Ir para conteúdo

BABOO e KTS 2018 no YouTube Loja online do BABOO

8mille

Participante
  • Postagens

    43
  • Desde

  • Última visita

Perfil

  • Estado
    São Paulo
  • Sexo
    masculino

Últimos Visitantes

808 visualizações
  1. Uso de Senhas no Windows 10

    Amigo Ciro-Mota, muito obrigado pela resposta, consegui ajustar todas as diretivas de senhas através da Política de Segurança Local. Quanto ao log das tentativas de logon, não entendi como proceder, imagino que o W10 Home não tenha esta diretiva, é isso? Pesquisei aqui e encontrei as diretivas que você fala. Ficam em Políticas Locais ->Auditoria de eventos de Logon e Auditoria de Eventos de Logon de conta. Mss precisaria entender como fazer para visualizar depois estes eventos no Visualizador de Eventos. Mais uma vez, muito obrigado pela atenção e solução apresentada.
  2. Uso de Senhas no Windows 10

    Senhores, bom dia! Possuo um desktop com o Windows 10 home instalado. Necessito configurar o acesso ao Windows de forma que para acessá-lo eu necessite de uma senha, que , em caso de erro, poderá ser repetida apenas um certo número de vezes e então ou será desabilitada ou deverá aguardar um certo tempo para nova tentativa. Preciso também que um log dessas tentativas, certas ou erradas, seja gerado. Não sei se o próprio Windows oferece este tipo de configuração ou se teria que adquirir algum software para fazer este gerenciamento. Se alguém puder me ajudar ficaria muito agradecido. Um bom dia a todos.
  3. Importar dados no excel

    Amigos bom dia! Preciso de uma macro para excel que resolva o seguinte problema: Tenho 2 planilhas, a primeira, que chamarei de A, tem uma lista de clientes com diversos dados, entre eles o CPF. Numa segunda planilha, B, tenho uma outra lista de pessoas e entre os dados, também temos o CPF. Esta lista B tem a possibilidade de ter CPF's duplicados com a A. O que preciso é que a macro analise as duas planilhas e crie uma terceira lista que seja C=B-A. Obs.: O CPF é apenas o dado de comparação, mas preciso que toda a linha de registro do cliente repetido seja eliminada. Desta forma haveria uma lista C somente com clientes não repetidos. Estou enviando um modelo de como as listas se parecem. Modelo de importação.xls
  4. Computador não desliga após update windows 10

    O Windows não encontrou este comando.
  5. Computador não desliga após update windows 10

    Depois de muito pesquisar, percebi que os motivos que levam a este problema do PC não desligar podem ser os mais diversos. Eu testei este de desinstalar o MEI, mas continuou na mesma. Ainda não consigo desligar. Mas percebi algumas coisas novas que podem dar uma nova pista. Ao entrar no modo seguro, recebi a seguinte mensagem: "Não é possível abrir este aplicativo: Introdução não pode ser aberto usando a conta de administrador Interno. Entre com outra conta e tente novamente." Também percebi que o PC trava na tela "Desligando" ou "Reiniciando" quando está em modo seguro. Por algum motivo estou numa conta de Administrador Interno, que não sei bem do que se trata nem como se sai disso.
  6. Redirecionando páginas

    Muito obrigado pela ajuda. Um abraço.
  7. Redirecionando páginas

    O programa que você informa ser da Samsung é o "Program"? É a este que me refiro. Nunca havia visto este programa no iniciar do Windows. Desinstalei o Firefox e o Chrome, que apresentavam este mesmo comportamento (aparentemente o Edge não era afetado). Reinstalei o Firefox e aparentemente o comportamento estranho cessou. Ontem à noite meu roteador deu problema após uma queda de energia e não voltou mais. Troquei por um outro e reconfigurei.
  8. Redirecionando páginas

    Após todos os procedimentos, as páginas aleatórias continuam abrindo como página inicial do Firefox. Ainda tem alguma coisa. Percebi, ao abrir o msconfig, que um programa que desconheço inicia junto com o PC, vou postar uma imagem neste post. Seguem os logs solicitados. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 07:18:05, on 06/10/2016 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.14393.0000) Boot mode: Normal Running processes: C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Program Files (x86)\RocketDock\RocketDock.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Marco\Downloads\Utilidades\Limpeza PC\HijackThis.exe C:\Windows\SysWoW64\DllHost.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehuni.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -RESTART O4 - Global Startup: Install LastPass FF RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe O4 - Global Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: LastPass - file://C:\Users\Marco\AppData\LocalLow\LastPass\context.html?cmd=lastpass O8 - Extra context menu item: Preenchimento de formulários LastPass - file://C:\Users\Marco\AppData\LocalLow\LastPass\context.html?cmd=fillforms O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - (no file) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: imagem.caixa.gov.br O15 - Trusted Zone: internetbanking.caixa.gov.br O15 - Trusted Zone: internetbankingpf.caixa.gov.br O15 - Trusted Zone: www.caixa.gov.br O15 - Trusted Zone: http://www.caixa.gov.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: *.itau.com.br O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll O20 - Winlogon Notify: GbPluginUni - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehUni.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Bitdefender antivírus Free Edition (gzserv) - Bitdefender - C:\Program Files\Bitdefender\antivírus Free Edition\gzserv.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Soda PDF 3D Reader Helper Service - LULU Software - C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe O23 - Service: Soda PDF 3D Reader Service - LULU Software - C:\Program Files (x86)\Soda PDF 3D Reader\ConversionService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12828 bytes All processes killed ========== OTL ========== HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy| /E : value set successfully! HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Prefs.js: "BR" removed from browser.search.region Prefs.js: support%40lastpass.com:3.3.1 removed from extensions.enabledAddons Prefs.js: %7Bbb65e674-b194-4b6e-8033-5fa0afe3a198%7D:1.3.1-signed.1-signed removed from extensions.enabledAddons Prefs.js: youtubemp3podcaster%40jeremy.d.gregorio.com:3.9.0 removed from extensions.enabledAddons Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:49.0.1 removed from extensions.enabledAddons 64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922\ not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109\ not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513\ not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331\ not found. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ not found. File C:\Users\Marco\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll not found. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ not found. File C:\Users\Marco\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll not found. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\gastecnologia.com.br/sf/bb64\ not found. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\gastecnologia.com.br/sf/cef64\ not found. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\gastecnologia.com.br/sf/uni\ not found. Folder C:\Users\Marco\AppData\Roaming\mozilla\Extensions\ not found. Folder C:\Users\Marco\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org\ not found. Folder C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\44y63ayg.default\extensions\ not found. File C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\44y63ayg.default\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi not found. File C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\44y63ayg.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi not found. File C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\44y63ayg.default\extensions\{bb65e674-b194-4b6e-8033-5fa0afe3a198}.xpi not found. File C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\44y63ayg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found. File C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\44y63ayg.default\features\{9a92cb39-c452-41cf-a4d0-0fd3e41f79d8}\e10srollout@mozilla.org.xpi not found. Folder C:\Program Files (x86)\mozilla firefox\extensions\ not found. Folder C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\ not found. Folder C:\Program Files (x86)\mozilla firefox\browser\extensions\ not found. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\ deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\"DefaultConnectionSettings"|hex:3c,00,00,00,15,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,50,b1,0a,41,70,27,c9,01,01,00,00,00,c0,a8,83,41,00,00,00,00,00,00,00,00 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\"SavedLegacySettings"|hex:3c,00,00,00,e6,01,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,50,b1,0a,41,70,27,c9,01,01,00,00,00,c0,a8,83,41,00,00,00,00,00,00,00,00 /E : value set successfully! ========== COMMANDS ========== Unable to start System Restore Service. Error code 1084 [EMPTYTEMP] User: Administrador ->Temp folder emptied: 0 bytes User: All Users User: Convidado ->Temp folder emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default.migrated User: DefaultAppPool ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: HomeGroupUser$ ->Temp folder emptied: 0 bytes User: Marco ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 128 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 139117416 bytes ->Google Chrome cache emptied: 0 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 862 bytes User: Public ->Temp folder emptied: 0 bytes User: Todos os Usuários User: Usuário Padrão ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 206336 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 106440 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 5224296 bytes Total Files Cleaned = 138.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 10062016_011353 Files\Folders moved on Reboot... C:\Users\Marco\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...
  9. Redirecionando páginas

    OTL logfile created on: 05/10/2016 14:17:19 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marco\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.14393.0) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 3.87 Gb Total Physical Memory | 1.77 Gb Available Physical Memory | 45.76% Memory free 7.74 Gb Paging File | 5.15 Gb Available in Paging File | 66.51% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 198.12 Gb Total Space | 100.01 Gb Free Space | 50.48% Space Free | Partition Type: NTFS Drive D: | 465.76 Gb Total Space | 179.04 Gb Free Space | 38.44% Space Free | Partition Type: NTFS Drive E: | 666.73 Mb Total Space | 622.10 Mb Free Space | 93.31% Space Free | Partition Type: NTFS Drive G: | 732.30 Gb Total Space | 411.85 Gb Free Space | 56.24% Space Free | Partition Type: NTFS Computer Name: MARCO-PC | User Name: Marco | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days ========== Processes (SafeList) ========== PRC - File not found -- PRC - [2016/10/04 21:03:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marco\Desktop\OTL.exe PRC - [2016/09/27 13:40:24 | 001,063,920 | ---- | M] (Innovative Solutions) -- C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe PRC - [2016/09/23 21:04:13 | 000,509,384 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2016/09/16 11:24:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2016/07/28 20:23:55 | 000,288,920 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe PRC - [2016/03/02 16:48:49 | 000,079,552 | ---- | M] (Bitdefender) -- C:\Arquivos de Programas\Bitdefender\antivírus Free Edition\gzserv.exe PRC - [2015/08/13 09:53:48 | 000,587,576 | ---- | M] (GAS Tecnologia) -- C:\PROGRA~2\GbPlugin\GbpSv.exe PRC - [2009/09/30 09:02:50 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009/09/30 09:02:48 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe ========== Modules (No Company Name) ========== MOD - [2016/03/08 21:46:01 | 001,114,136 | ---- | M] () -- C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\44y63ayg.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll MOD - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll ========== Services (SafeList) ========== SRV:64bit: - [2016/10/01 13:34:56 | 000,804,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer) SRV:64bit: - [2016/10/01 13:34:47 | 000,447,488 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2016/10/01 13:34:25 | 000,691,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2016/10/01 13:34:24 | 000,650,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo) SRV:64bit: - [2016/10/01 13:34:22 | 001,312,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService) SRV:64bit: - [2016/10/01 13:34:22 | 000,781,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc) SRV:64bit: - [2016/10/01 13:34:22 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV:64bit: - [2016/10/01 13:34:22 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc) SRV:64bit: - [2016/10/01 13:34:21 | 002,264,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:64bit: - [2016/10/01 13:34:21 | 001,232,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc) SRV:64bit: - [2016/10/01 13:34:21 | 001,020,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager) SRV:64bit: - [2016/10/01 13:34:12 | 000,770,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2016/10/01 13:34:11 | 001,984,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack) SRV:64bit: - [2016/10/01 13:34:11 | 000,983,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc) SRV:64bit: - [2016/10/01 13:34:11 | 000,539,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc) SRV:64bit: - [2016/10/01 13:34:11 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService) SRV:64bit: - [2016/10/01 13:34:11 | 000,203,776 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc) SRV:64bit: - [2016/10/01 13:34:11 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager) SRV:64bit: - [2016/10/01 13:34:10 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker) SRV:64bit: - [2016/10/01 13:34:01 | 004,136,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository) SRV:64bit: - [2016/10/01 13:34:00 | 001,013,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager) SRV:64bit: - [2016/10/01 13:34:00 | 000,560,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:64bit: - [2016/10/01 13:34:00 | 000,410,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc) SRV:64bit: - [2016/10/01 13:34:00 | 000,339,456 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc) SRV:64bit: - [2016/10/01 13:34:00 | 000,095,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate) SRV:64bit: - [2016/10/01 13:33:56 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss) SRV:64bit: - [2016/10/01 13:33:56 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv) SRV:64bit: - [2016/10/01 13:33:56 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession) SRV:64bit: - [2016/10/01 13:33:56 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2016/10/01 13:33:56 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2016/10/01 13:33:56 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2016/10/01 13:33:56 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:64bit: - [2016/10/01 13:33:56 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:64bit: - [2016/10/01 13:33:56 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:64bit: - [2016/10/01 13:33:55 | 000,764,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV:64bit: - [2016/10/01 13:21:24 | 000,083,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc) SRV:64bit: - [2016/10/01 13:21:15 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ) SRV:64bit: - [2016/07/16 08:43:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2016/07/16 08:43:47 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService) SRV:64bit: - [2016/07/16 08:43:18 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2016/07/16 08:43:10 | 001,836,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:64bit: - [2016/07/16 08:42:42 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2016/07/16 08:42:39 | 000,285,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc) SRV:64bit: - [2016/07/16 08:42:39 | 000,161,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc) SRV:64bit: - [2016/07/16 08:42:38 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc) SRV:64bit: - [2016/07/16 08:42:38 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice) SRV:64bit: - [2016/07/16 08:42:38 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2016/07/16 08:42:37 | 000,718,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2016/07/16 08:42:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc) SRV:64bit: - [2016/07/16 08:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2016/07/16 08:42:27 | 000,614,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc) SRV:64bit: - [2016/07/16 08:42:27 | 000,265,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc) SRV:64bit: - [2016/07/16 08:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2016/07/16 08:42:27 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service) SRV:64bit: - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_3f3de) SRV:64bit: - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_3f3de) SRV:64bit: - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_3f3de) SRV:64bit: - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_3f3de) SRV:64bit: - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_3f3de) SRV:64bit: - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_3f3de) SRV:64bit: - [2016/07/16 08:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_3f3de) SRV:64bit: - [2016/07/16 08:42:23 | 000,366,592 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc) SRV:64bit: - [2016/07/16 08:42:22 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2016/07/16 08:42:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:64bit: - [2016/07/16 08:42:19 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:64bit: - [2016/07/16 08:42:16 | 000,287,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService) SRV:64bit: - [2016/07/16 08:42:16 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2016/07/16 08:42:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2016/07/16 08:42:13 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter) SRV:64bit: - [2016/07/16 08:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2016/07/16 08:42:12 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService) SRV:64bit: - [2016/07/16 08:42:09 | 001,512,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc) SRV:64bit: - [2016/07/16 08:42:09 | 001,184,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2016/07/16 08:42:09 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:64bit: - [2016/07/16 08:42:09 | 000,326,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,234,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService) SRV:64bit: - [2016/07/16 08:42:09 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService) SRV:64bit: - [2016/07/16 08:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc) SRV:64bit: - [2016/07/16 08:42:09 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker) SRV:64bit: - [2016/07/16 08:42:07 | 001,159,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave) SRV:64bit: - [2016/07/16 08:42:06 | 000,729,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC) SRV:64bit: - [2016/07/16 08:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter) SRV:64bit: - [2016/07/16 08:42:05 | 002,104,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2016/07/16 08:42:05 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2016/07/16 08:42:05 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc) SRV:64bit: - [2016/07/16 08:42:05 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode) SRV:64bit: - [2016/07/16 08:42:04 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost) SRV:64bit: - [2016/07/16 08:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2016/07/16 08:41:50 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv) SRV:64bit: - [2016/03/02 16:48:49 | 000,079,552 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\antivírus Free Edition\gzserv.exe -- (gzserv) SRV:64bit: - [2015/12/16 19:07:40 | 000,255,472 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2016/10/01 13:34:58 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV - [2016/10/01 13:33:56 | 003,369,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository) SRV - [2016/10/01 13:33:56 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2016/10/01 13:33:55 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV - [2016/10/01 13:21:29 | 000,507,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2016/10/01 13:21:29 | 000,507,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2016/10/01 13:21:21 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc) SRV - [2016/10/01 13:21:18 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2016/09/24 12:03:11 | 000,270,016 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2016/09/23 21:04:13 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2016/09/16 11:24:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2016/07/16 08:42:55 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc) SRV - [2016/07/16 08:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2016/06/08 18:12:42 | 000,416,408 | ---- | M] () [On_Demand | Stopped] -- C:\Arquivos de Programas\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe -- (USER_ESRV_SVC_WILLAMETTE) SRV - [2016/06/08 18:12:42 | 000,416,408 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe -- (ESRV_SVC_WILLAMETTE) SRV - [2016/06/08 18:04:48 | 000,117,400 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe -- (SystemUsageReportSvc_WILLAMETTE) SRV - [2015/10/05 08:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2015/08/13 09:53:48 | 000,587,576 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv) SRV - [2015/07/21 08:26:10 | 000,178,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose64) SRV - [2015/03/28 12:58:42 | 000,089,840 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService) SRV - [2013/12/06 11:47:20 | 001,229,528 | ---- | M] (Secunia) [Disabled | Stopped] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent) SRV - [2013/12/06 11:47:20 | 000,662,232 | ---- | M] (Secunia) [Disabled | Stopped] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2013/04/18 10:06:42 | 000,737,616 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2013/02/28 22:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) SRV - [2012/12/21 16:04:20 | 001,352,024 | ---- | M] (LULU Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe -- (Soda PDF 3D Reader Helper Service) SRV - [2012/12/21 16:04:20 | 000,874,328 | ---- | M] (LULU Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Soda PDF 3D Reader\ConversionService.exe -- (Soda PDF 3D Reader Service) SRV - [2012/02/01 11:10:28 | 000,070,160 | ---- | M] (Nalpeiron Ltd.) [Disabled | Stopped] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc) SRV - [2010/01/09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009/09/30 09:02:50 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2009/09/30 09:02:48 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) ========== Driver Services (SafeList) ========== DRV:64bit: - [2016/10/01 13:34:47 | 000,719,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi) DRV:64bit: - [2016/10/01 13:34:47 | 000,108,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:64bit: - [2016/10/01 13:34:17 | 000,062,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:64bit: - [2016/10/01 13:34:03 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice) DRV:64bit: - [2016/10/01 13:34:02 | 000,119,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs) DRV:64bit: - [2016/10/01 13:33:55 | 000,557,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2016/10/01 13:33:55 | 000,279,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2016/10/01 13:33:55 | 000,218,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2016/10/01 13:33:55 | 000,130,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:64bit: - [2016/10/01 13:33:55 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2016/10/01 13:33:55 | 000,081,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:64bit: - [2016/10/01 13:33:55 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:64bit: - [2016/10/01 13:33:55 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid) DRV:64bit: - [2016/10/01 13:21:28 | 000,175,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC) DRV:64bit: - [2016/10/01 13:20:12 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof) DRV:64bit: - [2016/07/16 20:15:17 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2016/07/16 20:15:07 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2016/07/16 08:44:01 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2016/07/16 08:43:06 | 000,123,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:64bit: - [2016/07/16 08:43:04 | 000,290,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2016/07/16 08:43:04 | 000,044,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2016/07/16 08:42:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2016/07/16 08:42:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2016/07/16 08:42:36 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2016/07/16 08:42:36 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr) DRV:64bit: - [2016/07/16 08:42:35 | 000,928,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refsv1.sys -- (ReFSv1) DRV:64bit: - [2016/07/16 08:42:35 | 000,376,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:64bit: - [2016/07/16 08:42:35 | 000,227,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:64bit: - [2016/07/16 08:42:35 | 000,045,920 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate) DRV:64bit: - [2016/07/16 08:42:28 | 000,107,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT) DRV:64bit: - [2016/07/16 08:42:28 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv) DRV:64bit: - [2016/07/16 08:42:27 | 000,263,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000) DRV:64bit: - [2016/07/16 08:42:27 | 000,201,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2016/07/16 08:42:27 | 000,151,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:64bit: - [2016/07/16 08:42:27 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101) DRV:64bit: - [2016/07/16 08:42:27 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101) DRV:64bit: - [2016/07/16 08:42:27 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2016/07/16 08:42:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt) DRV:64bit: - [2016/07/16 08:42:27 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2016/07/16 08:42:27 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000) DRV:64bit: - [2016/07/16 08:42:27 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:64bit: - [2016/07/16 08:42:27 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd) DRV:64bit: - [2016/07/16 08:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2016/07/16 08:42:27 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2016/07/16 08:42:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist) DRV:64bit: - [2016/07/16 08:42:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS) DRV:64bit: - [2016/07/16 08:42:18 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2016/07/16 08:42:12 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda) DRV:64bit: - [2016/07/16 08:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:64bit: - [2016/07/16 08:42:09 | 000,168,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2016/07/16 08:42:09 | 000,156,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2016/07/16 08:42:09 | 000,070,144 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg) DRV:64bit: - [2016/07/16 08:42:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs) DRV:64bit: - [2016/07/16 08:42:03 | 000,210,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000) DRV:64bit: - [2016/07/16 08:42:03 | 000,126,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2016/07/16 08:42:03 | 000,090,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx) DRV:64bit: - [2016/07/16 08:42:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt) DRV:64bit: - [2016/07/16 08:42:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt) DRV:64bit: - [2016/07/16 08:42:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx) DRV:64bit: - [2016/07/16 08:42:03 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf) DRV:64bit: - [2016/07/16 08:41:55 | 000,535,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2016/07/16 08:41:55 | 000,381,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2016/07/16 08:41:55 | 000,137,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys) DRV:64bit: - [2016/07/16 08:41:55 | 000,096,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea) DRV:64bit: - [2016/07/16 08:41:55 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2016/07/16 08:41:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi) DRV:64bit: - [2016/07/16 08:41:55 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea) DRV:64bit: - [2016/07/16 08:41:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys) DRV:64bit: - [2016/07/16 08:41:55 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn) DRV:64bit: - [2016/07/16 08:41:55 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy) DRV:64bit: - [2016/07/16 08:41:54 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip) DRV:64bit: - [2016/07/16 08:41:54 | 000,176,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C) DRV:64bit: - [2016/07/16 08:41:54 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c) DRV:64bit: - [2016/07/16 08:41:54 | 000,064,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2) DRV:64bit: - [2016/07/16 08:41:54 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2016/07/16 08:41:54 | 000,050,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2016/07/16 08:41:54 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt) DRV:64bit: - [2016/07/16 08:41:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter) DRV:64bit: - [2016/07/16 08:41:54 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2016/07/16 08:41:54 | 000,033,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio) DRV:64bit: - [2016/07/16 08:41:54 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2016/07/16 08:41:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2016/07/16 08:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd) DRV:64bit: - [2016/07/16 08:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:64bit: - [2016/07/16 08:41:53 | 000,842,584 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus) DRV:64bit: - [2016/07/16 08:41:53 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:64bit: - [2016/07/16 08:41:53 | 000,526,176 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus) DRV:64bit: - [2016/07/16 08:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi) DRV:64bit: - [2016/07/16 08:41:53 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2016/07/16 08:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2016/07/16 08:41:53 | 000,123,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scmdisk0101.sys -- (scmdisk0101) DRV:64bit: - [2016/07/16 08:41:53 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg) DRV:64bit: - [2016/07/16 08:41:53 | 000,108,896 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr) DRV:64bit: - [2016/07/16 08:41:53 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:64bit: - [2016/07/16 08:41:53 | 000,105,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i) DRV:64bit: - [2016/07/16 08:41:53 | 000,101,216 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i) DRV:64bit: - [2016/07/16 08:41:53 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus) DRV:64bit: - [2016/07/16 08:41:53 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2016/07/16 08:41:53 | 000,082,776 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2016/07/16 08:41:53 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2016/07/16 08:41:53 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2016/07/16 08:41:53 | 000,064,864 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs) DRV:64bit: - [2016/07/16 08:41:53 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2016/07/16 08:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2016/07/16 08:41:53 | 000,061,792 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i) DRV:64bit: - [2016/07/16 08:41:53 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i) DRV:64bit: - [2016/07/16 08:41:53 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2016/07/16 08:41:53 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2016/07/16 08:41:53 | 000,032,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs) DRV:64bit: - [2016/07/16 08:41:53 | 000,032,096 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad) DRV:64bit: - [2016/07/16 08:41:53 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2016/07/16 08:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:64bit: - [2016/07/16 08:41:53 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2016/07/16 08:41:53 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev) DRV:64bit: - [2016/07/16 08:41:53 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume) DRV:64bit: - [2016/07/16 08:41:53 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2016/07/16 08:41:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2016/07/16 08:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:64bit: - [2016/07/16 08:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn) DRV:64bit: - [2016/07/16 08:41:52 | 003,418,976 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2016/07/16 08:41:52 | 000,533,856 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2016/07/16 08:41:52 | 000,048,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:64bit: - [2016/07/16 08:41:52 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:64bit: - [2016/07/16 08:41:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:64bit: - [2016/07/16 08:41:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2016/07/16 08:41:50 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:64bit: - [2016/07/16 08:41:50 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2016/07/16 08:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus) DRV:64bit: - [2016/07/16 08:41:50 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2016/07/16 08:41:50 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2016/07/16 08:41:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2016/07/16 08:41:50 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2016/07/16 08:41:50 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid) DRV:64bit: - [2016/06/17 23:12:53 | 000,198,248 | ---- | M] (IDRIX) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\veracrypt.sys -- (veracrypt) DRV:64bit: - [2015/12/16 19:07:42 | 021,648,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2015/12/16 19:07:40 | 000,674,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2015/12/08 04:00:58 | 000,214,832 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2015/12/08 04:00:54 | 000,122,160 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2015/12/06 10:22:40 | 000,000,000 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\gbpddfac64.sys -- (gbpddfac) DRV:64bit: - [2015/10/30 11:26:17 | 000,162,960 | ---- | M] (Duplex Secure Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd2.sys -- (sptd2) DRV:64bit: - [2015/10/08 14:28:13 | 000,888,064 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64) DRV:64bit: - [2015/10/05 08:50:22 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl) DRV:64bit: - [2015/10/05 08:50:06 | 000,025,816 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2015/07/21 23:42:06 | 000,102,912 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWT6.sys -- (AtiHDAudioService) DRV:64bit: - [2015/07/11 21:36:06 | 000,033,448 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI) DRV:64bit: - [2015/06/04 13:33:50 | 000,021,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\semav6msr64.sys -- (semav6msr64) DRV:64bit: - [2013/12/18 16:16:44 | 000,140,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2013/12/06 11:47:12 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys -- (PSI) DRV:64bit: - [2013/09/30 16:26:50 | 000,019,152 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio) DRV:64bit: - [2013/09/30 16:26:48 | 000,012,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio) DRV:64bit: - [2013/05/28 11:12:19 | 000,382,536 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos) DRV:64bit: - [2013/04/22 12:21:00 | 000,148,696 | ---- | M] (BitDefender LLC) [File_System | System | Running] -- C:\Windows\SysNative\drivers\gzflt.sys -- (gzflt) DRV:64bit: - [2013/04/17 13:59:58 | 000,593,144 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf) DRV:64bit: - [2013/02/28 22:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:64bit: - [2013/02/19 12:59:38 | 000,057,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2012/09/16 15:31:23 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt) DRV:64bit: - [2012/06/05 13:45:16 | 000,237,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2011/05/19 11:53:29 | 000,030,840 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Gun64.sys -- (Gun) DRV:64bit: - [2010/06/14 08:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:64bit: - [2009/12/23 11:36:04 | 000,105,592 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd) DRV:64bit: - [2009/02/12 14:11:26 | 000,026,024 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\rsdrvx64.sys -- (ElRawDisk) DRV - [2016/10/01 15:35:56 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2016/10/01 09:35:13 | 000,027,552 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32) DRV - [2016/07/16 08:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus) DRV - [2015/09/03 14:41:02 | 000,029,912 | ---- | M] (GAS Tecnologia) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\GbPlugin\gbprcm64.sys -- (GBPRCM) DRV - [2015/01/20 18:38:52 | 000,024,792 | ---- | M] (GAS Tecnologia LTDA) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\GbPlugin\wsftprp64.sys -- (Warsaw_PP) DRV - [2014/08/27 15:23:07 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64) DRV - [2013/07/02 13:04:11 | 000,121,928 | ---- | M] (Bitdefender SRL) [Kernel | System | Stopped] -- C:\Arquivos de Programas\Bitdefender\antivírus Free Edition\bdfwfpf.sys -- (bdfwfpf) DRV - [2010/06/14 08:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2007/03/12 09:59:00 | 000,021,200 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TVICHW64.SYS -- (TVICHW64) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E1 C6 27 A8 90 E2 CB 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = CF 9D 2E 54 42 9C D1 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&PC=UE00 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.countryCode: "BR" FF - prefs.js..browser.search.region: "BR" FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:3.3.1 FF - prefs.js..extensions.enabledAddons: %7Bbb65e674-b194-4b6e-8033-5fa0afe3a198%7D:1.3.1-signed.1-signed FF - prefs.js..extensions.enabledAddons: youtubemp3podcaster%40jeremy.d.gregorio.com:3.9.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:49.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.101.2: C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2: C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1223183.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.101.2: C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2: C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\Users\Marco\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Marco\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Marco\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\gastecnologia.com.br/sf/bb64: File not found FF - HKCU\Software\MozillaPlugins\gastecnologia.com.br/sf/cef64: File not found FF - HKCU\Software\MozillaPlugins\gastecnologia.com.br/sf/uni: File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016/05/12 09:31:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2014/11/07 13:28:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2014/11/07 13:28:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2014/11/07 13:28:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 49.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 49.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/09/23 21:04:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 45.2.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 45.2.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016/05/12 09:31:42 | 000,000,000 | ---D | M] [2014/03/24 12:17:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Extensions [2014/03/24 12:17:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org [2016/10/04 23:23:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\44y63ayg.default\extensions [2016/03/09 00:33:09 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\44y63ayg.default\extensions\support@lastpass.com [2016/07/06 09:50:55 | 000,000,000 | ---D | M] (YouTube MP3 Podcaster) -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\44y63ayg.default\extensions\youtubemp3podcaster@jeremy.d.gregorio.com [2016/08/18 20:38:47 | 000,442,727 | ---- | M] () (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\44y63ayg.default\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2016/09/04 09:55:52 | 000,025,218 | ---- | M] () (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\44y63ayg.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2016/04/28 08:43:30 | 000,010,019 | ---- | M] () (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\44y63ayg.default\extensions\{bb65e674-b194-4b6e-8033-5fa0afe3a198}.xpi [2016/04/28 21:35:47 | 001,036,367 | ---- | M] () (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\44y63ayg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016/10/04 22:00:57 | 000,007,076 | ---- | M] () (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\44y63ayg.default\features\{9a92cb39-c452-41cf-a4d0-0fd3e41f79d8}\e10srollout@mozilla.org.xpi [2016/09/23 21:04:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2016/09/23 21:04:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016/09/23 21:04:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions O1 HOSTS File: ([2016/10/04 21:27:57 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de Programas\Java\jre1.8.0_101\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Arquivos de Programas\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de Programas\Java\jre1.8.0_101\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll (Oracle Corporation) O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil) O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal) O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehuni.dll (Banco Itaú Unibanco) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass) O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass) O4:64bit: - HKLM..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe (The Eraser Project) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe File not found O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions) O4 - HKCU..\Run: [KiesPDLR.exe] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableThumbnailCache = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleNetIDList = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O8:64bit: - Extra context menu item: LastPass - file://C:\Users\Marco\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found O8:64bit: - Extra context menu item: Preenchimento de formulários LastPass - file://C:\Users\Marco\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found O8 - Extra context menu item: LastPass - file://C:\Users\Marco\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found O8 - Extra context menu item: Preenchimento de formulários LastPass - file://C:\Users\Marco\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found O9:64bit: - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass) O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass) O9:64bit: - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de Programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass) O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass) O9 - Extra Button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Key error. File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Arquivos de Programas\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www] * in Trusted sites) O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www14] * in Trusted sites) O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www14] https in Trusted sites) O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www2] * in Trusted sites) O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www2] https in Trusted sites) O15 - HKCU\..Trusted Domains: bb.com.br ([seg] https in Trusted sites) O15 - HKCU\..Trusted Domains: bb.com.br ([www] * in Trusted sites) O15 - HKCU\..Trusted Domains: bb.com.br ([www] http in Trusted sites) O15 - HKCU\..Trusted Domains: caixa.gov.br ([imagem] * in Trusted sites) O15 - HKCU\..Trusted Domains: caixa.gov.br ([imagem] https in Trusted sites) O15 - HKCU\..Trusted Domains: caixa.gov.br ([imagem2] https in Trusted sites) O15 - HKCU\..Trusted Domains: caixa.gov.br ([internetbanking] * in Trusted sites) O15 - HKCU\..Trusted Domains: caixa.gov.br ([internetbanking] https in Trusted sites) O15 - HKCU\..Trusted Domains: caixa.gov.br ([internetbankingpf] * in Trusted sites) O15 - HKCU\..Trusted Domains: caixa.gov.br ([internetbankingpf] https in Trusted sites) O15 - HKCU\..Trusted Domains: caixa.gov.br ([www] * in Trusted sites) O15 - HKCU\..Trusted Domains: caixa.gov.br ([www] http in Trusted sites) O15 - HKCU\..Trusted Domains: itau.com.br ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: itau.com.br ([bankline] * in Trusted sites) O15 - HKCU\..Trusted Domains: itau.com.br ([clickbanking] * in Trusted sites) O15 - HKCU\..Trusted Domains: itau.com.br ([guardiao] * in Trusted sites) O15 - HKCU\..Trusted Domains: itau.com.br ([www] * in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-Windows-i586.cab (Java Plug-in 11.101.2) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-Windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-Windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-Windows-i586.cab (Java Plug-in 11.101.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{f6d3d21e-0d73-45cd-b714-447da718fe66}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de Programas\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\Windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\Windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil) O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\Program Files (x86)\GbPlugin\gbiehCef.dll) - C:\Program Files (x86)\GbPlugin\gbiehCef.dll (Caixa Economica Federal) O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehUni.dll) - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehUni.dll (Banco Itaú Unibanco) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal) O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehuni.dll (Banco Itaú Unibanco) O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil) O30:64bit: - LSA: Security Packages - (livessp) - File not found O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013/10/15 19:01:33 | 000,000,000 | R--D | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2013/10/15 19:01:33 | 000,000,000 | R--D | M] - D:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2013/10/15 19:01:33 | 000,000,000 | R--D | M] - E:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2014/06/09 23:45:40 | 000,000,000 | R--D | M] - G:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) CREATERESTOREPOINT Restore point Set: OTL Restore Point NetSvcs:64bit: shpamsvc - C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) NetSvcs:64bit: lfsvc - C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation) NetSvcs:64bit: DmEnrollmentSvc - C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation) NetSvcs:64bit: dmwappushservice - C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation) NetSvcs:64bit: wisvc - C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation) NetSvcs:64bit: WpnService - C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation) NetSvcs:64bit: XboxNetApiSvc - C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation) NetSvcs:64bit: DcpSvc - C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation) NetSvcs:64bit: RetailDemo - C:\Windows\SysNative\RDXService.dll (Microsoft Corporation) NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) NetSvcs:64bit: NetSetupSvc - C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation) NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) NetSvcs:64bit: UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation) NetSvcs:64bit: dosvc - C:\Windows\SysNative\dosvc.dll (Microsoft Corporation) NetSvcs:64bit: XblAuthManager - C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation) NetSvcs:64bit: XblGameSave - C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation) NetSvcs:64bit: UsoSvc - C:\Windows\SysNative\usocore.dll (Microsoft Corporation) ========== Files/Folders - Created Within 90 Days ========== [2016/10/05 14:15:11 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData [2016/10/04 23:18:19 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Innovative Solutions [2016/10/04 23:18:17 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\Innovative Solutions [2016/10/04 23:18:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax [2016/10/04 23:18:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Innovative Solutions [2016/10/04 21:46:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2016/10/04 21:41:58 | 000,000,000 | ---D | C] -- C:\Windows\Temp [2016/10/04 21:41:58 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\Temp [2016/10/04 21:02:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marco\Desktop\OTL.exe [2016/10/03 23:57:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2016/10/03 23:17:09 | 000,000,000 | ---D | C] -- C:\SWTOOLS [2016/10/03 21:40:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility [2016/10/03 21:40:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Driver Update Utility [2016/10/03 20:57:33 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\ElevatedDiagnostics [2016/10/03 13:19:57 | 000,000,000 | ---D | C] -- C:\Users\Marco\Desktop\Nova pasta [2016/10/02 22:10:22 | 000,000,000 | ---D | C] -- C:\Users\Marco\Doctor Web [2016/10/02 21:29:59 | 001,615,456 | ---- | C] (Malwarebytes) -- C:\Users\Marco\Desktop\JRT.exe [2016/10/02 19:05:15 | 000,000,000 | ---D | C] -- C:\ProgramData\IntelDLM [2016/10/02 19:02:24 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\Intel [2016/10/02 19:01:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2016/10/02 19:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2016/10/02 18:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Webitar Production Inc [2016/10/02 18:36:49 | 000,000,000 | ---D | C] -- C:\DRIVERS [2016/10/02 16:50:52 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Force Shutdown [2016/10/02 15:36:19 | 000,000,000 | ---D | C] -- C:\Users\Marco\Desktop\BIOS [2016/10/02 15:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared [2016/10/01 15:36:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE [2016/10/01 15:36:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE [2016/10/01 14:23:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive [2016/10/01 14:20:27 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\ConnectedDevicesPlatform [2016/10/01 14:19:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop [2016/10/01 14:19:59 | 000,000,000 | -HSD | C] -- C:\Program Files\Arquivos Comuns [2016/10/01 14:19:58 | 000,000,000 | -HSD | C] -- C:\Recovery [2016/10/01 14:08:42 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information [2016/10/01 13:55:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SpeechEngines [2016/10/01 13:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines [2016/10/01 13:51:40 | 000,000,000 | --SD | C] -- C:\Users\Marco\AppData\Roaming\Microsoft [2016/10/01 13:51:40 | 000,000,000 | R--D | C] -- C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [2016/10/01 13:51:40 | 000,000,000 | R--D | C] -- C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2016/10/01 13:51:40 | 000,000,000 | R--D | C] -- C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2016/10/01 13:51:40 | 000,000,000 | R--D | C] -- C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\AppData\Local\Temporary Internet Files [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\SendTo [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\Recent [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\Modelos [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\Documents\Minhas Músicas [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\Documents\Minhas Imagens [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\Documents\Meus Vídeos [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\Meus Documentos [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\Menu Iniciar [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\AppData\Local\Histórico [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\Dados de Aplicativos [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\AppData\Local\Dados de Aplicativos [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\Cookies [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\Configurações Locais [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\Ambiente de Rede [2016/10/01 13:51:40 | 000,000,000 | -HSD | C] -- C:\Users\Marco\Ambiente de Impressão [2016/10/01 13:51:40 | 000,000,000 | -H-D | C] -- C:\Users\Marco\AppData [2016/10/01 13:51:40 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\Microsoft [2016/10/01 13:51:40 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2016/10/01 13:47:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [2016/10/01 13:47:42 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2016/10/01 13:47:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2016/10/01 13:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2016/10/01 13:46:19 | 000,000,000 | ---D | C] -- C:\Program Files\AMD [2016/10/01 13:45:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2016/10/01 13:45:56 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2016/10/01 13:45:52 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics [2016/10/01 13:44:04 | 000,000,000 | ---D | C] -- C:\Windows\ServiceProfiles [2016/10/01 13:44:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SleepStudy [2016/10/01 13:43:58 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2016/10/01 13:41:18 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2016/10/01 13:37:38 | 000,000,000 | ---D | C] -- C:\Windows.old [2016/10/01 13:34:26 | 000,141,824 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysWow64\DscCoreConfProv.dll [2016/10/01 13:34:15 | 000,204,288 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\DscCoreConfProv.dll [2016/10/01 13:24:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Microsoft [2016/10/01 13:21:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer [2016/10/01 13:21:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\msmq [2016/10/01 13:21:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices [2016/10/01 13:21:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices [2016/10/01 13:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2016/10/01 13:21:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies [2016/10/01 13:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2016/10/01 13:21:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild [2016/10/01 13:21:38 | 000,000,000 | ---D | C] -- C:\inetpub [2016/10/01 12:36:15 | 000,000,000 | -H-D | C] -- C:\$Windows.~BT [2016/10/01 12:28:11 | 000,000,000 | -H-D | C] -- C:\$GetCurrent [2016/10/01 11:46:34 | 000,000,000 | -H-D | C] -- C:\$SysReset [2016/10/01 10:54:17 | 000,000,000 | ---D | C] -- C:\Intel [2016/10/01 09:35:13 | 000,027,552 | ---- | C] (REALiX(tm)) -- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS [2016/09/30 22:44:37 | 000,000,000 | ---D | C] -- C:\Windows10Upgrade [2016/09/30 21:55:49 | 000,000,000 | ---D | C] -- C:\AMD [2016/09/24 13:06:21 | 000,000,000 | ---D | C] -- C:\Users\Marco\Desktop\Action Run - 24-09-2016 [2016/09/23 21:04:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2016/09/22 08:16:29 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú [2016/09/19 20:33:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2016/09/18 00:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Motorola [2016/09/18 00:52:39 | 000,000,000 | ---D | C] -- C:\Temp [2016/09/18 00:52:39 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Motorola Mobility [2016/09/18 00:52:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola Mobility [2016/09/18 00:52:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola [2016/09/18 00:52:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2016/09/18 00:51:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared [2016/09/18 00:50:31 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Motorola [2016/09/10 23:20:18 | 000,000,000 | ---D | C] -- C:\Users\Marco\Recovered data 09-10-2016 at 23_20_18 [2016/09/10 23:10:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\iSkysoft [2016/09/10 23:09:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\iSkysoft [2016/09/10 00:00:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Undelete360 [2016/09/10 00:00:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\File Recovery [2016/09/08 23:29:28 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Hulubulu [2016/09/08 23:29:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Renamer [2016/09/08 23:29:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced Renamer [2016/09/07 12:59:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Storage Format Tool 5.2 [2016/09/07 12:59:44 | 000,000,000 | ---D | C] -- C:\Program Files\USB Disk Storage Format Tool [2016/09/05 23:17:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZAR [2016/09/05 23:17:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZAR [2016/09/05 22:03:22 | 000,000,000 | ---D | C] -- C:\Users\Marco\Recovered data 09-05-2016 at 22_03_22 [2016/09/05 21:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations [2016/09/05 12:43:55 | 000,000,000 | ---D | C] -- C:\Users\Marco\Documents\My Data Files [2016/09/05 12:43:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Wondershare [2016/09/05 12:43:02 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Wondershare [2016/09/04 18:25:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty [2016/09/04 18:25:40 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Digiarty [2016/09/04 18:25:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digiarty [2016/09/04 18:21:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvsoft [2016/09/04 14:37:17 | 000,000,000 | ---D | C] -- C:\Users\Marco\.fontconfig [2016/09/04 14:36:33 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\Movavi [2016/09/04 14:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Movavi [2016/09/04 12:42:02 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\fontconfig [2016/09/03 11:08:36 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys [2016/09/03 10:49:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\antivírus Free Edition [2016/09/03 10:48:38 | 000,718,840 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys [2016/09/03 10:48:38 | 000,593,144 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys [2016/09/03 10:48:29 | 000,382,536 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys [2016/09/03 10:48:29 | 000,148,696 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys [2016/08/22 01:27:23 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory [2016/08/13 21:00:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender [2016/07/31 13:40:02 | 000,000,000 | ---D | C] -- C:\Users\Marco\Documents\Mensagens [2016/07/31 12:28:56 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office [2016/07/30 14:18:10 | 000,000,000 | ---D | C] -- C:\Users\Marco\Desktop\Isadora - Gramado - Julho 2016 [2016/07/16 20:10:58 | 000,000,000 | ---D | C] -- C:\Windows\OCR [2016/07/16 20:10:32 | 000,000,000 | ---D | C] -- C:\Windows\SKB [2016/07/16 20:09:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\winrm [2016/07/16 20:09:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WCN [2016/07/16 20:09:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sysprep [2016/07/16 20:09:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\slmgr [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\winrm [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WCN [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF\pt-BR [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\pt-BR [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Printing_Admin_Scripts [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF\en-US [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\en-US [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en [2016/07/16 20:09:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0409 [2016/07/16 20:09:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\slmgr [2016/07/16 20:09:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\UMDF\pt-BR [2016/07/16 20:09:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR [2016/07/16 20:09:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Printing_Admin_Scripts [2016/07/16 20:09:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\UMDF\en-US [2016/07/16 20:09:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\en-US [2016/07/16 20:09:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en [2016/07/16 20:09:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0409 [2016/07/16 20:09:55 | 000,000,000 | ---D | C] -- C:\Windows\pt-BR [2016/07/16 20:09:55 | 000,000,000 | ---D | C] -- C:\Windows\en-US [2016/07/16 20:09:55 | 000,000,000 | ---D | C] -- C:\Windows\DigitalLocker [2016/07/16 08:49:46 | 000,000,000 | ---D | C] -- C:\Windows\Setup [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Nui [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\Nui [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\F12 [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\F12 [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\dsc [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\Downloaded Program Files [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\DiagSvcs [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\DiagSvcs [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Configuration [2016/07/16 08:47:48 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\Configuration [2016/07/16 08:47:48 | 000,000,000 | R-SD | C] -- C:\Windows\Media [2016/07/16 08:47:48 | 000,000,000 | R-SD | C] -- C:\Windows\Fonts [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\Windows\PrintDialog [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\Windows\Offline Web Pages [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\Windows\MiracastView [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\Windows\ImmersiveControlPanel [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [2016/07/16 08:47:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [2016/07/16 08:47:48 | 000,000,000 | -HSD | C] -- C:\Program Files (x86)\Windows Sidebar [2016/07/16 08:47:48 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2016/07/16 08:47:48 | 000,000,000 | -H-D | C] -- C:\ProgramData [2016/07/16 08:47:48 | 000,000,000 | -H-D | C] -- C:\Windows\ELAMBKUP [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-TW [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-TW [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-HK [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-HK [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-CN [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-CN [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WinMetadata [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WinMetadata [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\winevt [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WindowsPowerShell [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Photo Viewer [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows NT [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Multimedia Platform [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Player [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Mail [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Defender [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WinBioPlugIns [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WinBioDatabase [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Web [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WDI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\wbem [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\wbem [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Vss [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\ProgramData\USOPrivate [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\uk-UA [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\uk-UA [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\twain_32 [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\tr-TR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\tr-TR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\tracing [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\th-TH [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\th-TH [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Tasks [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Tasks [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\TAPI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SystemResources [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SystemResetPlatform [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SystemApps [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\System [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\System [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sv-SE [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sv-SE [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sru [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sru [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sr-Latn-RS [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sr-Latn-RS [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sr-Latn-CS [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sr-Latn-CS [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sppui [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sppui [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spp [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\spp [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\spool [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Speech_OneCore [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Speech_OneCore [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Speech_OneCore [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Speech [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\System\Speech [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Speech [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Speech [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SMI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sl-SI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sl-SI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sk-SK [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sk-SK [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\ShellExperiences [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\setup [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\setup [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Services [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\security [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SecureBootUpdates [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\schemas [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SchCache [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ru-RU [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ru-RU [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ro-RO [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ro-RO [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\restore [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\restore [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Resources [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\rescache [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Registration [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Recovery [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Recovery [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RasToast [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RasToast [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ras [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ras [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pt-PT [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\pt-PT [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pt-BR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\pt-BR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ProximityToast [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Provisioning [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\PolicyDefinitions [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\PointOfService [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pl-PL [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\pl-PL [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\PLA [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Performance [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\oobe [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oobe [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\nl-NL [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nl-NL [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\networklist [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\networklist [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NDF [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NDF [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\nb-NO [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nb-NO [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MUI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MUI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MsDtc [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MsDtc [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MSDRM [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MSDRM [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\ModemLogs [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\migwiz [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\migwiz [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\migration [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\migration [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Migration [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Shared [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MailContactsCalendarSync [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MailContactsCalendarSync [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\lv-LV [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\lv-LV [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\lt-LT [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\lt-LT [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\LogFiles [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\LogFiles [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\LiveKernelReports [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Licenses [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Licenses [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\L2Schemas [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ko-KR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ko-KR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ja-JP [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ja-jp [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\it-IT [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\it-IT [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Ipmi [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Ipmi [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Explorer [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\InstallShield [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\InputMethod [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\InputMethod [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\InputMethod [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\InfusedApps [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\inetsrv [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\inetsrv [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\IME [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\IME [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\IME [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\icsxml [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\icsxml [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\hu-HU [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\hu-HU [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\hr-HR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\hr-HR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Help [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\he-IL [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\he-IL [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\GroupPolicyUsers [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\GroupPolicy [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Globalization [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\GameBarPresenceWriter [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\FxsTmp [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\FxsTmp [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr-FR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fr-FR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr-CA [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fr-CA [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fi-FI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fi-FI [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\et-EE [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\et-EE [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\etc [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\es-MX [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\es-MX [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\es-ES [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\es-ES [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en-US [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en-US [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en-GB [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en-GB [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\el-GR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\el-GR [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\DriverStore [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\diagnostics [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de-DE [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de-DE [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\debug [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DDFs [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\da-DK [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\da-DK [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Cursors [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\cs-CZ [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\cs-CZ [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\config [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Com [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Com [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\CodeIntegrity [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2 [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\catroot [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Bthprops [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Bthprops [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Branding [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Boot [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\Boot [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\bg-BG [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\bg-BG [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\bcastdvr [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ar-SA [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ar-SA [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\AppReadiness [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\AppPatch [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AppLocker [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\AppLocker [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\appcompat [2016/07/16 08:47:48 | 000,000,000 | ---D | C] -- C:\Windows\addins [2016/07/16 08:47:47 | 000,000,000 | R--D | C] -- C:\Program Files\Windows Defender [2016/07/16 08:47:47 | 000,000,000 | R--D | C] -- C:\Windows\Microsoft.NET [2016/07/16 08:47:47 | 000,000,000 | R--D | C] -- C:\Windows\assembly [2016/07/16 08:47:47 | 000,000,000 | -HSD | C] -- C:\Program Files\Windows Sidebar [2016/07/16 08:47:47 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsApps [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\WindowsPowerShell [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Photo Viewer [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Multimedia Platform [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Mail [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\PerfLogs [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\microsoft shared [2016/07/16 08:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2016/07/16 08:47:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\UMDF [2016/07/16 08:47:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers [2016/07/16 08:45:54 | 000,000,000 | ---D | C] -- C:\Windows\INF [2016/07/16 08:42:54 | 000,584,664 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\winsqlite3.dll [2016/07/16 08:42:05 | 000,772,568 | ---- | C] (SQLite Development Team) -- C:\Windows\SysNative\winsqlite3.dll [2016/07/16 08:41:53 | 002,104,160 | ---- | C] (Chelsio Communications) -- C:\Windows\SysNative\drivers\cht4vx64.sys [2016/07/16 08:41:53 | 001,135,456 | ---- | C] (PMC-Sierra) -- C:\Windows\SysNative\drivers\adp80xx.sys [2016/07/16 08:41:53 | 000,842,584 | ---- | C] (Mellanox) -- C:\Windows\SysNative\drivers\mlx4_bus.sys [2016/07/16 08:41:53 | 000,526,176 | ---- | C] (Mellanox) -- C:\Windows\SysNative\drivers\ibbus.sys [2016/07/16 08:41:53 | 000,346,976 | ---- | C] (Chelsio Communications) -- C:\Windows\SysNative\drivers\cht4sx64.sys [2016/07/16 08:41:53 | 000,305,504 | ---- | C] (VIA Corporation) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS [2016/07/16 08:41:53 | 000,259,424 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys [2016/07/16 08:41:53 | 000,108,896 | ---- | C] (Mellanox) -- C:\Windows\SysNative\drivers\ndfltr.sys [2016/07/16 08:41:53 | 000,107,360 | ---- | C] (LSI) -- C:\Windows\SysNative\drivers\3ware.sys [2016/07/16 08:41:53 | 000,105,824 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys [2016/07/16 08:41:53 | 000,102,752 | ---- | C] (Chelsio Communications) -- C:\Windows\SysNative\drivers\cht4dx64.sys [2016/07/16 08:41:53 | 000,101,216 | ---- | C] (Avago Technologies) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys [2016/07/16 08:41:53 | 000,082,776 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sss.sys [2016/07/16 08:41:53 | 000,064,864 | ---- | C] (Mellanox) -- C:\Windows\SysNative\drivers\winverbs.sys [2016/07/16 08:41:53 | 000,063,840 | ---- | C] (Marvell Semiconductor, Inc.) -- C:\Windows\SysNative\drivers\mvumis.sys [2016/07/16 08:41:53 | 000,061,792 | ---- | C] (Avago Technologies) -- C:\Windows\SysNative\drivers\percsas3i.sys [2016/07/16 08:41:53 | 000,058,720 | ---- | C] (Avago Technologies) -- C:\Windows\SysNative\drivers\percsas2i.sys [2016/07/16 08:41:53 | 000,032,096 | ---- | C] (Mellanox) -- C:\Windows\SysNative\drivers\winmad.sys [2016/07/16 08:41:53 | 000,009,728 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\bcmfn2.sys [2016/07/16 08:41:53 | 000,009,728 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\bcmfn.sys [2016/07/16 08:36:22 | 000,000,000 | ---D | C] -- C:\Windows\CbsTemp [2016/07/16 03:04:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AdvancedInstallers [2016/07/16 03:04:29 | 000,000,000 | ---D | C] -- C:\Windows\Logs [2016/07/16 03:04:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\AdvancedInstallers [2016/07/16 03:04:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWOW64 [2016/07/16 03:04:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Sysprep [2016/07/16 03:04:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\downlevel [2016/07/16 03:04:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\downlevel [2016/07/16 03:04:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Dism [2016/07/16 03:04:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Dism [2016/07/16 03:04:24 | 000,000,000 | R--D | C] -- C:\Users [2016/07/16 03:04:24 | 000,000,000 | R--D | C] -- C:\Program Files [2016/07/16 03:04:24 | 000,000,000 | R--D | C] -- C:\Program Files (x86) [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows\WinSxS [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows\System32 [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SMI [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows\servicing [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DriverStore [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\config [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files [2016/07/16 03:04:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\CatRoot [2016/07/12 13:05:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2016/07/10 20:18:21 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\BatchSubtitlesConverter [2015/11/04 23:42:57 | 020,320,792 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2016/10/05 14:15:11 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\Uninstaller_SkipUac_Marco.job [2016/10/05 12:48:41 | 000,577,298 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat [2016/10/05 12:48:40 | 001,940,718 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2016/10/05 12:48:40 | 000,913,212 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2016/10/05 12:48:40 | 000,251,734 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2016/10/05 12:48:40 | 000,177,946 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat [2016/10/05 12:46:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2016/10/05 12:44:24 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2016/10/04 23:18:17 | 000,001,326 | ---- | M] () -- C:\Users\Marco\Desktop\DriverMax.lnk [2016/10/04 21:45:06 | 000,000,214 | ---- | M] () -- C:\Windows\tasks\CreateExplorerShellUnelevatedTask.job [2016/10/04 21:27:57 | 000,000,753 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2016/10/04 21:24:59 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe [2016/10/04 21:03:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marco\Desktop\OTL.exe [2016/10/04 20:58:28 | 000,076,576 | ---- | M] () -- C:\Users\Marco\Desktop\capture-20161004-205652.jpg [2016/10/03 21:17:42 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2016/10/03 12:26:51 | 000,413,056 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2016/10/02 22:10:14 | 141,918,344 | ---- | M] () -- C:\Users\Marco\Desktop\Dr-Web.exe [2016/10/02 21:50:25 | 001,309,184 | ---- | M] () -- C:\Users\Marco\Desktop\zoek.exe [2016/10/02 21:34:38 | 001,615,456 | ---- | M] (Malwarebytes) -- C:\Users\Marco\Desktop\JRT.exe [2016/10/02 21:30:41 | 003,861,056 | ---- | M] () -- C:\Users\Marco\Desktop\AdwCleaner.exe [2016/10/01 14:19:23 | 000,011,433 | ---- | M] () -- C:\Windows\diagwrn.xml [2016/10/01 14:19:23 | 000,011,433 | ---- | M] () -- C:\Windows\diagerr.xml [2016/10/01 14:16:22 | 000,023,056 | ---- | M] () -- C:\Windows\SysNative\emptyregdb.dat [2016/10/01 13:50:40 | 001,517,196 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2016/10/01 13:46:27 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2016/10/01 13:45:53 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf [2016/10/01 13:34:55 | 000,445,765 | ---- | M] () -- C:\Windows\SysNative\ApnDatabase.xml [2016/10/01 13:34:26 | 000,141,824 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysWow64\DscCoreConfProv.dll [2016/10/01 13:34:15 | 000,204,288 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\DscCoreConfProv.dll [2016/10/01 13:34:02 | 002,681,200 | ---- | M] () -- C:\Windows\SysNative\CoreUIComponents.dll [2016/10/01 13:34:02 | 002,048,496 | ---- | M] () -- C:\Windows\SysWow64\CoreUIComponents.dll [2016/10/01 13:34:01 | 000,327,680 | ---- | M] () -- C:\Windows\SysNative\wc_storage.dll [2016/10/01 13:34:00 | 000,418,304 | ---- | M] () -- C:\Windows\SysNative\Windows.Perception.Stub.dll [2016/10/01 13:34:00 | 000,265,728 | ---- | M] () -- C:\Windows\SysWow64\Windows.Perception.Stub.dll [2016/10/01 13:21:26 | 000,009,096 | ---- | M] () -- C:\Windows\SysWow64\msmqtrc.mof [2016/10/01 13:21:19 | 000,009,096 | ---- | M] () -- C:\Windows\SysNative\msmqtrc.mof [2016/10/01 13:04:13 | 000,000,724 | ---- | M] () -- C:\Windows\tasks\WpsKtpcntrQingTask_Marco.job [2016/10/01 12:54:00 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\WpsExternal_20160731122900.job [2016/10/01 12:53:23 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3847410376-614814884-3458226429-1000UA.job [2016/10/01 12:34:17 | 000,000,036 | ---- | M] () -- C:\Windows\progress.ini [2016/10/01 12:34:04 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\WpsUpdateTask_Marco.job [2016/10/01 12:30:05 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2016/10/01 12:27:53 | 000,000,746 | ---- | M] () -- C:\Users\Marco\Desktop\Assistente de Atualização do Windows 10.lnk [2016/10/01 12:17:03 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job [2016/10/01 12:12:25 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2016/10/01 09:35:13 | 000,027,552 | ---- | M] (REALiX(tm)) -- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS [2016/09/30 20:38:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3847410376-614814884-3458226429-1000Core.job [2016/09/25 16:00:46 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2016/09/03 11:08:36 | 000,261,056 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys [2016/09/03 10:57:16 | 000,002,842 | ---- | M] () -- C:\Windows\SysNative\lic2.xml22494 [2016/09/03 10:49:02 | 000,002,268 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender antivírus Free Edition.lnk [2016/08/28 21:41:20 | 000,000,918 | ---- | M] () -- C:\Users\Marco\Desktop\EMDB.lnk [2016/07/31 14:57:28 | 000,077,824 | ---- | M] () -- C:\Windows\KMSEmulator.exe [2016/07/31 13:37:40 | 000,009,381 | ---- | M] () -- C:\Users\Marco\AppData\Roaming\Valores Separados por Vírgulas (Windows).EML [2016/07/31 12:29:01 | 000,002,496 | ---- | M] () -- C:\Users\Marco\Desktop\WPS Presentation.lnk [2016/07/31 12:29:01 | 000,002,488 | ---- | M] () -- C:\Users\Marco\Desktop\WPS Writer.lnk [2016/07/31 12:29:01 | 000,002,476 | ---- | M] () -- C:\Users\Marco\Desktop\WPS Spreadsheets.lnk [2016/07/25 13:41:56 | 000,008,800 | ---- | M] () -- C:\Users\Marco\Desktop\ComprovanteTef.pdf [2016/07/16 20:09:46 | 000,328,278 | ---- | M] () -- C:\Windows\SysNative\prfi0416.dat [2016/07/16 20:09:46 | 000,040,752 | ---- | M] () -- C:\Windows\SysNative\prfd0416.dat [2016/07/16 20:08:55 | 000,043,916 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2016/07/16 20:08:55 | 000,043,916 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2016/07/16 08:45:38 | 000,000,741 | ---- | M] () -- C:\Windows\SysWow64\NOISE.DAT [2016/07/16 08:45:37 | 000,215,943 | ---- | M] () -- C:\Windows\SysWow64\dssec.dat [2016/07/16 08:45:37 | 000,003,683 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\lmhosts.sam [2016/07/16 08:45:36 | 000,215,943 | ---- | M] () -- C:\Windows\SysNative\dssec.dat [2016/07/16 08:45:36 | 000,015,462 | ---- | M] () -- C:\Windows\SysNative\OEMDefaultAssociations.xml [2016/07/16 08:45:36 | 000,000,858 | ---- | M] () -- C:\Windows\SysNative\DefaultQuestions.json [2016/07/16 08:45:36 | 000,000,741 | ---- | M] () -- C:\Windows\SysNative\NOISE.DAT [2016/07/16 08:45:35 | 000,296,742 | ---- | M] () -- C:\Windows\SysNative\perfi009.dat [2016/07/16 08:45:35 | 000,033,362 | ---- | M] () -- C:\Windows\SysNative\perfd009.dat [2016/07/16 08:44:03 | 000,076,060 | ---- | M] () -- C:\Windows\SysWow64\xpsrchvw.xml [2016/07/16 08:44:03 | 000,076,060 | ---- | M] () -- C:\Windows\SysNative\xpsrchvw.xml [2016/07/16 08:44:01 | 000,003,401 | ---- | M] () -- C:\Windows\SysWow64\msmqpub.mof [2016/07/16 08:44:01 | 000,000,895 | ---- | M] () -- C:\Windows\SysWow64\msmqtrcRemove.mof [2016/07/16 08:43:59 | 000,003,458 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2016/07/16 08:43:52 | 000,006,886 | ---- | M] () -- C:\Windows\SysWow64\SecurityAndMaintenance_Error.png [2016/07/16 08:43:52 | 000,005,796 | ---- | M] () -- C:\Windows\SysWow64\SecurityAndMaintenance.png [2016/07/16 08:43:52 | 000,002,626 | ---- | M] () -- C:\Windows\SysWow64\SecurityAndMaintenance_Alert.png [2016/07/16 08:43:51 | 000,006,886 | ---- | M] () -- C:\Windows\SysNative\SecurityAndMaintenance_Error.png [2016/07/16 08:43:51 | 000,005,796 | ---- | M] () -- C:\Windows\SysNative\SecurityAndMaintenance.png [2016/07/16 08:43:51 | 000,002,626 | ---- | M] () -- C:\Windows\SysNative\SecurityAndMaintenance_Alert.png [2016/07/16 08:43:50 | 000,013,091 | ---- | M] () -- C:\Windows\SysNative\DevModeRunAsUserConfig.msc [2016/07/16 08:43:50 | 000,010,429 | ---- | M] () -- C:\Windows\SysNative\ScavengeSpace.xml [2016/07/16 08:43:47 | 000,033,498 | ---- | M] () -- C:\Windows\Core.xml [2016/07/16 08:43:08 | 000,316,640 | ---- | M] () -- C:\Windows\WMSysPr9.prx [2016/07/16 08:43:08 | 000,003,458 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2016/07/16 08:43:08 | 000,003,401 | ---- | M] () -- C:\Windows\SysNative\msmqpub.mof [2016/07/16 08:43:08 | 000,000,895 | ---- | M] () -- C:\Windows\SysNative\msmqtrcRemove.mof [2016/07/16 08:43:04 | 000,211,938 | ---- | M] () -- C:\Windows\SysWow64\lcphrase.tbl [2016/07/16 08:43:04 | 000,055,296 | ---- | M] () -- C:\Windows\SysWow64\BWContextHandler.dll [2016/07/16 08:43:04 | 000,024,114 | ---- | M] () -- C:\Windows\SysWow64\lcptr.tbl [2016/07/16 08:43:02 | 000,003,666 | ---- | M] () -- C:\Windows\SysWow64\sysprtj.sep [2016/07/16 08:43:02 | 000,003,317 | ---- | M] () -- C:\Windows\SysWow64\sysprint.sep [2016/07/16 08:43:02 | 000,001,673 | ---- | M] () -- C:\Windows\SysWow64\tcpbidi.xml [2016/07/16 08:43:02 | 000,000,404 | ---- | M] () -- C:\Windows\SysWow64\@VpnToastIcon.png [2016/07/16 08:43:02 | 000,000,330 | ---- | M] () -- C:\Windows\SysWow64\@EnrollmentToastIcon.png [2016/07/16 08:43:02 | 000,000,150 | ---- | M] () -- C:\Windows\SysWow64\pcl.sep [2016/07/16 08:43:02 | 000,000,051 | ---- | M] () -- C:\Windows\SysWow64\pscript.sep [2016/07/16 08:43:00 | 000,115,091 | ---- | M] () -- C:\Windows\SysWow64\WF.msc [2016/07/16 08:43:00 | 000,019,968 | ---- | M] () -- C:\Windows\SysWow64\GamePanelExternalHook.dll [2016/07/16 08:43:00 | 000,004,014 | ---- | M] () -- C:\Windows\SysWow64\xwizard.dtd [2016/07/16 08:43:00 | 000,001,820 | ---- | M] () -- C:\Windows\SysWow64\rasctrnm.h [2016/07/16 08:43:00 | 000,000,308 | ---- | M] () -- C:\Windows\SysWow64\@AudioToastIcon.png [2016/07/16 08:42:58 | 000,144,998 | ---- | M] () -- C:\Windows\SysWow64\lusrmgr.msc [2016/07/16 08:42:58 | 000,002,711 | ---- | M] () -- C:\Windows\SysWow64\AppxProvisioning.xml [2016/07/16 08:42:57 | 000,000,565 | ---- | M] () -- C:\Windows\SysWow64\NdfEventView.xml [2016/07/16 08:42:56 | 000,204,105 | ---- | M] () -- C:\Windows\SysWow64\winrm.vbs [2016/07/16 08:42:56 | 000,185,368 | ---- | M] () -- C:\Windows\SysWow64\weretw.dll [2016/07/16 08:42:56 | 000,004,675 | ---- | M] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml [2016/07/16 08:42:56 | 000,002,426 | ---- | M] () -- C:\Windows\SysWow64\WsmTxt.xsl [2016/07/16 08:42:56 | 000,001,559 | ---- | M] () -- C:\Windows\SysWow64\WsmPty.xsl [2016/07/16 08:42:56 | 000,000,199 | ---- | M] () -- C:\Windows\SysWow64\winrm.cmd [2016/07/16 08:42:55 | 000,167,640 | ---- | M] () -- C:\Windows\SysWow64\chs_singlechar_pinyin.dat [2016/07/16 08:42:55 | 000,038,400 | ---- | M] () -- C:\Windows\SysWow64\dtdump.exe [2016/07/16 08:42:54 | 000,584,664 | ---- | M] (SQLite Development Team) -- C:\Windows\SysWow64\winsqlite3.dll [2016/07/16 08:42:53 | 000,673,088 | ---- | M] () -- C:\Windows\SysWow64\mlang.dat [2016/07/16 08:42:49 | 003,440,660 | ---- | M] () -- C:\Windows\SysWow64\drivers\gm.dls [2016/07/16 08:42:49 | 000,304,640 | ---- | M] () -- C:\Windows\SysWow64\HrtfApo.dll [2016/07/16 08:42:48 | 000,364,544 | ---- | M] () -- C:\Windows\SysWow64\msjetoledb40.dll [2016/07/16 08:42:48 | 000,004,453 | ---- | M] () -- C:\Windows\SysWow64\odbcconf.rsp [2016/07/16 08:42:48 | 000,002,233 | ---- | M] () -- C:\Windows\SysWow64\12520850.cpx [2016/07/16 08:42:48 | 000,002,151 | ---- | M] () -- C:\Windows\SysWow64\12520437.cpx [2016/07/16 08:42:46 | 003,170,304 | ---- | M] () -- C:\Windows\SysWow64\boot.sdi [2016/07/16 08:42:46 | 000,145,519 | ---- | M] () -- C:\Windows\SysWow64\perfmon.msc [2016/07/16 08:42:46 | 000,142,904 | ---- | M] () -- C:\Windows\SysWow64\slmgr.vbs [2016/07/16 08:42:46 | 000,124,118 | ---- | M] () -- C:\Windows\SysWow64\comexp.msc [2016/07/16 08:42:46 | 000,109,056 | ---- | M] () -- C:\Windows\SysWow64\chartv.dll [2016/07/16 08:42:46 | 000,047,682 | ---- | M] () -- C:\Windows\SysWow64\diskmgmt.msc [2016/07/16 08:42:46 | 000,031,232 | ---- | M] () -- C:\Windows\SysWow64\efsext.dll [2016/07/16 08:42:45 | 000,336,896 | ---- | M] () -- C:\Windows\SysWow64\msinfo32.exe [2016/07/16 08:42:45 | 000,145,640 | ---- | M] () -- C:\Windows\SysWow64\devmgmt.msc [2016/07/16 08:42:45 | 000,144,862 | ---- | M] () -- C:\Windows\SysWow64\tpm.msc [2016/07/16 08:42:45 | 000,000,714 | ---- | M] () -- C:\Windows\SysWow64\RestartManager.mof [2016/07/16 08:42:45 | 000,000,176 | ---- | M] () -- C:\Windows\SysWow64\RestartManagerUninstall.mof [2016/07/16 08:42:43 | 000,211,938 | ---- | M] () -- C:\Windows\SysNative\lcphrase.tbl [2016/07/16 08:42:43 | 000,145,127 | ---- | M] () -- C:\Windows\SysWow64\eventvwr.msc [2016/07/16 08:42:43 | 000,145,059 | ---- | M] () -- C:\Windows\SysWow64\taskschd.msc [2016/07/16 08:42:43 | 000,144,909 | ---- | M] () -- C:\Windows\SysWow64\fsmgmt.msc [2016/07/16 08:42:43 | 000,113,256 | ---- | M] () -- C:\Windows\SysWow64\compmgmt.msc [2016/07/16 08:42:43 | 000,092,746 | ---- | M] () -- C:\Windows\SysWow64\services.msc [2016/07/16 08:42:43 | 000,063,081 | ---- | M] () -- C:\Windows\SysWow64\certlm.msc [2016/07/16 08:42:43 | 000,063,070 | ---- | M] () -- C:\Windows\SysWow64\certmgr.msc [2016/07/16 08:42:43 | 000,041,587 | ---- | M] () -- C:\Windows\SysWow64\azman.msc [2016/07/16 08:42:43 | 000,024,114 | ---- | M] () -- C:\Windows\SysNative\lcptr.tbl [2016/07/16 08:42:43 | 000,017,935 | ---- | M] () -- C:\Windows\SysWow64\EventViewer_EventDetails.xsl [2016/07/16 08:42:43 | 000,002,307 | ---- | M] () -- C:\Windows\SysWow64\WimBootCompress.ini [2016/07/16 08:42:41 | 000,000,600 | ---- | M] () -- C:\Windows\SysNative\@language_notification_icon.png [2016/07/16 08:42:40 | 000,063,488 | ---- | M] () -- C:\Windows\SysNative\BWContextHandler.dll [2016/07/16 08:42:40 | 000,000,520 | ---- | M] () -- C:\Windows\SysNative\@optionalfeatures.png [2016/07/16 08:42:39 | 000,060,124 | ---- | M] () -- C:\Windows\SysNative\tcpmon.ini [2016/07/16 08:42:39 | 000,003,666 | ---- | M] () -- C:\Windows\SysNative\sysprtj.sep [2016/07/16 08:42:39 | 000,003,317 | ---- | M] () -- C:\Windows\SysNative\sysprint.sep [2016/07/16 08:42:39 | 000,001,673 | ---- | M] () -- C:\Windows\SysNative\tcpbidi.xml [2016/07/16 08:42:39 | 000,000,150 | ---- | M] () -- C:\Windows\SysNative\pcl.sep [2016/07/16 08:42:39 | 000,000,051 | ---- | M] () -- C:\Windows\SysNative\pscript.sep [2016/07/16 08:42:38 | 000,015,106 | ---- | M] () -- C:\Windows\SysNative\@WiFiNotificationIcon.png [2016/07/16 08:42:38 | 000,010,540 | ---- | M] () -- C:\Windows\SysNative\TransformPPSToWlan.xslt [2016/07/16 08:42:38 | 000,001,688 | ---- | M] () -- C:\Windows\SysNative\TransformPPSToWlanCredentials.xslt [2016/07/16 08:42:38 | 000,000,404 | ---- | M] () -- C:\Windows\SysNative\@VpnToastIcon.png [2016/07/16 08:42:38 | 000,000,330 | ---- | M] () -- C:\Windows\SysNative\@EnrollmentToastIcon.png [2016/07/16 08:42:37 | 000,009,129 | ---- | M] () -- C:\Windows\SysNative\ResPriHMImageList [2016/07/16 08:42:37 | 000,008,598 | ---- | M] () -- C:\Windows\SysNative\ResPriImageList [2016/07/16 08:42:36 | 000,092,324 | ---- | M] () -- C:\Windows\SysNative\DiskSnapshot.conf [2016/07/16 08:42:35 | 000,174,592 | ---- | M] () -- C:\Windows\SysNative\IHDS.dll [2016/07/16 08:42:35 | 000,025,088 | ---- | M] () -- C:\Windows\SysNative\GamePanelExternalHook.dll [2016/07/16 08:42:35 | 000,004,687 | ---- | M] () -- C:\Windows\SysNative\wpcmon.png [2016/07/16 08:42:35 | 000,000,308 | ---- | M] () -- C:\Windows\SysNative\@AudioToastIcon.png [2016/07/16 08:42:35 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2016/07/16 08:42:35 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01019_Inbox_Critical.Wdf [2016/07/16 08:42:34 | 000,144,998 | ---- | M] () -- C:\Windows\SysNative\lusrmgr.msc [2016/07/16 08:42:34 | 000,008,192 | ---- | M] () -- C:\Windows\SysNative\settings.dat [2016/07/16 08:42:34 | 000,002,711 | ---- | M] () -- C:\Windows\SysNative\AppxProvisioning.xml [2016/07/16 08:42:31 | 000,236,488 | ---- | M] () -- C:\Windows\SysNative\weretw.dll [2016/07/16 08:42:31 | 000,204,105 | ---- | M] () -- C:\Windows\SysNative\winrm.vbs [2016/07/16 08:42:31 | 000,004,675 | ---- | M] () -- C:\Windows\SysNative\wsmanconfig_schema.xml [2016/07/16 08:42:31 | 000,004,148 | ---- | M] () -- C:\Windows\SysNative\psmodulediscoveryprovider.mof [2016/07/16 08:42:31 | 000,002,426 | ---- | M] () -- C:\Windows\SysNative\WsmTxt.xsl [2016/07/16 08:42:31 | 000,001,559 | ---- | M] () -- C:\Windows\SysNative\WsmPty.xsl [2016/07/16 08:42:31 | 000,000,199 | ---- | M] () -- C:\Windows\SysNative\winrm.cmd [2016/07/16 08:42:27 | 000,673,088 | ---- | M] () -- C:\Windows\SysNative\mlang.dat [2016/07/16 08:42:27 | 000,000,726 | ---- | M] () -- C:\Windows\SysNative\wpr.config.xml [2016/07/16 08:42:23 | 000,020,792 | ---- | M] () -- C:\Windows\SysNative\@WindowsHelloFaceToastIcon.png [2016/07/16 08:42:22 | 004,227,116 | ---- | M] () -- C:\Windows\SysNative\DefaultHrtfs.bin [2016/07/16 08:42:22 | 003,440,660 | ---- | M] () -- C:\Windows\SysNative\drivers\gm.dls [2016/07/16 08:42:22 | 000,361,984 | ---- | M] () -- C:\Windows\SysNative\HrtfApo.dll [2016/07/16 08:42:22 | 000,149,044 | ---- | M] () -- C:\Windows\SysNative\LargeRoom.bin [2016/07/16 08:42:22 | 000,110,024 | ---- | M] () -- C:\Windows\SysNative\MediumRoom.bin [2016/07/16 08:42:22 | 000,069,776 | ---- | M] () -- C:\Windows\SysNative\SmallRoom.bin [2016/07/16 08:42:22 | 000,046,908 | ---- | M] () -- C:\Windows\SysNative\OutdoorAudioEnvironment.bin [2016/07/16 08:42:20 | 000,142,904 | ---- | M] () -- C:\Windows\SysNative\slmgr.vbs [2016/07/16 08:42:20 | 000,000,263 | ---- | M] () -- C:\Windows\SysNative\odbcconf.rsp [2016/07/16 08:42:19 | 000,160,768 | ---- | M] () -- C:\Windows\SysNative\EditionUpgradeHelper.dll [2016/07/16 08:42:19 | 000,039,424 | ---- | M] () -- C:\Windows\SysNative\efsext.dll [2016/07/16 08:42:19 | 000,000,760 | ---- | M] () -- C:\Windows\SysNative\@edptoastimage.png [2016/07/16 08:42:17 | 000,144,862 | ---- | M] () -- C:\Windows\SysNative\tpm.msc [2016/07/16 08:42:17 | 000,124,118 | ---- | M] () -- C:\Windows\SysNative\comexp.msc [2016/07/16 08:42:16 | 003,170,304 | ---- | M] () -- C:\Windows\SysNative\boot.sdi [2016/07/16 08:42:16 | 000,145,519 | ---- | M] () -- C:\Windows\SysNative\perfmon.msc [2016/07/16 08:42:16 | 000,130,048 | ---- | M] () -- C:\Windows\SysNative\chartv.dll [2016/07/16 08:42:16 | 000,056,119 | ---- | M] () -- C:\Windows\SysNative\srms.dat [2016/07/16 08:42:16 | 000,047,682 | ---- | M] () -- C:\Windows\SysNative\diskmgmt.msc [2016/07/16 08:42:15 | 000,145,640 | ---- | M] () -- C:\Windows\SysNative\devmgmt.msc [2016/07/16 08:42:15 | 000,000,714 | ---- | M] () -- C:\Windows\SysNative\RestartManager.mof [2016/07/16 08:42:15 | 000,000,176 | ---- | M] () -- C:\Windows\SysNative\RestartManagerUninstall.mof [2016/07/16 08:42:14 | 000,369,664 | ---- | M] () -- C:\Windows\SysNative\msinfo32.exe [2016/07/16 08:42:13 | 000,145,127 | ---- | M] () -- C:\Windows\SysNative\eventvwr.msc [2016/07/16 08:42:13 | 000,145,059 | ---- | M] () -- C:\Windows\SysNative\taskschd.msc [2016/07/16 08:42:13 | 000,144,909 | ---- | M] () -- C:\Windows\SysNative\fsmgmt.msc [2016/07/16 08:42:13 | 000,144,673 | ---- | M] () -- C:\Windows\SysNative\WmiMgmt.msc [2016/07/16 08:42:13 | 000,113,256 | ---- | M] () -- C:\Windows\SysNative\compmgmt.msc [2016/07/16 08:42:13 | 000,092,746 | ---- | M] () -- C:\Windows\SysNative\services.msc [2016/07/16 08:42:13 | 000,063,081 | ---- | M] () -- C:\Windows\SysNative\certlm.msc [2016/07/16 08:42:13 | 000,063,070 | ---- | M] () -- C:\Windows\SysNative\certmgr.msc [2016/07/16 08:42:13 | 000,041,587 | ---- | M] () -- C:\Windows\SysNative\azman.msc [2016/07/16 08:42:13 | 000,017,935 | ---- | M] () -- C:\Windows\SysNative\EventViewer_EventDetails.xsl [2016/07/16 08:42:12 | 000,115,091 | ---- | M] () -- C:\Windows\SysNative\WF.msc [2016/07/16 08:42:12 | 000,093,696 | ---- | M] () -- C:\Windows\SysNative\BthpanContextHandler.dll [2016/07/16 08:42:12 | 000,091,132 | ---- | M] () -- C:\Windows\SysNative\gatherNetworkInfo.vbs [2016/07/16 08:42:12 | 000,043,131 | ---- | M] () -- C:\Windows\mib.bin [2016/07/16 08:42:12 | 000,021,656 | ---- | M] () -- C:\Windows\SysNative\NetTrace.PLA.Diagnostics.xml [2016/07/16 08:42:12 | 000,009,728 | ---- | M] () -- C:\Windows\SysNative\VpnSohDesktop.dll [2016/07/16 08:42:12 | 000,001,820 | ---- | M] () -- C:\Windows\SysNative\rasctrnm.h [2016/07/16 08:42:12 | 000,000,565 | ---- | M] () -- C:\Windows\SysNative\NdfEventView.xml [2016/07/16 08:42:11 | 000,004,014 | ---- | M] () -- C:\Windows\SysNative\xwizard.dtd [2016/07/16 08:42:11 | 000,002,307 | ---- | M] () -- C:\Windows\SysNative\WimBootCompress.ini [2016/07/16 08:42:11 | 000,000,843 | ---- | M] () -- C:\Windows\SysNative\onlinesetup.cmd [2016/07/16 08:42:11 | 000,000,614 | ---- | M] () -- C:\Windows\SysNative\WdsUnattendTemplate.xml [2016/07/16 08:42:09 | 000,231,424 | ---- | M] () -- C:\Windows\SysNative\ism32k.dll [2016/07/16 08:42:09 | 000,167,640 | ---- | M] () -- C:\Windows\SysNative\chs_singlechar_pinyin.dat [2016/07/16 08:42:05 | 000,772,568 | ---- | M] (SQLite Development Team) -- C:\Windows\SysNative\winsqlite3.dll [2016/07/16 08:42:05 | 000,000,450 | ---- | M] () -- C:\Windows\SysNative\@BackgroundAccessToastIcon.png [2016/07/16 08:42:04 | 000,045,228 | ---- | M] () -- C:\Windows\SysNative\hypervisor.mof [2016/07/16 08:42:04 | 000,000,167 | ---- | M] () -- C:\Windows\SysNative\removehypervisor.mof [2016/07/16 08:42:03 | 000,090,624 | ---- | M] () -- C:\Windows\SysNative\drivers\NetAdapterCx.sys [2016/07/16 08:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) -- C:\Windows\SysNative\drivers\cht4vx64.sys [2016/07/16 08:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) -- C:\Windows\SysNative\drivers\adp80xx.sys [2016/07/16 08:41:53 | 000,842,584 | ---- | M] (Mellanox) -- C:\Windows\SysNative\drivers\mlx4_bus.sys [2016/07/16 08:41:53 | 000,526,176 | ---- | M] (Mellanox) -- C:\Windows\SysNative\drivers\ibbus.sys [2016/07/16 08:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) -- C:\Windows\SysNative\drivers\cht4sx64.sys [2016/07/16 08:41:53 | 000,305,504 | ---- | M] (VIA Corporation) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS [2016/07/16 08:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys [2016/07/16 08:41:53 | 000,108,896 | ---- | M] (Mellanox) -- C:\Windows\SysNative\drivers\ndfltr.sys [2016/07/16 08:41:53 | 000,107,360 | ---- | M] (LSI) -- C:\Windows\SysNative\drivers\3ware.sys [2016/07/16 08:41:53 | 000,105,824 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys [2016/07/16 08:41:53 | 000,102,752 | ---- | M] (Chelsio Communications) -- C:\Windows\SysNative\drivers\cht4dx64.sys [2016/07/16 08:41:53 | 000,101,216 | ---- | M] (Avago Technologies) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys [2016/07/16 08:41:53 | 000,082,776 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sss.sys [2016/07/16 08:41:53 | 000,064,864 | ---- | M] (Mellanox) -- C:\Windows\SysNative\drivers\winverbs.sys [2016/07/16 08:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\Windows\SysNative\drivers\mvumis.sys [2016/07/16 08:41:53 | 000,061,792 | ---- | M] (Avago Technologies) -- C:\Windows\SysNative\drivers\percsas3i.sys [2016/07/16 08:41:53 | 000,058,720 | ---- | M] (Avago Technologies) -- C:\Windows\SysNative\drivers\percsas2i.sys [2016/07/16 08:41:53 | 000,032,096 | ---- | M] (Mellanox) -- C:\Windows\SysNative\drivers\winmad.sys [2016/07/16 08:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\bcmfn2.sys [2016/07/16 08:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\bcmfn.sys [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2016/10/05 14:15:11 | 000,000,296 | ---- | C] () -- C:\Windows\tasks\Uninstaller_SkipUac_Marco.job [2016/10/04 23:18:17 | 000,001,326 | ---- | C] () -- C:\Users\Marco\Desktop\DriverMax.lnk [2016/10/04 21:45:06 | 000,000,214 | ---- | C] () -- C:\Windows\tasks\CreateExplorerShellUnelevatedTask.job [2016/10/04 21:41:58 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe [2016/10/04 21:27:57 | 000,000,753 | ---- | C] () -- C:\Windows\SysNative\drivers\etc\hosts [2016/10/04 20:57:09 | 000,076,576 | ---- | C] () -- C:\Users\Marco\Desktop\capture-20161004-205652.jpg [2016/10/03 12:26:42 | 000,413,056 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2016/10/02 22:06:24 | 141,918,344 | ---- | C] () -- C:\Users\Marco\Desktop\Dr-Web.exe [2016/10/02 21:50:00 | 001,309,184 | ---- | C] () -- C:\Users\Marco\Desktop\zoek.exe [2016/10/02 21:29:44 | 003,861,056 | ---- | C] () -- C:\Users\Marco\Desktop\AdwCleaner.exe [2016/10/02 19:01:24 | 000,021,984 | ---- | C] () -- C:\Windows\SysNative\drivers\semav6msr64.sys [2016/10/01 14:24:11 | 000,002,415 | ---- | C] () -- C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [2016/10/01 14:18:05 | 000,011,433 | ---- | C] () -- C:\Windows\diagwrn.xml [2016/10/01 14:18:05 | 000,011,433 | ---- | C] () -- C:\Windows\diagerr.xml [2016/10/01 14:03:48 | 000,001,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2016/10/01 13:50:47 | 001,940,718 | ---- | C] () -- C:\Windows\SysNative\PerfStringBackup.INI [2016/10/01 13:50:40 | 001,517,196 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2016/10/01 13:46:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2016/10/01 13:45:53 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf [2016/10/01 13:45:14 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2016/10/01 13:41:17 | 000,043,916 | ---- | C] () -- C:\Windows\SysWow64\license.rtf [2016/10/01 13:41:17 | 000,043,916 | ---- | C] () -- C:\Windows\SysNative\license.rtf [2016/10/01 13:34:55 | 000,445,765 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml [2016/10/01 13:34:02 | 002,681,200 | ---- | C] () -- C:\Windows\SysNative\CoreUIComponents.dll [2016/10/01 13:34:02 | 002,048,496 | ---- | C] () -- C:\Windows\SysWow64\CoreUIComponents.dll [2016/10/01 13:34:01 | 000,327,680 | ---- | C] () -- C:\Windows\SysNative\wc_storage.dll [2016/10/01 13:34:00 | 000,418,304 | ---- | C] () -- C:\Windows\SysNative\Windows.Perception.Stub.dll [2016/10/01 13:34:00 | 000,265,728 | ---- | C] () -- C:\Windows\SysWow64\Windows.Perception.Stub.dll [2016/10/01 12:28:28 | 000,000,036 | ---- | C] () -- C:\Windows\progress.ini [2016/10/01 12:27:53 | 000,000,758 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistente de Atualização do Windows 10.lnk [2016/10/01 12:27:53 | 000,000,746 | ---- | C] () -- C:\Users\Marco\Desktop\Assistente de Atualização do Windows 10.lnk [2016/10/01 12:03:28 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys [2016/09/03 10:50:18 | 000,002,842 | ---- | C] () -- C:\Windows\SysNative\lic2.xml22494 [2016/09/03 10:49:02 | 000,002,268 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender antivírus Free Edition.lnk [2016/08/03 20:10:16 | 000,002,457 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [2016/07/31 14:57:28 | 000,077,824 | ---- | C] () -- C:\Windows\KMSEmulator.exe [2016/07/31 13:37:40 | 000,009,381 | ---- | C] () -- C:\Users\Marco\AppData\Roaming\Valores Separados por Vírgulas (Windows).EML [2016/07/31 12:29:13 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\WpsUpdateTask_Marco.job [2016/07/31 12:29:02 | 000,000,724 | ---- | C] () -- C:\Windows\tasks\WpsKtpcntrQingTask_Marco.job [2016/07/31 12:29:01 | 000,002,496 | ---- | C] () -- C:\Users\Marco\Desktop\WPS Presentation.lnk [2016/07/31 12:29:01 | 000,002,488 | ---- | C] () -- C:\Users\Marco\Desktop\WPS Writer.lnk [2016/07/31 12:29:01 | 000,002,476 | ---- | C] () -- C:\Users\Marco\Desktop\WPS Spreadsheets.lnk [2016/07/31 12:29:00 | 000,000,430 | ---- | C] () -- C:\Windows\tasks\WpsExternal_20160731122900.job [2016/07/28 20:33:29 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3847410376-614814884-3458226429-1000UA.job [2016/07/28 20:33:29 | 000,001,044 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3847410376-614814884-3458226429-1000Core.job [2016/07/28 20:24:00 | 000,001,094 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2016/07/28 20:24:00 | 000,001,090 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2016/07/25 13:41:56 | 000,008,800 | ---- | C] () -- C:\Users\Marco\Desktop\ComprovanteTef.pdf [2016/07/16 20:16:12 | 000,033,498 | ---- | C] () -- C:\Windows\Core.xml [2016/07/16 20:10:12 | 000,577,298 | ---- | C] () -- C:\Windows\SysNative\prfh0416.dat [2016/07/16 20:10:12 | 000,328,278 | ---- | C] () -- C:\Windows\SysNative\prfi0416.dat [2016/07/16 20:10:12 | 000,177,946 | ---- | C] () -- C:\Windows\SysNative\prfc0416.dat [2016/07/16 20:10:12 | 000,040,752 | ---- | C] () -- C:\Windows\SysNative\prfd0416.dat [2016/07/16 08:49:35 | 000,296,742 | ---- | C] () -- C:\Windows\SysNative\perfi009.dat [2016/07/16 08:49:35 | 000,033,362 | ---- | C] () -- C:\Windows\SysNative\perfd009.dat [2016/07/16 08:49:31 | 000,913,212 | ---- | C] () -- C:\Windows\SysNative\perfh009.dat [2016/07/16 08:49:31 | 000,251,734 | ---- | C] () -- C:\Windows\SysNative\perfc009.dat [2016/07/16 08:47:57 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2016/07/16 08:47:57 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2016/07/16 08:47:54 | 000,003,683 | ---- | C] () -- C:\Windows\SysNative\drivers\etc\lmhosts.sam [2016/07/16 08:47:53 | 000,015,462 | ---- | C] () -- C:\Windows\SysNative\OEMDefaultAssociations.xml [2016/07/16 08:47:53 | 000,000,741 | ---- | C] () -- C:\Windows\SysNative\NOISE.DAT [2016/07/16 08:47:52 | 000,215,943 | ---- | C] () -- C:\Windows\SysNative\dssec.dat [2016/07/16 08:47:52 | 000,000,858 | ---- | C] () -- C:\Windows\SysNative\DefaultQuestions.json [2016/07/16 08:44:03 | 000,076,060 | ---- | C] () -- C:\Windows\SysWow64\xpsrchvw.xml [2016/07/16 08:44:03 | 000,076,060 | ---- | C] () -- C:\Windows\SysNative\xpsrchvw.xml [2016/07/16 08:44:01 | 000,009,096 | ---- | C] () -- C:\Windows\SysWow64\msmqtrc.mof [2016/07/16 08:44:01 | 000,003,401 | ---- | C] () -- C:\Windows\SysWow64\msmqpub.mof [2016/07/16 08:44:01 | 000,000,895 | ---- | C] () -- C:\Windows\SysWow64\msmqtrcRemove.mof [2016/07/16 08:43:59 | 000,003,458 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2016/07/16 08:43:52 | 000,006,886 | ---- | C] () -- C:\Windows\SysWow64\SecurityAndMaintenance_Error.png [2016/07/16 08:43:52 | 000,005,796 | ---- | C] () -- C:\Windows\SysWow64\SecurityAndMaintenance.png [2016/07/16 08:43:52 | 000,002,626 | ---- | C] () -- C:\Windows\SysWow64\SecurityAndMaintenance_Alert.png [2016/07/16 08:43:51 | 000,006,886 | ---- | C] () -- C:\Windows\SysNative\SecurityAndMaintenance_Error.png [2016/07/16 08:43:51 | 000,005,796 | ---- | C] () -- C:\Windows\SysNative\SecurityAndMaintenance.png [2016/07/16 08:43:51 | 000,002,626 | ---- | C] () -- C:\Windows\SysNative\SecurityAndMaintenance_Alert.png [2016/07/16 08:43:50 | 000,013,091 | ---- | C] () -- C:\Windows\SysNative\DevModeRunAsUserConfig.msc [2016/07/16 08:43:50 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml [2016/07/16 08:43:50 | 000,002,349 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [2016/07/16 08:43:50 | 000,002,199 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk [2016/07/16 08:43:08 | 000,316,640 | ---- | C] () -- C:\Windows\WMSysPr9.prx [2016/07/16 08:43:08 | 000,009,096 | ---- | C] () -- C:\Windows\SysNative\msmqtrc.mof [2016/07/16 08:43:08 | 000,003,458 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2016/07/16 08:43:08 | 000,003,401 | ---- | C] () -- C:\Windows\SysNative\msmqpub.mof [2016/07/16 08:43:08 | 000,000,895 | ---- | C] () -- C:\Windows\SysNative\msmqtrcRemove.mof [2016/07/16 08:43:04 | 000,211,938 | ---- | C] () -- C:\Windows\SysWow64\lcphrase.tbl [2016/07/16 08:43:04 | 000,055,296 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2016/07/16 08:43:04 | 000,024,114 | ---- | C] () -- C:\Windows\SysWow64\lcptr.tbl [2016/07/16 08:43:02 | 000,003,666 | ---- | C] () -- C:\Windows\SysWow64\sysprtj.sep [2016/07/16 08:43:02 | 000,003,317 | ---- | C] () -- C:\Windows\SysWow64\sysprint.sep [2016/07/16 08:43:02 | 000,001,673 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml [2016/07/16 08:43:02 | 000,000,404 | ---- | C] () -- C:\Windows\SysWow64\@VpnToastIcon.png [2016/07/16 08:43:02 | 000,000,330 | ---- | C] () -- C:\Windows\SysWow64\@EnrollmentToastIcon.png [2016/07/16 08:43:02 | 000,000,150 | ---- | C] () -- C:\Windows\SysWow64\pcl.sep [2016/07/16 08:43:02 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\pscript.sep [2016/07/16 08:43:00 | 000,115,091 | ---- | C] () -- C:\Windows\SysWow64\WF.msc [2016/07/16 08:43:00 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\GamePanelExternalHook.dll [2016/07/16 08:43:00 | 000,004,014 | ---- | C] () -- C:\Windows\SysWow64\xwizard.dtd [2016/07/16 08:43:00 | 000,001,820 | ---- | C] () -- C:\Windows\SysWow64\rasctrnm.h [2016/07/16 08:43:00 | 000,000,308 | ---- | C] () -- C:\Windows\SysWow64\@AudioToastIcon.png [2016/07/16 08:42:58 | 000,144,998 | ---- | C] () -- C:\Windows\SysWow64\lusrmgr.msc [2016/07/16 08:42:58 | 000,002,711 | ---- | C] () -- C:\Windows\SysWow64\AppxProvisioning.xml [2016/07/16 08:42:57 | 000,000,565 | ---- | C] () -- C:\Windows\SysWow64\NdfEventView.xml [2016/07/16 08:42:56 | 000,204,105 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs [2016/07/16 08:42:56 | 000,185,368 | ---- | C] () -- C:\Windows\SysWow64\weretw.dll [2016/07/16 08:42:56 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml [2016/07/16 08:42:56 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl [2016/07/16 08:42:56 | 000,001,559 | ---- | C] () -- C:\Windows\SysWow64\WsmPty.xsl [2016/07/16 08:42:56 | 000,000,199 | ---- | C] () -- C:\Windows\SysWow64\winrm.cmd [2016/07/16 08:42:55 | 000,167,640 | ---- | C] () -- C:\Windows\SysWow64\chs_singlechar_pinyin.dat [2016/07/16 08:42:55 | 000,038,400 | ---- | C] () -- C:\Windows\SysWow64\dtdump.exe [2016/07/16 08:42:53 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2016/07/16 08:42:49 | 003,440,660 | ---- | C] () -- C:\Windows\SysWow64\drivers\gm.dls [2016/07/16 08:42:49 | 000,304,640 | ---- | C] () -- C:\Windows\SysWow64\HrtfApo.dll [2016/07/16 08:42:48 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2016/07/16 08:42:48 | 000,004,453 | ---- | C] () -- C:\Windows\SysWow64\odbcconf.rsp [2016/07/16 08:42:48 | 000,002,233 | ---- | C] () -- C:\Windows\SysWow64\12520850.cpx [2016/07/16 08:42:48 | 000,002,151 | ---- | C] () -- C:\Windows\SysWow64\12520437.cpx [2016/07/16 08:42:46 | 003,170,304 | ---- | C] () -- C:\Windows\SysWow64\boot.sdi [2016/07/16 08:42:46 | 000,145,519 | ---- | C] () -- C:\Windows\SysWow64\perfmon.msc [2016/07/16 08:42:46 | 000,142,904 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs [2016/07/16 08:42:46 | 000,124,118 | ---- | C] () -- C:\Windows\SysWow64\comexp.msc [2016/07/16 08:42:46 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\chartv.dll [2016/07/16 08:42:46 | 000,047,682 | ---- | C] () -- C:\Windows\SysWow64\diskmgmt.msc [2016/07/16 08:42:46 | 000,031,232 | ---- | C] () -- C:\Windows\SysWow64\efsext.dll [2016/07/16 08:42:45 | 000,336,896 | ---- | C] () -- C:\Windows\SysWow64\msinfo32.exe [2016/07/16 08:42:45 | 000,145,640 | ---- | C] () -- C:\Windows\SysWow64\devmgmt.msc [2016/07/16 08:42:45 | 000,144,862 | ---- | C] () -- C:\Windows\SysWow64\tpm.msc [2016/07/16 08:42:45 | 000,000,714 | ---- | C] () -- C:\Windows\SysWow64\RestartManager.mof [2016/07/16 08:42:45 | 000,000,176 | ---- | C] () -- C:\Windows\SysWow64\RestartManagerUninstall.mof [2016/07/16 08:42:43 | 000,211,938 | ---- | C] () -- C:\Windows\SysNative\lcphrase.tbl [2016/07/16 08:42:43 | 000,145,127 | ---- | C] () -- C:\Windows\SysWow64\eventvwr.msc [2016/07/16 08:42:43 | 000,145,059 | ---- | C] () -- C:\Windows\SysWow64\taskschd.msc [2016/07/16 08:42:43 | 000,144,909 | ---- | C] () -- C:\Windows\SysWow64\fsmgmt.msc [2016/07/16 08:42:43 | 000,113,256 | ---- | C] () -- C:\Windows\SysWow64\compmgmt.msc [2016/07/16 08:42:43 | 000,092,746 | ---- | C] () -- C:\Windows\SysWow64\services.msc [2016/07/16 08:42:43 | 000,063,081 | ---- | C] () -- C:\Windows\SysWow64\certlm.msc [2016/07/16 08:42:43 | 000,063,070 | ---- | C] () -- C:\Windows\SysWow64\certmgr.msc [2016/07/16 08:42:43 | 000,041,587 | ---- | C] () -- C:\Windows\SysWow64\azman.msc [2016/07/16 08:42:43 | 000,024,114 | ---- | C] () -- C:\Windows\SysNative\lcptr.tbl [2016/07/16 08:42:43 | 000,017,935 | ---- | C] () -- C:\Windows\SysWow64\EventViewer_EventDetails.xsl [2016/07/16 08:42:43 | 000,002,307 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini [2016/07/16 08:42:41 | 000,000,600 | ---- | C] () -- C:\Windows\SysNative\@language_notification_icon.png [2016/07/16 08:42:40 | 000,063,488 | ---- | C] () -- C:\Windows\SysNative\BWContextHandler.dll [2016/07/16 08:42:40 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\@optionalfeatures.png [2016/07/16 08:42:39 | 000,060,124 | ---- | C] () -- C:\Windows\SysNative\tcpmon.ini [2016/07/16 08:42:39 | 000,003,666 | ---- | C] () -- C:\Windows\SysNative\sysprtj.sep [2016/07/16 08:42:39 | 000,003,317 | ---- | C] () -- C:\Windows\SysNative\sysprint.sep [2016/07/16 08:42:39 | 000,001,673 | ---- | C] () -- C:\Windows\SysNative\tcpbidi.xml [2016/07/16 08:42:39 | 000,000,150 | ---- | C] () -- C:\Windows\SysNative\pcl.sep [2016/07/16 08:42:39 | 000,000,051 | ---- | C] () -- C:\Windows\SysNative\pscript.sep [2016/07/16 08:42:38 | 000,015,106 | ---- | C] () -- C:\Windows\SysNative\@WiFiNotificationIcon.png [2016/07/16 08:42:38 | 000,010,540 | ---- | C] () -- C:\Windows\SysNative\TransformPPSToWlan.xslt [2016/07/16 08:42:38 | 000,001,688 | ---- | C] () -- C:\Windows\SysNative\TransformPPSToWlanCredentials.xslt [2016/07/16 08:42:38 | 000,000,404 | ---- | C] () -- C:\Windows\SysNative\@VpnToastIcon.png [2016/07/16 08:42:38 | 000,000,330 | ---- | C] () -- C:\Windows\SysNative\@EnrollmentToastIcon.png [2016/07/16 08:42:37 | 000,009,129 | ---- | C] () -- C:\Windows\SysNative\ResPriHMImageList [2016/07/16 08:42:37 | 000,008,598 | ---- | C] () -- C:\Windows\SysNative\ResPriImageList [2016/07/16 08:42:36 | 000,092,324 | ---- | C] () -- C:\Windows\SysNative\DiskSnapshot.conf [2016/07/16 08:42:35 | 000,174,592 | ---- | C] () -- C:\Windows\SysNative\IHDS.dll [2016/07/16 08:42:35 | 000,025,088 | ---- | C] () -- C:\Windows\SysNative\GamePanelExternalHook.dll [2016/07/16 08:42:35 | 000,004,687 | ---- | C] () -- C:\Windows\SysNative\wpcmon.png [2016/07/16 08:42:35 | 000,000,308 | ---- | C] () -- C:\Windows\SysNative\@AudioToastIcon.png [2016/07/16 08:42:35 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2016/07/16 08:42:35 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01019_Inbox_Critical.Wdf [2016/07/16 08:42:34 | 000,144,998 | ---- | C] () -- C:\Windows\SysNative\lusrmgr.msc [2016/07/16 08:42:34 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\settings.dat [2016/07/16 08:42:34 | 000,002,711 | ---- | C] () -- C:\Windows\SysNative\AppxProvisioning.xml [2016/07/16 08:42:31 | 000,236,488 | ---- | C] () -- C:\Windows\SysNative\weretw.dll [2016/07/16 08:42:31 | 000,204,105 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs [2016/07/16 08:42:31 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml [2016/07/16 08:42:31 | 000,004,148 | ---- | C] () -- C:\Windows\SysNative\psmodulediscoveryprovider.mof [2016/07/16 08:42:31 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl [2016/07/16 08:42:31 | 000,001,559 | ---- | C] () -- C:\Windows\SysNative\WsmPty.xsl [2016/07/16 08:42:31 | 000,000,199 | ---- | C] () -- C:\Windows\SysNative\winrm.cmd [2016/07/16 08:42:27 | 000,673,088 | ---- | C] () -- C:\Windows\SysNative\mlang.dat [2016/07/16 08:42:27 | 000,000,726 | ---- | C] () -- C:\Windows\SysNative\wpr.config.xml [2016/07/16 08:42:23 | 000,020,792 | ---- | C] () -- C:\Windows\SysNative\@WindowsHelloFaceToastIcon.png [2016/07/16 08:42:22 | 004,227,116 | ---- | C] () -- C:\Windows\SysNative\DefaultHrtfs.bin [2016/07/16 08:42:22 | 003,440,660 | ---- | C] () -- C:\Windows\SysNative\drivers\gm.dls [2016/07/16 08:42:22 | 000,361,984 | ---- | C] () -- C:\Windows\SysNative\HrtfApo.dll [2016/07/16 08:42:22 | 000,149,044 | ---- | C] () -- C:\Windows\SysNative\LargeRoom.bin [2016/07/16 08:42:22 | 000,110,024 | ---- | C] () -- C:\Windows\SysNative\MediumRoom.bin [2016/07/16 08:42:22 | 000,069,776 | ---- | C] () -- C:\Windows\SysNative\SmallRoom.bin [2016/07/16 08:42:22 | 000,046,908 | ---- | C] () -- C:\Windows\SysNative\OutdoorAudioEnvironment.bin [2016/07/16 08:42:22 | 000,002,219 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk [2016/07/16 08:42:20 | 000,142,904 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs [2016/07/16 08:42:20 | 000,000,263 | ---- | C] () -- C:\Windows\SysNative\odbcconf.rsp [2016/07/16 08:42:19 | 000,160,768 | ---- | C] () -- C:\Windows\SysNative\EditionUpgradeHelper.dll [2016/07/16 08:42:19 | 000,039,424 | ---- | C] () -- C:\Windows\SysNative\efsext.dll [2016/07/16 08:42:19 | 000,000,760 | ---- | C] () -- C:\Windows\SysNative\@edptoastimage.png [2016/07/16 08:42:17 | 000,144,862 | ---- | C] () -- C:\Windows\SysNative\tpm.msc [2016/07/16 08:42:17 | 000,124,118 | ---- | C] () -- C:\Windows\SysNative\comexp.msc [2016/07/16 08:42:16 | 003,170,304 | ---- | C] () -- C:\Windows\SysNative\boot.sdi [2016/07/16 08:42:16 | 000,145,519 | ---- | C] () -- C:\Windows\SysNative\perfmon.msc [2016/07/16 08:42:16 | 000,130,048 | ---- | C] () -- C:\Windows\SysNative\chartv.dll [2016/07/16 08:42:16 | 000,056,119 | ---- | C] () -- C:\Windows\SysNative\srms.dat [2016/07/16 08:42:16 | 000,047,682 | ---- | C] () -- C:\Windows\SysNative\diskmgmt.msc [2016/07/16 08:42:15 | 000,145,640 | ---- | C] () -- C:\Windows\SysNative\devmgmt.msc [2016/07/16 08:42:15 | 000,000,714 | ---- | C] () -- C:\Windows\SysNative\RestartManager.mof [2016/07/16 08:42:15 | 000,000,176 | ---- | C] () -- C:\Windows\SysNative\RestartManagerUninstall.mof [2016/07/16 08:42:14 | 000,369,664 | ---- | C] () -- C:\Windows\SysNative\msinfo32.exe [2016/07/16 08:42:13 | 000,145,127 | ---- | C] () -- C:\Windows\SysNative\eventvwr.msc [2016/07/16 08:42:13 | 000,145,059 | ---- | C] () -- C:\Windows\SysNative\taskschd.msc [2016/07/16 08:42:13 | 000,144,909 | ---- | C] () -- C:\Windows\SysNative\fsmgmt.msc [2016/07/16 08:42:13 | 000,144,673 | ---- | C] () -- C:\Windows\SysNative\WmiMgmt.msc [2016/07/16 08:42:13 | 000,113,256 | ---- | C] () -- C:\Windows\SysNative\compmgmt.msc [2016/07/16 08:42:13 | 000,092,746 | ---- | C] () -- C:\Windows\SysNative\services.msc [2016/07/16 08:42:13 | 000,063,081 | ---- | C] () -- C:\Windows\SysNative\certlm.msc [2016/07/16 08:42:13 | 000,063,070 | ---- | C] () -- C:\Windows\SysNative\certmgr.msc [2016/07/16 08:42:13 | 000,041,587 | ---- | C] () -- C:\Windows\SysNative\azman.msc [2016/07/16 08:42:13 | 000,017,935 | ---- | C] () -- C:\Windows\SysNative\EventViewer_EventDetails.xsl [2016/07/16 08:42:12 | 000,115,091 | ---- | C] () -- C:\Windows\SysNative\WF.msc [2016/07/16 08:42:12 | 000,093,696 | ---- | C] () -- C:\Windows\SysNative\BthpanContextHandler.dll [2016/07/16 08:42:12 | 000,091,132 | ---- | C] () -- C:\Windows\SysNative\gatherNetworkInfo.vbs [2016/07/16 08:42:12 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2016/07/16 08:42:12 | 000,021,656 | ---- | C] () -- C:\Windows\SysNative\NetTrace.PLA.Diagnostics.xml [2016/07/16 08:42:12 | 000,009,728 | ---- | C] () -- C:\Windows\SysNative\VpnSohDesktop.dll [2016/07/16 08:42:12 | 000,001,820 | ---- | C] () -- C:\Windows\SysNative\rasctrnm.h [2016/07/16 08:42:12 | 000,000,565 | ---- | C] () -- C:\Windows\SysNative\NdfEventView.xml [2016/07/16 08:42:11 | 000,004,014 | ---- | C] () -- C:\Windows\SysNative\xwizard.dtd [2016/07/16 08:42:11 | 000,002,307 | ---- | C] () -- C:\Windows\SysNative\WimBootCompress.ini [2016/07/16 08:42:11 | 000,000,843 | ---- | C] () -- C:\Windows\SysNative\onlinesetup.cmd [2016/07/16 08:42:11 | 000,000,614 | ---- | C] () -- C:\Windows\SysNative\WdsUnattendTemplate.xml [2016/07/16 08:42:09 | 000,231,424 | ---- | C] () -- C:\Windows\SysNative\ism32k.dll [2016/07/16 08:42:09 | 000,167,640 | ---- | C] () -- C:\Windows\SysNative\chs_singlechar_pinyin.dat [2016/07/16 08:42:05 | 000,000,450 | ---- | C] () -- C:\Windows\SysNative\@BackgroundAccessToastIcon.png [2016/07/16 08:42:04 | 000,045,228 | ---- | C] () -- C:\Windows\SysNative\hypervisor.mof [2016/07/16 08:42:04 | 000,000,167 | ---- | C] () -- C:\Windows\SysNative\removehypervisor.mof [2016/07/16 08:42:03 | 000,090,624 | ---- | C] () -- C:\Windows\SysNative\drivers\NetAdapterCx.sys [2016/05/10 23:12:44 | 000,019,526 | ---- | C] () -- C:\Windows\hpqins13.dat [2016/04/09 09:28:19 | 000,000,180 | ---- | C] () -- C:\Windows\REC-NET.INI [2016/03/21 07:51:34 | 000,000,806 | ---- | C] () -- C:\Users\Marco\Downloads.lnk [2016/02/07 14:27:26 | 000,003,584 | ---- | C] () -- C:\Users\Marco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2015/12/16 19:07:40 | 000,152,560 | ---- | C] () -- C:\Windows\SysWow64\atieah32.exe [2015/12/16 19:07:40 | 000,111,088 | ---- | C] () -- C:\Windows\SysWow64\hsa-thunk.dll [2015/12/16 19:07:38 | 001,004,032 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe [2015/12/16 19:07:36 | 000,807,424 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe [2015/12/16 19:07:34 | 000,198,640 | ---- | C] () -- C:\Windows\SysWow64\amdgfxinfo32.dll [2015/12/16 19:07:34 | 000,132,080 | ---- | C] () -- C:\Windows\SysWow64\amdhdl32.dll [2015/11/04 20:24:18 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2015/11/04 20:24:18 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2015/07/11 21:49:52 | 000,004,999 | ---- | C] () -- C:\ProgramData\wwznqdpf.eax [2015/05/26 17:19:48 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2015/05/26 17:19:11 | 000,005,937 | ---- | C] () -- C:\Windows\mgxoschk.ini [2015/04/08 11:18:04 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-MARCO-PC-Windows-7-Home-Premium-(64-bit).dat [2015/01/06 18:16:17 | 000,017,360 | ---- | C] () -- C:\Users\Marco\dsp_stereo_tool.ini [2014/12/26 00:04:54 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI [2014/11/20 20:35:00 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2014/04/26 14:03:53 | 000,099,720 | ---- | C] () -- C:\Users\Marco\AppData\Roaming\unins000.dat [2013/12/10 20:13:33 | 000,000,037 | -HS- | C] () -- C:\Users\Marco\AppData\Local\70149b02515b3bb20dd492.47983420 [2013/09/09 18:34:41 | 000,007,615 | ---- | C] () -- C:\Users\Marco\AppData\Local\Resmon.ResmonCfg ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\Windows.storage.dll -- [2016/10/01 13:34:01 | 007,219,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\Windows.storage.dll -- [2016/10/01 13:34:01 | 005,722,320 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016/07/16 08:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2016/07/16 08:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016/07/16 08:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2015/05/02 15:30:10 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\.oit [2013/12/25 16:24:36 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\AC3Filter [2015/09/16 20:51:30 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\AMCPromote [2014/11/11 19:37:28 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\AMD [2013/03/24 20:23:29 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\APP_NAME_NON_STRING [2016/02/07 12:13:03 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Ashampoo [2015/02/03 23:51:43 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Audacity [2013/05/14 19:13:02 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Awem [2012/09/18 13:23:05 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Balabolka [2016/07/10 20:18:21 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\BatchSubtitlesConverter [2011/05/14 13:22:10 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\BrOffice.org [2012/06/30 23:04:09 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Camfrog Web [2015/09/16 02:04:02 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\DAEMON Tools Lite [2016/02/07 23:54:34 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\deluge [2016/09/04 18:25:41 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Digiarty [2013/07/17 13:38:38 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\DikobrazGames [2013/11/07 14:26:46 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\DVDVideoSoft [2014/05/15 00:50:03 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\DxCK [2013/08/29 18:13:36 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Efficient Password Manager [2015/02/12 11:37:28 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\eM Client [2014/01/20 12:28:57 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Floodlight Games [2016/09/07 18:46:07 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\foobar2000 [2015/10/30 11:13:17 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Free Easy Audio Editor [2015/11/25 19:21:11 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Free M4a to MP3 Converter [2012/09/18 13:23:05 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\FreeAudioPack [2012/09/18 13:23:05 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\FreeCDRipper [2015/04/25 17:45:28 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\GameMaker-Studio [2012/12/14 14:35:09 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\GetRight [2015/05/02 15:32:43 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Global Graphics [2016/03/12 12:21:00 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\GonVisor [2015/10/01 16:17:16 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\HandBrake [2016/09/08 23:29:28 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Hulubulu [2013/08/16 22:39:37 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\I2P [2016/10/04 23:18:19 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Innovative Solutions [2016/10/02 21:36:33 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\IObit [2014/01/17 09:26:11 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\IrfanView [2015/04/16 13:41:25 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\IsolatedStorage [2014/06/05 09:30:12 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\johnsadventures.com [2013/08/29 22:50:33 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\KeePass [2016/07/31 12:29:13 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Kingsoft [2014/12/11 08:20:38 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\library_dir [2015/05/08 10:45:31 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Light Developer [2015/10/01 20:35:55 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\MediaMonkey [2012/09/16 13:50:54 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\ML [2016/09/18 00:50:31 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Motorola [2016/09/18 00:59:11 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Motorola Mobility [2013/10/13 20:53:32 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\mp3DirectCut [2016/08/23 23:44:54 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Mp3tag [2016/10/03 08:09:26 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\MPC-HC [2013/08/06 10:50:09 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\net1-wfds [2012/12/02 14:48:35 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Nokia [2012/09/18 13:23:06 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\OneSwarm [2016/04/21 23:57:19 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Opera Software [2012/10/10 12:51:09 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\PACE Anti-Piracy [2016/09/03 10:53:16 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Panda Security [2012/08/15 21:51:50 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\PC Suite [2012/09/08 12:28:03 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\PDF Software [2016/10/03 20:38:48 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\PhotoScape [2012/02/02 15:09:53 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Pmcc [2016/06/01 12:45:26 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\PrimoPDF [2016/04/09 09:01:01 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\QuickScan [2011/08/09 19:36:21 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\River Past G5 [2014/05/13 15:20:06 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Samsung [2014/05/24 14:39:16 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Shark007 [2014/12/15 20:35:22 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Simnet [2014/05/02 15:12:50 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\SolSuite [2013/12/14 10:09:38 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Sony [2015/12/03 16:45:04 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\SPlayer [2011/10/06 22:12:44 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Stereoscopic Player [2016/07/10 20:10:22 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Subtitle Edit [2016/06/18 21:49:50 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\TestApp [2016/10/03 21:12:30 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Thunderbird [2011/05/19 11:52:53 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Tibiacast [2015/05/11 11:54:21 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\TrueCrypt [2016/04/09 08:38:58 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\TuneUp Software [2013/01/07 21:57:58 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\URUWorks [2016/10/03 00:43:13 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\uTorrent [2016/06/17 23:13:18 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\VeraCrypt [2012/09/18 13:23:06 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\VirtuaWin [2016/05/12 09:31:11 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Visan [2013/07/10 08:43:43 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Waterfox Limited [2013/01/04 20:36:42 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Win7codecs [2011/11/02 09:18:56 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\WinAVI [2013/08/19 12:45:46 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\WinBatch [2014/08/26 19:17:28 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Wise Care 365 [2016/08/21 22:46:20 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\XnView [2014/08/09 19:38:42 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Yamb [2014/09/27 16:59:12 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\YCanPDF [2014/05/16 18:35:55 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\ZJMedia ========== Purity Check ========== ========== Custom Scans ========== < %systemroot%\system32\drivers\*.* /90 > [2016/07/16 08:42:49 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls [2016/07/16 08:42:49 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt [2016/10/01 09:35:13 | 000,027,552 | ---- | M] (REALiX(tm)) -- C:\Windows\system32\drivers\HWiNFO64A.SYS < %systemdrive%\drivers\*.exe > < %SYSTEMDRIVE%\*.* > [2015/12/06 11:38:18 | 000,000,000 | -H-- | M] () -- C:\$WINRE_BACKUP_PARTITION.MARKER [2014/11/09 15:05:43 | 000,001,024 | ---- | M] () -- C:\.rnd [2015/10/30 04:18:34 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT [2014/09/15 21:14:53 | 000,002,361 | ---- | M] () -- C:\CFinder[R0].txt [2015/12/16 20:03:27 | 000,000,000 | ---- | M] () -- C:\cps_report.txt [2014/11/20 09:49:12 | 000,003,730 | ---- | M] () -- C:\DarkRelatorio.txt [2014/03/14 22:08:07 | 000,009,339 | ---- | M] () -- C:\JavaRa.log [2016/10/05 12:44:24 | 4160,749,568 | -HS- | M] () -- C:\pagefile.sys [2013/09/30 10:40:08 | 000,000,854 | ---- | M] () -- C:\registro.txt [2013/09/30 20:47:37 | 000,001,144 | ---- | M] () -- C:\search.reg [2016/10/05 12:44:24 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2016/10/04 21:45:08 | 000,045,774 | ---- | M] () -- C:\zoek-results.log [2015/12/10 13:31:22 | 000,045,110 | ---- | M] () -- C:\zoek-results2015-12-10-163122.log [2016/02/15 14:31:28 | 000,027,413 | ---- | M] () -- C:\zoek-results2016-02-15-173128.log [2016/09/14 21:49:09 | 000,034,766 | ---- | M] () -- C:\zoek-results2016-09-15-004909.log [2016/10/02 22:14:28 | 000,003,327 | ---- | M] () -- C:\zoek-results2016-10-03-011428.log [2016/10/04 13:12:36 | 000,003,226 | ---- | M] () -- C:\zoek-results2016-10-04-161236.log < %LOCALAPPDATA%\*.exe > < %LOCALAPPDATA%\*.txt > < %LOCALAPPDATA%\*.ini > [2016/02/07 14:27:30 | 000,003,584 | ---- | M] () -- C:\Users\Marco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini < %LOCALAPPDATA%\*.dll > < %LOCALAPPDATA%\*.dat > < %USERPROFILE%\*.exe > < %USERPROFILE%\*.txt > < %USERPROFILE%\*.ini > [2015/01/06 19:13:56 | 000,017,360 | ---- | M] () -- C:\Users\Marco\dsp_stereo_tool.ini [2016/10/01 14:20:23 | 000,000,020 | -HS- | M] () -- C:\Users\Marco\ntuser.ini < %USERPROFILE%\*.dll > < %USERPROFILE%\*.dat /30 > [2016/10/05 08:31:11 | 011,272,192 | -H-- | M] () -- C:\Users\Marco\NTUSER.DAT < C:\Windows\system32\Tasks\*.* /s > [2012/09/07 01:16:34 | 000,000,902 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2015/06/20 12:06:17 | 000,000,402 | ---- | C] () -- C:\Windows\Tasks\HP Photo Creations Communicator.job [2016/07/28 20:24:00 | 000,001,090 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2016/07/28 20:24:00 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2016/07/28 20:33:29 | 000,001,044 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3847410376-614814884-3458226429-1000Core.job [2016/07/28 20:33:29 | 000,001,096 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3847410376-614814884-3458226429-1000UA.job [2016/07/31 12:29:00 | 000,000,430 | ---- | C] () -- C:\Windows\Tasks\WpsExternal_20160731122900.job [2016/07/31 12:29:02 | 000,000,724 | ---- | C] () -- C:\Windows\Tasks\WpsKtpcntrQingTask_Marco.job [2016/07/31 12:29:13 | 000,000,408 | ---- | C] () -- C:\Windows\Tasks\WpsUpdateTask_Marco.job [2016/10/01 14:17:17 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2016/10/04 21:45:06 | 000,000,214 | ---- | C] () -- C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job [2016/10/05 14:15:11 | 000,000,296 | ---- | C] () -- C:\Windows\Tasks\Uninstaller_SkipUac_Marco.job < C:\Windows\system32\Tasks\*.* /s /64 > [2016/10/02 21:56:54 | 000,004,562 | ---- | M] () -- C:\Windows\SysNative\Tasks\Adobe Acrobat Update Task [2016/10/01 14:17:29 | 000,003,220 | ---- | M] () -- C:\Windows\SysNative\Tasks\Adobe Flash Player Updater [2016/10/04 23:18:17 | 000,003,608 | ---- | M] () -- C:\Windows\SysNative\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c [2016/10/01 14:17:26 | 000,002,218 | ---- | M] () -- C:\Windows\SysNative\Tasks\CCleanerSkipUAC [2016/10/01 14:17:19 | 000,003,382 | ---- | M] () -- C:\Windows\SysNative\Tasks\GoogleUpdateTaskMachineCore [2016/10/01 14:17:23 | 000,003,606 | ---- | M] () -- C:\Windows\SysNative\Tasks\GoogleUpdateTaskMachineUA [2016/10/01 14:17:30 | 000,003,502 | ---- | M] () -- C:\Windows\SysNative\Tasks\GoogleUpdateTaskUserS-1-5-21-3847410376-614814884-3458226429-1000Core [2016/10/01 14:17:30 | 000,003,770 | ---- | M] () -- C:\Windows\SysNative\Tasks\GoogleUpdateTaskUserS-1-5-21-3847410376-614814884-3458226429-1000UA [2016/10/01 14:17:24 | 000,002,948 | ---- | M] () -- C:\Windows\SysNative\Tasks\HP Photo Creations Communicator [2016/10/03 23:57:12 | 000,004,080 | ---- | M] () -- C:\Windows\SysNative\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d [2016/10/03 23:57:12 | 000,003,846 | ---- | M] () -- C:\Windows\SysNative\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon [2016/10/01 14:17:27 | 000,003,094 | ---- | M] () -- C:\Windows\SysNative\Tasks\Java Platform SE Auto Updater [2016/10/01 14:17:22 | 000,002,304 | ---- | M] () -- C:\Windows\SysNative\Tasks\MasterSeeker.UACBypass.02434f033eaf180e284a1a4630da836b [2016/10/01 14:17:23 | 000,002,296 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft_Hardware_Launch_IType_exe [2016/10/01 14:17:21 | 000,002,430 | ---- | M] () -- C:\Windows\SysNative\Tasks\PandaUSBVaccine [2016/10/01 14:17:31 | 000,002,426 | ---- | M] () -- C:\Windows\SysNative\Tasks\PrivaZer_SkipUAC [2016/10/05 14:15:11 | 000,002,482 | ---- | M] () -- C:\Windows\SysNative\Tasks\Uninstaller_SkipUac_Marco [2016/10/03 21:40:57 | 000,002,110 | ---- | M] () -- C:\Windows\SysNative\Tasks\USER_ESRV_SVC_WILLAMETTE [2016/10/01 14:17:25 | 000,002,920 | ---- | M] () -- C:\Windows\SysNative\Tasks\WpsExternal_20160731122900 [2016/10/01 14:17:22 | 000,003,146 | ---- | M] () -- C:\Windows\SysNative\Tasks\WpsKtpcntrQingTask_Marco [2016/10/01 14:17:28 | 000,002,884 | ---- | M] () -- C:\Windows\SysNative\Tasks\WpsUpdateTask_Marco [2016/10/03 21:40:23 | 000,004,200 | ---- | M] () -- C:\Windows\SysNative\Tasks\Intel\Intel Telemetry 2 [2016/10/01 14:17:19 | 000,003,532 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task [2016/10/02 17:22:50 | 000,003,706 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 [2016/10/02 17:22:52 | 000,003,712 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 [2016/10/02 17:22:51 | 000,002,882 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical [2016/10/02 17:22:50 | 000,002,876 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical [2016/10/01 14:17:20 | 000,003,978 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) [2016/10/01 14:17:20 | 000,003,426 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) [2016/10/01 14:17:29 | 000,003,436 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\AppID\EDP Policy Manager [2016/10/01 14:17:28 | 000,002,722 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\AppID\PolicyConverter [2016/10/01 14:17:19 | 000,003,320 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific [2016/10/01 14:17:18 | 000,003,346 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck [2016/10/01 14:23:18 | 000,004,680 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser [2016/10/01 14:17:22 | 000,003,014 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater [2016/10/01 14:17:28 | 000,003,090 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Application Experience\StartupAppTask [2016/10/01 14:17:33 | 000,003,586 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily [2016/10/01 14:17:32 | 000,003,964 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall [2016/10/01 14:17:27 | 000,003,052 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState [2016/10/01 14:17:32 | 000,002,716 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup [2016/10/02 17:24:30 | 000,003,086 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup [2016/10/01 14:17:18 | 000,002,870 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Autochk\Proxy [2016/10/01 14:17:27 | 000,002,328 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask [2016/10/01 14:17:30 | 000,002,936 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask [2016/10/01 14:17:26 | 000,002,830 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask [2016/10/01 14:17:20 | 000,003,994 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask [2016/10/01 14:17:18 | 000,003,694 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask [2016/10/01 14:17:20 | 000,003,680 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask [2016/10/01 14:17:27 | 000,003,554 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam [2016/10/01 14:17:33 | 000,002,780 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan [2016/10/01 14:17:18 | 000,003,428 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Clip\License Validation [2016/10/01 14:17:30 | 000,002,242 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\CloudExperienceHost\CreateObjectTask [2016/10/01 14:17:30 | 000,003,030 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator [2016/10/01 14:17:21 | 000,003,410 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask [2016/10/01 14:17:26 | 000,003,162 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip [2016/10/01 14:17:18 | 000,003,718 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan [2016/10/01 14:17:30 | 000,003,354 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery [2016/10/01 14:17:31 | 000,002,930 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag [2016/10/01 14:22:44 | 000,004,192 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Device Information\Device [2016/10/01 14:17:32 | 000,002,984 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh [2016/10/01 14:17:27 | 000,002,914 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand [2016/10/01 14:17:26 | 000,002,914 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand [2016/10/01 14:17:32 | 000,003,138 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck [2016/10/01 14:17:31 | 000,002,940 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession [2016/10/01 14:17:30 | 000,003,404 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange [2016/10/01 14:20:11 | 000,003,172 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork [2016/10/01 14:20:12 | 000,003,344 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange [2016/10/01 14:20:11 | 000,003,262 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 [2016/10/01 14:20:11 | 000,003,450 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 [2016/10/01 14:20:12 | 000,003,230 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 [2016/10/01 14:20:12 | 000,003,486 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange [2016/10/01 14:20:12 | 000,003,272 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff [2016/10/01 14:17:28 | 000,003,202 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange [2016/10/01 14:17:20 | 000,003,308 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice [2016/10/01 14:17:29 | 000,003,092 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Diagnosis\Scheduled [2016/10/01 14:17:32 | 000,003,072 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup [2016/10/01 14:17:33 | 000,003,034 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector [2016/10/01 14:17:21 | 000,002,766 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver [2016/10/01 14:17:21 | 000,002,398 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics [2016/10/01 14:17:27 | 000,002,430 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DiskFootprint\StorageSense [2016/10/01 14:17:26 | 000,002,384 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\DUSM\dusmtask [2016/10/01 14:17:22 | 000,002,302 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\EDP\EDP App Launch Task [2016/10/01 14:17:22 | 000,002,284 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\EDP\EDP Auth Task [2016/10/01 14:17:19 | 000,002,182 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask [2016/10/01 14:17:25 | 000,002,782 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate [2016/10/01 14:17:23 | 000,002,948 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate [2016/10/01 14:17:21 | 000,002,880 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient [2016/10/01 14:17:27 | 000,002,998 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload [2016/10/01 14:17:28 | 000,002,996 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) [2016/10/01 14:17:21 | 000,003,736 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation [2016/10/01 14:17:21 | 000,003,168 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation [2016/10/01 14:17:27 | 000,003,340 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange [2016/10/01 14:17:24 | 000,002,638 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Location\Notifications [2016/10/01 14:17:31 | 000,002,572 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Location\WindowsActionDialog [2016/10/01 14:17:33 | 000,003,002 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Maintenance\WinSAT [2016/10/01 14:17:20 | 000,002,998 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Management\Provisioning\Logon [2016/10/01 14:17:29 | 000,002,946 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Maps\MapsToastTask [2016/10/02 15:07:12 | 000,003,414 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Maps\MapsUpdateTask [2016/10/01 14:17:28 | 000,002,606 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch [2016/10/01 14:17:34 | 000,002,634 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService [2016/10/01 14:17:23 | 000,002,584 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks [2016/10/01 14:17:29 | 000,002,586 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\ehDRMInit [2016/10/01 14:17:28 | 000,002,600 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\InstallPlayReady [2016/10/01 14:17:32 | 000,002,674 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\mcupdate [2016/10/01 14:17:25 | 000,002,610 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled [2016/10/01 14:17:33 | 000,002,838 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask [2016/10/01 14:17:22 | 000,002,842 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask [2016/10/01 14:17:21 | 000,002,566 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\OCURActivate [2016/10/01 14:17:22 | 000,002,586 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\OCURDiscovery [2016/10/01 14:17:23 | 000,002,570 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\PBDADiscovery [2016/10/01 14:17:27 | 000,002,792 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 [2016/10/01 14:17:25 | 000,002,794 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 [2016/10/01 14:17:23 | 000,002,990 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry [2016/10/01 14:17:29 | 000,002,810 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask [2016/10/01 14:17:28 | 000,002,802 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask [2016/10/01 14:17:18 | 000,002,832 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\RecordingRestart [2016/10/01 14:17:33 | 000,002,594 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\RegisterSearch [2016/10/01 14:17:26 | 000,002,618 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot [2016/10/01 14:17:32 | 000,002,826 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask [2016/10/01 14:17:28 | 000,002,484 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\StartRecording [2016/10/01 14:17:26 | 000,002,922 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath [2016/10/01 14:17:28 | 000,005,684 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents [2016/10/01 14:17:33 | 000,003,446 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic [2016/10/01 14:17:29 | 000,003,582 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser [2016/10/01 14:17:19 | 000,002,762 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\MobilePC\HotStart [2016/10/01 14:17:23 | 000,002,796 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\MUI\LPRemove [2016/10/01 14:17:20 | 000,002,574 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService [2016/10/01 14:17:19 | 000,002,818 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler [2016/10/01 14:17:34 | 000,002,444 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo [2016/10/01 14:17:24 | 000,002,996 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\NlaSvc\WiFiTask [2016/10/01 14:17:30 | 000,003,008 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor [2016/10/01 14:17:26 | 000,003,060 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\PI\Secure-Boot-Update [2016/10/01 14:17:32 | 000,002,880 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\PI\Sqm-Tasks [2016/10/01 14:17:24 | 000,002,972 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy [2016/10/01 14:17:32 | 000,002,992 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required [2016/10/01 14:17:31 | 000,003,200 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup [2016/10/01 14:17:34 | 000,002,338 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers [2016/10/01 14:17:27 | 000,003,128 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem [2016/10/01 14:17:32 | 000,003,462 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Ras\MobilityManager [2016/10/01 14:17:22 | 000,003,420 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE [2016/10/01 14:17:33 | 000,003,218 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Registry\RegIdleBackup [2016/10/01 14:17:23 | 000,003,796 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask [2016/10/01 14:17:31 | 000,002,794 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\RemovalTools\MRT_HB [2016/10/01 14:19:58 | 000,004,030 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent [2016/10/01 14:17:23 | 000,002,502 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup [2016/10/01 14:17:33 | 000,002,544 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask [2016/10/01 14:17:33 | 000,002,576 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SettingSync\BackupTask [2016/10/01 14:17:31 | 000,002,904 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask [2016/10/01 14:17:25 | 000,002,838 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Setup\SetupCleanupTask [2016/10/01 14:17:33 | 000,002,766 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SharedPC\Account Cleanup [2016/10/01 14:17:34 | 000,002,636 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Shell\CreateObjectTask [2016/10/01 14:17:34 | 000,003,512 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor [2016/10/01 14:17:31 | 000,003,336 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask [2016/10/01 14:17:27 | 000,003,208 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask [2016/10/01 14:17:33 | 000,002,756 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance [2016/10/01 14:17:20 | 000,003,174 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Shell\WindowsParentalControls [2016/10/01 14:17:19 | 000,003,246 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration [2016/10/01 14:17:19 | 000,003,052 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SideShow\AutoWake [2016/10/01 14:17:20 | 000,002,978 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SideShow\GadgetManager [2016/10/01 14:17:20 | 000,003,060 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SideShow\SessionAgent [2016/10/01 14:17:20 | 000,003,060 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SideShow\SystemDataProviders [2016/10/05 13:54:52 | 000,004,680 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask [2016/10/01 14:21:40 | 000,003,372 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon [2016/10/01 14:17:29 | 000,004,048 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork [2016/10/01 14:17:19 | 000,003,006 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask [2016/10/01 14:17:19 | 000,003,066 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask [2016/10/01 14:17:30 | 000,003,238 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask [2016/10/01 14:17:27 | 000,003,200 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization [2016/10/01 14:17:30 | 000,003,286 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization [2016/10/01 14:17:23 | 000,003,056 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate [2016/10/01 14:17:30 | 000,003,126 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance [2016/10/01 14:17:31 | 000,002,972 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync [2016/10/02 17:27:33 | 000,003,858 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask [2016/10/01 14:17:22 | 000,002,976 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\SystemRestore\SR [2016/10/01 14:17:29 | 000,002,762 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Task Manager\Interactive [2016/10/01 14:17:22 | 000,003,208 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 [2016/10/01 14:17:22 | 000,003,324 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 [2016/10/01 14:17:20 | 000,002,622 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor [2016/10/01 14:17:30 | 000,002,932 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime [2016/10/01 14:17:23 | 000,002,900 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime [2016/10/01 14:17:31 | 000,002,600 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone [2016/10/01 14:17:26 | 000,002,816 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr [2016/10/01 14:17:30 | 000,003,592 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance [2016/10/03 23:03:56 | 000,002,360 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install [2016/10/01 14:17:26 | 000,002,342 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install [2016/10/01 14:17:33 | 000,002,896 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot [2016/10/01 14:17:28 | 000,003,344 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings [2016/10/05 12:55:12 | 000,002,268 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot [2016/10/05 12:51:28 | 000,003,128 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Retry Scan [2016/10/05 12:51:27 | 000,005,286 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan [2016/10/01 14:17:33 | 000,002,330 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display [2016/10/01 14:17:28 | 000,002,396 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot [2016/10/01 14:17:32 | 000,002,328 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig [2016/10/01 14:17:24 | 000,003,650 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\User Profile Service\HiveUploadTask [2016/10/01 14:17:23 | 000,002,920 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WCM\WiFiTask [2016/10/01 14:17:27 | 000,002,892 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WDI\ResolutionHost [2016/10/01 14:17:22 | 000,002,776 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance [2016/10/01 14:17:25 | 000,002,738 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup [2016/10/01 14:17:22 | 000,002,728 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan [2016/10/01 14:17:34 | 000,002,764 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification [2016/10/01 14:17:18 | 000,003,992 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting [2016/10/01 14:17:23 | 000,003,288 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange [2016/10/01 14:17:21 | 000,003,420 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary [2016/10/01 14:21:22 | 000,003,224 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader [2016/10/01 14:17:21 | 000,003,426 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update [2016/10/05 13:34:56 | 000,005,246 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start [2016/10/01 14:17:26 | 000,003,300 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WindowsUpdate\sih [2016/10/01 14:17:19 | 000,003,186 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WindowsUpdate\sihboot [2016/10/01 14:17:20 | 000,002,564 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Wininet\CacheTask [2016/10/01 14:17:30 | 000,003,060 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management [2016/10/01 14:17:29 | 000,002,794 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation [2016/10/01 14:17:21 | 000,002,790 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization [2016/10/01 14:17:19 | 000,003,090 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work [2016/10/01 14:17:20 | 000,002,744 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join [2016/10/01 14:17:23 | 000,002,522 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\XblGameSave\XblGameSaveTask [2016/10/01 14:17:20 | 000,002,528 | ---- | M] () -- C:\Windows\SysNative\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon < %windir%\tasks\*.* /s > [2016/09/25 16:00:46 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2016/10/04 21:45:06 | 000,000,214 | ---- | M] () -- C:\Windows\tasks\CreateExplorerShellUnelevatedTask.job [2016/10/01 12:12:25 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2016/10/01 12:30:05 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2016/09/30 20:38:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3847410376-614814884-3458226429-1000Core.job [2016/10/01 12:53:23 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3847410376-614814884-3458226429-1000UA.job [2016/10/01 12:17:03 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job [2016/10/05 12:44:27 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2016/10/05 14:15:11 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\Uninstaller_SkipUac_Marco.job [2016/10/01 12:54:00 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\WpsExternal_20160731122900.job [2016/10/01 13:04:13 | 000,000,724 | ---- | M] () -- C:\Windows\tasks\WpsKtpcntrQingTask_Marco.job [2016/10/01 12:34:04 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\WpsUpdateTask_Marco.job < %systemroot%\*.scr > [2014/03/31 20:34:22 | 000,322,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] < HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections > "Conex�o de rede local" = 46 00 00 00 02 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [binary data] "SavedLegacySettings" = 46 00 00 00 85 A9 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4E F8 26 A6 33 14 CE 01 01 00 00 00 C0 A8 83 41 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 C0 A8 00 A1 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes] "DefaultConnectionSettings" = 46 00 00 00 A2 2D 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4E F8 26 A6 33 14 CE 01 01 00 00 00 C0 A8 83 41 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 C0 A8 00 A1 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes] < HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations > < HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments > < HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run /s > < HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl > [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_SETCAPTURE_XDOMAIN] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CROSS_DOMAIN_REDIRECT_MITIGATION] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_ISO_2022_JP_SNIFFING] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOMSTORAGE ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOWNLOAD_PROMPT_META_CONTROL] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_CLIPCHILDREN_OPTIMIZATION] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IE6_DEFAULT_FRAME_NAVIGATION_BEHAVIOR] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IVIEWOBJECTDRAW_DMLT9_WITH_GDI] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOAD_SHDOCLC_RESOURCES] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MANAGE_SCRIPT_CIRCULAR_REFS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_SERVER] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SPELLCHECKING] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_STATUS_BAR_THROTTLING] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_TABBED_BROWSING] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_LEGACY_JSCRIPT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_QME_FOR_TOPLEVEL_DOCS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WARN_ON_SEC_CERT_REV_FAILED] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XDOMAINREQUEST] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XMLHTTP] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\MAXCONNECTIONSPERSERVER] < \FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMP > < HKCU\Software\Microsoft\Internet Explorer\Downloads > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings > "ActiveXCache" = C:\Windows\Downloaded Program Files -- [2016/07/16 08:47:50 | 000,000,000 | --SD | M] "CodeBaseSearchPath" = CODEBASE "EnablePunycode" = 1 "MinorVersion" = 0 "WarnOnIntranet" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ActiveX Cache] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedBehaviors] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedDragImageExts] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedDragProtocols] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Http Filters] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Last Update] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\LUI] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\NoFileLifetimeExtension] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Passport] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\PluggableProtocols] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Secure Mime Handlers] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\SO] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\SOIEAK] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Url History] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones] < HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings > "ActiveXCache" = C:\Windows\Downloaded Program Files -- [2016/07/16 08:47:50 | 000,000,000 | --SD | M] "CodeBaseSearchPath" = CODEBASE "EnablePunycode" = 1 "MinorVersion" = 0 "WarnOnIntranet" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ActiveX Cache] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedBehaviors] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedDragImageExts] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedDragProtocols] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Cache] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Http Filters] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Last Update] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\LUI] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\NoFileLifetimeExtension] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\P3P] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Passport] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\PluggableProtocols] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Secure Mime Handlers] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SO] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SOIEAK] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Url History] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones] < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server > "AllowRemoteRPC" = 0 "DelayConMgrTimeout" = 0 "DeleteTempDirsOnExit" = 1 "fDenyTSConnections" = 1 "fSingleSessionPerUser" = 1 "NotificationTimeOut" = 0 "PerSessionTempDir" = 0 "ProductVersion" = 5.1 "RCDependentServices" = CertPropSvcSessionEnv [binary data] "SnapshotMonitors" = 1 "StartRCM" = 0 "TSUserEnabled" = 0 "InstanceID" = ad3a16ad-4db2-43ed-8c38-6bde86d "GlassSessionId" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\AddIns] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\ConnectionHandler] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\KeyboardType Mapping] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\SessionArbitrationHelper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\SysProcs] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\TerminalTypes] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\VIDEO] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations] < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Licensing Core > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon > "DefaultDomainName" = "DefaultUserName" = "EnableSIHostIntegration" = 1 "PreCreateKnownFolders" = {A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell" = explorer.exe -- [2016/10/01 13:34:31 | 004,311,736 | ---- | M] (Microsoft Corporation) "ShellCritical" = 0 "SiHostCritical" = 0 "SiHostReadyTimeOut" = 0 "SiHostRestartCountLimit" = 0 "SiHostRestartTimeGap" = 0 "Userinit" = C:\Windows\system32\userinit.exe, [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AlternateShells] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services > [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client] < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa > "auditbasedirectories" = 0 "auditbaseobjects" = 0 "Bounds" = 0 [binary data] "crashonauditfail" = 0 "fullprivilegeauditing" = [binary data] "LimitBlankPasswordUse" = 1 "NoLmHash" = 1 "Notification Packages" = scecli [binary data] -- [2016/07/16 08:43:01 | 000,211,968 | ---- | M] (Microsoft Corporation) "Authentication Packages" = msv1_0 [binary data] -- [2016/10/01 13:33:55 | 000,340,320 | ---- | M] (Microsoft Corporation) "disabledomaincreds" = 0 "enabledcom" = y "everyoneincludesanonymous" = 0 "forceguest" = 0 "LsaPid" = 836 "ProductType" = 3 "restrictanonymous" = 0 "restrictanonymoussam" = 1 "SamConnectedAccountsExist" = 1 "SecureBoot" = 1 "Security Packages" = kerberosmsv1_0schannelwdigestt [Binary data over 200 bytes] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\CentralizedAccessPolicies] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\OSConfig] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache] < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts > < \UserList > < HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN > "Anchor_Visitation_Horizon" = 01 00 00 00 [binary data] "ApplicationTileImmersiveActivation" = 1 "AssociationActivationMode" = 0 "AutoHide" = yes "Cache_Percent_of_Disk" = 0A 00 00 00 [binary data] "Default_Page_URL" = http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL" = http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL" = [binary data] "Delete_Temp_Files_On_Exit" = yes "Enable_Disk_Cache" = yes "Extensions Off Page" = about:NoAdd-ons "Local Page" = C:\Windows\SysWOW64\blank.htm "Placeholder_Height" = 1A 00 00 00 [binary data] "Placeholder_Width" = 1A 00 00 00 [binary data] "Search Page" = http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page" = about:SecurityRisk "Start Page" = http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS" = yes "x86AppPath" = C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE -- [2016/07/16 08:43:53 | 000,825,536 | ---- | M] (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\ErrorThresholds] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\UrlTemplate] < HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon > "DefaultDomainName" = "DefaultUserName" = "EnableSIHostIntegration" = 1 "PreCreateKnownFolders" = {A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell" = explorer.exe -- [2016/10/01 13:34:31 | 004,311,736 | ---- | M] (Microsoft Corporation) "ShellCritical" = 0 "SiHostCritical" = 0 "SiHostReadyTimeOut" = 0 "SiHostRestartCountLimit" = 0 "SiHostRestartTimeGap" = 0 "Userinit" = C:\Windows\system32\userinit.exe, [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\AlternateShells] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] < \SpecialAccounts\UserList > < HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN > "Anchor_Visitation_Horizon" = 01 00 00 00 [binary data] "ApplicationTileImmersiveActivation" = 1 "AssociationActivationMode" = 0 "AutoHide" = yes "Cache_Percent_of_Disk" = 0A 00 00 00 [binary data] "Default_Page_URL" = http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL" = http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL" = [binary data] "Delete_Temp_Files_On_Exit" = yes "Enable_Disk_Cache" = yes "Extensions Off Page" = about:NoAdd-ons "Local Page" = C:\Windows\SysWOW64\blank.htm "Placeholder_Height" = 1A 00 00 00 [binary data] "Placeholder_Width" = 1A 00 00 00 [binary data] "Search Page" = http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page" = about:SecurityRisk "Start Page" = http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS" = yes "x86AppPath" = C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE -- [2016/07/16 08:43:53 | 000,825,536 | ---- | M] (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\ErrorThresholds] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\UrlTemplate] < HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Google\Chrome > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TermService > "ImagePath" = %SystemRoot%\System32\svchost.exe -k NetworkService -- [2016/07/16 08:42:55 | 000,038,792 | ---- | M] (Microsoft Corporation) "DisplayName" = @%SystemRoot%\System32\termsrv.dll,-268 "ErrorControl" = 1 "Start" = 3 "Type" = 32 "Description" = @%SystemRoot%\System32\termsrv.dll,-267 "DependOnService" = RPCSS [binary data] "ObjectName" = NT Authority\NetworkService "ServiceSidType" = 1 "RequiredPrivileges" = SeAssignPrimaryTokenPrivilegeSeAu [Binary data over 200 bytes] "FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 60 EA 00 00 00 00 00 00 60 EA 00 00 [binary data] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TermService\Parameters] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TermService\Performance] < net user /c > Contas de usu rio para \\MARCO-PC ------------------------------------------------------------------------------- Administrador Convidado DefaultAccount Marco Comando conclu¡do com ˆxito. < MD5 for: TERMSRV.DLL > [2014/10/13 23:13:06 | 000,683,520 | ---- | M] (Microsoft Corporation) MD5=008CD4EBFABCF78D0F19B3778492648C -- C:\Windows\ERDNT\cache64\termsrv.dll [2016/09/07 01:53:53 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=410EC733547D7FE5709D108015088460 -- C:\Windows.old\Windows\System32\termsrv.dll [2016/09/07 01:53:53 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=410EC733547D7FE5709D108015088460 -- C:\Windows.old\Windows\WinSxS\amd64_microsoft-Windows-t..teconnectionmanager_31bf3856ad364e35_10.0.10586.589_none_fb83c3c9b3658851\termsrv.dll [2016/09/14 23:20:44 | 000,042,564 | ---- | M] () MD5=AE1B47F89A9809097DD5696034B6D532 -- C:\Windows.old\Windows\WinSxS\amd64_microsoft-Windows-t..teconnectionmanager_31bf3856ad364e35_10.0.10586.0_none_1b24da20fe9b4a93\termsrv.dll [2016/07/16 08:42:34 | 000,987,648 | ---- | M] (Microsoft Corporation) MD5=FB68E5F02316C42BE7282DA492351C6F -- C:\Windows\SysNative\termsrv.dll [2016/07/16 08:42:34 | 000,987,648 | ---- | M] (Microsoft Corporation) MD5=FB68E5F02316C42BE7282DA492351C6F -- C:\Windows\WinSxS\amd64_microsoft-Windows-t..teconnectionmanager_31bf3856ad364e35_10.0.14393.0_none_bc13ad436af6bbc9\termsrv.dll < %systemdrive%\$Recycle.Bin|@;true;true;true /fp >[/color] Invalid Switch: color] ========== Alternate Data Streams ========== @Alternate Data Stream - 183 bytes -> C:\ProgramData\Temp:1AAB2E68 @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:DFC5A2B2 @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84 @Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:A3E1F4EF @Alternate Data Stream - 10 bytes -> C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt < End of report >
  10. Computador não desliga após update windows 10

    tatha, agradeço por suas sugestões. não vou desistir: " No fim tudo dá certo, e se não deu certo é porque ainda não chegou ao fim.... " rsrsrsrs Vou continuar procurando e pesquisando. Nas pesquisas que fiz percebi que este problema ocorre com relativa frequência no W10, porém as soluções são as mais diversas e nenhuma ainda resolveu o meu caso em específico.
  11. Redirecionando páginas

    Continua abrindo uma página inicial Loadstart.net e quando vou fechar as abas existem diversas outras abertas sem que eu tenha direcionado para elas: C:\Users\Public\Desktop\Opera developer.lnk - C:\Program Files (x86)\Opera developer\launcher.exe "http://loadstart.net/?ssid=1475444844&a=1054667&src=sh&uuid=7c85b723-01a5-4573-a7f2-482bce1dd9f4,1475444813549" Interessante que eu não uso o Opera para navegar e sim o Firefox, e esta página insiste em abrir quando clico no FF. A sensação que tenho é que existe um script rodando na máquina.
  12. Computador não desliga após update windows 10

    Bem, finalmente consegui atualizar o driver com o utilitário Drivermax. Infelizmente o problema do desligamento persiste e a mensagem de erro no driver ainda é a mesma, com o mesmo cod. 10.
  13. Redirecionando páginas

    Fiz isso. Eis o resultado. E.t. As páginas aleatórias continuam abrindo. Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by Marco on 04/10/2016 at 21:25:01.98. Microsoft Windows 10 Home 10.0.14393 x64 Running in: Safe Mode MINIMAL No Internet Access Detected Launched: C:\Users\Marco\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-12-10-163122.log 45110 bytes C:\zoek-results2016-02-15-173128.log 27413 bytes C:\zoek-results2016-09-15-004909.log 34766 bytes C:\zoek-results2016-10-03-011428.log 3327 bytes C:\zoek-results2016-10-04-161236.log 3226 bytes ==== System Restore Info ====================== 04/10/2016 21:27:28 Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\44y63ayg.default\prefs.js: Added to C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\44y63ayg.default\prefs.js: Deleted from C:\Users\Marco\AppData\Roaming\Thunderbird\Profiles\63w7yc51.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); Added to C:\Users\Marco\AppData\Roaming\Thunderbird\Profiles\63w7yc51.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Marco\AppData\Roaming\Thunderbird\Profiles\63w7yc51.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{0153E448-190B-4987-BDE1-F256CADA672F}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [07/11/2014 13:28] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [12/05/2016 09:31] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\44y63ayg.default - Undetermined - %ProfilePath%\extensions\a18533f0f5d1be8c298aca3966986b94c799cfe174706196f64548a6a994661d_lp.key - Undetermined - %ProfilePath%\extensions\a18533f0f5d1be8c298aca3966986b94c799cfe174706196f64548a6a994661d_lp.key - LastPass - %ProfilePath%\extensions\support@lastpass.com - YouTube MP3 Podcaster - %ProfilePath%\extensions\youtubemp3podcaster@jeremy.d.gregorio.com - Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi - Desprotetor de Links - %ProfilePath%\extensions\desprotetordelinks@claudio-silva.com.xpi - YouTube Video and Audio Downloader - %ProfilePath%\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi - Undetermined - %ProfilePath%\extensions\patrique@retrolink.com.br.xpi - Image Zoom - %ProfilePath%\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi - CacheViewer - %ProfilePath%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}.xpi - Download YouTube Videos as MP4 - %ProfilePath%\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi - QuickJS - %ProfilePath%\extensions\{bb65e674-b194-4b6e-8033-5fa0afe3a198}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi - DownThemAll - %ProfilePath%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi ProfilePath: C:\Users\Marco\AppData\Roaming\Thunderbird\Profiles\63w7yc51.default - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} - Color Folders - %ProfilePath%\extensions\colorfolders@fisheater.com.xpi - Undetermined - %ProfilePath%\extensions\srsbdnr-@ntispam-caseyconnor.org.xpi - ThunderBrowse - %ProfilePath%\extensions\ThunderBrowse@thunderbrowse.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\44y63ayg.default 30058F2746B25F60DCC7624E227357D1 - C:\Users\Marco\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer E32771B0AE3F18CEFFC12D682025238A - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 555E65306A5D3A5978BE74E1DD62CDD9 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) C788C801C5FAE1BEC62C7D2F1BBC9255 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1223183.dll - Shockwave for Director / Shockwave for Director 63F8C13F269B10BC9363B007DAAACAE6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash 9860727E477F17B88E39AF8B69B0407A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll - Shockwave Flash 7FB1DC8C464CAFC230E7AD6392AE859B - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll - Shockwave Flash 3EE8AE0ECFE5D79DE1737A855AD1E84C - C:\Users\Marco\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll - Google Update ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions hdokiejnpimakedhajhdlcegeplioahd - No path found[] jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[10/10/2012 08:27] Comodo Web Inspector - Marco\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn LastPass - Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd LastPass - Marco\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd uBlockâ‚€ - Marco\AppData\Local\Vivaldi\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm LastPass - Marco\AppData\Local\Vivaldi\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&PC=UE00" ==== Reset Google Chrome ====================== C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Marco\AppData\Local\Google\Chrome SxS\User Data\Default\Preferences was reset successfully C:\Users\Marco\AppData\Local\Google\Chrome SxS\User Data\Default\Secure Preferences was reset successfully C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\Marco\Desktop\Assistente de Atualização do Windows 10.lnk - C:\Users\Marco\Desktop\Ações do scanner.lnk - C:\Users\Marco\Desktop\Digitalize um documento ou foto.lnk - C:\Users\Marco\Desktop\EMDB.lnk - C:\Program Files (x86)\EMDB\EMDB.exe C:\Users\Marco\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\wordicon.exe C:\Users\Marco\Desktop\Notepad.lnk - C:\Windows\system32\notepad.exe C:\Users\Marco\Desktop\Secure Wrapper.LNK - C:\Program Files (x86)\Mach5 Software\Kremlin\Secdel.exe C:\Users\Marco\Desktop\Stellar Phoenix Photo Recovery.lnk - C:\Program Files (x86)\Stellar Phoenix Photo Recovery\StellarPhoenixPhotoRecovery.exe C:\Users\Marco\Desktop\Subtitle Edit.lnk - C:\Program Files (x86)\Subtitle Edit\SubtitleEdit.exe C:\Users\Marco\Desktop\Subtitle Workshop.lnk - C:\Program Files (x86)\URUSoft\Subtitle Workshop\SubtitleWorkshop.exe C:\Users\Marco\Desktop\WPS Presentation.lnk - C:\Users\Marco\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe /w /wpp /fromksolaunch C:\Users\Marco\Desktop\WPS Spreadsheets.lnk - C:\Users\Marco\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe /et /fromksolaunch C:\Users\Marco\Desktop\WPS Writer.lnk - C:\Users\Marco\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe /w /wps /fromksolaunch C:\Users\Marco\Desktop\BIOS\Intel(R) ME FW Recovery Agent.lnk - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller consumer C:\Users\Marco\Desktop\Centro Soluções HP\Central de Soluções HP.lnk - C:\Users\Marco\Desktop\Centro Soluções HP\HP Print and Scan Doctor.lnk - C:\Users\Marco\Desktop\IRPF\IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk - C:\Users\Marco\Desktop\IRPF\IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk - C:\Users\Marco\Desktop\IRPF\IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk - C:\Users\Marco\Desktop\IRPF\Receitanet 1.07 .lnk - C:\Program Files (x86)\Programas RFB\Receitanet\Windows\Receitanet.exe C:\Users\Marco\Desktop\Tor Browser\Start Tor Browser.lnk - C:\Users\Marco\Desktop\Tor Browser\Browser\firefox.exe "http://loadstart.net/?ssid=1475444844&a=1054667&src=sh&uuid=7c85b723-01a5-4573-a7f2-482bce1dd9f4,1475444813549" C:\Users\Marco\Desktop\Vídeo - Música Apps\A-PDF Merger.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Advanced Renamer.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Ashampoo Burning Studio 2014 .lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Ashampoo Burning Studio 2014.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\aTube Catcher.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\DVDVideoSoft Free Studio.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Format Factory.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\FormatFactory.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Free Easy Audio Editor.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Free M4a to MP3 Converter.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Free MP3 Cutter and Editor.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Free Video Flip and Rotate.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Free Video Joiner.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Freemake Video Converter.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\GameMaker-Studio 1.3.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\GonVisor.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Google Earth.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Handbrake.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\HDD Regenerator.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\HP Photosmart Essential 3.5.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Inpaint.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\IObit Uninstaller.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\JDownloader 2.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Jogos Diversos.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\MediaMonkey.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Medieval CUE Splitter.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\MP3GainGUI - Atalho.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Mp3tag.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\paint.net.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\PDF To JPG Converter.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\PhotoScape.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\PIXresizer.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Resource Hacker.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Samsung Kies (Lite).lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Samsung Kies.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Switch Sound File Converter.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Undelete 360.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\USB Disk Storage Format Tool.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\VLC media player.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Winamp.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\WinX HD Video Converter Deluxe.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\XnView.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Yamb.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Zero Assumption Recovery.lnk - C:\Users\Marco\Desktop\Vídeo - Música Apps\Programas Android\Kingo Android ROOT.lnk - ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Digital Editions 4.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.0\DigitalEditions.exe C:\Users\Public\Desktop\Ashampoo Photo Optimizer FREE.lnk - C:\Program Files (x86)\Ashampoo\Ashampoo Photo Optimizer\bin\photooptimizer.exe C:\Users\Public\Desktop\Bitdefender antivírus Free Edition.lnk - C:\Program Files (x86)\Bitdefender\antivírus Free Edition\gziface.exe C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk - C:\Program Files (x86)\Calibre2\calibre.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk - C:\Program Files (x86)\HP\Diagnostics\PSDR\HPPSDr.exe C:\Users\Public\Desktop\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe C:\Users\Public\Desktop\My LastPass Vault.lnk - C:\Users\Public\Desktop\Opera developer.lnk - C:\Program Files (x86)\Opera developer\launcher.exe "http://loadstart.net/?ssid=1475444844&a=1054667&src=sh&uuid=7c85b723-01a5-4573-a7f2-482bce1dd9f4,1475444813549" C:\Users\Public\Desktop\PrivaZer.lnk - C:\Program Files (x86)\PrivaZer\PrivaZer.exe C:\Users\Public\Desktop\Recuva.lnk - C:\Program Files\Recuva\recuva64.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\Windows\system32\magnify.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\Windows\system32\osk.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\Windows\system32\notepad.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\Windows\system32\cmd.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk - page=SettingsPageAppsDefaults C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk - page=SettingsPagePCSystemDevices C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\Windows\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk - C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\Windows\system32\magnify.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\Windows\system32\osk.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\Windows\system32\notepad.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\Windows\system32\cmd.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk - page=SettingsPageAppsDefaults C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk - page=SettingsPagePCSystemDevices C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\Windows\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk - C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\Windows\system32\magnify.exe C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\Windows\system32\osk.exe C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\Windows\system32\notepad.exe C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\Windows\system32\cmd.exe C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk - C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk - C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk - page=SettingsPageAppsDefaults C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk - page=SettingsPagePCSystemDevices C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk - C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk - C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\Windows\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk - C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk - C:\Users\Marco\AppData\Local\Google\Chrome SxS\Application\chrome.exe "http://loadstart.net/?ssid=1475444844&a=1054667&src=sh&uuid=7c85b723-01a5-4573-a7f2-482bce1dd9f4,1475444813549" C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Marco\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\Windows\system32\magnify.exe C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\Windows\system32\osk.exe C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe "http://loadstart.net/?ssid=1475444844&a=1054667&src=sh&uuid=7c85b723-01a5-4573-a7f2-482bce1dd9f4,1475444813549" C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\Windows\system32\notepad.exe C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú\Desinstalador.lnk - C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\FormatFactory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe /help C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Uninstall.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\Windows\system32\cmd.exe C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk - C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk - C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk - page=SettingsPageAppsDefaults C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk - page=SettingsPagePCSystemDevices C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk - C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk - C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\Windows\syswow64\WindowsPowerShell\v1.0\powershell.exe C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\Windows\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk - C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office\WPS Presentation.lnk - C:\Users\Marco\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe /w /wpp /fromksolaunch C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office\WPS Spreadsheets.lnk - C:\Users\Marco\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe /et /fromksolaunch C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office\WPS Writer.lnk - C:\Users\Marco\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe /w /wps /fromksolaunch C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office\Ferramentas WPS Office\Desinstalar WPS Office.lnk - C:\Users\Marco\AppData\Local\Kingsoft\WPS Office\10.1.0.5656\utility\uninst.exe C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office\Ferramentas WPS Office\Ferramentas de configuração do WPS Office.lnk - C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office\Ferramentas WPS Office\Verificar atualizações do WPS Office.lnk - ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistente de Atualização do Windows 10.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe "http://loadstart.net/?ssid=1475444844&a=1054667&src=sh&uuid=7c85b723-01a5-4573-a7f2-482bce1dd9f4,1475444813549" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk - C:\Windows\System32\Control.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe "http://loadstart.net/?ssid=1475444844&a=1054667&src=sh&uuid=7c85b723-01a5-4573-a7f2-482bce1dd9f4,1475444813549" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera developer.lnk - C:\Program Files (x86)\Opera developer\launcher.exe "http://loadstart.net/?ssid=1475444844&a=1054667&src=sh&uuid=7c85b723-01a5-4573-a7f2-482bce1dd9f4,1475444813549" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk - C:\Windows\PrintDialog\PrintDialog.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk - C:\Windows\Speech\Common\sapisvr.exe -SpeechUX C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk - C:\Windows\system32\mspaint.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\Windows\system32\mstsc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk - C:\Windows\system32\psr.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk - C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk - C:\Windows\system32\xpsrchvw.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk - C:\Windows\system32\charmap.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk - C:\Windows\system32\comexp.msc C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk - C:\Windows\system32\compmgmt.msc /s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk - C:\Windows\system32\dfrgui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk - C:\Windows\system32\cleanmgr.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk - C:\Windows\system32\eventvwr.msc /s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk - C:\Windows\system32\iscsicpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk - C:\Windows\syswow64\odbcad32.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk - C:\Windows\system32\odbcad32.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk - C:\Windows\system32\perfmon.msc /s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk - C:\Windows\system32\perfmon.exe /res C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk - C:\Windows\system32\services.msc C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk - C:\Windows\system32\msinfo32.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk - C:\Windows\system32\taskschd.msc /s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk - C:\Windows\system32\WF.msc C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Renamer\Advanced Renamer.lnk - C:\Program Files (x86)\Advanced Renamer\ARen.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Renamer\Uninstall Advanced Renamer.lnk - C:\Program Files (x86)\Advanced Renamer\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Help.lnk - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe Start Help -help C:\ProgramData\Microsoft\Windows\Start Menu\Programs\antivírus Free Edition\Bitdefender antivírus Free Edition.lnk - C:\Program Files (x86)\Bitdefender\antivírus Free Edition\gziface.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\antivírus Free Edition\Guia do Usuário.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty\WinX HD Video Converter Deluxe\Desinstalar o WinX HD Video Converter Deluxe.lnk - C:\Program Files (x86)\Digiarty\WinX_HD_Video_Converter_Deluxe\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty\WinX HD Video Converter Deluxe\WinX HD Video Converter Deluxe.lnk - C:\Program Files (x86)\Digiarty\WinX_HD_Video_Converter_Deluxe\WinX_HD_Video_Converter_Deluxe.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE\@BIOS.lnk - C:\Program Files (x86)\Gigabyte\@BIOS\BIOS_Run.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth in DirectX mode.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe -setDX C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth in OpenGL mode.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe -setOGL C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth.lnk - C:\Windows\System32\msiexec.exe /x {2C44ABB9-8621-4EF5-AF34-0886DCDA7C21} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart Essential 3.5\Uninstall HP Photosmart Essential 3.5.lnk - C:\Program Files (x86)\HP\Digital Imaging\photosmartessential\hpzscr01.exe -datfile hpqbud13.dat C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Updates\Intel(R) ME FW Recovery Agent.lnk - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller consumer C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility\Intel(R) Driver Update Utility 2.6.lnk - C:\Program Files (x86)\Intel Driver Update Utility\DriverUpdateUI.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Desinstalar IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files\Java\jre1.8.0_101\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files\Java\jre1.8.0_101\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Access 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\accicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\xlicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Designer 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\inficon.exe /design C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Filler 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\inficon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft OneNote 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\joticon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Outlook 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\outicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\pptico.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Publisher 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\pubs.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft SharePoint Workspace 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\grvicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\wordicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office 2010\Centro de Carregamento do Microsoft Office 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\msouc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office 2010\Certificado Digital para Projetos do VBA.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\misc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office 2010\Microsoft Media Gallery.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\cagicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office 2010\Microsoft Office Picture Manager.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\oisicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Ferramentas do Microsoft Office 2010\Preferências de Idioma do Microsoft Office 2010.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\Changelog.lnk - C:\Program Files\MPC-HC\Changelog.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\Desinstalar MPC-HC.lnk - C:\Program Files (x86)\MPC-HC\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\MPC-HC x64.lnk - C:\Program Files\MPC-HC\mpc-hc64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva\Uninstall Recuva.lnk - C:\Program Files (x86)\Recuva\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint\Microsoft SharePoint Workspace 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\grvicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit\Desinstalar Subtitle Edit.lnk - C:\Program Files (x86)\Subtitle Edit\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk - C:\Windows\system32\taskmgr.exe /7 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Undelete360\Undelete 360.lnk - C:\Program Files (x86)\File Recovery\undelete360\undelete-360.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Storage Format Tool 5.2\Uninstall USB Disk Storage Format Tool.lnk - C:\Program Files (x86)\USB Disk Storage Format Tool\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Storage Format Tool 5.2\USB Disk Storage Format Tool.lnk - C:\Program Files\USB Disk Storage Format Tool\USBFormatTool.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZAR\Zero Assumption Recovery on the Web.lnk - C:\Program Files (x86)\ZAR\zar.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZAR\Zero Assumption Recovery.lnk - C:\Program Files (x86)\ZAR\zar.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lingoes (x64).lnk - C:\Program Files\Lingoes\Translator2\Lingoes64.exe C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE /recycle C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WinX HD Video Converter Deluxe.lnk - C:\Program Files (x86)\Digiarty\WinX_HD_Video_Converter_Deluxe\WinX_HD_Video_Converter_Deluxe.exe C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Aplicativo do Windows Phone para desktop.lnk - C:\Program Files (x86)\Windows Phone\WindowsPhone.exe C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk - C:\Windows\system32\notepad.exe C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\paint.net.lnk - C:\Program Files (x86)\paint.net\PaintDotNet.exe C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome Canary.lnk - C:\Users\Marco\AppData\Local\Google\Chrome SxS\Application\chrome.exe "http://loadstart.net/?ssid=1475444844&a=1054667&src=sh&uuid=7c85b723-01a5-4573-a7f2-482bce1dd9f4,1475444813549" C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe "http://loadstart.net/?ssid=1475444844&a=1054667&src=sh&uuid=7c85b723-01a5-4573-a7f2-482bce1dd9f4,1475444813549" C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\MasterSeeker - Atalho.lnk - C:\Users\Marco\Desktop\MasterSeeker1.5.1\MasterSeeker.exe C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe "http://loadstart.net/?ssid=1475444844&a=1054667&src=sh&uuid=7c85b723-01a5-4573-a7f2-482bce1dd9f4,1475444813549" C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Users\Marco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marco\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Marco\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Marco\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Marco\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Marco\AppData\Local\Mozilla\Firefox\Profiles\44y63ayg.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Marco\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Marco\AppData\Local\Google\Chrome SxS\User Data\Default\Cache emptied successfully C:\Users\Marco\AppData\Local\Vivaldi\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=752 folders=201 286361441 bytes) ==== Empty Temp Folders ====================== C:\Users\Marco\AppData\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Marco\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on 04/10/2016 at 21:45:08.21 ======================
  14. Computador não desliga após update windows 10

    Não encontrou nenhum drive para atualizar. O log da ferramenta indica um erro. DriverUpdateUI.exe Information: 0 : Log File Created 04/10/2016 20:29:20 DriverUpdateUI.exe Information: 0 : Trying to detect current OS DriverUpdateUI.exe Information: 0 : Detected current OS version: 10.0 DriverUpdateUI.exe Information: 0 : Is the current OS a server version? False DriverUpdateUI.exe Information: 0 : Detected OS as: Windows® 10, 64-bit* DriverUpdateUI.exe Information: 0 : OS detection ended DriverUpdateUI.exe Information: 0 : Error Loading one or more of the support DLL's. Exception Reported: Falha de carregamento de provedor DriverUpdateUI.exe Information: 0 : Stack Trace: em System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode) em System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext() em IDUUDetection.IduuDetection.GetMotherboardManufacturer() em IDUUDetection.IduuDetection.GetMotherboardModelIfIntel() em Driver_Manager.DriverManager.GetMotherboard() em Driver_Manager.DriverManager.AutoDetectDrivers() em DriverUpdateUI.repository.SearchService.AutomaticSearch() Talvez se refira a este driver (MEI) que apresenta erro (eu apontei ele no início desta solicitação).
  15. Redirecionando páginas

    Coloquei o Zoek para rodar às 13hs e travou no Firefox extensions, (está até este momento nesta mesma posição - 20h21m).
×