Wdf [2016/07/16 08:42:34 | 000,144,998 | ---- | C] () -- C:\Windows\SysNative\lusrmgr.msc [2016/07/16 08:42:34 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\settings.dat [2016/07/16 08:42:34 | 000,002,711 | ---- | C] () -- C:\Windows\SysNative\AppxProvisioning.xml [2016/07/16 08:42:31 | 000,236,488 | ---- | C] () -- C:\Windows\SysNative\weretw.dll [2016/07/16 08:42:31 | 000,204,105 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs [2016/07/16 08:42:31 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml [2016/07/16 08:42:31 | 000,004,148 | ---- | C] () -- C:\Windows\SysNative\psmodulediscoveryprovider.mof [2016/07/16 08:42:31 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl [2016/07/16 08:42:31 | 000,001,559 | ---- | C] () -- C:\Windows\SysNative\WsmPty.xsl [2016/07/16 08:42:31 | 000,000,199 | ---- | C] () -- C:\Windows\SysNative\winrm.cmd [2016/07/16 08:42:27 | 000,673,088 | ---- | C] () -- C:\Windows\SysNative\mlang.dat [2016/07/16 08:42:27 | 000,000,726 | ---- | C] () -- C:\Windows\SysNative\wpr.config.xml [2016/07/16 08:42:23 | 000,020,792 | ---- | C] () -- C:\Windows\SysNative\@WindowsHelloFaceToastIcon.png [2016/07/16 08:42:22 | 004,227,116 | ---- | C] () -- C:\Windows\SysNative\DefaultHrtfs.bin [2016/07/16 08:42:22 | 003,440,660 | ---- | C] () -- C:\Windows\SysNative\drivers\gm.dls [2016/07/16 08:42:22 | 000,361,984 | ---- | C] () -- C:\Windows\SysNative\HrtfApo.dll [2016/07/16 08:42:22 | 000,149,044 | ---- | C] () -- C:\Windows\SysNative\LargeRoom.bin [2016/07/16 08:42:22 | 000,110,024 | ---- | C] () -- C:\Windows\SysNative\MediumRoom.bin [2016/07/16 08:42:22 | 000,069,776 | ---- | C] () -- C:\Windows\SysNative\SmallRoom.bin [2016/07/16 08:42:22 | 000,046,908 | ---- | C] () -- C:\Windows\SysNative\OutdoorAudioEnvironment.bin [2016/07/16 08:42:22 | 000,002,219 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk [2016/07/16 08:42:20 | 000,142,904 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs [2016/07/16 08:42:20 | 000,000,263 | ---- | C] () -- C:\Windows\SysNative\odbcconf.rsp [2016/07/16 08:42:19 | 000,160,768 | ---- | C] () -- C:\Windows\SysNative\EditionUpgradeHelper.dll [2016/07/16 08:42:19 | 000,039,424 | ---- | C] () -- C:\Windows\SysNative\efsext.dll [2016/07/16 08:42:19 | 000,000,760 | ---- | C] () -- C:\Windows\SysNative\@edptoastimage.png [2016/07/16 08:42:17 | 000,144,862 | ---- | C] () -- C:\Windows\SysNative\tpm.msc [2016/07/16 08:42:17 | 000,124,118 | ---- | C] () -- C:\Windows\SysNative\comexp.msc [2016/07/16 08:42:16 | 003,170,304 | ---- | C] () -- C:\Windows\SysNative\boot.sdi [2016/07/16 08:42:16 | 000,145,519 | ---- | C] () -- C:\Windows\SysNative\perfmon.msc [2016/07/16 08:42:16 | 000,130,048 | ---- | C] () -- C:\Windows\SysNative\chartv.dll [2016/07/16 08:42:16 | 000,056,119 | ---- | C] () -- C:\Windows\SysNative\srms.dat [2016/07/16 08:42:16 | 000,047,682 | ---- | C] () -- C:\Windows\SysNative\diskmgmt.msc [2016/07/16 08:42:15 | 000,145,640 | ---- | C] () -- C:\Windows\SysNative\devmgmt.msc [2016/07/16 08:42:15 | 000,000,714 | ---- | C] () -- C:\Windows\SysNative\RestartManager.mof [2016/07/16 08:42:15 | 000,000,176 | ---- | C] () -- C:\Windows\SysNative\RestartManagerUninstall.mof [2016/07/16 08:42:14 | 000,369,664 | ---- | C] () -- C:\Windows\SysNative\msinfo32.exe [2016/07/16 08:42:13 | 000,145,127 | ---- | C] () -- C:\Windows\SysNative\eventvwr.msc [2016/07/16 08:42:13 | 000,145,059 | ---- | C] () -- C:\Windows\SysNative\taskschd.msc [2016/07/16 08:42:13 | 000,144,909 | ---- | C] () -- C:\Windows\SysNative\fsmgmt.msc [2016/07/16 08:42:13 | 000,144,673 | ---- | C] () -- C:\Windows\SysNative\WmiMgmt.msc [2016/07/16 08:42:13 | 000,113,256 | ---- | C] () -- C:\Windows\SysNative\compmgmt.msc [2016/07/16 08:42:13 | 000,092,746 | ---- | C] () -- C:\Windows\SysNative\services.msc [2016/07/16 08:42:13 | 000,063,081 | ---- | C] () -- C:\Windows\SysNative\certlm.msc [2016/07/16 08:42:13 | 000,063,070 | ---- | C] () -- C:\Windows\SysNative\certmgr.msc [2016/07/16 08:42:13 | 000,041,587 | ---- | C] () -- C:\Windows\SysNative\azman.msc [2016/07/16 08:42:13 | 000,017,935 | ---- | C] () -- C:\Windows\SysNative\EventViewer_EventDetails.xsl [2016/07/16 08:42:12 | 000,435,095 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml [2016/07/16 08:42:12 | 000,115,091 | ---- | C] () -- C:\Windows\SysNative\WF.msc [2016/07/16 08:42:12 | 000,093,696 | ---- | C] () -- C:\Windows\SysNative\BthpanContextHandler.dll [2016/07/16 08:42:12 | 000,091,132 | ---- | C] () -- C:\Windows\SysNative\gatherNetworkInfo.vbs [2016/07/16 08:42:12 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2016/07/16 08:42:12 | 000,021,656 | ---- | C] () -- C:\Windows\SysNative\NetTrace.PLA.Diagnostics.xml [2016/07/16 08:42:12 | 000,009,728 | ---- | C] () -- C:\Windows\SysNative\VpnSohDesktop.dll [2016/07/16 08:42:12 | 000,001,820 | ---- | C] () -- C:\Windows\SysNative\rasctrnm.h [2016/07/16 08:42:12 | 000,000,565 | ---- | C] () -- C:\Windows\SysNative\NdfEventView.xml [2016/07/16 08:42:11 | 000,004,014 | ---- | C] () -- C:\Windows\SysNative\xwizard.dtd [2016/07/16 08:42:11 | 000,002,307 | ---- | C] () -- C:\Windows\SysNative\WimBootCompress.ini [2016/07/16 08:42:11 | 000,000,843 | ---- | C] () -- C:\Windows\SysNative\onlinesetup.cmd [2016/07/16 08:42:11 | 000,000,614 | ---- | C] () -- C:\Windows\SysNative\WdsUnattendTemplate.xml [2016/07/16 08:42:09 | 000,326,656 | ---- | C] () -- C:\Windows\SysNative\wc_storage.dll [2016/07/16 08:42:09 | 000,231,424 | ---- | C] () -- C:\Windows\SysNative\ism32k.dll [2016/07/16 08:42:09 | 000,167,640 | ---- | C] () -- C:\Windows\SysNative\chs_singlechar_pinyin.dat [2016/07/16 08:42:06 | 000,418,304 | ---- | C] () -- C:\Windows\SysNative\Windows.Perception.Stub.dll [2016/07/16 08:42:05 | 000,000,450 | ---- | C] () -- C:\Windows\SysNative\@BackgroundAccessToastIcon.png [2016/07/16 08:42:04 | 000,045,228 | ---- | C] () -- C:\Windows\SysNative\hypervisor.mof [2016/07/16 08:42:04 | 000,000,167 | ---- | C] () -- C:\Windows\SysNative\removehypervisor.mof [2016/07/16 08:42:03 | 000,090,624 | ---- | C] () -- C:\Windows\SysNative\drivers\NetAdapterCx.sys ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\Windows.storage.dll -- [2016/09/26 03:40:06 | 007,219,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\Windows.storage.dll -- [2016/09/26 03:40:06 | 005,721,808 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016/07/16 08:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2016/07/16 08:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016/07/16 08:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2016/09/26 11:04:08 | 000,000,000 | ---D | M] -- C:\Users\stefa\AppData\Roaming\BrowserModule [2016/09/19 00:09:43 | 000,000,000 | ---D | M] -- C:\Users\stefa\AppData\Roaming\EMACLab [2016/09/10 15:44:19 | 000,000,000 | ---D | M] -- C:\Users\stefa\AppData\Roaming\MotioninJoy [2016/09/28 07:43:02 | 000,000,000 | ---D | M] -- C:\Users\stefa\AppData\Roaming\Origin [2016/09/26 11:03:09 | 000,000,000 | ---D | M] -- C:\Users\stefa\AppData\Roaming\Profiles [2016/08/17 18:49:41 | 000,000,000 | ---D | M] -- C:\Users\stefa\AppData\Roaming\Steam [2016/10/07 19:34:57 | 000,000,000 | ---D | M] -- C:\Users\stefa\AppData\Roaming\TS3Client [2016/10/09 07:27:19 | 000,000,000 | ---D | M] -- C:\Users\stefa\AppData\Roaming\uTorrent ========== Purity Check ========== ========== Custom Scans ========== < %systemroot%\system32\drivers\*.* /90 > [2016/07/16 08:42:49 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls [2016/07/16 08:42:49 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt < %systemdrive%\drivers\*.exe > < %SYSTEMDRIVE%\*.* > [2016/08/23 17:51:49 | 000,001,024 | ---- | M] () -- C:\.rnd [2016/10/08 12:20:26 | 000,000,000 | ---- | M] () -- C:\autoexec.bat [2016/08/17 16:57:14 | 000,000,030 | ---- | M] () -- C:\AVScanner.ini [2015/07/10 08:00:32 | 000,395,268 | RHS- | M] () -- C:\bootmgr [2015/07/10 08:00:31 | 000,395,268 | RHS- | M] () -- C:\bootmgr_ [2015/07/10 08:00:31 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT [2016/10/09 07:21:36 | 3376,320,512 | -HS- | M] () -- C:\hiberfil.sys [2016/10/08 19:23:46 | 000,000,992 | ---- | M] () -- C:\INSTALL.LOG [2016/10/08 23:35:12 | 1946,157,056 | -HS- | M] () -- C:\pagefile.sys [2016/10/08 13:07:02 | 000,174,966 | ---- | M] () -- C:\spyhunter.fix [2016/10/08 23:35:13 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys [2016/10/08 23:35:35 | 000,116,144 | ---- | M] () -- C:\zoek-results.log < %LOCALAPPDATA%\*.exe > < %LOCALAPPDATA%\*.txt > < %LOCALAPPDATA%\*.ini > < %LOCALAPPDATA%\*.dll > < %LOCALAPPDATA%\*.dat > < %USERPROFILE%\*.exe > < %USERPROFILE%\*.txt > < %USERPROFILE%\*.ini > [2016/09/26 10:48:37 | 000,000,020 | -HS- | M] () -- C:\Users\stefa\ntuser.ini < %USERPROFILE%\*.dll > < %USERPROFILE%\*.dat /30 > [2016/10/09 02:00:14 | 002,883,584 | -H-- | M] () -- C:\Users\stefa\NTUSER.DAT < C:\Windows\system32\Tasks\*.* /s > [2016/09/26 03:46:56 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2016/10/08 19:27:20 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2016/10/08 19:27:21 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job < C:\Windows\system32\Tasks\*.* /s /64 > [2016/10/01 02:21:45 | 000,004,562 | ---- | M] () -- C:\Windows\SysNative\Tasks\Adobe Acrobat Update Task [2016/10/08 13:33:26 | 000,002,870 | ---- | M] () -- C:\Windows\SysNative\Tasks\CCleanerSkipUAC [2016/09/26 03:46:56 | 000,002,594 | ---- | M] () -- C:\Windows\SysNative\Tasks\CorelUpdateHelperTaskCore [2016/10/08 19:27:21 | 000,003,924 | ---- | M] () -- C:\Windows\SysNative\Tasks\GoogleUpdateTaskMachineCore [2016/10/08 19:27:21 | 000,004,156 | ---- | M] () -- C:\Windows\SysNative\Tasks\GoogleUpdateTaskMachineUA [2016/10/06 18:45:35 | 000,003,938 | ---- | M] () -- C:\Windows\SysNative\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [2016/10/06 18:45:31 | 000,004,002 | ---- | M] () -- C:\Windows\SysNative\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [2016/10/06 18:45:31 | 000,003,708 | ---- | M] () -- C:\Windows\SysNative\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [2016/10/06 18:45:31 | 000,003,912 | ---- | M] () -- C:\Windows\SysNative\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [2016/10/06 18:45:31 | 000,003,750 | ---- | M] () -- C:\Windows\SysNative\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [2016/10/06 18:45:31 | 000,003,974 | ---- | M] () -- C:\Windows\SysNative\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} [2016/09/26 03:46:56 | 000,002,820 | ---- | M] () -- C:\Windows\SysNative\Tasks\OneDrive Standalone Update Task [2016/10/09 01:01:27 | 000,004,180 | ---- | M] () -- C:\Windows\SysNative\Tasks\User_Feed_Synchronization-{A51E66E8-CE61-40D4-ABC0-255932DD76F4} [2016/09/27 11:36:33 | 000,003,706 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 [2016/09/27 11:36:33 | 000,003,712 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 [2016/09/26 03:59:21 | 000,002,882 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical [2016/09/26 03:58:59 | 000,002,876 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical [2016/09/26 03:46:56 | 000,003,978 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) [2016/09/26 03:46:56 | 000,003,426 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) [2016/09/26 03:46:56 | 000,003,436 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\AppID\EDP Policy Manager [2016/09/26 03:46:56 | 000,002,722 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\AppID\PolicyConverter [2016/09/26 03:46:56 | 000,003,320 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific [2016/09/26 03:46:56 | 000,003,346 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck [2016/09/26 03:48:38 | 000,004,680 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser [2016/10/08 12:04:52 | 000,003,074 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater [2016/09/26 03:46:56 | 000,003,090 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Application Experience\StartupAppTask [2016/09/26 03:46:56 | 000,003,586 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily [2016/09/26 03:46:56 | 000,003,964 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall [2016/09/26 03:46:56 | 000,003,052 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState [2016/09/26 03:46:56 | 000,002,716 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup [2016/09/26 12:52:01 | 000,003,086 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup [2016/10/08 12:04:52 | 000,002,930 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Autochk\Proxy [2016/10/08 12:04:52 | 000,002,388 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask [2016/09/26 03:46:56 | 000,002,936 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask [2016/09/26 03:46:56 | 000,002,830 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask [2016/09/26 03:46:56 | 000,003,994 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask [2016/09/26 03:46:56 | 000,003,694 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask [2016/09/26 03:46:56 | 000,003,680 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask [2016/09/26 03:46:56 | 000,003,554 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam [2016/09/26 03:46:56 | 000,002,780 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan [2016/09/26 03:46:56 | 000,003,428 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Clip\License Validation [2016/09/26 03:46:56 | 000,002,242 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CloudExperienceHost\CreateObjectTask [2016/09/26 03:46:56 | 000,003,030 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator [2016/09/26 03:46:56 | 000,003,410 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask [2016/09/26 03:46:56 | 000,003,162 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip [2016/09/26 03:46:56 | 000,003,718 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan [2016/09/26 03:46:56 | 000,003,354 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery [2016/10/08 12:04:52 | 000,002,990 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag [2016/09/26 03:48:10 | 000,004,192 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Device Information\Device [2016/09/26 03:46:56 | 000,002,984 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh [2016/09/26 03:46:56 | 000,002,914 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand [2016/09/26 03:46:56 | 000,002,914 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand [2016/09/26 03:48:15 | 000,003,198 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck [2016/09/26 03:46:56 | 000,002,940 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession [2016/09/26 03:46:56 | 000,003,404 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange [2016/09/26 03:48:15 | 000,003,172 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork [2016/09/26 03:46:56 | 000,003,284 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange [2016/09/26 03:48:15 | 000,003,262 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 [2016/09/26 03:46:56 | 000,003,390 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 [2016/09/26 03:48:15 | 000,003,230 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 [2016/09/26 03:46:56 | 000,003,426 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange [2016/09/26 03:48:15 | 000,003,272 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff [2016/09/26 03:46:56 | 000,003,202 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange [2016/09/26 03:46:56 | 000,003,308 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice [2016/09/26 03:46:56 | 000,003,092 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Diagnosis\Scheduled [2016/09/26 03:46:56 | 000,003,072 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup [2016/09/26 03:46:56 | 000,003,034 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector [2016/09/26 03:46:56 | 000,002,766 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver [2016/09/26 03:46:56 | 000,002,398 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics [2016/09/26 03:46:56 | 000,002,430 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DiskFootprint\StorageSense [2016/09/26 03:46:56 | 000,002,384 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DUSM\dusmtask [2016/09/26 03:46:56 | 000,002,302 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\EDP\EDP App Launch Task [2016/09/26 03:46:56 | 000,002,284 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\EDP\EDP Auth Task [2016/09/26 03:46:56 | 000,002,182 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask [2016/09/26 03:46:56 | 000,002,782 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate [2016/09/26 03:46:56 | 000,002,948 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate [2016/09/26 03:46:56 | 000,002,880 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient [2016/09/26 03:46:56 | 000,002,998 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload [2016/09/26 03:46:56 | 000,003,596 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync [2016/09/26 03:46:56 | 000,002,996 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) [2016/09/26 03:46:56 | 000,003,736 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation [2016/09/26 03:46:56 | 000,003,168 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation [2016/09/26 03:46:56 | 000,003,340 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange [2016/10/08 12:04:52 | 000,002,698 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Location\Notifications [2016/09/26 03:46:56 | 000,002,572 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Location\WindowsActionDialog [2016/09/26 03:46:56 | 000,003,002 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Maintenance\WinSAT [2016/09/26 03:46:56 | 000,002,998 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Management\Provisioning\Logon [2016/09/26 03:46:56 | 000,002,946 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Maps\MapsToastTask [2016/09/26 03:46:56 | 000,003,474 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Maps\MapsUpdateTask [2016/09/26 03:46:56 | 000,005,684 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents [2016/09/26 03:46:56 | 000,003,446 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic [2016/09/26 03:46:56 | 000,003,582 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser [2016/09/26 03:46:56 | 000,002,796 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\MUI\LPRemove [2016/09/26 03:46:56 | 000,002,574 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService [2016/09/26 03:46:56 | 000,002,818 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler [2016/10/08 12:04:52 | 000,002,504 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo [2016/09/26 03:46:56 | 000,002,996 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\NlaSvc\WiFiTask [2016/09/26 03:46:56 | 000,003,170 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Offline Files\Background Synchronization [2016/09/26 03:46:56 | 000,002,840 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Offline Files\Logon Synchronization [2016/09/26 03:46:56 | 000,003,060 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\PI\Secure-Boot-Update [2016/09/26 03:46:56 | 000,002,880 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\PI\Sqm-Tasks [2016/09/26 03:46:56 | 000,002,972 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy [2016/09/26 03:46:56 | 000,002,992 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required [2016/09/26 03:46:56 | 000,003,200 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup [2016/10/08 12:04:52 | 000,002,398 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers [2016/09/26 03:46:56 | 000,003,128 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem [2016/09/26 03:46:56 | 000,003,462 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Ras\MobilityManager [2016/09/26 03:46:56 | 000,003,420 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE [2016/09/26 03:46:56 | 000,003,218 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Registry\RegIdleBackup [2016/10/08 12:04:52 | 000,003,856 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask [2016/09/26 03:48:00 | 000,004,030 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent [2016/09/26 03:46:56 | 000,002,502 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup [2016/09/26 03:46:56 | 000,002,544 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask [2016/09/26 03:46:56 | 000,002,576 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SettingSync\BackupTask [2016/09/26 03:46:56 | 000,002,904 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask [2016/09/26 03:46:56 | 000,002,838 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Setup\SetupCleanupTask [2016/09/26 03:46:56 | 000,002,766 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SharedPC\Account Cleanup [2016/09/26 03:46:56 | 000,002,636 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Shell\CreateObjectTask [2016/09/26 03:47:20 | 000,003,512 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor [2016/09/26 03:46:56 | 000,003,336 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask [2016/09/26 03:46:56 | 000,003,208 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask [2016/09/26 03:46:56 | 000,002,756 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance [2016/10/09 07:25:04 | 000,004,680 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask [2016/09/26 03:46:56 | 000,003,312 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon [2016/09/26 03:52:48 | 000,003,988 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork [2016/09/26 03:46:56 | 000,003,006 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask [2016/09/26 03:46:56 | 000,003,064 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask [2016/09/26 03:46:56 | 000,003,238 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask [2016/09/26 03:46:56 | 000,003,200 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization [2016/09/26 03:46:56 | 000,003,286 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization [2016/09/26 03:46:56 | 000,004,764 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition [2016/09/26 03:46:56 | 000,003,592 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition [2016/09/26 03:46:56 | 000,003,056 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate [2016/09/26 03:46:56 | 000,003,126 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance [2016/09/26 03:46:56 | 000,002,972 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync [2016/09/27 11:37:46 | 000,003,858 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask [2016/10/08 12:04:52 | 000,003,036 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SystemRestore\SR [2016/09/26 03:46:56 | 000,002,762 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Task Manager\Interactive [2016/09/26 03:46:56 | 000,002,622 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor [2016/09/26 03:46:56 | 000,002,932 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime [2016/10/08 12:04:52 | 000,002,960 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime [2016/09/26 03:46:56 | 000,002,600 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone [2016/09/26 03:46:56 | 000,002,816 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr [2016/09/26 03:46:56 | 000,003,592 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance [2016/10/01 21:33:36 | 000,002,420 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install [2016/09/26 03:48:31 | 000,003,192 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install [2016/09/26 17:16:28 | 000,003,396 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot [2016/09/26 03:46:56 | 000,003,344 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings [2016/10/09 01:35:54 | 000,002,268 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot [2016/10/09 01:35:14 | 000,005,286 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan [2016/09/26 03:46:56 | 000,002,330 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display [2016/09/26 03:46:56 | 000,002,396 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot [2016/10/08 12:04:52 | 000,002,388 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig [2016/09/26 03:46:56 | 000,003,650 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\User Profile Service\HiveUploadTask [2016/09/26 03:46:56 | 000,002,920 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WCM\WiFiTask [2016/09/26 03:46:56 | 000,002,892 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WDI\ResolutionHost [2016/10/08 12:04:52 | 000,002,836 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance [2016/10/08 12:04:52 | 000,002,798 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup [2016/10/08 12:04:52 | 000,002,788 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan [2016/10/08 12:04:52 | 000,002,824 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification [2016/10/08 12:04:52 | 000,004,052 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting [2016/10/08 12:04:52 | 000,003,348 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange [2016/10/08 12:04:52 | 000,003,480 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary [2016/09/26 10:48:41 | 000,003,224 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader [2016/09/26 03:46:56 | 000,003,426 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update [2016/10/09 01:45:55 | 000,005,246 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start [2016/09/26 03:46:56 | 000,003,300 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WindowsUpdate\sih [2016/09/26 03:46:56 | 000,003,186 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WindowsUpdate\sihboot [2016/09/26 03:46:56 | 000,002,564 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Wininet\CacheTask [2016/09/26 03:46:56 | 000,003,060 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management [2016/09/26 03:46:56 | 000,002,794 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation [2016/09/26 03:46:56 | 000,002,790 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization [2016/09/26 03:46:56 | 000,003,090 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work [2016/09/26 03:46:56 | 000,002,744 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join [2016/09/26 03:46:56 | 000,002,522 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\XblGameSave\XblGameSaveTask [2016/09/26 03:46:56 | 000,002,528 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon < %windir%\tasks\*.* /s > [2016/10/08 19:33:10 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2016/10/08 19:33:10 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2016/10/08 23:35:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT < %systemroot%\*.scr > < HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections > "DefaultConnectionSettings" = 46 00 00 00 03 00 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [binary data] "SavedLegacySettings" = 46 00 00 00 C3 03 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [binary data] < HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations > < HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments > < HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run /s > < HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl > [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WARN_ON_SEC_CERT_REV_FAILED] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] < \FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMP > < HKCU\Software\Microsoft\Internet Explorer\Downloads > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings > "ActiveXCache" = C:\Windows\Downloaded Program Files -- [2016/07/16 08:47:50 | 000,000,000 | --SD | M] "CodeBaseSearchPath" = CODEBASE "EnablePunycode" = 1 "MinorVersion" = 0 "WarnOnIntranet" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ActiveX Cache] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedBehaviors] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedDragImageExts] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedDragProtocols] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Http Filters] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Last Update] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\LUI] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\NoFileLifetimeExtension] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Passport] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\PluggableProtocols] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Secure Mime Handlers] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\SO] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\SOIEAK] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Url History] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones] < HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings > "ActiveXCache" = C:\Windows\Downloaded Program Files -- [2016/07/16 08:47:50 | 000,000,000 | --SD | M] "CodeBaseSearchPath" = CODEBASE "EnablePunycode" = 1 "MinorVersion" = 0 "WarnOnIntranet" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ActiveX Cache] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedBehaviors] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedDragImageExts] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedDragProtocols] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Cache] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Http Filters] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Last Update] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\LUI] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\NoFileLifetimeExtension] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\P3P] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Passport] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\PluggableProtocols] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Secure Mime Handlers] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SO] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SOIEAK] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Url History] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones] < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server > "AllowRemoteRPC" = 0 "DelayConMgrTimeout" = 0 "DeleteTempDirsOnExit" = 1 "fDenyTSConnections" = 1 "fSingleSessionPerUser" = 1 "NotificationTimeOut" = 0 "PerSessionTempDir" = 0 "ProductVersion" = 5.1 "RCDependentServices" = CertPropSvcSessionEnv [binary data] "SnapshotMonitors" = 1 "StartRCM" = 0 "TSUserEnabled" = 0 "RailShowallNotifyIcons" = 1 "RDPVGCInstalled" = 1 "InstanceID" = 08830e89-0693-4f5d-94c1-a4319c4 "GlassSessionId" = 2 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\AddIns] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\ConnectionHandler] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\KeyboardType Mapping] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\SessionArbitrationHelper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\SysProcs] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\TerminalTypes] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Utilities] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\VIDEO] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations] < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Licensing Core > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon > "DefaultDomainName" = "DefaultUserName" = "EnableSIHostIntegration" = 1 "PreCreateKnownFolders" = {A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell" = explorer.exe -- [2016/07/16 08:43:04 | 004,312,248 | ---- | M] (Microsoft Corporation) "ShellCritical" = 0 "SiHostCritical" = 0 "SiHostReadyTimeOut" = 0 "SiHostRestartCountLimit" = 0 "SiHostRestartTimeGap" = 0 "AutoRestartShell" = 1 "Userinit" = C:\Windows\system32\userinit.exe, [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AlternateShells] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services > [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client] < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa > "auditbasedirectories" = 0 "auditbaseobjects" = 0 "Bounds" = 0 [binary data] "crashonauditfail" = 0 "LimitBlankPasswordUse" = 1 "NoLmHash" = 1 "Security Packages" = "" [binary data] "Notification Packages" = scecli [binary data] -- [2016/07/16 08:43:01 | 000,211,968 | ---- | M] (Microsoft Corporation) "Authentication Packages" = msv1_0 [binary data] -- [2016/09/26 03:40:06 | 000,340,832 | ---- | M] (Microsoft Corporation) "disabledomaincreds" = 0 "everyoneincludesanonymous" = 0 "forceguest" = 0 "fullprivilegeauditing" = 80 [binary data] "LsaPid" = 764 "ProductType" = 6 "restrictanonymous" = 0 "restrictanonymoussam" = 1 "SamConnectedAccountsExist" = 1 "SecureBoot" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\CentralizedAccessPolicies] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\OSConfig] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache] < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts > < \UserList > < HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN > "Anchor_Visitation_Horizon" = 01 00 00 00 [binary data] "ApplicationTileImmersiveActivation" = 1 "AssociationActivationMode" = 0 "AutoHide" = yes "Cache_Percent_of_Disk" = 0A 00 00 00 [binary data] "Default_Page_URL" = http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL" = http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL" = [binary data] "Delete_Temp_Files_On_Exit" = yes "Enable_Disk_Cache" = yes "Extensions Off Page" = about:NoAdd-ons "Local Page" = C:\Windows\SysWOW64\blank.htm "Placeholder_Height" = 1A 00 00 00 [binary data] "Placeholder_Width" = 1A 00 00 00 [binary data] "Search Page" = http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page" = about:SecurityRisk "Start Page" = http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS" = yes "x86AppPath" = C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE -- [2016/07/16 08:43:53 | 000,825,536 | ---- | M] (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\ErrorThresholds] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\UrlTemplate] < HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon > "DefaultDomainName" = "DefaultUserName" = "EnableSIHostIntegration" = 1 "PreCreateKnownFolders" = {A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell" = explorer.exe -- [2016/07/16 08:43:04 | 004,312,248 | ---- | M] (Microsoft Corporation) "ShellCritical" = 0 "SiHostCritical" = 0 "SiHostReadyTimeOut" = 0 "SiHostRestartCountLimit" = 0 "SiHostRestartTimeGap" = 0 "AutoRestartShell" = 1 "Userinit" = C:\Windows\system32\userinit.exe, [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\AlternateShells] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] < \SpecialAccounts\UserList > < HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN > "Anchor_Visitation_Horizon" = 01 00 00 00 [binary data] "ApplicationTileImmersiveActivation" = 1 "AssociationActivationMode" = 0 "AutoHide" = yes "Cache_Percent_of_Disk" = 0A 00 00 00 [binary data] "Default_Page_URL" = http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL" = http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL" = [binary data] "Delete_Temp_Files_On_Exit" = yes "Enable_Disk_Cache" = yes "Extensions Off Page" = about:NoAdd-ons "Local Page" = C:\Windows\SysWOW64\blank.htm "Placeholder_Height" = 1A 00 00 00 [binary data] "Placeholder_Width" = 1A 00 00 00 [binary data] "Search Page" = http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page" = about:SecurityRisk "Start Page" = http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS" = yes "x86AppPath" = C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE -- [2016/07/16 08:43:53 | 000,825,536 | ---- | M] (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\ErrorThresholds] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\UrlTemplate] < HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Google\Chrome > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TermService > "ImagePath" = %SystemRoot%\System32\svchost.exe -k NetworkService -- [2016/07/16 08:42:55 | 000,038,792 | ---- | M] (Microsoft Corporation) "DisplayName" = @%SystemRoot%\System32\termsrv.dll,-268 "ErrorControl" = 1 "Start" = 3 "Type" = 32 "Description" = @%SystemRoot%\System32\termsrv.dll,-267 "DependOnService" = RPCSS [binary data] "ObjectName" = NT Authority\NetworkService "ServiceSidType" = 1 "RequiredPrivileges" = SeAssignPrimaryTokenPrivilegeSeAu [Binary data over 200 bytes] "FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 60 EA 00 00 00 00 00 00 60 EA 00 00 [binary data] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TermService\Parameters] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TermService\Performance] < net user /c > Contas de usu rio para \\DESKTOP-9L5P09H ------------------------------------------------------------------------------- Administrador Convidado DefaultAccount stefa Comando conclu¡do com ˆxito. < MD5 for: TERMSRV.DLL > [2016/07/16 08:42:34 | 000,987,648 | ---- | M] (Microsoft Corporation) MD5=FB68E5F02316C42BE7282DA492351C6F -- C:\Windows\SysNative\termsrv.dll [2016/07/16 08:42:34 | 000,987,648 | ---- | M] (Microsoft Corporation) MD5=FB68E5F02316C42BE7282DA492351C6F -- C:\Windows\WinSxS\amd64_microsoft-Windows-t..teconnectionmanager_31bf3856ad364e35_10.0.14393.0_none_bc13ad436af6bbc9\termsrv.dll < %systemdrive%\$Recycle.Bin|@;true;true;true /fp > ========== Alternate Data Streams ========== @Alternate Data Stream - 10 bytes -> C:\ProgramData\GbPlugin:IncompleteStartGbprcm.cnt @Alternate Data Stream - 10 bytes -> C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt < End of report >
  8. Solicitação de Analise de Log

    Zoek.exe v5.0.0.1 Updated 19-September-2016 Tool run by stefa on 08/10/2016 at 22:00:08,16. Microsoft Windows 10 Pro 10.0.14393 x64 Running in: Normal Mode Internet Access Detected Launched: F:\Arquivos e Programas\Torrent\zoek.exe [Scan all users] [Quick Scan] [Auto Clean] ==== System Restore Info ====================== 08/10/2016 22:01:25 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Enigma Software Group deleted successfully C:\PROGRA~2\McAfee deleted successfully C:\Program Files\Common Files\McAfee deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\stefa\AppData\Local\PackageStaging deleted successfully C:\Users\stefa\AppData\Local\PeerDistRepub deleted successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-234761692-2337313760-212355441-1001\SOFTWARE\Microsoft\Internet Explorer\Approved Extensions\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} deleted successfully ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Enigma Software Group not found C:\PROGRA~2\McAfee not found C:\Users\stefa\AppData\Roaming\WhatsApp deleted C:\PROGRA~3\Package Cache deleted C:\Windows\SysNative\GroupPolicy\Adm deleted C:\Windows\SysNative\GroupPolicy\Machine deleted C:\Windows\SysNative\GroupPolicy\User deleted C:\Windows\SysNative\GroupPolicy\gpt.ini deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2016-09-26 06:47:26 99F5D5BBD351694638DF3C0CC4A919A3 7623 ----a-w- C:\Windows\diagwrn.xml 2016-09-26 06:47:26 99F5D5BBD351694638DF3C0CC4A919A3 7623 ----a-w- C:\Windows\diagerr.xml 2016-09-26 06:43:27 E1F3CFB1249598DE9247BB8EB9117E4B 67584 --s-a-w- C:\Windows\bootstat.dat 2016-09-22 15:52:42 A5D0038F0C04724CF6EE66E2213E6481 441526 ----a-w- C:\Windows\e535ae8af0f418dfce90f90844a7b175.exe 2016-09-09 23:35:51 74F28574BB8F61FFC7DD419FE6B6E0D5 1951 ----a-w- C:\Windows\NvContainerRecovery.bat ====== C:\Users\stefa\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-10-06 21:56:32 5ACC44ECC9053EF66EC492BDE9152BFA 133056 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2016-10-06 21:56:29 6448CF3F64B96B8C72A9D5905F7C07B0 110880 ----a-w- C:\Windows\SysWOW64\vulkaninfo.exe 2016-10-06 21:56:29 2F28B023406F83D17ACE4294E2510F44 269600 ----a-w- C:\Windows\SysWOW64\vulkan-1.dll 2016-10-06 21:55:09 E6AB56190274E7973502352DEA1CF95F 642392 ----a-w- C:\Windows\SysWOW64\nvEncMFThevc.dll 2016-10-06 21:55:09 E1FC6BDD5D58497B4F0766235EBD0DFA 8877808 ----a-w- C:\Windows\SysWOW64\nvptxJitCompiler.dll 2016-10-06 21:55:09 C091A940EFE71D294697D4DC8ECCF501 348728 ----a-w- C:\Windows\SysWOW64\nvDecMFTMjpeg.dll 2016-10-06 21:55:09 B14701F08F694F37A939CA7E215772B8 8693056 ----a-w- C:\Windows\SysWOW64\nvcuda.dll 2016-10-06 21:55:09 A44BC9667822E9B307E12C636983370E 9098864 ----a-w- C:\Windows\SysWOW64\nvopencl.dll 2016-10-06 21:55:09 7BBBBC2B928ABBD60FFCE57565F3DC3B 644112 ----a-w- C:\Windows\SysWOW64\nvEncMFTH264.dll 2016-10-06 21:55:09 5C609473CACD621CAAAD67225DA12FA5 578056 ----a-w- C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2016-10-06 21:55:09 4E85804A6F07ADA7512FE8F54ECC9F74 28245560 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll 2016-10-06 21:55:09 45B9764ABE7FCCAEAE0B1A68AB0DC03B 35180992 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll 2016-10-06 21:55:09 3FBF1F9ACD3BE4F09EB80E885BA134F7 327408 ----a-w- C:\Windows\SysWOW64\nvEncodeAPI.dll 2016-10-06 21:55:09 3AEA71752AC30BF12A2529253052FB71 958520 ----a-w- C:\Windows\SysWOW64\NvFBC.dll 2016-10-06 21:55:09 1B024FF8EDB0C5F8DF6774B2B164725C 390200 ----a-w- C:\Windows\SysWOW64\NvIFROpenGL.dll 2016-10-06 21:55:09 029B6D57648469161A4A74CB728096F9 2551352 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll 2016-10-06 21:55:09 00127199A5A0187C02E78BDC9BE87FEF 895032 ----a-w- C:\Windows\SysWOW64\NvIFR.dll 2016-09-26 06:44:57 D0818657648366B03C7CB4AA2DCED253 2716672 ----a-w- C:\Windows\SysWOW64\PrintConfig.dll 2016-09-26 06:42:18 C528E7A2C3E79236D3CA4609FE1FEE3B 727 ----a-w- C:\Windows\SysWOW64\license.rtf 2016-09-26 06:40:22 F34F554AE030BBFDD852A2CA626C1465 45568 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2016-09-26 06:40:22 EBC4D08F2F3AD53C23BAB613FD34E6CA 709120 ----a-w- C:\Windows\SysWOW64\CPFilters.dll 2016-09-26 06:40:22 EA9D4CD0F30337BC51F50CBAD8097933 592384 ----a-w- C:\Windows\SysWOW64\GamePanel.exe 2016-09-26 06:40:22 E649B9DE608BFA72970A8371F6AA732F 2206496 ----a-w- C:\Windows\SysWOW64\msmpeg2vdec.dll 2016-09-26 06:40:22 E20D986769963ACE3904334A92C37F2A 343040 ----a-w- C:\Windows\SysWOW64\PlayToDevice.dll 2016-09-26 06:40:22 D508341E723C1A9E96083947A6632479 2217472 ----a-w- C:\Windows\SysWOW64\wininet.dll 2016-09-26 06:40:22 BD3CC07916DE6906E95635E8FF7B1CBC 231424 ----a-w- C:\Windows\SysWOW64\CloudBackupSettings.dll 2016-09-26 06:40:22 BA7E31838CE6BFB3F0DB8DA7A519B47A 68096 ----a-w- C:\Windows\SysWOW64\SettingSyncPolicy.dll 2016-09-26 06:40:22 A76EB76BC591B186FBCAFD1E921C492F 491520 ----a-w- C:\Windows\SysWOW64\bcastdvr.exe 2016-09-26 06:40:22 9D966551A9046C1E05702ACF803B23A5 1966288 ----a-w- C:\Windows\SysWOW64\hevcdecoder.dll 2016-09-26 06:40:22 9C2EEE789125E9D68131922ED7CC8B29 444416 ----a-w- C:\Windows\SysWOW64\SettingSync.dll 2016-09-26 06:40:22 96D97C53938CAFDB2D9076514160711C 2251432 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2016-09-26 06:40:22 8DD77C980928EDC2EED5C1B563E408A7 795648 ----a-w- C:\Windows\SysWOW64\MiracastReceiver.dll 2016-09-26 06:40:22 6AAF7906DA9D1CDC174AF9EFEDC35C29 640000 ----a-w- C:\Windows\SysWOW64\MCRecvSrc.dll 2016-09-26 06:40:22 677DB65B78EC1BE250371B53C1D1C42B 1595904 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2016-09-26 06:40:22 5E7F1F15E5A9573C460770FB77B9F05C 1255936 ----a-w- C:\Windows\SysWOW64\AzureSettingSyncProvider.dll 2016-09-26 06:40:22 4C74A9678409A531F016121897E0B684 156672 ----a-w- C:\Windows\SysWOW64\BcastDVRHelper.dll 2016-09-26 06:40:22 3E7DF95A65E1A6EC036763B0413C8B92 1557296 ----a-w- C:\Windows\SysWOW64\winmde.dll 2016-09-26 06:40:22 3B12E33EFC631609A7C57370C8047928 4612608 ----a-w- C:\Windows\SysWOW64\Windows.Media.dll 2016-09-26 06:40:18 FAEA49C46D260C0E93364FDB48284723 81408 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2016-09-26 06:40:18 F9E36CEA34539DAF1CC1C556E4D5DAC3 6043136 ----a-w- C:\Windows\SysWOW64\Chakra.dll 2016-09-26 06:40:18 F998BC859F9AE1224848D828B9AA6ABD 243712 ----a-w- C:\Windows\SysWOW64\eapp3hst.dll 2016-09-26 06:40:18 F91D27953FFEDE18D8BA84317D38ADAC 3305984 ----a-w- C:\Windows\SysWOW64\MFMediaEngine.dll 2016-09-26 06:40:18 F91694EC6E9C772E9A8335B46E6DB81F 1220608 ----a-w- C:\Windows\SysWOW64\Windows.Media.Audio.dll 2016-09-26 06:40:18 F44F1134552C9B021533F40F46BA1220 2755584 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2016-09-26 06:40:18 F096ACC9EE737E087D16B294AF968E54 508416 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2016-09-26 06:40:18 EC510ABC727F564F47DE1F7BDD97AE80 38912 ----a-w- C:\Windows\SysWOW64\wfdprov.dll 2016-09-26 06:40:18 E8719A43DCBFC9A86374B8F53920D5FC 121368 ----a-w- C:\Windows\SysWOW64\mfps.dll 2016-09-26 06:40:18 E82E788C7E7B8309C9B460C71C7BC487 15360 ----a-w- C:\Windows\SysWOW64\wlanhlp.dll 2016-09-26 06:40:18 E6FFE8E3CC7D4F912E8DA883C36FCAC9 3893376 ----a-w- C:\Windows\SysWOW64\mfcore.dll 2016-09-26 06:40:18 E1061870262AD595A16154C453A0BEAE 484584 ----a-w- C:\Windows\SysWOW64\AudioSes.dll 2016-09-26 06:40:18 DEB504EA38A82FB93FC733E2C0113864 12345856 ----a-w- C:\Windows\SysWOW64\wmp.dll 2016-09-26 06:40:18 DB169C16620112169F801CE7C58F396C 231936 ----a-w- C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2016-09-26 06:40:18 CE9D967E2347A05C30E97EA6C0D48143 635904 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2016-09-26 06:40:18 CC8FAB9F22A20B9C314DF2F1E9247482 5120 ----a-w- C:\Windows\SysWOW64\msdxm.ocx 2016-09-26 06:40:18 CC8FAB9F22A20B9C314DF2F1E9247482 5120 ----a-w- C:\Windows\SysWOW64\dxmasf.dll 2016-09-26 06:40:18 C801A619AEAC6F37C4B011B14D651921 19416576 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2016-09-26 06:40:18 B9C66D12CE1BB9DA007537AA3313A6FE 12174336 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2016-09-26 06:40:18 ABC62EE7A92EABED1DB81F73FCAC08D4 1853232 ----a-w- C:\Windows\SysWOW64\mfmp4srcsnk.dll 2016-09-26 06:40:18 A16F26BA3232C1FD4529FF990B7C197C 1293312 ----a-w- C:\Windows\SysWOW64\WMPDMC.exe 2016-09-26 06:40:18 9675B603537218820C682400BC8622D6 2026496 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2016-09-26 06:40:18 95CFC05F34079A4B2CE4BBABC05BDEDA 197120 ----a-w- C:\Windows\SysWOW64\eappcfg.dll 2016-09-26 06:40:18 9557D17FC4836D38A079100AE537058F 822784 ----a-w- C:\Windows\SysWOW64\Chakradiag.dll 2016-09-26 06:40:18 93B29353460403142BD6A6692908123D 980824 ----a-w- C:\Windows\SysWOW64\mfnetcore.dll 2016-09-26 06:40:18 8FC85E2CFA234AE5857A3AA9CDB109F6 235008 ----a-w- C:\Windows\SysWOW64\eapphost.dll 2016-09-26 06:40:18 887A0C46FCC65DAEC16F3A0D64DB8735 3667456 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2016-09-26 06:40:18 804DCE6D165D93ED74A5472B84B6D429 640976 ----a-w- C:\Windows\SysWOW64\evr.dll 2016-09-26 06:40:18 6EDEFA6A8F3FAD2836588D4ECE1AFAE1 1123360 ----a-w- C:\Windows\SysWOW64\mfplat.dll 2016-09-26 06:40:18 6D6B1D985326848BFA5C951DF72489DB 198656 ----a-w- C:\Windows\SysWOW64\indexeddbserver.dll 2016-09-26 06:40:18 5750D828D956B7B0247C291540746497 121344 ----a-w- C:\Windows\SysWOW64\Chakrathunk.dll 2016-09-26 06:40:18 56EAAD601833231995F809A4B671151E 846336 ----a-w- C:\Windows\SysWOW64\WebcamUi.dll 2016-09-26 06:40:18 553F523EB712473F0EBCA116EB768EC9 198144 ----a-w- C:\Windows\SysWOW64\FSClient.dll 2016-09-26 06:40:18 4A176D179AC43240482C0C26DA82FEAE 313560 ----a-w- C:\Windows\SysWOW64\wlanapi.dll 2016-09-26 06:40:18 483BEFF11EB11AB6FDEAB013301754CE 9260032 ----a-w- C:\Windows\SysWOW64\wmploc.DLL 2016-09-26 06:40:18 482987D63FFF38BF849991949853E285 1360456 ----a-w- C:\Windows\SysWOW64\mfnetsrc.dll 2016-09-26 06:40:18 4406A3C1D05048CAC6FA68187D65C820 1509376 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2016-09-26 06:40:18 42F8062B5B0216A890EB98621EFFA51F 181760 ----a-w- C:\Windows\SysWOW64\mfsensorgroup.dll 2016-09-26 06:40:18 41C1C773DBBF8DC04834CE8263085359 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2016-09-26 06:40:18 389A5D051A6E5038BA10366968C1D649 1362504 ----a-w- C:\Windows\SysWOW64\wmpmde.dll 2016-09-26 06:40:18 31CEC1815AF7F92E1C466F49EC944751 57344 ----a-w- C:\Windows\SysWOW64\eappprxy.dll 2016-09-26 06:40:18 307C3247BA806912FC18CA91041DA113 1077760 ----a-w- C:\Windows\SysWOW64\Windows.Media.Editing.dll 2016-09-26 06:40:18 2E966C10310A85BB7D569A035D153DAB 340480 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2016-09-26 06:40:18 28AA5EEBF4FD13B2871F719D7E8E4267 691712 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2016-09-26 06:40:18 28220013C6DB1BAC7613E2B55D11B50F 9216 ----a-w- C:\Windows\SysWOW64\spwmp.dll 2016-09-26 06:40:18 269F9347BA8420679673C1E254AFEF8C 19417088 ----a-w- C:\Windows\SysWOW64\edgehtml.dll 2016-09-26 06:40:18 260A7E9D5FF720446F6CAA436E8F22A0 248832 ----a-w- C:\Windows\SysWOW64\dlnashext.dll 2016-09-26 06:40:18 1B8E91090B00A80B4DB99B64BF2F54D8 955520 ----a-w- C:\Windows\SysWOW64\mfsvr.dll 2016-09-26 06:40:18 18F63F35EC3A59D2E6E0AB0AC1C814E4 1343928 ----a-w- C:\Windows\SysWOW64\mfsrcsnk.dll 2016-09-26 06:40:18 16A7D35F3BE1CE2D91120AB28257C362 29696 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2016-09-26 06:40:18 1239C51284092F90C31583F699FA1062 91648 ----a-w- C:\Windows\SysWOW64\eappgnui.dll 2016-09-26 06:40:17 F05DA5C0AF9464137A4BD12C4FA80D90 1570680 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2016-09-26 06:40:17 762656B24568CA509EC05E137C54C5B2 1656320 ----a-w- C:\Windows\SysWOW64\Windows.Devices.Perception.dll 2016-09-26 06:40:17 2466B7CF57CF5E1BF273665D1BCA3F27 1707512 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2016-09-26 06:40:17 210B201DB4254094F75BFE098AD0B738 391168 ----a-w- C:\Windows\SysWOW64\CredProvDataModel.dll 2016-09-26 06:40:15 F9BFEAB747DE538139A746CDA3B7CBB0 114176 ----a-w- C:\Windows\SysWOW64\setupugc.exe 2016-09-26 06:40:15 F2711C746D3AD450E6276139F177422D 959104 ----a-w- C:\Windows\SysWOW64\ole32.dll 2016-09-26 06:40:15 D8A199D0F984727101123ADFF149EFD3 7623680 ----a-w- C:\Windows\SysWOW64\twinui.dll 2016-09-26 06:40:15 D797013FEACE7C0E6382C651E1B785BF 1106944 ----a-w- C:\Windows\SysWOW64\wsp_health.dll 2016-09-26 06:40:15 D45DF2552C3C38024D4CADE4EBED061A 117240 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2016-09-26 06:40:15 CCC20EF7F89FCD11BC809B90C8768182 118272 ----a-w- C:\Windows\SysWOW64\slc.dll 2016-09-26 06:40:15 C6BF51DA6A0432F44B911EF145D85B1B 798208 ----a-w- C:\Windows\SysWOW64\authui.dll 2016-09-26 06:40:15 B968615375D2C4922A0245A9558893BB 105984 ----a-w- C:\Windows\SysWOW64\sppc.dll 2016-09-26 06:40:15 B30EF73AC4993A1B2D540B0B9E5D3978 47104 ----a-w- C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-09-26 06:40:15 B13834EC0DF49734EDB55B95B291F345 19968 ----a-w- C:\Windows\SysWOW64\slcext.dll 2016-09-26 06:40:15 A8A1972707EDB245529005D4507CD220 321792 ----a-w- C:\Windows\SysWOW64\LockAppHost.exe 2016-09-26 06:40:15 A5B3274588A455D586827056E11C192C 58880 ----a-w- C:\Windows\SysWOW64\ConfigureExpandedStorage.dll 2016-09-26 06:40:15 990E927E27B0FF1191C55472EBEA3DD2 181760 ----a-w- C:\Windows\SysWOW64\tcpipcfg.dll 2016-09-26 06:40:15 82EAA0F38238DFB086DF42575C4A3987 1556992 ----a-w- C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2016-09-26 06:40:15 7E1DE305D91428A2AE496EA0BCEFFA3E 5398016 ----a-w- C:\Windows\SysWOW64\aclui.dll 2016-09-26 06:40:15 7CB21D73BB04088F9EC6171B4092F477 34304 ----a-w- C:\Windows\SysWOW64\LaunchWinApp.exe 2016-09-26 06:40:15 740B1748A7B9F11B5F5852B79EF3302D 298496 ----a-w- C:\Windows\SysWOW64\resutils.dll 2016-09-26 06:40:15 6CF01BB82C4ECBAB088863BFFCB3239B 466432 ----a-w- C:\Windows\SysWOW64\sppcext.dll 2016-09-26 06:40:15 6019DC32EC94E1AA3637FFD13DEE5837 141824 ----a-w- C:\Windows\SysWOW64\DscCoreConfProv.dll 2016-09-26 06:40:15 5E6C609A05EB9CEA4A2B12D38F0139FD 711680 ----a-w- C:\Windows\SysWOW64\Windows.UI.Search.dll 2016-09-26 06:40:15 533E0CA205CE52DC0E1BB31F9895F455 1228288 ----a-w- C:\Windows\SysWOW64\usercpl.dll 2016-09-26 06:40:15 4A1A91703A20DB81E8E2ACFCE5F339E6 558080 ----a-w- C:\Windows\SysWOW64\clusapi.dll 2016-09-26 06:40:15 464017E65F4D1389C5DD638A728C9CC4 1316352 ----a-w- C:\Windows\SysWOW64\wsp_fs.dll 2016-09-26 06:40:15 41C66BB9044FEFC880DBE294AB91C13D 20965248 ----a-w- C:\Windows\SysWOW64\shell32.dll 2016-09-26 06:40:15 069F2DAFB360367EBAF313B5D6E0CC21 498688 ----a-w- C:\Windows\SysWOW64\LogonController.dll 2016-09-26 06:40:15 05FE3C95087AC75E302FCD184931B9E9 25600 ----a-w- C:\Windows\SysWOW64\netiougc.exe 2016-09-26 06:40:15 056E20BF43207E95A92D38B539656E3E 790760 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2016-09-26 06:40:12 AA41F294289B678E23B3C63792E29C79 939872 ----a-w- C:\Windows\SysWOW64\pidgenx.dll 2016-09-26 06:40:10 F5E677316259341EEE87FD29B82CB73F 895488 ----a-w- C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2016-09-26 06:40:10 F4AEED76A0758813E9504F3D8731EFF8 866816 ----a-w- C:\Windows\SysWOW64\Windows.UI.Cred.dll 2016-09-26 06:40:10 F05624A666CECC5181AD269AEFDAA77C 54784 ----a-w- C:\Windows\SysWOW64\AddressParser.dll 2016-09-26 06:40:10 EE869580454C8359124B2D9454B0245B 1170944 ----a-w- C:\Windows\SysWOW64\Windows.Media.Speech.dll 2016-09-26 06:40:10 EABD32261BCF4591B2E4FD68346A6A10 782176 ----a-w- C:\Windows\SysWOW64\WWAHost.exe 2016-09-26 06:40:10 E8F8456B3E763449A80477E790E7D2EB 8192 ----a-w- C:\Windows\SysWOW64\UserDataAccessRes.dll 2016-09-26 06:40:10 C618D56F8AFBD86427EADB111F3267AF 289280 ----a-w- C:\Windows\SysWOW64\NmaDirect.dll 2016-09-26 06:40:10 BDEFEE2A9EA074C3F385E484129FFEED 57344 ----a-w- C:\Windows\SysWOW64\POSyncServices.dll 2016-09-26 06:40:10 9B1CE49762BAAB1DB9D02F98CD5CB984 529928 ----a-w- C:\Windows\SysWOW64\mf.dll 2016-09-26 06:40:10 7CDDAD654C65002B53F7F7503CCA5539 568832 ----a-w- C:\Windows\SysWOW64\Windows.Media.Speech.UXRes.dll 2016-09-26 06:40:10 7C24C4B6F34B1DD483858494F0F86780 224256 ----a-w- C:\Windows\SysWOW64\ExSMime.dll 2016-09-26 06:40:10 79F3B1B6C2AE6A655C57DB32A0DE7A34 38400 ----a-w- C:\Windows\SysWOW64\UserDataTypeHelperUtil.dll 2016-09-26 06:40:10 7125B3879C393E14070E6D262A7C39CA 55808 ----a-w- C:\Windows\SysWOW64\UserDataPlatformHelperUtil.dll 2016-09-26 06:40:10 638112A3FD6ACFBF08904BD0A9F9B1BC 94208 ----a-w- C:\Windows\SysWOW64\UserDataTimeUtil.dll 2016-09-26 06:40:10 596152E3166D97782FB9A724CAE4FC79 253952 ----a-w- C:\Windows\SysWOW64\Windows.UI.BioFeedback.dll 2016-09-26 06:40:10 5935D04E14F04EE4C910DAF766ACE1C2 2360832 ----a-w- C:\Windows\SysWOW64\MapRouter.dll 2016-09-26 06:40:10 4D9244DE98B45DA1E285189D422F32D0 285184 ----a-w- C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll 2016-09-26 06:40:10 4D0BBCC85007F01B1E69B926B97D38FA 118272 ----a-w- C:\Windows\SysWOW64\AppointmentActivation.dll 2016-09-26 06:40:10 4C74CE81E514FEDB1D5FF6676524BF56 36168 ----a-w- C:\Windows\SysWOW64\mfpmp.exe 2016-09-26 06:40:10 432DE270220BB195F2F2ED16F8C2017D 853344 ----a-w- C:\Windows\SysWOW64\LicenseManager.dll 2016-09-26 06:40:10 4287D0E235DAAF930FB161825FB610A0 2560 ----a-w- C:\Windows\SysWOW64\PhoneutilRes.dll 2016-09-26 06:40:10 397395AF1AF2430E3B98677B5672BAF4 260096 ----a-w- C:\Windows\SysWOW64\Phoneutil.dll 2016-09-26 06:40:10 29F0526733193BBCEE9611A13BD3450A 48128 ----a-w- C:\Windows\SysWOW64\ContactActivation.dll 2016-09-26 06:40:10 24568A7EA6F05FFA53FC6994D8DC1492 554496 ----a-w- C:\Windows\SysWOW64\StoreAgent.dll 2016-09-26 06:40:10 204BE0AB9AE9045B80061BBC24103A06 1430208 ----a-w- C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2016-09-26 06:40:10 1F75B08FEC95C062B50BDC8ABBAB3FD0 222720 ----a-w- C:\Windows\SysWOW64\InstallAgentUserBroker.exe 2016-09-26 06:40:10 1CCEBE614817D0F516A92BBFA2638DC2 179712 ----a-w- C:\Windows\SysWOW64\InstallAgent.exe 2016-09-26 06:40:10 16D4E494EFE58C5CC837E0C088FFB01E 147456 ----a-w- C:\Windows\SysWOW64\VCardParser.dll 2016-09-26 06:40:10 147EE8D338BAB6C90FBB92BCDA6222AD 220672 ----a-w- C:\Windows\SysWOW64\PlayToReceiver.dll 2016-09-26 06:40:10 069737BD87ACD7E070DC1B9FF5E8A40E 37888 ----a-w- C:\Windows\SysWOW64\UserDataLanguageUtil.dll 2016-09-26 06:40:10 0203CAE673FF9072FEC0B63262D53DB2 18944 ----a-w- C:\Windows\SysWOW64\ExtrasXmlParser.dll 2016-09-26 06:40:07 EA981D4947642A0C113D68DB524D5805 761344 ----a-w- C:\Windows\SysWOW64\NMAA.dll 2016-09-26 06:40:07 D7703B80051C3E5E5DC438B0546EAC01 838144 ----a-w- C:\Windows\SysWOW64\JpMapControl.dll 2016-09-26 06:40:07 D08A3CF28956D952D854E97981BACB92 9728 ----a-w- C:\Windows\SysWOW64\Microsoft-Windows-MosTrace.dll 2016-09-26 06:40:07 CC1FC1B7F0D1913B1FB61952A212DDB5 715264 ----a-w- C:\Windows\SysWOW64\MapControlCore.dll 2016-09-26 06:40:07 72BE3687002C4E2BA3A05604EF5EBDB5 409088 ----a-w- C:\Windows\SysWOW64\MosResource.dll 2016-09-26 06:40:07 6E4B127566702816CA86AC572D5E5927 2107392 ----a-w- C:\Windows\SysWOW64\MapGeocoder.dll 2016-09-26 06:40:07 6656BFCE4868408604C047E839977C93 110080 ----a-w- C:\Windows\SysWOW64\Microsoft-Windows-MapControls.dll 2016-09-26 06:40:07 574215F12BFB5EC2A7011C7383BE443A 58880 ----a-w- C:\Windows\SysWOW64\MosHostClient.dll 2016-09-26 06:40:07 52165927A7B04DF0B7E28901AA70EB76 6109184 ----a-w- C:\Windows\SysWOW64\mos.dll 2016-09-26 06:40:07 503C1D01A5C52D01E543E32A8C5C4D77 9216 ----a-w- C:\Windows\SysWOW64\Microsoft-Windows-MosHost.dll 2016-09-26 06:40:07 4F023C4C31048E9F7C81F7403101F056 116224 ----a-w- C:\Windows\SysWOW64\MapsBtSvc.dll 2016-09-26 06:40:07 28DD6E3A216F4425B7E0945904F23655 331264 ----a-w- C:\Windows\SysWOW64\MapConfiguration.dll 2016-09-26 06:40:07 2576CB441AB886AF104B412D6898EB01 70656 ----a-w- C:\Windows\SysWOW64\MosStorage.dll 2016-09-26 06:40:07 19E7B87856BF75039B3D11391BD68898 5376000 ----a-w- C:\Windows\SysWOW64\BingMaps.dll 2016-09-26 06:40:07 12559576CCE18136E18CF41F2FAA02AE 536576 ----a-w- C:\Windows\SysWOW64\BingOnlineServices.dll 2016-09-26 06:40:07 079208EE62F7D67AA9CB92038C8CB4B1 2560 ----a-w- C:\Windows\SysWOW64\MapControlStringsRes.dll 2016-09-26 06:40:06 F5D73C1EA686BB78E9B5C0AA3F5845A2 806912 ----a-w- C:\Windows\SysWOW64\D3D12.dll 2016-09-26 06:40:06 F00602EC1E269BE4610996FC428BDC4F 7468032 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2016-09-26 06:40:06 E5C6864827D5B0E0502F4298B2FFD4BC 226304 ----a-w- C:\Windows\SysWOW64\container.dll 2016-09-26 06:40:06 E4EAC933AF8ADBB1249747641FBA838A 1264912 ----a-w- C:\Windows\SysWOW64\msctf.dll 2016-09-26 06:40:06 DD1038EFB43AD0D017CD13027FB62B9B 340832 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2016-09-26 06:40:06 DCDB83C9FE90EB6390EF0ACDFC83BDA8 755200 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2016-09-26 06:40:06 DBAC0006851C7A147586B1B28A16C4FF 1456640 ----a-w- C:\Windows\SysWOW64\GdiPlus.dll 2016-09-26 06:40:06 DA2A595B7D9DEDABFCFDA95153768FF5 1980768 ----a-w- C:\Windows\SysWOW64\msxml6.dll 2016-09-26 06:40:06 D35621D22A4839A58ECCC85B6FD71CBC 355328 ----a-w- C:\Windows\SysWOW64\RTMediaFrame.dll 2016-09-26 06:40:06 D0458ECE826EA39CF3ABEBF7E82B4707 284672 ----a-w- C:\Windows\SysWOW64\Windows.ApplicationModel.dll 2016-09-26 06:40:06 C9EB13B0633AE97BFB10595A34C09D38 1503032 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2016-09-26 06:40:06 C49FE8A972196C78B44A89C280B4B439 751104 ----a-w- C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2016-09-26 06:40:06 BD9E37B44AD50E435B0E2B1058F48C89 2560 ----a-w- C:\Windows\SysWOW64\tzres.dll 2016-09-26 06:40:06 BA68FB1944EA1C024E47915A25EEC0C5 5721808 ----a-w- C:\Windows\SysWOW64\Windows.storage.dll 2016-09-26 06:40:06 B85F0EAD2FE91C3B9FF2D246FC412085 102400 ----a-w- C:\Windows\SysWOW64\offlinelsa.dll 2016-09-26 06:40:06 B81F9232875F0BD99CECC074B125EF55 1755136 ----a-w- C:\Windows\SysWOW64\DeviceFlows.DataModel.dll 2016-09-26 06:40:06 B028CD98CDAE50817A842DA3BCB2D426 2143232 ----a-w- C:\Windows\SysWOW64\storagewmi.dll 2016-09-26 06:40:06 A6F88E43D61C03C7B6CE73F4C498F951 2423296 ----a-w- C:\Windows\SysWOW64\MSAJApi.dll 2016-09-26 06:40:06 A53210AC2711617F23300AA955185E12 601200 ----a-w- C:\Windows\SysWOW64\oleaut32.dll 2016-09-26 06:40:06 A4DE7801642001F4836E9FA6A8128770 389632 ----a-w- C:\Windows\SysWOW64\schannel.dll 2016-09-26 06:40:06 9E0E004695FBAFF4762465086050D083 1013248 ----a-w- C:\Windows\SysWOW64\Windows.Web.Http.dll 2016-09-26 06:40:06 9D8F7BD41657B515DD46C7BF90A26CDB 79536 ----a-w- C:\Windows\SysWOW64\win32u.dll 2016-09-26 06:40:06 9A4950893ACEE2CB33F83A81F820ED49 5684736 ----a-w- C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2016-09-26 06:40:06 9A435497B368358CC7A73113E5C43A15 1631232 ----a-w- C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll 2016-09-26 06:40:06 95282F6BBE2AF779E03EDA100B38ED07 2999296 ----a-w- C:\Windows\SysWOW64\win32kfull.sys 2016-09-26 06:40:06 937B06DABA76DE5D4D538A8CCCA4A9C6 20992 ----a-w- C:\Windows\SysWOW64\smphost.dll 2016-09-26 06:40:06 93065DFEC4704E4D5BB4C2573A35FECD 468992 ----a-w- C:\Windows\SysWOW64\Windows.UI.Xaml.InkControls.dll 2016-09-26 06:40:06 8DE2BD969738C7A09B65BB00CE90DC02 20992 ----a-w- C:\Windows\SysWOW64\delegatorprovider.dll 2016-09-26 06:40:06 85D307B6D6B8EBD87E18469F976200D9 544768 ----a-w- C:\Windows\SysWOW64\uReFS.dll 2016-09-26 06:40:06 7DF2D4948EB52D84B77CB60FD9F700C0 210432 ----a-w- C:\Windows\SysWOW64\offlinesam.dll 2016-09-26 06:40:06 7CEDA4ED28857BC683A3CCD41818EC60 22528 ----a-w- C:\Windows\SysWOW64\encapi.dll 2016-09-26 06:40:06 73FDD16B5C87C1C98E310C85D63940CC 575488 ----a-w- C:\Windows\SysWOW64\qdvd.dll 2016-09-26 06:40:06 732A014DED200D675472FB6787F94034 3105792 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2016-09-26 06:40:06 7026F563648DDBC9A7D893F1EAF31583 509792 ----a-w- C:\Windows\SysWOW64\SettingSyncHost.exe 2016-09-26 06:40:06 6F6752D968D1FA91579FC190E6DC5AA4 500224 ----a-w- C:\Windows\SysWOW64\Windows.Graphics.Printing.dll 2016-09-26 06:40:06 682E99D14AEC1ED0874872433FC63C0F 14336 ----a-w- C:\Windows\SysWOW64\C_IS2022.DLL 2016-09-26 06:40:06 646456D5F61E896AB100F07B42FE5630 225280 ----a-w- C:\Windows\SysWOW64\C_G18030.DLL 2016-09-26 06:40:06 5F4A1DEA64CDBF5FD25709FFDE3F77AF 361096 ----a-w- C:\Windows\SysWOW64\tsmf.dll 2016-09-26 06:40:06 5ED84F4377D60298D22084ADEE11CDAC 171520 ----a-w- C:\Windows\SysWOW64\ClipboardServer.dll 2016-09-26 06:40:06 5E668EB6662982A4722F9EBBA4FA1087 2560 ----a-w- C:\Windows\SysWOW64\msxml6r.dll 2016-09-26 06:40:06 5ADA9E0F63AA30EE62FFD35D4F171636 426496 ----a-w- C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll 2016-09-26 06:40:06 57895C7CFF374517ABC79CCCC3C77716 4557824 ----a-w- C:\Windows\SysWOW64\dbgeng.dll 2016-09-26 06:40:06 5651FD48B4D458F50E78B8B43651B432 74240 ----a-w- C:\Windows\SysWOW64\updatepolicy.dll 2016-09-26 06:40:06 55AAAA3C2A11EE0F48BFB10D222C4A7F 461312 ----a-w- C:\Windows\SysWOW64\DbgModel.dll 2016-09-26 06:40:06 55336C6F59AD2162F9DBF877395B85B6 150528 ----a-w- C:\Windows\SysWOW64\win32k.sys 2016-09-26 06:40:06 53CAEB549848695EFE764887D9F1AA27 136032 ----a-w- C:\Windows\SysWOW64\CloudExperienceHostUser.dll 2016-09-26 06:40:06 539EDA2424DCCB4197440E69B5717BAF 2048496 ----a-w- C:\Windows\SysWOW64\CoreUIComponents.dll 2016-09-26 06:40:06 533730C3449FAA3F13EA58D0AF494525 2166232 ----a-w- C:\Windows\SysWOW64\combase.dll 2016-09-26 06:40:06 4FEB654E5FA74B089BDD1776DEA4E7EB 20480 ----a-w- C:\Windows\SysWOW64\storagewmi_passthru.dll 2016-09-26 06:40:06 4CD0CB032114D0D87BE7EA74438E523F 2711040 ----a-w- C:\Windows\SysWOW64\mispace.dll 2016-09-26 06:40:06 47F407D8B4F7C17A525165F6A30E7107 1993216 ----a-w- C:\Windows\SysWOW64\dwmcore.dll 2016-09-26 06:40:06 3CCE02A473021A686FBE71BFE627B7C7 483840 ----a-w- C:\Windows\SysWOW64\CoreMessaging.dll 2016-09-26 06:40:06 381960815341F3833389172B4E785376 6653592 ----a-w- C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-09-26 06:40:06 3771CC8B586F6E953073E07735C46D98 86016 ----a-w- C:\Windows\SysWOW64\samlib.dll 2016-09-26 06:40:06 2F742E62CE8B03FEE742FA0C9F270162 13867520 ----a-w- C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2016-09-26 06:40:06 27AC95586AFF51433B70210F80861C0F 860672 ----a-w- C:\Windows\SysWOW64\SettingSyncCore.dll 2016-09-26 06:40:06 2540DB1A9F7AD778FDAA8A073CDA3AB9 12800 ----a-w- C:\Windows\SysWOW64\c_GSM7.DLL 2016-09-26 06:40:06 1973DCFB255213400D1BAC19C37086E8 184832 ----a-w- C:\Windows\SysWOW64\mfksproxy.dll 2016-09-26 06:40:06 1889FC75DC32B5EDAB5853CAFC7B5931 1534464 ----a-w- C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll 2016-09-26 06:40:06 1230F2B67CA6286F19F49A1FC0407CCC 2138112 ----a-w- C:\Windows\SysWOW64\InputService.dll 2016-09-26 06:40:06 0F3D1BE4F5A839DFA74A8E554B0B0E86 674304 ----a-w- C:\Windows\SysWOW64\Windows.Networking.dll 2016-09-26 06:40:06 0DE78B30264A8E98D1F1A558ED911AB5 873472 ----a-w- C:\Windows\SysWOW64\aadtb.dll 2016-09-26 06:40:06 0D76DAA261682157606F740C96FA6E33 297552 ----a-w- C:\Windows\SysWOW64\wevtapi.dll 2016-09-26 06:40:06 03EDC391936C4CFDEC874E4840CFC22A 35328 ----a-w- C:\Windows\SysWOW64\deviceassociation.dll 2016-09-26 06:40:06 039C8465C730E7E9713819AB859505E9 1435896 ----a-w- C:\Windows\SysWOW64\user32.dll 2016-09-26 06:40:06 00B851A939D04EED611C4674F0EEFF98 288768 ----a-w- C:\Windows\SysWOW64\wincorlib.dll 2016-09-26 06:40:06 0058020C56CB74431BEDF93AC04503F4 846560 ----a-w- C:\Windows\SysWOW64\WinTypes.dll 2016-09-26 06:37:01 EBB019782606C198813D621DF161B5F0 35480 ----a-w- C:\Windows\SysWOW64\TsWpfWrp.exe 2016-09-26 06:37:01 989CF65E711803AEF6163FFC66D6C530 103120 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-09-26 06:37:01 01B89BD21BE07010F812F9610B94D63C 778936 ----a-w- C:\Windows\SysWOW64\PresentationNative_v0300.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-10-08 15:47:54 F2E5D70915BF6EB843A675B0D4195EA9 1016704 ----a-w- C:\Windows\Sysnative\ExecutionGuard.dll 2016-10-06 21:56:29 8140DA331F52518CC5FF25E69093BC5C 261920 ----a-w- C:\Windows\Sysnative\vulkan-1.dll 2016-10-06 21:56:29 61DA784EB8C8E133EB3BB4AFBDD66758 125216 ----a-w- C:\Windows\Sysnative\vulkaninfo.exe 2016-10-06 21:55:09 C8FD3E8A92E25DABF64F11A70C2106C4 394704 ----a-w- C:\Windows\Sysnative\nvEncodeAPI64.dll 2016-10-06 21:55:09 C6F1B36AB700CE484DD733557A3F142D 54728 ----a-w- C:\Windows\Sysnative\nvhdap64.dll 2016-10-06 21:55:09 C077E3390CE3803BD50C5A2A2D8F7F70 10295232 ----a-w- C:\Windows\Sysnative\nvcuda.dll 2016-10-06 21:55:09 A7D0687C10A74470ECC6FEDE7B59D262 384448 ----a-w- C:\Windows\Sysnative\nvDecMFTMjpeg.dll 2016-10-06 21:55:09 A67E179702FD74154CCF7A933EC6AAF0 688784 ----a-w- C:\Windows\Sysnative\nvfatbinaryLoader.dll 2016-10-06 21:55:09 9A2F8299615CEAE3BE575C2F4DEF1503 1019328 ----a-w- C:\Windows\Sysnative\NvFBC64.dll 2016-10-06 21:55:09 91494DEDCD8B6EDB126DDFF7C5344CBC 10755136 ----a-w- C:\Windows\Sysnative\nvopencl.dll 2016-10-06 21:55:09 7CEAA13939CCB52D01C12C8E88D398BA 801744 ----a-w- C:\Windows\Sysnative\nvEncMFThevc.dll 2016-10-06 21:55:09 7A33D4E2643140556CECB4AAF8ADE7C4 437696 ----a-w- C:\Windows\Sysnative\NvIFROpenGL.dll 2016-10-06 21:55:09 7648B437E41DA4A3DCFF13854249D1F4 616832 ----a-w- C:\Windows\Sysnative\nvmcumd.dll 2016-10-06 21:55:09 757B7CEA66CA62CE9A17BC342AFD31E5 1935808 ----a-w- C:\Windows\Sysnative\nvdispco6437306.dll 2016-10-06 21:55:09 5533F88E96E5BB4731AAB5CBD64B1D1D 802584 ----a-w- C:\Windows\Sysnative\nvEncMFTH264.dll 2016-10-06 21:55:09 549BC64952BAEFB0661406D89B4FC36B 34848704 ----a-w- C:\Windows\Sysnative\nvoglv64.dll 2016-10-06 21:55:09 4E7174C03B527941B6F44FCBEA822FAA 2913848 ----a-w- C:\Windows\Sysnative\nvcuvid.dll 2016-10-06 21:55:09 2C793011E1782F54F4D547FBB50F80FA 1586744 ----a-w- C:\Windows\Sysnative\nvdispgenco6437306.dll 2016-10-06 21:55:09 2B48715C74D1B233B4EC532F6ABFF964 10868288 ----a-w- C:\Windows\Sysnative\nvptxJitCompiler.dll 2016-10-06 21:55:09 1ADB3064CE2A8E4B7D0FC33D2162B1B6 942016 ----a-w- C:\Windows\Sysnative\NvIFR64.dll 2016-10-06 21:55:09 0C413F81765EFC7B70E092F2E86ECEC0 40068544 ----a-w- C:\Windows\Sysnative\nvcompiler.dll 2016-09-26 06:46:57 183E9BD12E7305C629152F15E5528146 22956 ----a-w- C:\Windows\Sysnative\emptyregdb.dat 2016-09-26 06:43:32 DEFADC7096D8DD06E1675D80B7DAD51E 1364024 ----a-w- C:\Windows\Sysnative\nvvsvc.exe 2016-09-26 06:43:32 DB2BF4A5DF0768A9B150E3FF6431BCC1 393784 ----a-w- C:\Windows\Sysnative\nvmctray.dll 2016-09-26 06:43:32 AB00C12C68014EFF84F53E017C6D5CA5 6385720 ----a-w- C:\Windows\Sysnative\nvcpl.dll 2016-09-26 06:43:32 96D1DAED75AE4362C48683CA32470681 69568 ----a-w- C:\Windows\Sysnative\nvshext.dll 2016-09-26 06:43:32 617159FC38D408A5A3BA191676221F1C 546752 ----a-w- C:\Windows\Sysnative\nv3dappshext.dll 2016-09-26 06:43:32 472AABE089EB8EA5FB831C229216C850 1762752 ----a-w- C:\Windows\Sysnative\nvsvcr.dll 2016-09-26 06:43:32 3191A2460C13E3A4FCED29C6E7641F7E 2473408 ----a-w- C:\Windows\Sysnative\nvsvc64.dll 2016-09-26 06:43:32 20C56EF703E7F068A7000976426D7161 81856 ----a-w- C:\Windows\Sysnative\nv3dappshextr.dll 2016-09-26 06:43:32 11F5998044087D1006E746821AA489C4 7422645 ----a-w- C:\Windows\Sysnative\nvcoproc.bin 2016-09-26 06:43:14 FCC3A12826D4C87C46397CB94C75B81E 100488 ----a-w- C:\Windows\Sysnative\OpenCL.DLL 2016-09-26 06:43:14 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\Sysnative\GfxValDisplayLog.bin 2016-09-26 06:43:14 5C5A797761421CF9B72087F3BC8A5259 180 ----a-w- C:\Windows\Sysnative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-09-26 06:43:14 1373F6562D5E4C715D5D3583E350093E 200 ----a-w- C:\Windows\Sysnative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-09-26 06:42:41 AD8EB0E90A0BB5988CBAB9E295E825DD 324600 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT 2016-09-26 06:42:18 C528E7A2C3E79236D3CA4609FE1FEE3B 727 ----a-w- C:\Windows\Sysnative\license.rtf 2016-09-26 06:40:22 FC4CEA31278FBD2EE7DDDFDDB8E1EDEF 2183792 ----a-w- C:\Windows\Sysnative\hevcdecoder.dll 2016-09-26 06:40:22 CE29091FC549D1C6C9FA92CE6A86874E 27136 ----a-w- C:\Windows\Sysnative\encapi.dll 2016-09-26 06:40:22 58D536F0064D618C13DB4DCBB0032335 268800 ----a-w- C:\Windows\Sysnative\mfksproxy.dll 2016-09-26 06:40:22 51AB18D662F77FBD559C5081F7CDC9C7 2481768 ----a-w- C:\Windows\Sysnative\msmpeg2vdec.dll 2016-09-26 06:40:22 08E9936BA132ABE0733BF028C57659FA 295424 ----a-w- C:\Windows\Sysnative\CloudBackupSettings.dll 2016-09-26 06:40:18 F7FF21247B546F203583EBCA2515098D 1908224 ----a-w- C:\Windows\Sysnative\AzureSettingSyncProvider.dll 2016-09-26 06:40:18 F787916668CAD51DB1163F3CDAFA29E1 805888 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2016-09-26 06:40:18 F69E1CD342416987B53E5F91332BA747 387584 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2016-09-26 06:40:18 F5CE6B08E4E3F474F7D00D6B555E6BE3 2049480 ----a-w- C:\Windows\Sysnative\wmpmde.dll 2016-09-26 06:40:18 F3D957A6E524592C3482E1FC2DBCB18D 540160 ----a-w- C:\Windows\Sysnative\SettingSync.dll 2016-09-26 06:40:18 EB29E99F261CCC1DFD21D2698C986A41 396168 ----a-w- C:\Windows\Sysnative\wlanapi.dll 2016-09-26 06:40:18 E4BF5B9D5DE1EA3E60A45AFBC64ABB72 1555456 ----a-w- C:\Windows\Sysnative\WMPDMC.exe 2016-09-26 06:40:18 E3D3A23AD03ADC3C54925A43B9722B10 223744 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2016-09-26 06:40:18 E0ECAB9B4C275B63C0D43E3E91798DFB 298496 ----a-w- C:\Windows\Sysnative\wifiprofilessettinghandler.dll 2016-09-26 06:40:18 DD74F18227ACC837D9856E24282D446D 447488 ----a-w- C:\Windows\Sysnative\das.dll 2016-09-26 06:40:18 DD49AC962516E5ADBFE8D0502F157A71 1403392 ----a-w- C:\Windows\Sysnative\Windows.Media.Editing.dll 2016-09-26 06:40:18 DD1698F4D841DE09965F3F5D710CA429 963584 ----a-w- C:\Windows\Sysnative\WebcamUi.dll 2016-09-26 06:40:18 D4F2FFCF5D199152DD01026D3AA38138 1282048 ----a-w- C:\Windows\Sysnative\wwansvc.dll 2016-09-26 06:40:18 D14A397FD0DF8DBFEF68F69B16F0160C 6574592 ----a-w- C:\Windows\Sysnative\wwanmm.dll 2016-09-26 06:40:18 CC73C60BE3BE01F8A46723189EE05D9F 10752 ----a-w- C:\Windows\Sysnative\spwmp.dll 2016-09-26 06:40:18 CA215EB71078C73306DFF131CD00E9F6 3776512 ----a-w- C:\Windows\Sysnative\MFMediaEngine.dll 2016-09-26 06:40:18 C8FFA2202CE96D92F91A3289C91C122F 6656 ----a-w- C:\Windows\Sysnative\msdxm.ocx 2016-09-26 06:40:18 C8FFA2202CE96D92F91A3289C91C122F 6656 ----a-w- C:\Windows\Sysnative\dxmasf.dll 2016-09-26 06:40:18 C7314937819DFE5A693CB42C52EE4E1D 314880 ----a-w- C:\Windows\Sysnative\FSClient.dll 2016-09-26 06:40:18 BA071F454E5AF40CE4E7A8540DB0D532 76800 ----a-w- C:\Windows\Sysnative\wwanprotdim.dll 2016-09-26 06:40:18 B782165C241E3A47D33A93F0E7D77CF6 83968 ----a-w- C:\Windows\Sysnative\SettingSyncPolicy.dll 2016-09-26 06:40:18 AF0811F38B56B57B3FF53F14E04AA1B0 804864 ----a-w- C:\Windows\Sysnative\FrameServer.dll 2016-09-26 06:40:18 AE554E278C53E1D04069DEB535683AE1 1066104 ----a-w- C:\Windows\Sysnative\mfsvr.dll 2016-09-26 06:40:18 AD63B2330BCA0C30AB872FC8F1085316 1990640 ----a-w- C:\Windows\Sysnative\mfmp4srcsnk.dll 2016-09-26 06:40:18 AB3140208A2E8FF00A2E8FE028D1C170 13434368 ----a-w- C:\Windows\Sysnative\wmp.dll 2016-09-26 06:40:18 AA6C31B703D2C8B44AA0CC271FADCC97 1472536 ----a-w- C:\Windows\Sysnative\mfplat.dll 2016-09-26 06:40:18 A972DDEFFEF76A9643A65F07C6762154 140288 ----a-w- C:\Windows\Sysnative\Chakrathunk.dll 2016-09-26 06:40:18 A6A6DA69CBF625D829C9A7A4FD5D2827 1453992 ----a-w- C:\Windows\Sysnative\mfnetsrc.dll 2016-09-26 06:40:18 A60CAE46657189DAE840AA3BABF4240C 2755584 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2016-09-26 06:40:18 9CFE44AC893CFDD9D923D804F91A837B 1217024 ----a-w- C:\Windows\Sysnative\Windows.Media.Audio.dll 2016-09-26 06:40:18 94C2E7EA2DECB9D472DED99C36DD5984 1071728 ----a-w- C:\Windows\Sysnative\mfnetcore.dll 2016-09-26 06:40:18 8FEE878731141BCED2C698F3227BF3E1 47104 ----a-w- C:\Windows\Sysnative\wfdprov.dll 2016-09-26 06:40:18 8E4FF5FE5DC971ADF687101D57F52A63 1847048 ----a-w- C:\Windows\Sysnative\mfsrcsnk.dll 2016-09-26 06:40:18 82B8932A600DB0787C42947886E41320 8122880 ----a-w- C:\Windows\Sysnative\Chakra.dll 2016-09-26 06:40:18 7EA48C30C37BA5F75E474AA9099B27AC 6285312 ----a-w- C:\Windows\Sysnative\Windows.Media.dll 2016-09-26 06:40:18 7BCB8EEE8A3ECBF09A66F9BE025660CA 9260032 ----a-w- C:\Windows\Sysnative\wmploc.DLL 2016-09-26 06:40:18 7671078AEF4C0203B053A9642C401FF7 2370048 ----a-w- C:\Windows\Sysnative\wlansvc.dll 2016-09-26 06:40:18 761D711A1684F94ED4BF813BA12BA12E 1637888 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2016-09-26 06:40:18 72FD49FE3028ECA74E40EAEE30056FB0 412160 ----a-w- C:\Windows\Sysnative\wlanmsm.dll 2016-09-26 06:40:18 6F12B244B6BAC8EEEB506C0BEE04F8CB 94720 ----a-w- C:\Windows\Sysnative\dasHost.exe 2016-09-26 06:40:18 6DC285761193CDDA2CC55E7BFEA0F5D0 1891328 ----a-w- C:\Windows\Sysnative\pnidui.dll 2016-09-26 06:40:18 6D65E9129CBF98C3E8EC92748BAF6B1E 261120 ----a-w- C:\Windows\Sysnative\indexeddbserver.dll 2016-09-26 06:40:18 6A96D47A249C59F51AF97CD860C1F8C2 27648 ----a-w- C:\Windows\Sysnative\WiFiConfigSP.dll 2016-09-26 06:40:18 64245A85E4E6D29143B3A256908DE06C 758784 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2016-09-26 06:40:18 63D8CA127F687EFE4ECFCDC3581622C3 22566400 ----a-w- C:\Windows\Sysnative\edgehtml.dll 2016-09-26 06:40:18 61B66562773BE5BB068E49841077B171 26112 ----a-w- C:\Windows\Sysnative\wlansvcpal.dll 2016-09-26 06:40:18 5C0293A5D8A8F5400953E12881E847A7 4130944 ----a-w- C:\Windows\Sysnative\mfcore.dll 2016-09-26 06:40:18 5A14B5B990D991E445E8B9F37F972048 295424 ----a-w- C:\Windows\Sysnative\dlnashext.dll 2016-09-26 06:40:18 5791AC0F4802B34B90CA83015EFBAE4D 462336 ----a-w- C:\Windows\Sysnative\wlansec.dll 2016-09-26 06:40:18 5725D2F9E67D2D2F944777384BFC5EC3 1081856 ----a-w- C:\Windows\Sysnative\Chakradiag.dll 2016-09-26 06:40:18 56FE23313A840471CF2C7FC8CA7AA637 468992 ----a-w- C:\Windows\Sysnative\wwanconn.dll 2016-09-26 06:40:18 50C7A70C5C5D043E367A672EDDE75A65 2095616 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2016-09-26 06:40:18 4F9CF843068D4B798704F9C80EDED818 755656 ----a-w- C:\Windows\Sysnative\evr.dll 2016-09-26 06:40:18 484369BC7EAFCA9D4AE06111099DC793 779776 ----a-w- C:\Windows\Sysnative\cscui.dll 2016-09-26 06:40:18 47DEFB5838C0764C5109433837040F07 92512 ----a-w- C:\Windows\Sysnative\rdpudd.dll 2016-09-26 06:40:18 45D020AB611938B2657BAFC6B69369CC 88576 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2016-09-26 06:40:18 43E8AFCABA1926E9745F9B56A10D22A8 215040 ----a-w- C:\Windows\Sysnative\fveapibase.dll 2016-09-26 06:40:18 4018B38B6F7E6DB6B72F3E63154189FA 811416 ----a-w- C:\Windows\Sysnative\MFCaptureEngine.dll 2016-09-26 06:40:18 388D8F174114ED37337F3C7C67B016B4 15872 ----a-w- C:\Windows\Sysnative\wlanhlp.dll 2016-09-26 06:40:18 3634BD4A6093FCA4BC4049FE33B9FC44 726016 ----a-w- C:\Windows\Sysnative\fveapi.dll 2016-09-26 06:40:18 31ECE355DF8302355451A18A31AAC076 13081088 ----a-w- C:\Windows\Sysnative\ieframe.dll 2016-09-26 06:40:18 2F9E20EBCBEF629812D49B1DA27020AF 944640 ----a-w- C:\Windows\Sysnative\audiosrv.dll 2016-09-26 06:40:18 2EA1B437C30DEDA3A251803E45B3598E 996192 ----a-w- C:\Windows\Sysnative\SecConfig.efi 2016-09-26 06:40:18 20BE541385E830C9D21E595D9C9DBEDF 244816 ----a-w- C:\Windows\Sysnative\mfps.dll 2016-09-26 06:40:18 1E9B4FCA29395AF5079042145FF51470 4148224 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2016-09-26 06:40:18 127612A7EEDAE57787AAB1ECA9D3E1CE 4747776 ----a-w- C:\Windows\Sysnative\jscript9.dll 2016-09-26 06:40:18 0D16BFB3D49F7041C4C48CCC96F22540 47616 ----a-w- C:\Windows\Sysnative\deviceassociation.dll 2016-09-26 06:40:18 0C8FF2286E8D1CDB6B80A6FE2E2874EE 100864 ----a-w- C:\Windows\Sysnative\wpninprc.dll 2016-09-26 06:40:18 0A41D661518CC1A073C86DDC3375D737 294912 ----a-w- C:\Windows\Sysnative\mfsensorgroup.dll 2016-09-26 06:40:18 0A1417285A4A6C8EBD16CF0CEFCB272D 23681024 ----a-w- C:\Windows\Sysnative\mshtml.dll 2016-09-26 06:40:18 087FB55FF57F7C4732290BD422D04F5D 590952 ----a-w- C:\Windows\Sysnative\AudioSes.dll 2016-09-26 06:40:17 F1E2170B311D75405C53DFDFBDB6DC01 58368 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2016-09-26 06:40:17 E3BAD602586FAB4B9F66313063B3F99D 172528 ----a-w- C:\Windows\Sysnative\sspicli.dll 2016-09-26 06:40:17 BD8F10CB5BE1A1972483F2FFB8DD06AA 1176664 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2016-09-26 06:40:17 826FCA980E38A61F95EB9A319B23062A 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2016-09-26 06:40:17 6F8E95716C1A27FF2FE96D30B147F1C1 57400 ----a-w- C:\Windows\Sysnative\lsass.exe 2016-09-26 06:40:17 592BC8791F54CBCCE3F532E042942AE3 1883784 ----a-w- C:\Windows\Sysnative\ntdll.dll 2016-09-26 06:40:17 47AEF5D01CF8EB9B61BB2A878E97F0C7 2424320 ----a-w- C:\Windows\Sysnative\Windows.Devices.Perception.dll 2016-09-26 06:40:17 47A9262E3CE601AFB985933CA30254F5 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2016-09-26 06:40:17 37E901D019DB45445B5F64B017449D95 2214784 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2016-09-26 06:40:15 D155A734A823D6A41FB1A8E410F0D6DB 1418304 ----a-w- C:\Windows\Sysnative\msctf.dll 2016-09-26 06:40:15 C1448641F2FFFEAB54DE9274BD3E65FD 147456 ----a-w- C:\Windows\Sysnative\winsrv.dll 2016-09-26 06:40:15 6EF2E07E84A1FFE9EC9F4F011F15D86D 1656320 ----a-w- C:\Windows\Sysnative\GdiPlus.dll 2016-09-26 06:40:15 6146F7C1804A477B0AD016A70DDBEBAE 2560 ----a-w- C:\Windows\Sysnative\msxml6r.dll 2016-09-26 06:40:15 46CCDDAB599D4F8442A4DCE0A8A2AB3F 2510848 ----a-w- C:\Windows\Sysnative\NetworkMobileSettings.dll 2016-09-26 06:40:15 4363ECA0BE56C43B19D4150F9B12248D 3299328 ----a-w- C:\Windows\Sysnative\mstsc.exe 2016-09-26 06:40:15 353F92BD712689498AE1554B0DB9C136 2446696 ----a-w- C:\Windows\Sysnative\msxml6.dll 2016-09-26 06:40:15 29587B4E32ED328FC016F833C5B16998 8075776 ----a-w- C:\Windows\Sysnative\mstscax.dll 2016-09-26 06:40:15 283C16D643CB63EAB818EB6092235770 151224 ----a-w- C:\Windows\Sysnative\acmigration.dll 2016-09-26 06:40:15 1616FBBFC15A7125D84697986F33FA4B 408600 ----a-w- C:\Windows\Sysnative\tsmf.dll 2016-09-26 06:40:12 FF2D3C069615D8E2FC747E1D98F87B7A 61952 ----a-w- C:\Windows\Sysnative\RemovableMediaProvisioningPlugin.dll 2016-09-26 06:40:12 FCF73CA285F50E66BD669CF7747C8AAB 4749312 ----a-w- C:\Windows\Sysnative\SettingsHandlers_nt.dll 2016-09-26 06:40:12 FC4B43596C8686A8264DF2A47A869533 85504 ----a-w- C:\Windows\Sysnative\BarcodeProvisioningPlugin.dll 2016-09-26 06:40:12 FB4B1295B2E53AB23C6A797A6C3E5F64 775168 ----a-w- C:\Windows\Sysnative\GamePanel.exe 2016-09-26 06:40:12 F8812C33996D74261E06FF0F32576AB5 30208 ----a-w- C:\Windows\Sysnative\netiougc.exe 2016-09-26 06:40:12 F78870C8520BC47B5B83083356A59316 360040 ----a-w- C:\Windows\Sysnative\SystemSettingsAdminFlows.exe 2016-09-26 06:40:12 F73F93BEF14F667DD3020D188C19D3D3 2560 ----a-w- C:\Windows\Sysnative\PhoneServiceRes.dll 2016-09-26 06:40:12 F537103777447A728EE867481BDF86E9 1780736 ----a-w- C:\Windows\Sysnative\urlmon.dll 2016-09-26 06:40:12 F2954BD07A717B88B7F7AC05CF1B009A 1046976 ----a-w- C:\Windows\Sysnative\winresume.efi 2016-09-26 06:40:12 EEF36A62B356D690B297FCAC3A1D9289 538112 ----a-w- C:\Windows\Sysnative\sppcext.dll 2016-09-26 06:40:12 E3ECD6675874EBBED4BF325B300159A1 7813472 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2016-09-26 06:40:12 E23FA43A03B99B164423779A4D15146C 295424 ----a-w- C:\Windows\Sysnative\provhandlers.dll 2016-09-26 06:40:12 E0F28E81A536E82802BBA4B0F9CFDAC3 627200 ----a-w- C:\Windows\Sysnative\uReFS.dll 2016-09-26 06:40:12 D909A0DA4753420B637608EC0656518F 438784 ----a-w- C:\Windows\Sysnative\EncDec.dll 2016-09-26 06:40:12 D848E4A7A36996CCC3E81EC181F73BED 86016 ----a-w- C:\Windows\Sysnative\provdatastore.dll 2016-09-26 06:40:12 D64EFD0A74A953ACEA525E663EC96605 1469120 ----a-w- C:\Windows\Sysnative\appraiser.dll 2016-09-26 06:40:12 D5D6826EA81C3089EE79BB701820D1B3 1359360 ----a-w- C:\Windows\Sysnative\usercpl.dll 2016-09-26 06:40:12 D3CFB16A26EA9FE29CC56D92B9FF5855 83968 ----a-w- C:\Windows\Sysnative\ProvPluginEng.dll 2016-09-26 06:40:12 D0F82A43D9CD0FF1D8EE77D5C5602832 2852864 ----a-w- C:\Windows\Sysnative\SystemSettingsThresholdAdminFlowUI.dll 2016-09-26 06:40:12 D0D57322ABC7473E54472D8374169CC5 781824 ----a-w- C:\Windows\Sysnative\PhoneService.dll 2016-09-26 06:40:12 CB452DA937BF1977FA21973062AD325E 956416 ----a-w- C:\Windows\Sysnative\AppXDeploymentExtensions.desktop.dll 2016-09-26 06:40:12 C6E3E68B52A17348D22D4EBF3ED9F2CF 160096 ----a-w- C:\Windows\Sysnative\CloudExperienceHostBroker.dll 2016-09-26 06:40:12 C62578B495990431FB1C3A01DE66EE2A 137728 ----a-w- C:\Windows\Sysnative\wificonnapi.dll 2016-09-26 06:40:12 C61490A7DB706B7D156C66A3E34ED34C 17408 ----a-w- C:\Windows\Sysnative\C_IS2022.DLL 2016-09-26 06:40:12 C4792A381CAD4D49DC2959894277DD32 49152 ----a-w- C:\Windows\Sysnative\Windows.UI.Shell.dll 2016-09-26 06:40:12 C3134F73199A0B88BE3B64C9E618DB59 1690112 ----a-w- C:\Windows\Sysnative\AppXDeploymentExtensions.onecore.dll 2016-09-26 06:40:12 C15FAEB360558BEF4515E39862521871 119808 ----a-w- C:\Windows\Sysnative\KnobsCsp.dll 2016-09-26 06:40:12 BDF29C72FE1EE3AFC138186261503B0C 590848 ----a-w- C:\Windows\Sysnative\vbscript.dll 2016-09-26 06:40:12 BAF5E62564002B36FAD01384F87E4079 1377008 ----a-w- C:\Windows\Sysnative\ClipUp.exe 2016-09-26 06:40:12 BA91D5976F340304A1898401261ED529 9128448 ----a-w- C:\Windows\Sysnative\twinui.dll 2016-09-26 06:40:12 BA15F36D93174EFCB66FA9EB6F6E1EC7 49664 ----a-w- C:\Windows\Sysnative\StorageUsage.dll 2016-09-26 06:40:12 B806307A60DFB681EF841DDC8B298C4D 1274712 ----a-w- C:\Windows\Sysnative\ole32.dll 2016-09-26 06:40:12 B74C2CBC41ACC7946BFC58E738F733E5 1066328 ----a-w- C:\Windows\Sysnative\pidgenx.dll 2016-09-26 06:40:12 B50025354EF7C48EBF0A21A0D485DFB4 227840 ----a-w- C:\Windows\Sysnative\C_G18030.DLL 2016-09-26 06:40:12 B07ECD0CDCA2328AB8050FC3EF3B172C 678912 ----a-w- C:\Windows\Sysnative\PhoneProviders.dll 2016-09-26 06:40:12 ACB6C92547FC890FBFB9B8FB7B3C0BE6 665768 ----a-w- C:\Windows\Sysnative\GenValObj.exe 2016-09-26 06:40:12 AAD9D7162339D9309CA8D4EF1F05C0C4 881664 ----a-w- C:\Windows\Sysnative\authui.dll 2016-09-26 06:40:12 A81E1560E8D2002E3949B07883E250A0 52224 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2016-09-26 06:40:12 A74F8336B0813BC8A5BAC9A7D925487A 22016 ----a-w- C:\Windows\Sysnative\slcext.dll 2016-09-26 06:40:12 A3EC577CE4CF5E2C50C34AD83A181C40 2745224 ----a-w- C:\Windows\Sysnative\iertutil.dll 2016-09-26 06:40:12 A0164A9FEF887AE1E693F8763AFB9D24 605184 ----a-w- C:\Windows\Sysnative\bcastdvr.exe 2016-09-26 06:40:12 9AC7627EEFF9883E55AF7FFD625931C2 1217880 ----a-w- C:\Windows\Sysnative\aeinv.dll 2016-09-26 06:40:12 955815A7DE4E764936238224403B33BE 1905664 ----a-w- C:\Windows\Sysnative\wsp_fs.dll 2016-09-26 06:40:12 94B31437502D942B8C8BA3B17049C835 1547264 ----a-w- C:\Windows\Sysnative\wsp_health.dll 2016-09-26 06:40:12 940D27811B8613CF0DE102546E38E520 423776 ----a-w- C:\Windows\Sysnative\wifitask.exe 2016-09-26 06:40:12 927622A38022A0B1DB7538B3133327FA 1082368 ----a-w- C:\Windows\Sysnative\reseteng.dll 2016-09-26 06:40:12 91563D956CB14CACF2D52CCA895BEC5A 2630144 ----a-w- C:\Windows\Sysnative\wininet.dll 2016-09-26 06:40:12 8F44453338E9B745023478AF4DA4B9EE 203776 ----a-w- C:\Windows\Sysnative\AppXApplicabilityBlob.dll 2016-09-26 06:40:12 8D2D008AEC7B20C5188F9532897424D9 1163696 ----a-w- C:\Windows\Sysnative\winload.exe 2016-09-26 06:40:12 8C8AFEFE1ED3C1E605BBDDAED2AF3631 266240 ----a-w- C:\Windows\Sysnative\ConsoleLogon.dll 2016-09-26 06:40:12 8909765835EEE337C718EAF2CA931A2C 170496 ----a-w- C:\Windows\Sysnative\AppCapture.dll 2016-09-26 06:40:12 879DA389BCF21EDA85969EF18A264F5A 2264064 ----a-w- C:\Windows\Sysnative\AppXDeploymentServer.dll 2016-09-26 06:40:12 82733B78ECC440E88CFFFB309FF43EB5 885824 ----a-w- C:\Windows\Sysnative\winresume.exe 2016-09-26 06:40:12 7CF84329545035CC0833119C7268A620 138240 ----a-w- C:\Windows\Sysnative\sppc.dll 2016-09-26 06:40:12 7A6428929BBDB854042D83494DD13101 5511680 ----a-w- C:\Windows\Sysnative\aclui.dll 2016-09-26 06:40:12 77DBAF6D7F5F176157DB7F7F57CA46A5 14848 ----a-w- C:\Windows\Sysnative\c_GSM7.DLL 2016-09-26 06:40:12 76C1CC611352499326001F25A3ED15F8 520192 ----a-w- C:\Windows\Sysnative\w32time.dll 2016-09-26 06:40:12 74A9DD6039575D2A36E7EEDF053937DF 234496 ----a-w- C:\Windows\Sysnative\tcpipcfg.dll 2016-09-26 06:40:12 73BBDD6A450AF2708B089B0DFEE74252 495104 ----a-w- C:\Windows\Sysnative\DataSenseHandlers.dll 2016-09-26 06:40:12 6FB48F624829BFD03D67E3666822D170 58880 ----a-w- C:\Windows\Sysnative\Windows.Shell.Search.UriHandler.dll 2016-09-26 06:40:12 6C982BC7E4DB161530A0D831718D7113 396800 ----a-w- C:\Windows\Sysnative\StorSvc.dll 2016-09-26 06:40:12 6C73C817F42D3BD2FD1638B7A7DB646D 66048 ----a-w- C:\Windows\Sysnative\provtool.exe 2016-09-26 06:40:12 6BFF06B45CC55C272A4E59E6BE986B45 280064 ----a-w- C:\Windows\Sysnative\SettingsHandlers_WorkAccess.dll 2016-09-26 06:40:12 69DFAB574E4CD63DC6C8DA14F52E3DF1 115200 ----a-w- C:\Windows\Sysnative\IdCtrls.dll 2016-09-26 06:40:12 688F531DFEF5CCAE897F26CCA4C21FE6 41824 ----a-w- C:\Windows\Sysnative\SysResetErr.exe 2016-09-26 06:40:12 63036AE43B673B6C57B999251CD5E8A4 382272 ----a-w- C:\Windows\Sysnative\LockAppHost.exe 2016-09-26 06:40:12 61C1E2E2F4F4ECC08C7CEF7A8042CA24 1349120 ----a-w- C:\Windows\Sysnative\wifinetworkmanager.dll 2016-09-26 06:40:12 613C4D37D0C1F1602E1D62DAFE8A5DA9 909312 ----a-w- C:\Windows\Sysnative\Windows.UI.Search.dll 2016-09-26 06:40:12 5D955FBA0D79B62243BC3E8647E138D7 1812480 ----a-w- C:\Windows\Sysnative\ResetEngine.dll 2016-09-26 06:40:12 5B5800C896A4E27BEF4EDD6CE1B51D6A 133632 ----a-w- C:\Windows\Sysnative\MediaFoundation.DefaultPerceptionProvider.dll 2016-09-26 06:40:12 5783CAF6C64513FB937D7E56F37D6CA7 28672 ----a-w- C:\Windows\Sysnative\Windows.Management.Provisioning.ProxyStub.dll 2016-09-26 06:40:12 55AD1D10E6956654B365F71E0E9606D6 1726976 ----a-w- C:\Windows\Sysnative\Windows.UI.Immersive.dll 2016-09-26 06:40:12 4F80785DFEA2B907D3652DD54DB5699A 235008 ----a-w- C:\Windows\Sysnative\KnobsCore.dll 2016-09-26 06:40:12 46E63A5C51B03214DD031A394254D3A0 886784 ----a-w- C:\Windows\Sysnative\CPFilters.dll 2016-09-26 06:40:12 460DA0C05CCB0CFF811D21899EFD93CB 717824 ----a-w- C:\Windows\Sysnative\LogonController.dll 2016-09-26 06:40:12 3CC81C06630B17913BE6D872F9F84658 11264 ----a-w- C:\Windows\Sysnative\ResetEngine.exe 2016-09-26 06:40:12 3A6F144F316E0308BD046E3F6C975F04 354264 ----a-w- C:\Windows\Sysnative\systemreset.exe 2016-09-26 06:40:12 38DBE72073C8ACEAAE21DF30A1AAC76E 200704 ----a-w- C:\Windows\Sysnative\provisioningcsp.dll 2016-09-26 06:40:12 37AE763690826DE44C19360E71C7D32F 349184 ----a-w- C:\Windows\Sysnative\provengine.dll 2016-09-26 06:40:12 36E594EF1B8F040C4F2C452D126C0215 5622600 ----a-w- C:\Windows\Sysnative\sppsvc.exe 2016-09-26 06:40:12 31540C866B8BD453E26A97E3CCC0AB7A 303968 ----a-w- C:\Windows\Sysnative\invagent.dll 2016-09-26 06:40:12 2D45A814BA589161CACB2E7E100447AD 97792 ----a-w- C:\Windows\Sysnative\NFCProvisioningPlugin.dll 2016-09-26 06:40:12 2B4E090D06C60853C5C00CF255F9E02A 1312768 ----a-w- C:\Windows\Sysnative\SensorDataService.exe 2016-09-26 06:40:12 2A4755DC0F7D3D2ED7D5C10EE85C2658 1232384 ----a-w- C:\Windows\Sysnative\dosvc.dll 2016-09-26 06:40:12 294DD2DF665F0B014559B654CE5CCC83 1349120 ----a-w- C:\Windows\Sysnative\winload.efi 2016-09-26 06:40:12 284FB9A8807C14BC0FD3A60F4BA1F6D3 43008 ----a-w- C:\Windows\Sysnative\LaunchWinApp.exe 2016-09-26 06:40:12 203D279E5B5538A4B3954234A8E4834B 22218808 ----a-w- C:\Windows\Sysnative\shell32.dll 2016-09-26 06:40:12 1FAD8BB61127B02934C015CF9B159016 323584 ----a-w- C:\Windows\Sysnative\domgmt.dll 2016-09-26 06:40:12 1955F78D9E7E16099DBABAB36FE3CC3C 162850 ----a-w- C:\Windows\Sysnative\C_932.NLS 2016-09-26 06:40:12 17CA16C7B5AFE34B919D5C86C0E41C5D 289792 ----a-w- C:\Windows\Sysnative\DeveloperOptionsSettingsHandlers.dll 2016-09-26 06:40:12 1406A27DA83687AA07453C081024823D 220672 ----a-w- C:\Windows\Sysnative\provops.dll 2016-09-26 06:40:12 08C01875C30D949BE2D08B6DFA74D684 8156592 ----a-w- C:\Windows\Sysnative\Windows.Media.Protection.PlayReady.dll 2016-09-26 06:40:12 060E11DCB875D981E948073986E295DC 135168 ----a-w- C:\Windows\Sysnative\slc.dll 2016-09-26 06:40:12 02863D0B6D8502477B95587B339D1C30 552288 ----a-w- C:\Windows\Sysnative\devinv.dll 2016-09-26 06:40:12 00E5B97D1C265BD8D1C6D817037A71F0 324608 ----a-w- C:\Windows\Sysnative\Windows.ApplicationModel.LockScreen.dll 2016-09-26 06:40:12 00D26DFCB55A8F1EE67A5EE3614F9C75 461312 ----a-w- C:\Windows\Sysnative\CredProvDataModel.dll 2016-09-26 06:40:10 F729F21451A7948444ACA11FE3E51C48 54784 ----a-w- C:\Windows\Sysnative\ContactActivation.dll 2016-09-26 06:40:10 F551B77EEB5DE06AE992E6E0B421C034 279552 ----a-w- C:\Windows\Sysnative\PlayToReceiver.dll 2016-09-26 06:40:10 F539E9DA822B8F2D6B42ABBAF063D11E 2560 ----a-w- C:\Windows\Sysnative\PhoneutilRes.dll 2016-09-26 06:40:10 EF4A6C0CD82605DF6575780B99ED78DA 32768 ----a-w- C:\Windows\Sysnative\wups2.dll 2016-09-26 06:40:10 EF02767A0BDDD1BD85874510B962A27B 1078784 ----a-w- C:\Windows\Sysnative\Windows.Media.Streaming.dll 2016-09-26 06:40:10 E8DFB39E831BFAA438B28ADC11C6E9FD 186880 ----a-w- C:\Windows\Sysnative\MusNotification.exe 2016-09-26 06:40:10 E2EDBA97D10B630E7DA48B09253CAAF5 1859264 ----a-w- C:\Windows\Sysnative\Windows.ApplicationModel.Store.dll 2016-09-26 06:40:10 E2AAF07BEB81E6E4CAC382F0B2CA551C 140288 ----a-w- C:\Windows\Sysnative\AppointmentActivation.dll 2016-09-26 06:40:10 E1D53F44C76E413E4A73D4FB06CC210D 104960 ----a-w- C:\Windows\Sysnative\CastLaunch.dll 2016-09-26 06:40:10 E186BD3988C5BBD8F30AD3BD6786C6A5 239104 ----a-w- C:\Windows\Sysnative\dafpos.dll 2016-09-26 06:40:10 DECB256AD35F3D7E03CF167FC2861583 391168 ----a-w- C:\Windows\Sysnative\wuuhext.dll 2016-09-26 06:40:10 C6C101B0510C222C1223ACCBC8AEC99D 89600 ----a-w- C:\Windows\Sysnative\updatepolicy.dll 2016-09-26 06:40:10 BDCF02173186A49AB4B9EAEF5B555ED1 68096 ----a-w- C:\Windows\Sysnative\AddressParser.dll 2016-09-26 06:40:10 B93AED6C0949BE5BF7284D22C9E06D19 44472 ----a-w- C:\Windows\Sysnative\mfpmp.exe 2016-09-26 06:40:10 B740472F6A76DF422DD557AF957B70BE 157696 ----a-w- C:\Windows\Sysnative\XamlTileRender.dll 2016-09-26 06:40:10 B6D1C3A260C55CCE398B6FF9EC0FBA68 315904 ----a-w- C:\Windows\Sysnative\Phoneutil.dll 2016-09-26 06:40:10 B0BDB04AE820EEC777263DCD41C59B64 521728 ----a-w- C:\Windows\Sysnative\MusUpdateHandlers.dll 2016-09-26 06:40:10 AEACA1EC0BFD8B391AA885F84B7547A0 23552 ----a-w- C:\Windows\Sysnative\ExtrasXmlParser.dll 2016-09-26 06:40:10 ABDEFBFA05C3BD84A10EC7A7FB1DA597 65024 ----a-w- C:\Windows\Sysnative\POSyncServices.dll 2016-09-26 06:40:10 ABAF65774CEA41C5B335DD12E2C3109B 57344 ----a-w- C:\Windows\Sysnative\WinBioDataModelOOBE.exe 2016-09-26 06:40:10 AA614E179022050A89FED112EFAF03E8 44032 ----a-w- C:\Windows\Sysnative\UserDataLanguageUtil.dll 2016-09-26 06:40:10 9E78D7CF1E781E9A3E8F3434E6EDF49E 8192 ----a-w- C:\Windows\Sysnative\UserDataAccessRes.dll 2016-09-26 06:40:10 9B3299A537477779F55BEC8CC267F3CA 1388544 ----a-w- C:\Windows\Sysnative\Windows.UI.Cred.dll 2016-09-26 06:40:10 9AF7C47F4ECC0483D55C34C32F8B52D4 568832 ----a-w- C:\Windows\Sysnative\Windows.Media.Speech.UXRes.dll 2016-09-26 06:40:10 97FC02DD857AF0B599A1D778335A5439 936960 ----a-w- C:\Windows\Sysnative\MCRecvSrc.dll 2016-09-26 06:40:10 97A339EA172BA7693C7F8488689BC270 1105408 ----a-w- C:\Windows\Sysnative\MiracastReceiver.dll 2016-09-26 06:40:10 92E3A595ECA98F09B72A1E68ACB4651A 2315264 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2016-09-26 06:40:10 91B02606FC2F92673C8DAEA9BEE9C84B 442368 ----a-w- C:\Windows\Sysnative\PlayToDevice.dll 2016-09-26 06:40:10 8DC162262762E46F37D89D31B59EF69D 26408 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2016-09-26 06:40:10 8C59437748797591C59F709EEFD087C6 64512 ----a-w- C:\Windows\Sysnative\UserDataPlatformHelperUtil.dll 2016-09-26 06:40:10 86C62045B7C3BF027F59040C18A2A7D8 509952 ----a-w- C:\Windows\Sysnative\SettingsHandlers_Bluetooth.dll 2016-09-26 06:40:10 85DE7DC5329739FB2BD481ECDE38388E 363520 ----a-w- C:\Windows\Sysnative\Windows.UI.BioFeedback.dll 2016-09-26 06:40:10 844360AD40F7A4E23B164C3A68DB739A 1280352 ----a-w- C:\Windows\Sysnative\LicenseManager.dll 2016-09-26 06:40:10 7E430C33D24BC0DC76F56FF459EFA44D 650240 ----a-w- C:\Windows\Sysnative\DbgModel.dll 2016-09-26 06:40:10 7E2F080D02FE2D426A2D518F9FF13CFE 523712 ----a-w- C:\Windows\Sysnative\DMRServer.dll 2016-09-26 06:40:10 7DF46A143A6D9918D840B25D1733AE6B 118784 ----a-w- C:\Windows\Sysnative\UserDataTimeUtil.dll 2016-09-26 06:40:10 7B8270ADE3831F59CB0A1FBE2B650E45 5384192 ----a-w- C:\Windows\Sysnative\dbgeng.dll 2016-09-26 06:40:10 7B3B3E87A3F4657D6D0D2C27EA24940F 263680 ----a-w- C:\Windows\Sysnative\ExSMime.dll 2016-09-26 06:40:10 68396E8D4D14F93272AD5D355660DC70 743424 ----a-w- C:\Windows\Sysnative\StoreAgent.dll 2016-09-26 06:40:10 67AA275094BF77BC92C193D447CEBE5F 418304 ----a-w- C:\Windows\Sysnative\Windows.UI.BlockedShutdown.dll 2016-09-26 06:40:10 67322D2AC2F543C8458F155FFDF05D7A 204288 ----a-w- C:\Windows\Sysnative\DscCoreConfProv.dll 2016-09-26 06:40:10 6556AD05BB97D007B81E94C7DA3DE003 587968 ----a-w- C:\Windows\Sysnative\generaltel.dll 2016-09-26 06:40:10 62DB63BA7A9BC04D7BBB83D558797A97 857440 ----a-w- C:\Windows\Sysnative\WWAHost.exe 2016-09-26 06:40:10 60931F113781C1FE5B9DFB2BD2FBE08B 1694712 ----a-w- C:\Windows\Sysnative\winmde.dll 2016-09-26 06:40:10 5A23E4BE0CCF49663C4CF7EB74C20278 26112 ----a-w- C:\Windows\Sysnative\LicenseManagerSvc.dll 2016-09-26 06:40:10 57B57C4AA1A6F3B865CA0153251F4F73 1643008 ----a-w- C:\Windows\Sysnative\Windows.Media.Speech.dll 2016-09-26 06:40:10 561AE74AEA63C9182749FF3FA8F29424 484352 ----a-w- C:\Windows\Sysnative\MDEServer.exe 2016-09-26 06:40:10 50F9CA3E5799C16E1E0260FDC3BD576F 243712 ----a-w- C:\Windows\Sysnative\WinBioDataModel.dll 2016-09-26 06:40:10 50469D6A7AA765EAB8E758F4DFBBD011 45568 ----a-w- C:\Windows\Sysnative\UserDataTypeHelperUtil.dll 2016-09-26 06:40:10 4B7C137D91740E9BB647189362022C1E 50880 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe 2016-09-26 06:40:10 4AD49C57D4EBF99E94A17419F874FD8A 187904 ----a-w- C:\Windows\Sysnative\VCardParser.dll 2016-09-26 06:40:10 3E0D2395AD6E1E5608329DB32F061E7B 595488 ----a-w- C:\Windows\Sysnative\mf.dll 2016-09-26 06:40:10 2C5C98166F96A67F25D5474569D07D2E 259584 ----a-w- C:\Windows\Sysnative\InstallAgentUserBroker.exe 2016-09-26 06:40:10 22D240F8745F0F64C4638E472F30BB7D 471552 ----a-w- C:\Windows\Sysnative\DscCore.dll 2016-09-26 06:40:10 22559865AB6745D8878777692B63B575 211456 ----a-w- C:\Windows\Sysnative\InstallAgent.exe 2016-09-26 06:40:10 1F32156F2C7C3842C91DC2C13F5D94C0 231424 ----a-w- C:\Windows\Sysnative\shutdownux.dll 2016-09-26 06:40:10 0F3C4209200F3DAD2015DA3044FA8DC3 539136 ----a-w- C:\Windows\Sysnative\usocore.dll 2016-09-26 06:40:10 03B156D30D2EF0A5C9ADA5EBC2A808AC 770048 ----a-w- C:\Windows\Sysnative\bisrv.dll 2016-09-26 06:40:07 CCDF9A041D4DBAE87B2BB750C89B982E 7654912 ----a-w- C:\Windows\Sysnative\mos.dll 2016-09-26 06:40:07 BCE92B3274515F014920690F44B67767 409088 ----a-w- C:\Windows\Sysnative\MosResource.dll 2016-09-26 06:40:07 ADBAE62EA6497B01ADEED82ACBB2A969 3435008 ----a-w- C:\Windows\Sysnative\MapRouter.dll 2016-09-26 06:40:07 AA5EE98CE729DB181B789CFBCFFA78EA 78848 ----a-w- C:\Windows\Sysnative\MosHostClient.dll 2016-09-26 06:40:07 A2CB862ACA913DAF3B26D40443C18C95 2560 ----a-w- C:\Windows\Sysnative\MapControlStringsRes.dll 2016-09-26 06:40:07 8C269C9B1A5EA49B92E2057F0BDC0180 313856 ----a-w- C:\Windows\Sysnative\moshostcore.dll 2016-09-26 06:40:07 86B3A2029E6271039E6BE17FB9379570 936448 ----a-w- C:\Windows\Sysnative\NMAA.dll 2016-09-26 06:40:07 7C56370359E42E7ADA21B02D65B6291C 40448 ----a-w- C:\Windows\Sysnative\mapsupdatetask.dll 2016-09-26 06:40:07 54D7849E41B05131F28F9F18E60C0B6C 49152 ----a-w- C:\Windows\Sysnative\mapstoasttask.dll 2016-09-26 06:40:07 512D1E8943E4622EAF985599711A1035 110080 ----a-w- C:\Windows\Sysnative\Microsoft-Windows-MapControls.dll 2016-09-26 06:40:07 3726EF4008DFFB6258778D975AA8C890 25088 ----a-w- C:\Windows\Sysnative\nativemap.dll 2016-09-26 06:40:07 1E619B8774710B2603C7E4666947AA65 366592 ----a-w- C:\Windows\Sysnative\NmaDirect.dll 2016-09-26 06:40:07 138A8D7DAE9F4DBEC3D1A80F0F9DC51B 9216 ----a-w- C:\Windows\Sysnative\Microsoft-Windows-MosHost.dll 2016-09-26 06:40:07 102732A12AEE82635C0C83797C9A8180 1029632 ----a-w- C:\Windows\Sysnative\MapsStore.dll 2016-09-26 06:40:06 F723552F65D44FE693DB1A383825B3A8 95232 ----a-w- C:\Windows\Sysnative\tzautoupdate.dll 2016-09-26 06:40:06 F4F0BF823CC5E817BA22A290AC1C7CDB 526848 ----a-w- C:\Windows\Sysnative\OneDriveSettingSyncProvider.dll 2016-09-26 06:40:06 F1572B629205079F2707E7E01C275245 268800 ----a-w- C:\Windows\Sysnative\DeviceCensus.exe 2016-09-26 06:40:06 F0FBEC32E7733D7D67CC9D0396F45474 924672 ----a-w- C:\Windows\Sysnative\Windows.Networking.BackgroundTransfer.dll 2016-09-26 06:40:06 EE732D0F6A47F579DEEE96F31A189742 405344 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2016-09-26 06:40:06 ED5B42D75F3DEE93040B3930DA9F3009 77312 ----a-w- C:\Windows\Sysnative\moshost.dll 2016-09-26 06:40:06 E85D26F8E558C77EC0BFFBB6D610F08B 942432 ----a-w- C:\Windows\Sysnative\hvloader.efi 2016-09-26 06:40:06 E510EC98F5114BE003D2C61E98BFEFA3 17187840 ----a-w- C:\Windows\Sysnative\Windows.UI.Xaml.dll 2016-09-26 06:40:06 E08C00B7044F58E7D53CB4F6451D3ABB 227840 ----a-w- C:\Windows\Sysnative\cdd.dll 2016-09-26 06:40:06 E02113EEBBD2689486B49F08103C70C8 327168 ----a-w- C:\Windows\Sysnative\eapp3hst.dll 2016-09-26 06:40:06 D9088048BB7C61CF4647840122160781 3617792 ----a-w- C:\Windows\Sysnative\win32kfull.sys 2016-09-26 06:40:06 D72285D7D0E485BC8167A807337EB127 7219672 ----a-w- C:\Windows\Sysnative\Windows.storage.dll 2016-09-26 06:40:06 D685C4335F586BFB98389BD94B5F6EB7 410624 ----a-w- C:\Windows\Sysnative\facecredentialprovider.dll 2016-09-26 06:40:06 D4A0A180E2C1A26F5DE4C3517DE0C414 243200 ----a-w- C:\Windows\Sysnative\eappcfg.dll 2016-09-26 06:40:06 D06617FC96D8B0581E902795A5AAC160 88064 ----a-w- C:\Windows\Sysnative\MosStorage.dll 2016-09-26 06:40:06 CC86A87136C6D856C4899349420ED127 114688 ----a-w- C:\Windows\Sysnative\offlinelsa.dll 2016-09-26 06:40:06 C655B54A03DF0944368EE274A6EDB3B8 9728 ----a-w- C:\Windows\Sysnative\Microsoft-Windows-MosTrace.dll 2016-09-26 06:40:06 C50FBFDC76EAF8D22EC203B433D0EEFE 200704 ----a-w- C:\Windows\Sysnative\ClipboardServer.dll 2016-09-26 06:40:06 C465566BE0477B49763820A21F04F292 25600 ----a-w- C:\Windows\Sysnative\storagewmi_passthru.dll 2016-09-26 06:40:06 C11126DCD217F5213CED85E7D990B5AB 2560 ----a-w- C:\Windows\Sysnative\tzres.dll 2016-09-26 06:40:06 BC27BF1FCD63540A194E549FB80C9C8D 1052672 ----a-w- C:\Windows\Sysnative\qmgr.dll 2016-09-26 06:40:06 B6E61F3A3FFE0CE73446BAE0CEDDFA40 302592 ----a-w- C:\Windows\Sysnative\eapphost.dll 2016-09-26 06:40:06 B3DEE8AD2A53818CDC47F2060F744E25 1062912 ----a-w- C:\Windows\Sysnative\SettingSyncCore.dll 2016-09-26 06:40:06 B1F78E588635D91D829D936C572D491C 2913104 ----a-w- C:\Windows\Sysnative\combase.dll 2016-09-26 06:40:06 B00CE075546F0FD20917FA0755259BD1 988000 ----a-w- C:\Windows\Sysnative\hvax64.exe 2016-09-26 06:40:06 A96FA9F1D6F4272A2CF21E0EFDA3055F 432128 ----a-w- C:\Windows\Sysnative\WpAXHolder.dll 2016-09-26 06:40:06 A202D35D81D24303896611D2E823E9B5 2289664 ----a-w- C:\Windows\Sysnative\dwmcore.dll 2016-09-26 06:40:06 9DC8DFD3C90783D60AEA940175A13F8B 458752 ----a-w- C:\Windows\Sysnative\RTMediaFrame.dll 2016-09-26 06:40:06 974FA5866D2F4FB4D7FDEB4BDB911071 820736 ----a-w- C:\Windows\Sysnative\BingOnlineServices.dll 2016-09-26 06:40:06 958AD14CDF4EBB6BADDB13F8B39A97CF 1461200 ----a-w- C:\Windows\Sysnative\user32.dll 2016-09-26 06:40:06 92C741014DA532BAEC1CDDBCF8705B5E 3116544 ----a-w- C:\Windows\Sysnative\MSAJApi.dll 2016-09-26 06:40:06 8E3318880571891DC244A72CC7B65721 959488 ----a-w- C:\Windows\Sysnative\modernexecserver.dll 2016-09-26 06:40:06 88AC6B6BB198A74296A687F563A08473 807776 ----a-w- C:\Windows\Sysnative\hvloader.exe 2016-09-26 06:40:06 88522C196AC0FAFBB28F2C6EB1EE2573 123904 ----a-w- C:\Windows\Sysnative\samlib.dll 2016-09-26 06:40:06 862B5A128CC64904FDAB54CEEC3C57CD 1014784 ----a-w- C:\Windows\Sysnative\XblAuthManager.dll 2016-09-26 06:40:06 86094D34C06F24B5E54582883819C7AD 237568 ----a-w- C:\Windows\Sysnative\offlinesam.dll 2016-09-26 06:40:06 77B6273299687F112C46D00394C941D2 1267504 ----a-w- C:\Windows\Sysnative\WinTypes.dll 2016-09-26 06:40:06 77592C79381DC55D70773F36C75AFD52 884224 ----a-w- C:\Windows\Sysnative\samsrv.dll 2016-09-26 06:40:06 731AA93CBBD05C7F966979CB5F3D6D96 2083840 ----a-w- C:\Windows\Sysnative\DeviceFlows.DataModel.dll 2016-09-26 06:40:06 729D859A5FF0C0C27274992B06CEB2BA 1006080 ----a-w- C:\Windows\Sysnative\D3D12.dll 2016-09-26 06:40:06 6E407A512E48C0DDDCEDB4DFFCB39D23 1099616 ----a-w- C:\Windows\Sysnative\hvix64.exe 2016-09-26 06:40:06 6E10195D98E708B11D2A78AF4C51D1B8 7792640 ----a-w- C:\Windows\Sysnative\BingMaps.dll 2016-09-26 06:40:06 6683024745B10EB18A25F13256E0E1D1 911872 ----a-w- C:\Windows\Sysnative\Windows.Networking.dll 2016-09-26 06:40:06 65C1C36CCC92C0241AD5072BE5692511 2947072 ----a-w- C:\Windows\Sysnative\MapGeocoder.dll 2016-09-26 06:40:06 64BE4A72B2D9251019865EE849F981F6 20320 ----a-w- C:\Windows\Sysnative\kdhvcom.dll 2016-09-26 06:40:06 6314D8E070122C9FEF0FD9E6C46F8F9C 71168 ----a-w- C:\Windows\Sysnative\eappprxy.dll 2016-09-26 06:40:06 62E11028D11890DC615430ECDEFA0A68 905216 ----a-w- C:\Windows\Sysnative\MapControlCore.dll 2016-09-26 06:40:06 621BE7A39C4A2E06E2D9A223A8AB2DD2 178528 ----a-w- C:\Windows\Sysnative\CloudExperienceHostUser.dll 2016-09-26 06:40:06 60B3708BC68B378B8037DC68222D4857 764936 ----a-w- C:\Windows\Sysnative\CoreMessaging.dll 2016-09-26 06:40:06 605512D704E13808FBD3398AC036E171 611328 ----a-w- C:\Windows\Sysnative\Windows.Graphics.Printing.dll 2016-09-26 06:40:06 594E6BE368E2496EE62EBB54DD0B3FAB 1738040 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2016-09-26 06:40:06 53EF35950835BE17496AFFB16A28528C 358912 ----a-w- C:\Windows\Sysnative\Windows.ApplicationModel.dll 2016-09-26 06:40:06 51BC3949AA4D326EA2CB81A209CE8A80 15360 ----a-w- C:\Windows\Sysnative\MapsBtSvcProxy.dll 2016-09-26 06:40:06 504798F48398E973299C1051E62281D3 2846208 ----a-w- C:\Windows\Sysnative\storagewmi.dll 2016-09-26 06:40:06 4E5A691D828F74BB01A37C77C8F46896 932864 ----a-w- C:\Windows\Sysnative\kerberos.dll 2016-09-26 06:40:06 4C9EB8B2F81D8A34E5CBAFB0B859251C 1631232 ----a-w- C:\Windows\Sysnative\Windows.UI.Xaml.Resources.dll 2016-09-26 06:40:06 4B53781598D1DB2D33DE9F7248F5A26F 1708544 ----a-w- C:\Windows\Sysnative\wevtsvc.dll 2016-09-26 06:40:06 4953EA5B815BA55C8E114FFDFF08B119 773200 ----a-w- C:\Windows\Sysnative\oleaut32.dll 2016-09-26 06:40:06 45AD36ADEF6ADEDB0A80ACB8965295B7 7220224 ----a-w- C:\Windows\Sysnative\Windows.Data.Pdf.dll 2016-09-26 06:40:06 433E2F086F3BD7DB52B3286A0FCB65B6 374784 ----a-w- C:\Windows\Sysnative\resutils.dll 2016-09-26 06:40:06 3ED5CD5AAC16C71F48F27A152C488986 2820096 ----a-w- C:\Windows\Sysnative\InputService.dll 2016-09-26 06:40:06 3EB12F95C259907F976B9FFCD26FA047 23552 ----a-w- C:\Windows\Sysnative\smphost.dll 2016-09-26 06:40:06 3E2D8603946EDC84B9A2F83FD5782D47 1328128 ----a-w- C:\Windows\Sysnative\Windows.Web.Http.dll 2016-09-26 06:40:06 3D5B06EC01C5772DDB8AB82A769A0D97 105984 ----a-w- C:\Windows\Sysnative\eappgnui.dll 2016-09-26 06:40:06 3D333C37AA062BCCB3D0DE3EF42DC7DD 380928 ----a-w- C:\Windows\Sysnative\wincorlib.dll 2016-09-26 06:40:06 3CF052C22F34174BE783DAF2F3A81D8A 210944 ----a-w- C:\Windows\Sysnative\win32k.sys 2016-09-26 06:40:06 3CE841CC4ACEB503CD643A493A9A71A1 95232 ----a-w- C:\Windows\Sysnative\MapsCSP.dll 2016-09-26 06:40:06 3965B7007FC32D4D14383A10B5828660 476672 ----a-w- C:\Windows\Sysnative\schannel.dll 2016-09-26 06:40:06 37BD0ED26D65A28E7CAA32F446BDA67A 389000 ----a-w- C:\Windows\Sysnative\wevtapi.dll 2016-09-26 06:40:06 36D5B4C6107F695E3DF767F4510F425C 584544 ----a-w- C:\Windows\Sysnative\SettingSyncHost.exe 2016-09-26 06:40:06 36970CA9668201F0FEE8F409E43FC159 446464 ----a-w- C:\Windows\Sysnative\MapConfiguration.dll 2016-09-26 06:40:06 368A8616AC761763DC41AAAEE3642B55 2681200 ----a-w- C:\Windows\Sysnative\CoreUIComponents.dll 2016-09-26 06:40:06 2F672DAB25C830B5CCA6DAAFFA5F6DFB 125952 ----a-w- C:\Windows\Sysnative\setupugc.exe 2016-09-26 06:40:06 2CDF36D9F14BD0B8E99B0BFD7905FA53 1508864 ----a-w- C:\Windows\Sysnative\win32kbase.sys 2016-09-26 06:40:06 1FC92CE59786C5B18A536F081551F629 150528 ----a-w- C:\Windows\Sysnative\MapsBtSvc.dll 2016-09-26 06:40:06 1DEE7AB0BD53C820E6CABC52274671BE 3245056 ----a-w- C:\Windows\Sysnative\mispace.dll 2016-09-26 06:40:06 1C060B94A530FBBA0D0BE14C47B09300 642048 ----a-w- C:\Windows\Sysnative\Windows.UI.Xaml.InkControls.dll 2016-09-26 06:40:06 12E35897D1969CA3220B354224CB5958 2208768 ----a-w- C:\Windows\Sysnative\Windows.Graphics.Printing.3D.dll 2016-09-26 06:40:06 09D68D6E464F2D77A623E9CE9A2E031A 1107456 ----a-w- C:\Windows\Sysnative\aadtb.dll 2016-09-26 06:40:06 07FBC9D725A04D25E9D799550B2E5CBC 1491968 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2016-09-26 06:40:06 06283D1A7B1901F027C0C7AD520A2835 327680 ----a-w- C:\Windows\Sysnative\container.dll 2016-09-26 06:40:06 0482CFC6D06935953519340A0D360329 114192 ----a-w- C:\Windows\Sysnative\win32u.dll 2016-09-26 06:40:06 03B40B32AE8631F64FA60CD294AE4191 26112 ----a-w- C:\Windows\Sysnative\delegatorprovider.dll 2016-09-26 06:40:06 0235D9E03C7D42E31594907237E7308A 715264 ----a-w- C:\Windows\Sysnative\clusapi.dll 2016-09-26 06:40:06 00350F126205876E948A4AA4B5D08AD1 1060352 ----a-w- C:\Windows\Sysnative\JpMapControl.dll 2016-09-26 06:37:00 DB5CEDD2D9B6BEC1F008AB32F6430407 35480 ----a-w- C:\Windows\Sysnative\TsWpfWrp.exe 2016-09-26 06:37:00 CAF55CA39F076939E6CF4C8660235610 1166520 ----a-w- C:\Windows\Sysnative\PresentationNative_v0300.dll 2016-09-26 06:37:00 587DDEDEA34DBDF2B7C4F5EEC1685A19 124624 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll ====== C:\Windows\Sysnative\drivers ===== 2016-10-08 22:38:16 30A186D6A2A2853EEFAD7011E212E41B 44144 ----a-w- C:\Windows\Sysnative\drivers\rzpmgrk.sys 2016-10-08 16:16:54 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2016-10-08 16:16:35 898415AC0B5F1D2A9A48ABCB68A6DC4B 65408 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2016-10-08 16:16:35 78BFF5425E044086E74E78650A359FBB 27008 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2016-10-08 16:16:35 1239597BAB7EED2BB16D035AF87E65D9 140672 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2016-09-26 06:40:18 E83830BB74AE8CBECEA0ECD94DE436F9 409088 ----a-w- C:\Windows\Sysnative\drivers\srv.sys 2016-09-26 06:40:18 B705D8E3011268160833518FBD80FBCE 2537824 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2016-09-26 06:40:18 9EA203A07EFA6D74F07F32EF0DAB5CA6 108384 ----a-w- C:\Windows\Sysnative\drivers\pdc.sys 2016-09-26 06:40:18 68FDFCE44D29EE8AE52E3CCB46BB0554 409944 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2016-09-26 06:40:18 200E4A385F5F370D8866BAE25B0D9D32 282624 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-09-26 06:40:17 705C0F8BCCEF6E7CB704CCB454192D7E 133472 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2016-09-26 06:40:17 64E0AA114871B2A37908E44A18F35A73 128352 ----a-w- C:\Windows\Sysnative\drivers\partmgr.sys 2016-09-26 06:40:17 5DD8CB01C0394F8D052763D2E3C6E684 2256224 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2016-09-26 06:40:17 5008FF3BBB078956C60DCA0044CF175B 379744 ----a-w- C:\Windows\Sysnative\drivers\Classpnp.sys 2016-09-26 06:40:15 F13EE0DB1FB1D6946AC3228D7EFCFC8F 248320 ----a-w- C:\Windows\Sysnative\drivers\srvnet.sys 2016-09-26 06:40:15 E671EDAB0726E05ECEF4058B4CD73C4D 450392 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-09-26 06:40:15 57A8C77BD62F4C052ECC40EB221A7078 224096 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-09-26 06:40:15 392CD98739F4A8F188A3CB34F6AB193E 435040 ----a-w- C:\Windows\Sysnative\drivers\rdbss.sys 2016-09-26 06:40:15 2C2D61825A3D036CACA7E34FF75B8207 714240 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys 2016-09-26 06:40:12 68B1E0DA1BB1680494227E88CE821E2F 62816 ----a-w- C:\Windows\Sysnative\drivers\dam.sys 2016-09-26 06:40:06 D8536CB438CC4CCDAE047B768EED22B2 38400 ----a-w- C:\Windows\Sysnative\drivers\hidusb.sys 2016-09-26 06:40:06 D82592B327C43AC9381E9FBEF79C7F68 156672 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys 2016-09-26 06:40:06 B9A33B9298BAFCE11E9823B1056D5BB0 40960 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys 2016-09-26 06:40:06 B739FF1C1FAF9D0ADFBFB0FD59A5AB37 77664 ----a-w- C:\Windows\Sysnative\drivers\stornvme.sys 2016-09-26 06:40:06 B728AB4A8FBBCF5269DD5290D3F1F1EF 279904 ----a-w- C:\Windows\Sysnative\drivers\sdbus.sys 2016-09-26 06:40:06 A90C76FB62526DEB5A5557A8839841AB 2190688 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2016-09-26 06:40:06 8833A059270A60CE347FEB9A7951B3F4 681304 ----a-w- C:\Windows\Sysnative\drivers\ClipSp.sys 2016-09-26 06:40:06 7878A65B1D949B4E2880DD2EF7B8D8D7 187232 ----a-w- C:\Windows\Sysnative\drivers\dumpsd.sys 2016-09-26 06:40:06 74FC79C52395B10FFD0B55CF22CF88FC 73568 ----a-w- C:\Windows\Sysnative\drivers\hvservice.sys 2016-09-26 06:40:06 63088A3361D9A308F328F11E9099DD87 43520 ----a-w- C:\Windows\Sysnative\drivers\xinputhid.sys 2016-09-26 06:40:06 55AD13E2BAFC5AB53A10F8C271F5D242 168800 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-09-26 06:40:06 4F0F1E9A7281B4522F16B190F7661291 658272 ----a-w- C:\Windows\Sysnative\drivers\dxgmms2.sys 2016-09-26 06:40:06 3E502EB1701CF54CF237B6250FBE38EA 619368 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2016-09-26 06:40:06 2A9817B5A9260D8F60D52E36BEF10443 118112 ----a-w- C:\Windows\Sysnative\drivers\EhStorTcgDrv.sys 2016-09-26 06:40:06 14AE4AAED71AE09151AED376420B630D 402272 ----a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys 2016-09-26 06:36:54 43C8D087B31C592163B33A4BDA540E40 199008 ----a-w- C:\Windows\Sysnative\drivers\wof.sys 2016-09-25 01:51:51 67B51A97733B10D716B366C2ED126763 223304 ----a-w- C:\Windows\Sysnative\drivers\nvhda64v.sys 2016-09-25 01:51:37 DCADFA880DF77BB103F7A034A4B33577 7936600 ----a-w- C:\Windows\Sysnative\drivers\igdkmd64.sys 2016-09-16 14:43:05 2C4EBDC89887B46652883224B017516E 28888 ----a-w- C:\Windows\Sysnative\drivers\gbpddfac64.sys 2016-09-10 22:58:25 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2016-09-09 23:35:30 A97A270805944FB7C77650FFFEE61773 46016 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys ====== C:\Windows\Tasks ====== 2016-10-08 22:27:21 E6B3F778091706C5E068602D6ADB071D 1098 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-10-08 22:27:21 D3B4A85B8445C9A95F9E955BDEDEC818 4156 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2016-10-08 22:27:21 4AEF1D511331C40E158C62CF808A7183 3924 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2016-10-08 22:27:20 CEF9B678ABEB5EF56020B13B107FFB7E 1094 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-09-26 20:09:59 5265A246365492FC4A2D703ED9BAFDC3 4180 ----a-w- C:\Windows\Sysnative\Tasks\User_Feed_Synchronization-{A51E66E8-CE61-40D4-ABC0-255932DD76F4} 2016-09-26 06:46:56 FE9F866F4054049A720EADB63E78138E 3912 ----a-w- C:\Windows\Sysnative\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-26 06:46:56 C9EBF5ED0D00DB3CFFD2B51B12203CAD 3938 ----a-w- C:\Windows\Sysnative\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-26 06:46:56 B03822C4BBFFA600AB92899E3133D90D 3974 ----a-w- C:\Windows\Sysnative\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-26 06:46:56 AB812B99170B813F8E7E1FFE67A8ADF4 2594 ----a-w- C:\Windows\Sysnative\Tasks\CorelUpdateHelperTaskCore 2016-09-26 06:46:56 9BFAF67EE5C6902880F026EC6B1B560C 4002 ----a-w- C:\Windows\Sysnative\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-26 06:46:56 812593CA9C34FB4290D344B6D2862948 3750 ----a-w- C:\Windows\Sysnative\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-26 06:46:56 770BB0C5DF79987B2F76232CB70637CA 2820 ----a-w- C:\Windows\Sysnative\Tasks\OneDrive Standalone Update Task 2016-09-26 06:46:56 41C1E85C5A547469314C82FD6FDA72F9 3708 ----a-w- C:\Windows\Sysnative\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-09-26 06:46:56 0E5CAB1080B3AE088D7FA12E18597979 4562 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-09-26 06:43:19 -------- d-----w- C:\Program Files\NVIDIA Corporation 2016-09-26 06:43:13 -------- d-----w- C:\Program Files\Intel 2016-09-26 06:37:15 -------- d-----w- C:\Program Files\Reference Assemblies 2016-09-26 06:37:15 -------- d-----w- C:\Program Files\MSBuild 2016-09-16 18:22:35 -------- d-----w- C:\Program Files\Common Files\Corel 2016-09-16 18:21:51 -------- d---a-w- C:\Program Files\Corel 2016-09-10 18:34:44 -------- d---a-w- C:\Program Files\MotioninJoy ======= C:\PROGRA~2 ===== 2016-10-08 22:27:20 -------- d-----w- C:\PROGRA~2\Google 2016-10-08 15:42:52 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard 2016-10-08 14:33:52 -------- d-----w- C:\PROGRA~2\Bangboat 2016-10-06 21:56:29 -------- d-----w- C:\PROGRA~2\VulkanRT 2016-10-02 23:27:19 -------- d-----w- C:\PROGRA~2\FinalWire 2016-09-26 20:16:59 -------- d-----w- C:\PROGRA~2\Diebold 2016-09-26 14:03:08 -------- d-----w- C:\PROGRA~2\Sejergecoocety 2016-09-26 06:43:37 -------- d---a-w- C:\PROGRA~2\Razer 2016-09-26 06:43:19 -------- d-----w- C:\PROGRA~2\NVIDIA Corporation 2016-09-26 06:43:11 -------- d-----w- C:\PROGRA~2\COMMON~1\Intel 2016-09-26 06:37:16 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2016-09-26 06:37:16 -------- d-----w- C:\PROGRA~2\MSBuild 2016-09-19 03:09:53 -------- d-----w- C:\PROGRA~2\EMACLab 2016-09-16 18:22:40 -------- d-----w- C:\PROGRA~2\Corel 2016-09-10 18:32:19 -------- d--h--w- C:\PROGRA~2\COMMON~1\EAInstaller ======= C: ===== 2016-10-08 15:57:36 4BE47E6B456830894990382462E7F44A 174966 ----a-w- C:\spyhunter.fix 2016-10-08 15:20:26 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ====== C:\Users\stefa\AppData\Roaming ====== 2016-10-08 16:31:00 -------- d-----w- C:\Users\stefa\AppData\Local\Apps 2016-10-08 15:20:20 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps 2016-10-08 15:00:20 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\CrashDumps 2016-10-08 14:33:59 -------- d-----w- C:\Users\stefa\AppData\Local\Bangboat 2016-09-29 14:29:51 -------- d-----w- C:\Users\stefa\AppData\Local\Mega Limited 2016-09-29 14:29:49 -------- d-----w- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync 2016-09-29 14:29:48 -------- d-----w- C:\Users\stefa\AppData\Local\MEGAsync 2016-09-27 14:36:32 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\DataSharing 2016-09-26 14:03:09 -------- d-----w- C:\Users\stefa\AppData\Local\Gwchhuzught 2016-09-26 13:48:37 -------- d-----w- C:\Users\stefa\AppData\Local\ConnectedDevicesPlatform 2016-09-26 06:48:26 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\ConnectedDevicesPlatform 2016-09-26 06:48:09 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\ConnectedDevicesPlatform 2016-09-26 06:46:23 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Razer 2016-09-26 06:45:49 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Razer_Inc 2016-09-26 06:44:17 -------- d-----w- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-09-26 06:44:17 -------- d-----w- C:\Users\stefa\AppData\Roaming 2016-09-26 06:44:17 -------- d-----w- C:\Users\stefa\AppData\Local\Temp 2016-09-26 06:44:17 -------- d-----w- C:\Users\stefa\AppData\Local\Microsoft 2016-09-26 06:44:17 -------- d-----w- C:\Users\stefa\AppData\Local 2016-09-26 06:44:17 -------- d-----r- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-09-26 06:44:17 -------- d-----r- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-09-26 06:44:17 -------- d-----r- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-09-26 06:44:17 -------- d-----r- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-09-26 06:44:17 -------- d-----r- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-09-26 06:44:06 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages 2016-09-26 06:43:27 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2016-09-26 06:42:57 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache 2016-09-26 06:42:45 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Roaming 2016-09-26 06:42:45 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2016-09-26 06:42:45 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft 2016-09-26 06:42:45 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local 2016-09-26 06:42:45 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming 2016-09-26 06:42:45 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2016-09-26 06:42:45 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft 2016-09-26 06:42:45 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local 2016-09-26 06:38:14 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft 2016-09-19 03:09:52 -------- d-----w- C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gamersclub Anti Cheat 2016-09-16 18:28:31 -------- d-----w- C:\Users\stefa\AppData\Local\Tempzxpsign7a604c3cad3d7f90 2016-09-16 15:44:44 -------- d-----w- C:\Users\stefa\AppData\Local\Tempzxpsign22abbaf7581597e3 2016-09-16 14:42:36 9D3A3A9E6E6A345D184D54AC71E58589 269752 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2016-09-12 15:45:56 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Origin ====== C:\Users\stefa ====== 2016-10-08 20:33:00 E39FC95F0276DCBB25EFFEC2CFFA8E37 1631928 ----a-w- C:\Users\stefa\Desktop\JRT.exe 2016-10-08 20:19:27 AE1190435E36DCE52DC8FD4F46FAB363 3874368 ----a-w- C:\Users\stefa\Desktop\AdwCleaner.exe 2016-10-08 15:20:14 -------- d-----w- C:\Users\stefa\Start Menu 2016-10-05 14:18:23 -------- d-----w- C:\Users\Public\Documents\AdobeGC 2016-10-02 23:27:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire 2016-09-26 20:17:05 A77C1B6C168C66DC30D017F505032F04 286 --sha-r- C:\Users\stefa\ntuser.pol 2016-09-26 14:04:38 AAE7930A864E9A6B7DF20351C14395E9 1576 --sha-r- C:\Users\TODOSO~1\ntuser.pol 2016-09-26 14:04:38 AAE7930A864E9A6B7DF20351C14395E9 1576 --sha-r- C:\ProgramData\ntuser.pol 2016-09-26 14:03:54 -------- d-----w- C:\Users\TODOSO~1\Avira 2016-09-26 14:03:54 -------- d-----w- C:\Users\TODOSO~1\Avg 2016-09-26 14:03:54 -------- d-----w- C:\ProgramData\Avira 2016-09-26 14:03:54 -------- d-----w- C:\ProgramData\Avg 2016-09-26 13:50:13 -------- d-----w- C:\Users\TODOSO~1\Microsoft OneDrive 2016-09-26 13:50:13 -------- d-----w- C:\ProgramData\Microsoft OneDrive 2016-09-26 13:48:39 -------- d-----r- C:\Users\stefa\Downloads 2016-09-26 13:48:37 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\stefa\ntuser.ini 2016-09-26 06:48:31 -------- d-----w- C:\Users\TODOSO~1\USOShared 2016-09-26 06:48:31 -------- d-----w- C:\ProgramData\USOShared 2016-09-26 06:44:17 -------- d--h--w- C:\Users\stefa\AppData 2016-09-26 06:43:40 -------- d-----w- C:\Users\TODOSO~1\Razer 2016-09-26 06:43:40 -------- d-----w- C:\ProgramData\Razer 2016-09-26 06:43:33 -------- d-----w- C:\Users\TODOSO~1\NVIDIA 2016-09-26 06:43:33 -------- d-----w- C:\ProgramData\NVIDIA 2016-09-26 06:43:22 -------- d-----w- C:\Users\TODOSO~1\NVIDIA Corporation 2016-09-26 06:43:22 -------- d-----w- C:\ProgramData\NVIDIA Corporation 2016-09-26 06:42:57 -------- d-----w- C:\Windows\serviceprofiles\Localservice\winhttp 2016-09-26 06:42:45 -------- d--h--w- C:\Windows\serviceprofiles\networkservice\AppData 2016-09-26 06:42:45 -------- d--h--w- C:\Windows\serviceprofiles\Localservice\AppData 2016-09-26 06:42:45 -------- d-----w- C:\Windows\serviceprofiles\networkservice\Saved Games 2016-09-26 06:42:45 -------- d-----w- C:\Windows\serviceprofiles\Localservice\Saved Games 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\networkservice\Videos 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\networkservice\Pictures 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\networkservice\Music 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\networkservice\Links 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\networkservice\Favorites 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\networkservice\Downloads 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\networkservice\Documents 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\networkservice\Desktop 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\Localservice\Videos 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\Localservice\Pictures 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\Localservice\Music 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\Localservice\Links 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\Localservice\Favorites 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\Localservice\Downloads 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\Localservice\Documents 2016-09-26 06:42:45 -------- d-----r- C:\Windows\serviceprofiles\Localservice\Desktop 2016-09-16 18:22:45 -------- d-----w- C:\Users\TODOSO~1\VsTelemetry 2016-09-16 18:22:45 -------- d-----w- C:\ProgramData\VsTelemetry 2016-09-16 18:22:17 -------- d-----w- C:\Users\Public\Documents\Corel 2016-09-16 18:22:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit) 2016-09-16 18:21:55 -------- d-----w- C:\Users\TODOSO~1\Corel 2016-09-16 18:21:55 -------- d-----w- C:\ProgramData\Corel 2016-09-16 17:46:45 -------- d-----w- C:\Users\TODOSO~1\UniqueId 2016-09-16 17:46:45 -------- d-----w- C:\ProgramData\UniqueId 2016-09-12 15:46:00 -------- d-----w- C:\Users\stefa\.QtWebEngineProcess 2016-09-12 15:45:59 -------- d-----w- C:\Users\stefa\.Origin 2016-09-10 18:34:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy 2016-09-10 18:32:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16 ====== C: exe-files == 2016-10-09 01:21:44 61F5086763071C254EFE51C1E3E03C5E 387072 ----a-w- C:\Users\stefa\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe 2016-10-09 01:21:36 5FE59FC57869508E1C84812DBD36CE3B 2375360 ----a-w- C:\Users\stefa\AppData\Roaming\uTorrent\uTorrent.exe 2016-10-08 23:05:29 5FE59FC57869508E1C84812DBD36CE3B 2375360 ----a-w- C:\Users\stefa\AppData\Roaming\uTorrent\updates\3.4.9_42606.exe 2016-10-08 22:40:29 256E2AD425819A8540D89C072431FA2C 74008 ----a-w- C:\Users\stefa\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\cef\wow_helper.exe 2016-10-08 22:37:47 75D50AD9F94ED6C847322830273B6263 4143624 ----a-w- C:\Users\Todos os Usuários\Razer\Synapse\ProductUpdates\Downloads\Razer_RzStats_v1.02.21.exe 2016-10-08 22:37:47 75D50AD9F94ED6C847322830273B6263 4143624 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_RzStats_v1.02.21.exe 2016-10-08 22:35:39 E42D9E2A65E18520B3851A57DF8FE8B3 580264 ----a-w- C:\Users\stefa\AppData\Local\Temp\Razer\RzUpdater\RzUpdateManager.exe 2016-10-08 22:30:55 995189FA15270C2EDEA9F19B3F06CA4E 47935080 ----a-w- C:\Users\Todos os Usuários\Razer\Synapse\ProductUpdates\Downloads\Razer_InGame_Engine_v1.0.12.10038.exe 2016-10-08 22:30:55 995189FA15270C2EDEA9F19B3F06CA4E 47935080 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_InGame_Engine_v1.0.12.10038.exe 2016-10-08 22:30:01 C6DE1F389CEA5A8FC074B28CE16AE41D 56465784 ----a-w- C:\Program Files (x86)\Google\Update\Install\{D062F146-06EB-4BC1-95C4-CE3AADF4FFCB}\53.0.2785.143_chrome_installer.exe 2016-10-08 22:30:00 C6DE1F389CEA5A8FC074B28CE16AE41D 56465784 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\53.0.2785.143\53.0.2785.143_chrome_installer.exe 2016-10-08 22:29:40 96FB5FFBAA48554959822B69055AFFF9 18677616 ----a-w- C:\Users\Todos os Usuários\Razer\Synapse\ProductUpdates\Downloads\RzGSS_Setup_v1.0.6.2831.exe 2016-10-08 22:29:40 96FB5FFBAA48554959822B69055AFFF9 18677616 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\RzGSS_Setup_v1.0.6.2831.exe 2016-10-08 22:27:20 C75B240057A7169179DB2EC9E059D4C5 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateBroker.exe 2016-10-08 22:27:20 BF76E03E95FD83C31B32639472A8EDCC 174232 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateComRegisterShell64.exe 2016-10-08 22:27:20 A8FD9222E4D72596BB37DA8BE95C0BA4 153752 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2016-10-08 22:27:20 A8FD9222E4D72596BB37DA8BE95C0BA4 153752 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdate.exe 2016-10-08 22:27:20 A2AFEE318C51D8A2BF85A4E46E715565 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateOnDemand.exe 2016-10-08 22:27:20 8ECEE61C9EFE194B6ACA6030DFE3990E 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateWebPlugin.exe 2016-10-08 22:27:20 788321A2C0C45F16820E00A8BA8FD3DA 366232 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe 2016-10-08 22:27:20 58332C83C4A329A744B0B98F934934BB 288920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe 2016-10-08 22:27:20 2C257B6DF22A3DDCE1477788FA5659A3 1065376 ----a-w- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateSetup.exe 2016-10-08 22:21:57 0376FEDC5ADB49075343025E4ACB7923 131039 ----a-w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP\WiseCustomCalla.exe 2016-10-08 20:33:00 E39FC95F0276DCBB25EFFEC2CFFA8E37 1631928 ----a-w- C:\Users\stefa\Desktop\JRT.exe 2016-10-08 20:27:10 5BCE955CF12AF3417F055DADC0212920 690144 ----a-w- C:\AdwCleaner\quarantine\files\lslbboqzirxqamawfnhanrmzobtbjvws\BrowserUpdate.exe 2016-10-08 20:26:11 E39FC95F0276DCBB25EFFEC2CFFA8E37 1631928 ----a-w- C:\Users\stefa\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KCIHRMPA\JRT[1].exe 2016-10-08 20:19:27 AE1190435E36DCE52DC8FD4F46FAB363 3874368 ----a-w- C:\Users\stefa\Desktop\AdwCleaner.exe 2016-10-08 15:49:39 EE2BBFA13ABF5DA559FD7753CEC411AF 131991 ----a-w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP\WiseCustomCalla11.exe 2016-10-08 15:33:22 C5129AAED888B5A223A2425464F371FA 15397208 ----a-w- C:\Users\stefa\Desktop\www.ratondownloads.com.br-SpyHunter\SpyHunter 4.1.11.0 + Crack\spyhunterS.exe 2016-10-08 15:33:22 43009436905046FC36ED002A8572E027 199000 ----a-r- C:\Users\stefa\Desktop\www.ratondownloads.com.br-SpyHunter\SpyHunter 4.20.9.4533 Portable\SpyHunterPortable.exe 2016-10-08 15:33:22 36ECBE14F0A769CC67D2ECEA945F1094 771968 ----a-r- C:\Users\stefa\Desktop\www.ratondownloads.com.br-SpyHunter\SpyHunter 4.20.9.4533 Portable\App\SpyHunter\SH4Service.exe 2016-10-08 15:33:22 26CA192898624F7DAD333C90398001E6 22400 ----a-r- C:\Users\stefa\Desktop\www.ratondownloads.com.br-SpyHunter\SpyHunter 4.20.9.4533 Portable\App\SpyHunter\native.exe 2016-10-08 15:33:22 1924A360BC16359680100C6E16A97271 7136640 ----a-r- C:\Users\stefa\Desktop\www.ratondownloads.com.br-SpyHunter\SpyHunter 4.20.9.4533 Portable\App\SpyHunter\SpyHunter4.exe 2016-10-08 15:33:21 4FAEE05B33E3F48B93860D12FC7F56A8 3021720 ----a-w- C:\Users\stefa\Desktop\www.ratondownloads.com.br-SpyHunter\SpyHunter 4.1.11.0 + Crack\Crack\SpyHunter4.exe 2016-10-08 14:34:13 05D2BF8F5A9B228FB662E111144391C1 1667576 ----a-w- C:\Users\stefa\AppData\Local\Bangboat\User Data\SwReporter\11.70.2\software_reporter_tool.exe 2016-10-08 14:33:55 9F1AE66D7954FE2E0909A5EBC6B94798 67072 ----a-w- C:\Program Files (x86)\Bangboat\Application\wow_helper.exe 2016-10-08 14:33:55 3D6A20DD31F48C43572F44A9770BADFA 1376768 ----a-w- C:\Program Files (x86)\Bangboat\Application\chrome.exe 2016-10-08 14:33:55 1EF7FF8334483DCCD67596F1C2ED5306 325632 ----a-w- C:\Program Files (x86)\Bangboat\Update\BangboatUpdate.exe 2016-10-07 21:47:33 D9CD40FD8BDD5BDCBD6B5695F2F3B8A1 9119464 ----a-w- C:\Users\stefa\AppData\Local\NVIDIA\NvBackend\Packages\00009514\DAO.21238930.exe 2016-10-07 12:29:52 ECEF71972703CFCFE83BCB9CE8E2177B 346552 ----a-w- C:\Users\stefa\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-10-07 12:29:48 D35403E5AE5B509787D1ED8369460262 403896 ----a-w- C:\Users\stefa\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-10-06 21:56:32 F92C4729D4E4282DF6196AEFE4AC51AB 424384 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe 2016-10-06 21:56:32 F38FCC34710D00BF3BED62D316F7C31C 7875008 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe 2016-10-06 21:56:32 D95A0937288471DAD230A3AA51AAC8CB 1765312 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe 2016-10-06 21:56:32 D1A759A8D22D94EB05B86D49C8EDC80C 626112 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe 2016-10-06 21:56:32 B09ADFDEE009BFD0E49732F7AA1C2E78 2477504 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe 2016-10-06 21:56:32 5ACC44ECC9053EF66EC492BDE9152BFA 133056 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2016-10-06 21:56:32 402E5512B66B53E2DFA2B5F6DB5A6923 444352 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe 2016-10-06 21:56:32 3FF4D31D19329FE5C44A3C265C6FA5E9 903104 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe 2016-10-06 21:56:32 093BDBAEAB3ACEA78C4C0AD6EB39DC72 345024 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe 2016-10-06 21:56:29 6448CF3F64B96B8C72A9D5905F7C07B0 110880 ----a-w- C:\Windows\SysWOW64\vulkaninfo.exe 2016-10-06 21:56:29 61DA784EB8C8E133EB3BB4AFBDD66758 125216 ----a-w- C:\Windows\System32\vulkaninfo.exe 2016-10-06 21:55:09 960BF5F2BD841C5E5D82B266A8E3690F 673400 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{E4E9CDDB-F873-4B6F-A458-4DA6A4067314}\VulkanRT-Installer.exe 2016-10-06 21:55:09 8582B5AE9AF85DDF9E2DC477B7C9E054 17190888 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{51540B06-F7D8-40BA-A6BD-567C29619B61}\3DVision.exe 2016-10-06 21:55:09 661429AAC3E25F75AA9983D4DCB543AD 458296 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{E4E9CDDB-F873-4B6F-A458-4DA6A4067314}\dbInstaller.exe 2016-10-06 21:55:09 661429AAC3E25F75AA9983D4DCB543AD 458296 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe 2016-10-06 21:55:09 579921C01B416BFE370229E67D2CB7C7 96999512 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{E4E9CDDB-F873-4B6F-A458-4DA6A4067314}\NvCplSetupInt.exe 2016-10-06 21:54:21 2B683E39B76CA6722FDACF35550BA592 1879488 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{6ADE83CC-D4BA-4542-A6A1-F9E3BE1B75ED}\NVNetworkService.exe 2016-10-06 21:45:49 9690A34440B9DCE310BA3C0AFF39E187 357061032 ----a-w- C:\Users\Todos os Usuários\NVIDIA Corporation\Downloader\be4927d0b4a0a7d014c889669b8bc7fb\373.06-desktop-win10-64bit-international-whql-g.exe 2016-10-06 21:45:49 9690A34440B9DCE310BA3C0AFF39E187 357061032 ----a-w- C:\ProgramData\NVIDIA Corporation\Downloader\be4927d0b4a0a7d014c889669b8bc7fb\373.06-desktop-win10-64bit-international-whql-g.exe 2016-10-06 21:45:31 A283BA4866FE8B1847EE228A33F1EF6E 644544 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe 2016-10-06 21:45:31 72CDBEC8E03CB2754279366F9B816D74 21203392 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamuseragent.exe 2016-10-06 21:45:31 4242E673BBD778749D347484FC12B65D 3821504 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe 2016-10-05 21:16:49 9F1AE66D7954FE2E0909A5EBC6B94798 67072 ----a-w- C:\Program Files (x86)\Steam\bin\cef\cef.winxp\wow_helper.exe 2016-10-05 21:16:49 821495330A0CD2D581855F8673C679F5 2066208 ----a-w- C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe 2016-10-05 21:16:49 61B7885ABA36F4D01EF77E8B94A15792 1902368 ----a-w- C:\Program Files (x86)\Steam\bin\cef\cef.winxp\html5app_steam.exe 2016-10-02 23:27:20 A8F2320F03CD6272BB11E9678E5AB49C 5160912 ----a-w- C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe 2016-10-02 23:27:19 E17D07B354600FDE9255374F560F1EEB 717328 ----a-w- C:\Program Files (x86)\FinalWire\AIDA64 Extreme\unins000.exe === C: other files == 2016-10-09 01:21:01 83235338ACB43E07B46714B2734513F5 752555 ----a-w- C:\Users\stefa\AppData\Local\Temp\HYDC0D8.tmp.1475976061\HTA\install.1475976061.zip 2016-10-08 23:04:29 972269D25014A7CBC7101D55BB3802B9 170925 ----a-w- C:\Users\stefa\AppData\Local\Temp\HYDC145.tmp.1475967869\HTA\install.1475967869.zip 2016-10-08 23:04:27 83235338ACB43E07B46714B2734513F5 752555 ----a-w- C:\Users\stefa\AppData\Local\Temp\HYDB8B9.tmp.1475967867\HTA\install.1475967867.zip 2016-10-08 22:38:16 30A186D6A2A2853EEFAD7011E212E41B 44144 ----a-w- C:\Windows\System32\drivers\rzpmgrk.sys 2016-10-08 16:16:54 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2016-10-08 16:16:35 898415AC0B5F1D2A9A48ABCB68A6DC4B 65408 ----a-w- C:\Windows\System32\drivers\mwac.sys 2016-10-08 16:16:35 78BFF5425E044086E74E78650A359FBB 27008 ----a-w- C:\Windows\System32\drivers\mbam.sys 2016-10-08 16:16:35 1239597BAB7EED2BB16D035AF87E65D9 140672 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2016-10-08 15:33:22 D565FDC5BEF536527121863566F2083B 7136640 ----a-r- C:\Users\stefa\Desktop\www.ratondownloads.com.br-SpyHunter\SpyHunter 4.20.9.4533 Portable\App\SpyHunter\SpyHunter4.com 2016-10-08 15:33:22 881419B3D7BF48E53249FF16B00F976F 15920 ----a-r- C:\Users\stefa\Desktop\www.ratondownloads.com.br-SpyHunter\SpyHunter 4.20.9.4533 Portable\App\SpyHunter\esgiguard.sys 2016-10-08 15:33:22 01CE484FF6D70A39479BC6D619DE7ED6 19984 ----a-r- C:\Users\stefa\Desktop\www.ratondownloads.com.br-SpyHunter\SpyHunter 4.20.9.4533 Portable\App\SpyHunter\EsgScanner.sys 2016-10-08 15:20:26 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat 2016-10-06 21:56:30 417F5789073BE7B3DE45C308F3C527DF 240704 ----a-w- C:\Windows\LastGood.Tmp\system32\drivers\nvhda64v.sys 2016-10-06 21:55:09 F9F912215C57ECAEBEF2A00DDB25A225 469568 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{49609644-3015-448C-9A6F-D68790597FE0}\nvstusb64.sys 2016-10-06 21:55:09 F06735B773B9F53D130A82A7F7F9588E 154320 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{98F1555D-44C7-4C14-AFAF-0D19D133C303}\nvhda32.sys 2016-10-06 21:55:09 67B51A97733B10D716B366C2ED126763 223304 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{98F1555D-44C7-4C14-AFAF-0D19D133C303}\nvhda64v.sys 2016-10-06 21:55:09 4D2B411E0D3C8203537ACA4EC908BA87 190536 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{98F1555D-44C7-4C14-AFAF-0D19D133C303}\nvhda64.sys 2016-10-06 21:55:09 2DCD6B1CB0898522DEB9EEF30E266EAF 187856 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{98F1555D-44C7-4C14-AFAF-0D19D133C303}\nvhda32v.sys 2016-10-06 21:55:09 1456EE1FD6C32F1116A2DD21E3A91316 453056 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{49609644-3015-448C-9A6F-D68790597FE0}\nvstusb32.sys 2016-10-06 21:45:31 6DF7C9E4BF71EBA2CE838394D2EF55B4 27584 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 2016-10-06 21:45:21 1EA031E04E69C6A4A026F3C9E8E6EA2B 26560 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{21B7AC49-4D3F-4C0E-BAED-305670B1DEBF}\NVSWCFilter64.sys 2016-10-06 21:45:21 104F30E55E6822CB43111FC6D6CC4957 22976 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{21B7AC49-4D3F-4C0E-BAED-305670B1DEBF}\NVSWCFilter32.sys 2016-10-06 21:45:20 E9F67D264A6EBDA2C583964AFF1EDB1F 40384 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{A9CDCB22-8B05-4FCC-830B-C48F200F5695}\nvvad32v.sys 2016-10-06 21:45:20 978F4CE6EBF2A3746AB95F8B69C5375A 46016 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{A9CDCB22-8B05-4FCC-830B-C48F200F5695}\nvvad64v.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-234761692-2337313760-212355441-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\stefa\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "EADM"="F:\Arquivos e Programas\Origin\Origin.exe -AutoStart" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "GoogleChromeAutoLaunch_D56F3B76F5A9637417A66989E698E414"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5" "uTorrent"="C:\Users\stefa\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\stefa\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "EADM"="F:\Arquivos e Programas\Origin\Origin.exe -AutoStart" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "GoogleChromeAutoLaunch_D56F3B76F5A9637417A66989E698E414"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5" "uTorrent"="C:\Users\stefa\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WindowsDefender"=""%ProgramFiles%\Windows Defender\MSASCuiL.exe"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/10/2016 19:27] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/10/2016 19:27] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CorelUpdateHelperTaskCore" [c:\Program Files (x86)\Corel\CUH\v2\CUH.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe] "C:\Windows\SysNative\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\Windows\SysNative\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\Windows\SysNative\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe] "C:\Windows\SysNative\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe] "C:\Windows\SysNative\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe] "C:\Windows\SysNative\tasks\OneDrive Standalone Update Task" [C:\Users\stefa\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{A51E66E8-CE61-40D4-ABC0-255932DD76F4}" [C:\Windows\system32\msfeedssync.exe] ==== Chromium Look ====================== Google Slides - stefa\AppData\Local\Bangboat\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - stefa\AppData\Local\Bangboat\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - stefa\AppData\Local\Bangboat\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - stefa\AppData\Local\Bangboat\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo SIH - stefa\AppData\Local\Bangboat\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl Google Sheets - stefa\AppData\Local\Bangboat\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap retroLink - stefa\AppData\Local\Bangboat\User Data\Default\Extensions\fialekndleeclflilkpdcgdbboiibdab Google Docs Offline - stefa\AppData\Local\Bangboat\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - stefa\AppData\Local\Bangboat\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda GBBD Caixa Economica Federal - stefa\AppData\Local\Bangboat\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi Gmail - stefa\AppData\Local\Bangboat\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - stefa\AppData\Local\Bangboat\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm Chrome Web Store Payments - stefa\AppData\Local\Bangboat\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Slides - stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo SIH - stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl Google Sheets - stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap retroLink - stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fialekndleeclflilkpdcgdbboiibdab Google Docs Offline - stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda GBBD Caixa Economica Federal - stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi Gmail - stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_ad.doubleclick.net_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_ad.doubleclick.net_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_adrenaline.uol.com.br_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_adrenaline.uol.com.br_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_ads.egrana.com.br_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_ads.egrana.com.br_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_advertising.mercadolivre.com.br_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_advertising.mercadolivre.com.br_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.doubleclick.net_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.doubleclick.net_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adrenaline.uol.com.br_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adrenaline.uol.com.br_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.egrana.com.br_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.egrana.com.br_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advertising.mercadolivre.com.br_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advertising.mercadolivre.com.br_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_d366amxgkdfvcq.cloudfront.net_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_d366amxgkdfvcq.cloudfront.net_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d366amxgkdfvcq.cloudfront.net_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d366amxgkdfvcq.cloudfront.net_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_search.medianewtabsearch.com_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_search.medianewtabsearch.com_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_search.tvnewtabsearch.com_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Bangboat\User Data\Default\Local Storage\http_search.tvnewtabsearch.com_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.medianewtabsearch.com_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.medianewtabsearch.com_0.localstorage-journal deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.tvnewtabsearch.com_0.localstorage deleted successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.tvnewtabsearch.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\stefa\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\stefa\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\stefa\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\stefa\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\stefa\AppData\Local\Bangboat\User Data\Profile 1\Cache emptied successfully C:\Users\stefa\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=171 folders=72 86397424 bytes) ==== Empty Temp Folders ====================== C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\stefa\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on 08/10/2016 at 23:35:35,43 ====================== Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:36:42, on 08/10/2016 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.14393.0000) Boot mode: Normal Running processes: C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe C:\Users\stefa\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe C:\Windows\SysWoW64\notepad.exe C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe C:\Users\stefa\AppData\Roaming\uTorrent\uTorrent.exe C:\Users\stefa\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe C:\Users\stefa\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe C:\Users\stefa\Desktop\HijackThis.exe C:\Windows\SysWoW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll O4 - HKCU\..\Run: [OneDrive] "C:\Users\stefa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [EADM] "F:\Arquivos e Programas\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_D56F3B76F5A9637417A66989E698E414] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 O4 - HKCU\..\Run: [uTorrent] "C:\Users\stefa\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE') O4 - Startup: MEGAsync.lnk = C:\Users\stefa\AppData\Local\MEGAsync\MEGAsync.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O17 - HKLM\System\CCS\Services\Tcpip\..\{079e4a8b-93cc-4c6d-98e6-18d2352d0cdb}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{079e4a8b-93cc-4c6d-98e6-18d2352d0cdb}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - F:\Arquivos e Programas\Origin\OriginClientService.exe O23 - Service: Origin Web Helper Service - Electronic Arts - F:\Arquivos e Programas\Origin\OriginWebHelperService.exe O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: WindowsDefenderGASTecnologia - Unknown owner - C:\Program Files (x86)\Windows Defender\WindowsDefenderGASTecnologia.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10393 bytes Obs.: Finalmente consegui instalar o Chrome novamente, antes dava erro. Quando reinstalei apareceu outro hospedeiro, mas com o AdwClean eu consegui remove-lo, só não sei se estou 100% segura.
  9. Solicitação de Analise de Log

    # AdwCleaner v6.021 - Relatório criado 08/10/2016 às 17:27:16 # *Updated on 06/10/2016 by ToolsLib # Banco de dados : 2016-10-07.1 [Servidor] # Sistema operacional : Windows 10 Pro (X64) # Usuário : stefa - DESKTOP-9L5P09H # Executando de : C:\Users\stefa\Desktop\AdwCleaner.exe # Limpar # Apoio : https://toolslib.net/forum ***** [ Serviços ] ***** [-] Políticas do IE excluídasiSafeKrnl [-] Políticas do IE excluídasiSafeKrnlBoot [-] Políticas do IE excluídasiSafeKrnlKit [-] Políticas do IE excluídasiSafeKrnlR3 [-] Políticas do IE excluídasiSafeService ***** [ Pastas ] ***** [-] RestauradoC:\Users\stefa\AppData\Roaming\Elex-tech [#] *Folder deleted on reboot: C:\ProgramData\tencent [#] *Folder deleted on reboot: C:\ProgramData\Tencent [-] RestauradoC:\ProgramData\ChelfNotify [-] RestauradoC:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC [-] RestauradoC:\Program Files (x86)\Elex-tech [-] RestauradoC:\Program Files (x86)\WinSaber [#] *Folder deleted on reboot: C:\Program Files (x86)\winsaber ***** [ Arquivos ] ***** [-] RestauradoC:\Windows\SysNative\log\iSafeKrnlCall.log [#] RestauradoC:\Windows\SysNative\drivers\iSafeNetFilter.sys [-] RestauradoC:\ProgramData\Microsoft\Windows\Start Menu\YAC.lnk ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Atalhos ] ***** ***** [ Tarefas agendadas ] ***** ***** [ Registro ] ***** [-] RestauradoHKLM\SOFTWARE\Elex-tech [-] RestauradoHKLM\SOFTWARE\WinSaberSvc [-] RestauradoHKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\foxi69.tlscdn.com [-] RestauradoHKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tlscdn.com [-] RestauradoHKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com [-] RestauradoHKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\reimage-PC-repair.softonic.com.br [-] RestauradoHKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com.br [-] RestauradoHKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com [-] RestauradoHKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\yet-another-cleaner.softonic.com.br [-] RestauradoHKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com [-] RestauradoHKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\reimage-PC-repair.softonic.com.br [-] RestauradoHKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com.br [-] RestauradoHKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com [-] RestauradoHKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\yet-another-cleaner.softonic.com.br [#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\foxi69.tlscdn.com [#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tlscdn.com [#] *Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com [#] *Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\reimage-PC-repair.softonic.com.br [#] *Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com.br [#] *Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tlscdn.com [#] *Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\yet-another-cleaner.softonic.com.br [#] *Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com [#] *Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\reimage-PC-repair.softonic.com.br [#] *Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com.br [#] *Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tlscdn.com [#] *Key deleted on reboot: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\yet-another-cleaner.softonic.com.br ***** [ Verificando navegadores ... ] ***** ************************* :: Chaves "Tracing" excluídas :: Configurações Winsock restauradas ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [5358 *Bytes] - [26/09/2016 17:16:20] C:\AdwCleaner\AdwCleaner[C2].txt - [6742 *Bytes] - [08/10/2016 17:27:16] C:\AdwCleaner\AdwCleaner[S0].txt - [5543 *Bytes] - [26/09/2016 17:15:53] C:\AdwCleaner\AdwCleaner[S1].txt - [6518 *Bytes] - [08/10/2016 17:26:27] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [6964 *Bytes] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.9 (09.30.2016) Operating System: Windows 10 Pro x64 Ran by stefa (Administrator) on 08/10/2016 at 17:37:15,48 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 1 Failed to delete: C:\ProgramData\tencent (Folder) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 08/10/2016 at 17:50:24,23 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:52:22, on 08/10/2016 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.14393.0000) Boot mode: Normal Running processes: C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe C:\Users\stefa\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll O4 - HKCU\..\Run: [OneDrive] "C:\Users\stefa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [EADM] "F:\Arquivos e Programas\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE') O4 - Startup: MEGAsync.lnk = C:\Users\stefa\AppData\Local\MEGAsync\MEGAsync.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O17 - HKLM\System\CCS\Services\Tcpip\..\{079e4a8b-93cc-4c6d-98e6-18d2352d0cdb}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{079e4a8b-93cc-4c6d-98e6-18d2352d0cdb}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - F:\Arquivos e Programas\Origin\OriginClientService.exe O23 - Service: Origin Web Helper Service - Electronic Arts - F:\Arquivos e Programas\Origin\OriginWebHelperService.exe O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: WindowsDefenderGASTecnologia - Unknown owner - C:\Program Files (x86)\Windows Defender\WindowsDefenderGASTecnologia.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9396 bytes
  10. Solicitação de Analise de Log

    Tempo decorrido: 5 min, 41 seg Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Habilitado PUM: Habilitado Processos: 0 (Nenhum item malicioso detectado) Módulos: 0 (Nenhum item malicioso detectado) Chaves de registro: 0 (Nenhum item malicioso detectado) Valores de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Pastas: 0 (Nenhum item malicioso detectado) Arquivos: 0 (Nenhum item malicioso detectado) Setores físicos: 0 (Nenhum item malicioso detectado) (end) HiJackThis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:16:17, on 08/10/2016 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.14393.0000) Boot mode: Normal Running processes: C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe F:\Arquivos e Programas\Torrent\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll O4 - HKCU\..\Run: [OneDrive] "C:\Users\stefa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [EADM] "F:\Arquivos e Programas\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-21-234761692-2337313760-212355441-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [OneDrive] "C:\Users\stefa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (User '?') O4 - HKUS\S-1-5-21-234761692-2337313760-212355441-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [EADM] "F:\Arquivos e Programas\Origin\Origin.exe" -AutoStart (User '?') O4 - HKUS\S-1-5-21-234761692-2337313760-212355441-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (User '?') O4 - S-1-5-21-234761692-2337313760-212355441-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: MEGAsync.lnk = C:\Users\stefa\AppData\Local\MEGAsync\MEGAsync.exe (User '?') O4 - Startup: MEGAsync.lnk = C:\Users\stefa\AppData\Local\MEGAsync\MEGAsync.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O17 - HKLM\System\CCS\Services\Tcpip\..\{079e4a8b-93cc-4c6d-98e6-18d2352d0cdb}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{079e4a8b-93cc-4c6d-98e6-18d2352d0cdb}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - F:\Arquivos e Programas\Origin\OriginClientService.exe O23 - Service: Origin Web Helper Service - Electronic Arts - F:\Arquivos e Programas\Origin\OriginWebHelperService.exe O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: WindowsDefenderGASTecnologia - Unknown owner - C:\Program Files (x86)\Windows Defender\WindowsDefenderGASTecnologia.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9985 bytes Obs. O MBAM não encontrou nada, porém o problema persiste. Obs.2: Já tinha utilizado esse mesmo programa hoje mesmo, antes de pedir ajuda aqui, talvez seja por isso que ele não identificou nada.
  11. Solicitação de Analise de Log

    Mesmo tendo excluído do Google Chrome pelo Painel de Controle esse programa identificaria? Segue abaixo o resultado:
  12. Solicitação de Analise de Log

    Solicitação de Analise de Log Já fiz os procedimentos do Tópico Principal Motivo: Ao atualizar o uTorrent hoje, automaticamente instalou um hospedeiro no meu Chrome Ourstartpage, já desinstalei o Chrome e mesmo não tendo mais o programa no Painel de Controle, quando eu pesquiso Chrome na ferramenta de busca do Windows o programa abre esse Ourstartpage, já tentei de inúmeras formas excluir esse malware mas não tenho obtido sucesso. Segue o Log do HijackThis: ogfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:36:52, on 08/10/2016 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.14393.0000) Boot mode: Normal Running processes: C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe F:\Arquivos e Programas\Torrent\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll O4 - HKCU\..\Run: [OneDrive] "C:\Users\stefa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [EADM] "F:\Arquivos e Programas\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE') O4 - Startup: MEGAsync.lnk = C:\Users\stefa\AppData\Local\MEGAsync\MEGAsync.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O17 - HKLM\System\CCS\Services\Tcpip\..\{079e4a8b-93cc-4c6d-98e6-18d2352d0cdb}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{079e4a8b-93cc-4c6d-98e6-18d2352d0cdb}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - F:\Arquivos e Programas\Origin\OriginClientService.exe O23 - Service: Origin Web Helper Service - Electronic Arts - F:\Arquivos e Programas\Origin\OriginWebHelperService.exe O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: WindowsDefenderGASTecnologia - Unknown owner - C:\Program Files (x86)\Windows Defender\WindowsDefenderGASTecnologia.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9546 bytes
  13. Letras e ícones granulado

    Não sei se vai dá pra perceber na imagem. Mas as letras e ícones parecem mal otimizados. O que fazer? Driver da placa de vídeo atualizado. Config: placa-mãe Asus M5A78L-M LX/BR Processador: FX 8320e 8GB ram Hyperx 1600 Placa de Vídeo R9 270X Gigabyte 256Bits 1 Terabyte Seagate Barracuda Fonte EVGA 600W Real 80Plus Windows 10 64bits
  14. Obs.: Acabei de atualizar o driver. Obs.: Acabei de atualizar o driver.
  15. Boa tarde, Ciro. Bem, eu montei o PC com peças completamente novas, não sei como atualizar a BIOS da placa-mãe, simplesmente montei e coloquei o windows 10 e instalei coisas normais como drivers e programas. Sobre testar em outros jogos, aconteceu do driver da Placa de Vídeo parar de funcionar, mas não é sempre.E sim, antes eu estava usando a VGA no meu PC e estava ok.
×