Ir para conteúdo
Marcio_B_Alves

Solicitação de análise de logs

Mensagem Recomendada

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2017
Ran by Márcio (administrator) on ASUS (15-08-2017 00:32:25)
Running from C:\Users\Márcio\Desktop
Loaded Profiles: Márcio (Available Profiles: Márcio)
Platform: Windows 10 Home Version 1703 (X64) Language: Inglês (Reino Unido)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401888 2016-11-30] ()
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.9.384\ASUSWSLoader.exe [63296 2014-07-17] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [13936 2013-12-19] (ASUS)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-08-10] (Dropbox, Inc.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKU\S-1-5-21-1209883281-597615554-778349054-1002\...\Run: [Facebook Update] => C:\Users\Márcio\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-08-16] (Facebook Inc.)
HKU\S-1-5-21-1209883281-597615554-778349054-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-03-16] (Apple Inc.)
HKU\S-1-5-21-1209883281-597615554-778349054-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-03-16] (Apple Inc.)
HKU\S-1-5-21-1209883281-597615554-778349054-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1209883281-597615554-778349054-1002\...\Run: [RLinkToolbox.exe] => C:\Program Files (x86)\RLinkToolbox 3\RLinkToolbox.exe [899960 2014-12-01] (TomTom)
HKU\S-1-5-21-1209883281-597615554-778349054-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-1209883281-597615554-778349054-1002\...\Run: [BingSvc] => C:\Users\Márcio\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1209883281-597615554-778349054-1002\...\Run: [Epic Privacy Browser Installer] => C:\Users\Márcio\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2016-05-29] (Epic Privacy Browser)
HKU\S-1-5-21-1209883281-597615554-778349054-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27815896 2017-07-28] (Skype Technologies S.A.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60
Tcpip\..\Interfaces\{10673326-f0e4-4bdf-b066-6f0da5808806}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{10673326-f0e4-4bdf-b066-6f0da5808806}: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60
Tcpip\..\Interfaces\{9b207950-5690-45da-b54b-23443955fd2f}: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60

Internet Explorer:
==================
HKU\S-1-5-21-1209883281-597615554-778349054-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?PC=ASJB
HKU\S-1-5-21-1209883281-597615554-778349054-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?PC=ASJB
SearchScopes: HKU\S-1-5-21-1209883281-597615554-778349054-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1209883281-597615554-778349054-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Márcio\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-04-12] (Citrix Online)
FF Plugin HKU\S-1-5-21-1209883281-597615554-778349054-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Márcio\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1209883281-597615554-778349054-1002: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Márcio\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-05-29] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-1209883281-597615554-778349054-1002: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Márcio\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-05-29] (Epic Privacy Browser)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?PC=__PARAM__&ocid=__PARAM__DHP&osmkt=pt-pt
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Márcio\AppData\Local\Google\Chrome\User Data\Default [2017-08-15]
CHR Extension: (Google Tradutor) - C:\Users\Márcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-18]
CHR Extension: (Google Docs) - C:\Users\Márcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Márcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Márcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Márcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Márcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2016-09-01]
CHR Extension: (Marcadores de iCloud) - C:\Users\Márcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-07-27]
CHR Extension: (Documentos do Google offline) - C:\Users\Márcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Vagalume) - C:\Users\Márcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipgcdnbeeiajinajlafjcdfhckglcopd [2017-07-28]
CHR Extension: (Skype) - C:\Users\Márcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-30]
CHR Extension: (Ahoy!) - C:\Users\Márcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljighgeflmhnpljodhpcifcojkpancpm [2016-12-23]
CHR Extension: (Pagamentos via Chrome Web Store) - C:\Users\Márcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Márcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Márcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-10]
CHR HKU\S-1-5-21-1209883281-597615554-778349054-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1209883281-597615554-778349054-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-04] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-08-10] (Dropbox, Inc.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [104448 2017-07-26] (Freemake) [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\Windows\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUS Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [31832 2016-06-19] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-06-19] (REALiX(tm))
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-08-14] (Malwarebytes)
R1 MpKsld667c59f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F2A3346-68E3-4590-A7AF-FEA547576225}\MpKsld667c59f.sys [44928 2017-08-14] (Microsoft Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3517192 2016-06-19] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [936192 2016-06-19] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2016-06-19] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-15 00:32 - 2017-08-15 00:33 - 000020073 _____ C:\Users\Márcio\Desktop\FRST.txt
2017-08-15 00:31 - 2017-08-15 00:32 - 000000000 ____D C:\FRST
2017-08-15 00:31 - 2017-08-15 00:31 - 002395648 _____ (Farbar) C:\Users\Márcio\Desktop\FRST64.exe
2017-08-14 23:06 - 2017-08-14 23:06 - 000000828 _____ C:\Users\Márcio\Desktop\JRT.txt
2017-08-14 23:03 - 2017-08-14 23:03 - 001790024 _____ (Malwarebytes) C:\Users\Márcio\Desktop\JRT.exe
2017-08-14 22:56 - 2017-08-14 22:56 - 000001266 _____ C:\Users\Márcio\Desktop\AdwCleaner[S0].txt
2017-08-14 22:52 - 2017-08-14 22:55 - 000000000 ____D C:\AdwCleaner
2017-08-14 22:52 - 2017-08-14 22:52 - 008185288 _____ (Malwarebytes) C:\Users\Márcio\Desktop\AdwCleaner.exe
2017-08-14 22:50 - 2017-08-14 22:50 - 000001199 _____ C:\Users\Márcio\Desktop\mbam.txt
2017-08-14 22:23 - 2017-08-14 22:23 - 000000000 ___HD C:\OneDriveTemp
2017-08-13 23:57 - 2017-08-13 23:57 - 000000876 _____ C:\Users\Márcio\Desktop\eset.txt
2017-08-13 20:19 - 2017-08-13 20:19 - 000000000 ____D C:\Program Files (x86)\ESET
2017-08-13 20:18 - 2017-08-13 20:18 - 002870984 _____ (ESET) C:\Users\Márcio\Desktop\esetsmartinstaller_enu.exe
2017-08-13 10:21 - 2017-08-13 10:23 - 000002641 _____ C:\Users\Márcio\Desktop\ZHPCleaner.txt
2017-08-13 10:08 - 2017-08-13 10:23 - 000000000 ____D C:\Users\Márcio\AppData\Roaming\ZHP
2017-08-13 10:08 - 2017-08-13 10:08 - 000000914 _____ C:\Users\Márcio\Desktop\ZHPCleaner.lnk
2017-08-13 10:08 - 2017-08-13 10:08 - 000000000 ____D C:\Users\Márcio\AppData\Local\ZHP
2017-08-13 10:07 - 2017-08-13 10:07 - 002852224 _____ C:\Users\Márcio\Desktop\ZHPCleaner.exe
2017-08-12 17:26 - 2017-08-12 17:26 - 000000000 ____D C:\Users\Márcio\Desktop\Issues
2017-08-12 17:08 - 2017-08-12 17:20 - 000000000 ____D C:\Users\Márcio\Desktop\novas musicas
2017-08-12 12:07 - 2017-08-12 12:07 - 000002270 _____ C:\Users\Márcio\Desktop\FSS.txt
2017-08-12 12:06 - 2017-08-12 12:06 - 000899584 _____ (Farbar) C:\Users\Márcio\Desktop\FSS.exe
2017-08-12 12:04 - 2017-08-12 12:05 - 000000512 _____ C:\Users\Márcio\Desktop\Dump_Hdd0_DR0.mbr
2017-08-12 12:04 - 2017-08-12 12:04 - 000147456 _____ (Eric_71) C:\Users\Márcio\Desktop\MbrScan.exe
2017-08-12 11:04 - 2017-08-12 11:04 - 000388608 _____ (Trend Micro Inc.) C:\Users\Márcio\Desktop\HijackThis.exe
2017-08-11 20:34 - 2017-08-11 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-08-10 19:03 - 2017-08-10 19:03 - 000049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-08-10 19:03 - 2017-08-10 19:03 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-08-10 19:03 - 2017-08-10 19:03 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-08-10 19:03 - 2017-08-10 19:03 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-08-10 11:12 - 2017-08-10 11:12 - 000000000 ____D C:\Users\Márcio\Desktop\Trilogia Os Mercenários 2010-2012-2014 BLUDV
2017-08-09 21:33 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2017-08-09 21:33 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-08-09 21:33 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-08-09 21:33 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-08-09 21:33 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2017-08-09 21:33 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2017-08-09 21:33 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-08-09 21:33 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2017-08-09 21:33 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-08-09 21:33 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-08-09 21:33 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-08-09 21:33 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2017-08-09 21:33 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-08-09 21:33 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2017-08-09 21:33 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2017-08-09 21:33 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-08-09 21:33 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-09 21:33 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tokenbinding.dll
2017-08-09 21:33 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2017-08-09 21:33 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-08-09 21:33 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2017-08-09 21:33 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll
2017-08-09 21:33 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2017-08-09 21:33 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-08-09 21:33 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-08-09 21:33 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2017-08-09 21:33 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-08-09 21:33 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-08-09 21:33 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-08-09 21:33 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-08-09 21:33 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-08-09 21:33 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-08-09 21:33 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-08-09 21:33 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2017-08-09 21:33 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2017-08-09 21:33 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-08-09 21:33 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2017-08-09 21:33 - 2017-08-01 00:45 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2017-08-09 21:33 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2017-08-09 21:33 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2017-08-09 21:33 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2017-08-09 21:33 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-08-09 21:33 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2017-08-09 21:33 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2017-08-09 21:33 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2017-08-09 21:33 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2017-08-09 21:33 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-08-09 21:33 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
2017-08-09 21:33 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2017-08-09 21:33 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-08-09 21:33 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2017-08-09 21:33 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-08-09 21:33 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-08-09 21:33 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-08-09 21:33 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2017-08-09 21:33 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2017-08-09 21:33 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.storage.dll
2017-08-09 21:33 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2017-08-09 21:33 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2017-08-09 21:33 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2017-08-09 21:33 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-08-09 21:33 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-09 21:33 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-08-09 21:33 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-08-09 21:33 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-08-09 21:33 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2017-08-09 21:33 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-08-09 21:33 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsensorgroup.dll
2017-08-09 21:33 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msacm32.dll
2017-08-09 21:33 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-08-09 21:33 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2017-08-09 21:33 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2017-08-09 21:33 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-08-09 21:33 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2017-08-09 21:33 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2017-08-09 21:33 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
2017-08-09 21:33 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll
2017-08-09 21:33 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-08-09 21:33 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
2017-08-09 21:33 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-08-09 21:33 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IpNatHlpClient.dll
2017-08-09 21:33 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2017-08-09 21:33 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-08-09 21:33 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll
2017-08-09 21:33 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-09 21:33 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2017-08-09 21:33 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-08-09 21:33 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2017-08-09 21:33 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-08-09 21:33 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-08-09 21:33 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2017-08-09 21:33 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2017-08-09 21:33 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-09 21:33 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-08-09 21:33 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2017-08-09 21:33 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastlsext.dll
2017-08-09 21:33 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2017-08-09 21:33 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-08-09 21:33 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-08-09 21:33 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2017-08-09 21:33 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2017-08-09 21:33 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-08-09 21:33 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-08-09 21:33 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-08-09 21:33 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-08-09 21:33 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-08-09 21:33 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-08-09 21:33 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2017-08-09 21:33 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-08-09 21:33 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-08-09 21:33 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-08-09 21:33 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-08-09 21:33 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2017-08-09 21:33 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2017-08-09 21:33 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2017-08-09 21:33 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2017-08-09 21:33 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2017-08-09 21:33 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2017-08-09 21:33 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2017-08-09 21:33 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2017-08-09 21:33 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2017-08-09 21:32 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-08-09 21:32 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2017-08-09 21:32 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-08-09 21:32 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2017-08-09 21:32 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2017-08-09 21:32 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-08-09 21:32 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-08-09 21:32 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-08-09 21:32 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2017-08-09 21:32 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2017-08-09 21:32 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-08-09 21:32 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2017-08-09 21:32 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys
2017-08-09 21:32 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-08-09 21:32 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-08-09 21:32 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-08-09 21:32 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-08-09 21:32 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-08-09 21:32 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-08-09 21:32 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-08-09 21:32 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2017-08-09 21:32 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2017-08-09 21:32 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2017-08-09 21:32 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2017-08-09 21:32 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
2017-08-09 21:32 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2017-08-09 21:32 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2017-08-09 21:32 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-08-09 21:32 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\tokenbinding.dll
2017-08-09 21:32 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-08-09 21:32 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
2017-08-09 21:32 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2017-08-09 21:32 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2017-08-09 21:32 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
2017-08-09 21:32 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-08-09 21:32 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-08-09 21:32 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-08-09 21:32 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-08-09 21:32 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2017-08-09 21:32 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-08-09 21:32 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-08-09 21:32 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-08-09 21:32 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-08-09 21:32 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-08-09 21:32 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-08-09 21:32 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2017-08-09 21:32 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2017-08-09 21:32 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2017-08-09 21:32 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\coredpus.dll
2017-08-09 21:32 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2017-08-09 21:32 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-08-09 21:32 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-08-09 21:32 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-08-09 21:32 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2017-08-09 21:32 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
2017-08-09 21:32 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2017-08-09 21:32 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-08-09 21:32 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2017-08-09 21:32 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.storage.dll
2017-08-09 21:32 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2017-08-09 21:32 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2017-08-09 21:32 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2017-08-09 21:32 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-08-09 21:32 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-08-09 21:32 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-08-09 21:32 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-08-09 21:32 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2017-08-09 21:32 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-08-09 21:32 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-08-09 21:32 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2017-08-09 21:32 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2017-08-09 21:32 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-08-09 21:32 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
2017-08-09 21:32 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2017-08-09 21:32 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\officecsp.dll
2017-08-09 21:32 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-08-09 21:32 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\IpNatHlpClient.dll
2017-08-09 21:32 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll
2017-08-09 21:32 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2017-08-09 21:32 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2017-08-09 21:32 - 2017-07-28 06:25 - 000097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2017-08-09 21:32 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2017-08-09 21:32 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2017-08-09 21:32 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-08-09 21:32 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll
2017-08-09 21:32 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2017-08-09 21:32 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-08-09 21:32 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.BlueLightReduction.dll
2017-08-09 21:32 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Display.dll
2017-08-09 21:32 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Flights.dll
2017-08-09 21:32 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2017-08-09 21:32 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2017-08-09 21:32 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2017-08-09 21:32 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-08-09 21:32 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManager.dll
2017-08-09 21:32 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2017-08-09 21:32 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2017-08-09 21:32 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-08-09 21:32 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-08-09 21:32 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-09 21:32 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2017-08-09 21:32 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\rastlsext.dll
2017-08-09 21:32 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2017-08-09 21:32 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-08-09 21:32 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\Windows\system32\lpasvc.dll
2017-08-09 21:32 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-08-09 21:32 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-08-09 21:32 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-08-09 21:32 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-08-09 21:32 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-08-09 21:32 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-08-09 21:32 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-08-09 21:32 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-08-09 21:32 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll
2017-08-09 21:32 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-09 21:32 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2017-08-09 21:32 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-08-09 21:32 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-08-09 21:32 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-08-09 21:32 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-08-09 21:32 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-08-09 21:32 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2017-08-09 21:32 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-08-09 21:32 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-08-09 21:32 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-08-09 21:32 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2017-08-09 21:32 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-08-09 21:32 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2017-08-09 21:32 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2017-08-09 21:32 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll
2017-08-09 21:32 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-09 21:32 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\DmApiSetExtImplDesktop.dll
2017-08-09 21:32 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2017-08-09 21:32 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2017-08-09 21:32 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2017-08-09 21:31 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2017-08-09 21:31 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-08-09 21:31 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2017-08-09 21:31 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-08-09 21:31 - 2017-08-01 03:41 - 000180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2017-08-09 21:31 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\profsvcext.dll
2017-08-09 21:31 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2017-08-09 21:31 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2017-08-09 21:31 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2017-08-09 21:31 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-08-09 21:31 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2017-08-09 21:31 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-08-09 21:31 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2017-08-09 21:31 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2017-08-09 21:31 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2017-08-09 21:31 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-08-09 21:31 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2017-08-09 21:31 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\Windows\system32\mfsensorgroup.dll
2017-08-09 21:31 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.dll
2017-08-09 21:31 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-08-09 21:31 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2017-08-09 21:31 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2017-08-09 21:31 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2017-08-09 21:31 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2017-08-09 21:31 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-08-09 21:31 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\ofdeploy.exe
2017-08-09 21:31 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2017-08-09 21:31 - 2017-07-28 06:25 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2017-08-09 21:31 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-08-09 21:31 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-08-09 21:31 - 2017-07-28 06:22 - 000778240 _____ C:\Windows\system32\MBR2GPT.EXE
2017-08-09 21:31 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-08-09 21:31 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2017-08-09 21:31 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2017-08-09 21:31 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2017-08-09 21:31 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-09 21:31 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-08-09 21:31 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2017-08-09 21:31 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2017-08-09 21:31 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-08-09 21:31 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-08-09 21:31 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2017-08-09 21:31 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2017-08-09 21:31 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2017-08-09 21:31 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2017-08-09 21:31 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2017-08-09 21:31 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2017-08-09 21:31 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2017-08-09 21:31 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2017-08-09 21:31 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-08-01 23:36 - 2017-08-01 23:36 - 009013629 _____ C:\Users\Márcio\Desktop\gsr-12-ve-2-manual-66836.pdf
2017-08-01 22:32 - 2017-08-01 22:32 - 000180101 _____ C:\Users\Márcio\Desktop\CS5A-M_en.pdf
2017-08-01 21:44 - 2017-08-01 21:44 - 000006290 _____ C:\Users\Márcio\Desktop\millenniumbcp.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-15 00:05 - 2014-08-08 22:03 - 000000000 ____D C:\Users\Márcio\AppData\Roaming\Skype
2017-08-14 23:05 - 2017-04-15 17:57 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-08-14 23:05 - 2014-08-02 19:53 - 000000000 __RDO C:\Users\Márcio\SkyDrive
2017-08-14 23:05 - 2014-08-02 19:52 - 000000062 _____ C:\Users\Márcio\AppData\Roaming\sp_data.sys
2017-08-14 23:00 - 2017-06-08 00:34 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-08-14 23:00 - 2015-09-28 10:01 - 000000000 __SHD C:\Users\Márcio\IntelGraphicsProfiles
2017-08-14 22:59 - 2017-06-08 00:28 - 000256320 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-14 22:58 - 2017-06-08 00:54 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-14 22:58 - 2017-03-18 13:40 - 001310720 _____ C:\Windows\system32\config\BBI
2017-08-14 22:58 - 2016-04-12 18:21 - 000000646 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1209883281-597615554-778349054-1002.job
2017-08-14 22:58 - 2016-04-12 18:21 - 000000550 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1209883281-597615554-778349054-1002.job
2017-08-14 22:33 - 2017-06-08 00:29 - 000000000 ____D C:\Windows\system32\SleepStudy
2017-08-14 22:28 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-14 22:28 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\AppReadiness
2017-08-14 22:26 - 2017-06-08 00:54 - 000004144 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{57E2B5C1-737B-424E-A59E-6B24F03218FF}
2017-08-14 22:25 - 2014-08-02 20:19 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-08-14 13:13 - 2017-06-29 19:36 - 000003550 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-08-14 13:13 - 2017-06-08 00:54 - 000003540 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-08-13 20:48 - 2017-02-11 17:46 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-13 10:31 - 2017-06-08 00:35 - 000000000 ____D C:\Users\Márcio
2017-08-13 10:17 - 2017-03-18 23:01 - 000000000 ____D C:\Windows\INF
2017-08-12 18:33 - 2017-06-08 00:54 - 000003484 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2017-08-12 12:20 - 2016-04-21 13:22 - 000000000 ____D C:\Users\Márcio\AppData\Roaming\MPC-HC
2017-08-12 12:19 - 2016-03-06 15:27 - 000000000 ____D C:\Users\Márcio\AppData\Local\Ares
2017-08-12 11:24 - 2017-07-09 21:20 - 000000000 ____D C:\Users\Márcio\AppData\Local\GoToMeeting
2017-08-12 11:24 - 2017-06-08 00:54 - 000003792 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-1209883281-597615554-778349054-1002
2017-08-12 11:24 - 2017-06-08 00:54 - 000003696 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-1209883281-597615554-778349054-1002
2017-08-12 11:02 - 2016-04-03 16:20 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-08-11 20:35 - 2016-02-04 17:03 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-08-10 20:41 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\rescache
2017-08-10 13:54 - 2014-08-08 22:03 - 000000000 ____D C:\ProgramData\Skype
2017-08-10 13:53 - 2017-06-08 02:17 - 000794600 _____ C:\Windows\system32\prfh0816.dat
2017-08-10 13:53 - 2017-06-08 02:17 - 000172988 _____ C:\Windows\system32\prfc0816.dat
2017-08-10 13:53 - 2017-06-08 00:53 - 001857950 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-10 13:50 - 2015-09-10 07:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-10 11:23 - 2017-03-18 23:03 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2017-08-10 11:23 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2017-08-10 11:23 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\WinMetadata
2017-08-10 11:23 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2017-08-10 11:23 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\oobe
2017-08-10 11:23 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\ShellExperiences
2017-08-10 11:23 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-10 11:23 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-09 22:52 - 2017-06-08 00:54 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-08-09 21:45 - 2017-03-18 22:51 - 000000000 ____D C:\Windows\CbsTemp
2017-08-09 21:41 - 2014-08-08 22:15 - 000000000 ____D C:\Windows\system32\MRT
2017-08-09 21:37 - 2014-08-08 22:15 - 140394280 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-08-06 19:46 - 2016-06-12 18:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2017-08-06 19:46 - 2016-06-12 18:02 - 000000000 ____D C:\Program Files (x86)\Freemake
2017-08-05 18:10 - 2014-08-02 20:14 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-05 18:10 - 2014-08-02 19:51 - 000000000 ____D C:\Users\Márcio\AppData\Local\Packages
2017-07-31 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:15 - 2017-03-18 23:06 - 000177648 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2014-08-08 14:14 - 2014-08-23 16:02 - 027045552 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-08-02 19:52 - 2017-08-14 23:05 - 000000062 _____ () C:\Users\Márcio\AppData\Roaming\sp_data.sys
2017-06-08 00:32 - 2017-06-08 00:32 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-13 06:09 - 2012-09-07 13:40 - 000000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-13 06:09 - 2009-07-22 12:04 - 000024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-13 06:09 - 2012-09-07 13:37 - 000000103 _____ () C:\ProgramData\SetStretch.VBS

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-08-05 21:20

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-08-2017
Ran by Márcio (15-08-2017 00:33:21)
Running from C:\Users\Márcio\Desktop
Windows 10 Home Version 1703 (X64) (2017-06-07 23:06:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1209883281-597615554-778349054-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1209883281-597615554-778349054-503 - Limited - Disabled)
Guest (S-1-5-21-1209883281-597615554-778349054-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1209883281-597615554-778349054-1004 - Limited - Enabled)
Márcio (S-1-5-21-1209883281-597615554-778349054-1002 - Administrator - Enabled) => C:\Users\Márcio

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Actualizações da NVIDIA 16.13.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 16.13.65 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 17.012.20095 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Ares (HKLM-x32\...\Ares) (Version: 2.4.3-Build#3067 - AresGalaxy)
ASUS Console (HKLM\...\{6D989E08-8143-4AB8-B0A8-5B836235CAA4}) (Version: 1.0.4 - ASUS)
Asus FaceID (HKLM-x32\...\{C4071085-DDF0-403F-90F9-27582FC22C9B}) (Version: 7.6.8.3 - ASUS)
ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.1.4 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.1 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
ASUSDVD (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5712.52 - CyberLink Corp.) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5712.52 - CyberLink Corp.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version:  - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Catálogo/MadeForYou v1.6.111 (HKLM-x32\...\Made4U_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 32.4.23 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Freemake Video Converter versão 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Ellora Assets Corporation)
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 8.9.0.7454 (HKU\S-1-5-21-1209883281-597615554-778349054-1002\...\GoToMeeting) (Version: 8.9.0.7454 - LogMeIn, Inc.)
Hofmann 9.8 (HKLM-x32\...\{8200D8BE-953F-4290-BDD3-3AF7FF2BE5ED}) (Version: 9.8 - Hofmann)
iCloud (HKLM\...\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}) (Version: 6.2.1.67 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1342.2) (HKLM\...\{302600C1-6BDF-4FD1-1311-148929CC1385}) (Version: 3.1.1311.0402 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{eff1d9d1-41fa-49ef-a986-082bfe49c293}) (Version: 16.8.0 - Intel Corporation)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
K-Lite Mega Codec Pack 11.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
Kodi (HKU\S-1-5-21-1209883281-597615554-778349054-1002\...\Kodi) (Version:  - XBMC-Foundation)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Casa e Estudantes 2013 - pt-pt (HKLM\...\HomeStudentRetail - pt-pt) (Version: 15.0.4937.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1209883281-597615554-778349054-1002\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA Controlador gráfico 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA O software do sistema PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0816-0000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7135 - Realtek Semiconductor Corp.)
RLinkToolbox 3.3.0.1896 (HKLM-x32\...\RLinkToolbox) (Version: 3.3.0.1896 - TomTom)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.13.65 - NVIDIA Corporation) Hidden
SIL Editor 5.0.0.12 (HKLM-x32\...\SIL Editor_is1) (Version: 5.0.0.12 - SiComponents)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.39 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{99D9BA8C-AA54-48FC-B782-F7C506CF1ECC}) (Version: 1.0.0.0 - Samsung )
Suporte para Aplicações Apple (32-bits) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Suporte para Aplicações Apple (64-bits) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.9.384 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.10.25 - WildTangent)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Driver Package - ASUS (ATP) Mouse  (08/01/2015 10.0.0.5) (HKLM\...\B267A462F49A1ACD7A2EC5C262BA0DC7D7B23891) (Version: 08/01/2015 10.0.0.5 - ASUS)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.9.384\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.9.384\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.9.384\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-03-16] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Windows\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-10] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-11-30] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-08-01] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06444BAA-7610-45AF-BF8D-97337F411054} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {08973E86-8985-4603-AF83-0542CB99A405} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-12-27] (Realtek Semiconductor)
Task: {0CA36334-ECE1-43FA-8C8C-505333AD1AD2} - System32\Tasks\G2MUploadTask-S-1-5-21-1209883281-597615554-778349054-1002 => C:\Users\Márcio\AppData\Local\GoToMeeting\7454\g2mupload.exe [2017-08-12] (LogMeIn, Inc.)
Task: {18515F25-30D8-4C59-8646-B430EA1B229F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {18A34A52-8EDE-4B4C-BC64-CD03A37FD620} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {19E888EF-1874-4823-B868-BC3DDB57D73D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {227E1939-458C-4D5E-A636-60ED0336B2A5} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] ()
Task: {2B9F339E-364F-4C67-95BE-6DEEB3F545E6} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {2EE3F14B-1ECE-4A04-AA39-AAFD72AB7F88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {3B2ABBEA-451F-45FF-9B9F-75807918186C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-08-09] (Microsoft Corporation)
Task: {3E73128C-9943-4127-935B-FCD3AAE4689C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {42B35197-1B55-4A62-97D1-2300135E3A0A} - System32\Tasks\ASUS Console => C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe [2013-12-26] (ASUSTek Computer Inc.)
Task: {47006896-6656-464F-8CAA-455EA7DB8728} - \WPD\SqmUpload_S-1-5-21-1209883281-597615554-778349054-1002 -> No File <==== ATTENTION
Task: {51633BBC-5D1D-4FA4-9E45-38A7C1F0B2D9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {532C9825-5A70-45F7-80B8-3FFBFCC5CA69} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1209883281-597615554-778349054-1002 -> No File <==== ATTENTION
Task: {5A5E5883-4ACE-4BC5-9252-BE20A15F8C06} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-03-28] ()
Task: {73AF3410-DB9F-4CEA-90BB-E4B846A6FDD9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1209883281-597615554-778349054-1002UA => C:\Users\Márcio\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-16] (Facebook Inc.)
Task: {76BFEFEC-363D-4AB1-9827-C6880CC4B053} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {7DF23B01-6F5A-4301-9D26-33AD883B0AFB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {97ED6FF9-A816-42A1-A2A2-FD56E05BE4AE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {9968B27A-9557-4970-AA86-AAF345D17A0E} - System32\Tasks\{7D42B218-D29F-4DE2-96C5-96697BA05487} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.2.0.103/pp/abandoninstall?page=tsMain
Task: {A0DCFE26-05A1-475D-9269-45F821AB5925} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A28469C5-A756-41DA-9B39-B25ADAAC38CE} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {A6D4967C-549D-4264-9F33-151AACF9E56F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1209883281-597615554-778349054-1002Core => C:\Users\Márcio\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-16] (Facebook Inc.)
Task: {AADFB9E1-3345-4281-97BE-6F82BB050520} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AB70D130-3FF7-4C93-A538-4DF6258AADDB} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2013-08-29] ()
Task: {AFE3BBCE-99F7-458D-BDED-0AB2AFF42A2E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B2DDA080-AB02-43B8-86E9-19263D4B7755} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {BE41ABAC-5506-4BB9-9C94-9ED430B95249} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {BE8B4855-6B77-4958-B71A-10F6263ABBD3} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-03-16] (Apple Inc.)
Task: {C4771124-932A-477C-BF0A-131631707881} - System32\Tasks\G2MUpdateTask-S-1-5-21-1209883281-597615554-778349054-1002 => C:\Users\Márcio\AppData\Local\GoToMeeting\7454\g2mupdate.exe [2017-08-12] (LogMeIn, Inc.)
Task: {C5B3129E-EE0A-4FC9-9470-B9B45DD27D12} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {C6FD1907-C9BD-4BB9-95C5-33FB9AF40257} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-01-07] (Realtek Semiconductor)
Task: {CC001149-5187-4588-ABF1-B72B504FFED2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-04] (Dropbox, Inc.)
Task: {CF071E81-28A5-47B6-83C3-D4C1D342842D} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-29] (ASUS)
Task: {D046B753-56FF-463A-A537-60EF6B579985} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] ()
Task: {D6227576-143B-4D1C-A035-33CA7BF3CF88} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-04] (Dropbox, Inc.)
Task: {D68D7582-BD6F-41D4-AE82-A83D577DA602} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {DB9B8624-9077-4F2B-A427-039B9732FCD0} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] ()
Task: {DD59FF91-EA3E-4B35-9CB3-D91042D78B0A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {DDE093D7-77A1-489B-9067-686CA485E720} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-03-09] (AsusTek)
Task: {DEDE6352-74CD-441E-A4ED-C597336CC070} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DF37726B-086E-4605-9268-979626F8616E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {DF92BC98-742A-4A1D-8608-8A33872050BF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1209883281-597615554-778349054-1002Core.job => C:\Users\Márcio\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1209883281-597615554-778349054-1002UA.job => C:\Users\Márcio\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1209883281-597615554-778349054-1002.job => C:\Users\Márcio\AppData\Local\GoToMeeting\7454\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1209883281-597615554-778349054-1002.job => C:\Users\Márcio\AppData\Local\GoToMeeting\7454\g2mupload.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-03-16 16:08 - 2017-03-16 16:08 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-02 20:01 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 05:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-30 13:22 - 2017-06-30 13:22 - 000073728 _____ () C:\Program Files\CCleaner\lang\lang-2070.dll
2017-08-05 18:10 - 2017-08-02 09:39 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libglesv2.dll
2017-08-05 18:10 - 2017-08-02 09:39 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libegl.dll
2017-03-16 16:09 - 2017-03-16 16:09 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-16 16:09 - 2017-03-16 16:09 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-07-24 15:57 - 2017-07-24 15:57 - 001991640 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2014-03-15 00:52 - 2013-09-03 18:52 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1209883281-597615554-778349054-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Márcio\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\10687243_945055635510810_9169150309747078363_o.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKU\S-1-5-21-1209883281-597615554-778349054-1002\...\StartupApproved\Run: => "GarminExpressTrayApp"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{45B9E037-5BA7-4A19-AFAB-8A359CBE7F08}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [UDP Query User{81DC4B9B-61BB-4F0A-96EE-088F40061B91}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{6FA579A1-6AD0-4BAF-9308-8EBCBD1F337C}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{97309C5C-3F2C-4C14-9950-B514110EE919}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D936B39-1970-4EDE-8DF0-25BCB42C3412}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CB90F856-0BBA-4472-9D69-EEB0CD5183FB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{10ADE88F-19CE-49FD-8FFC-7616DF4E1A63}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{41E9B26B-E103-42B9-A6F7-C359860D6B19}D:\sat\dreambox 7000\dreambox control center\dcce2_150\dcc_e2.exe] => (Allow) D:\sat\dreambox 7000\dreambox control center\dcce2_150\dcc_e2.exe
FirewallRules: [TCP Query User{4091C6DC-5C90-4E25-9BD8-96179F247F1D}D:\sat\dreambox 7000\dreambox control center\dcce2_150\dcc_e2.exe] => (Allow) D:\sat\dreambox 7000\dreambox control center\dcce2_150\dcc_e2.exe
FirewallRules: [{B558299A-E661-417D-B7D6-EA2BFFD69F1E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{4DD8F100-4A24-4212-8996-22A6634CFE96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4359E2C8-4A5D-4236-B4B5-E9D008E03A3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{37D4E53A-A97E-4D1C-B24F-995E0F052E5F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E15C1223-691E-4E8E-AEB2-59AD1A0E2C95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CC9E3657-0582-4B32-B50F-7D7A919CF88B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{19F2D3AF-9C5E-425E-AC48-A257792BED5B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6231B4B6-D1E6-496F-A0E2-3D6B33BC642D}] => (Allow) C:\Users\Márcio\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{75C7FF80-7D08-4A4E-AE54-95A5453FF3C9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4D9F17B4-6622-4DB4-BFDB-B85C2E52080C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{6F1FEE9B-B0E5-4D4C-A2AB-DFBFE7CA0006}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D7693203-66F5-4CB0-9B60-855009596B7B}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{38C1093D-66D1-4989-9AD4-04CBA2A913D8}D:\sat\dreambox 7000\dreambox control center\dcce2_150\dcc_e2.exe] => (Allow) D:\sat\dreambox 7000\dreambox control center\dcce2_150\dcc_e2.exe
FirewallRules: [UDP Query User{6563A072-EAE2-4DB0-807E-8E664C337F82}D:\sat\dreambox 7000\dreambox control center\dcce2_150\dcc_e2.exe] => (Allow) D:\sat\dreambox 7000\dreambox control center\dcce2_150\dcc_e2.exe
FirewallRules: [TCP Query User{9A61F5D2-45EC-4242-AC22-DEA14EC80840}D:\sat\dreambox 7000\dreambox control center\dcce2_144\dcc_e2.exe] => (Block) D:\sat\dreambox 7000\dreambox control center\dcce2_144\dcc_e2.exe
FirewallRules: [UDP Query User{0CB83D0F-A90E-45CF-A610-EE738C35B309}D:\sat\dreambox 7000\dreambox control center\dcce2_144\dcc_e2.exe] => (Block) D:\sat\dreambox 7000\dreambox control center\dcce2_144\dcc_e2.exe
FirewallRules: [TCP Query User{0C57F4C0-6F3F-4089-B734-A99EBED4E391}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [UDP Query User{63996F5E-0561-4352-8D46-D3C583861DC7}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [TCP Query User{D7CB4322-44C6-4681-8725-1D664D234829}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [UDP Query User{181FA6ED-0887-4246-AF96-37EB9354E9B5}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [TCP Query User{F66DDEF7-6066-4B0F-B04E-8C963E0B05F4}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [UDP Query User{D9F403E2-7983-4E69-AFA3-92EA81945AC9}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [TCP Query User{595C54BD-F1FC-4DB2-861E-AC768E1054CE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{B6997600-326D-4F8E-9C4E-F738596983F0}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{B273C3A9-10A7-4A09-ACCE-5ACCBFB553B3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F4DDC2D4-69B9-454A-B9EA-CACCA5DD7C77}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2788C37D-67D8-4374-9D4A-1AABC4227B77}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0B767B06-6911-4823-BB0D-58F03DCF3B17}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5D59C00C-C6DF-4F74-9C25-1F57378AE443}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9F2045E6-EFE9-4627-ABAD-6A786488125A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

05-08-2017 21:57:04 Scheduled Checkpoint
09-08-2017 21:34:49 Windows Update
09-08-2017 21:36:01 Windows Update
14-08-2017 23:03:46 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/14/2017 10:58:55 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: A ignorar: a validação de Eap method DLL path falhou. Erro: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (08/14/2017 10:58:55 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: A ignorar: a validação de Eap method DLL path falhou. Erro: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (08/14/2017 10:58:55 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: A ignorar: a validação de Eap method DLL path falhou. Erro: typeId=17, authorId=9, vendorId=0, vendorType=0

Error: (08/14/2017 10:58:55 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: A ignorar: a validação de Eap method DLL path falhou. Erro: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (08/14/2017 10:58:55 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: A ignorar: a validação de Eap method DLL path falhou. Erro: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (08/14/2017 10:58:55 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: A ignorar: a validação de Eap method DLL path falhou. Erro: typeId=17, authorId=9, vendorId=0, vendorType=0

Error: (08/14/2017 01:13:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: esu.exe, versão: 1.0.0.0, carimbo de data/hora: 0x58dac8d5
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.15063.502, carimbo de data/hora: 0xc3955624
Código de exceção: 0xe0434352
Desvio de falha: 0x000eb802
ID do processo com falha: 0x1d80
Hora de início da aplicação com falha: 0x01d314ee3ab9f81b
Caminho da aplicação com falha: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe
Caminho do módulo com falha: C:\Windows\System32\KERNELBASE.dll
ID do Relatório: 577c118b-d0b2-4128-89a0-12ddecb43468
Nome completo do pacote com falha: 
ID da aplicação relativa ao pacote com falha:

Error: (08/14/2017 01:13:22 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: esu.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61.MoveNext()
   at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<UpdateDatacenterOverridesAsync>d__61 ByRef)
   at Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean)
   at Garmin.Omt.Service.Shared.Overrides..cctor()

Exception Info: System.TypeInitializationException
   at Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl()
   at Garmin.Omt.Express.SelfUpdater.Program.RealMain()
   at Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[])

Error: (08/14/2017 12:17:18 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração do contexto de ativação para "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Erro no ficheiro de política ou manifesto  na linha .
Uma versão de componente necessária para a aplicação está em conflito com outra versão de componente já ativa.
Os componentes em conflito são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (08/14/2017 12:15:46 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração do contexto de ativação para "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Erro no ficheiro de política ou manifesto  na linha .
Uma versão de componente necessária para a aplicação está em conflito com outra versão de componente já ativa.
Os componentes em conflito são:
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.Windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.


System errors:
=============
Error: (08/14/2017 11:05:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço NVIDIA Streamer Service terminou inesperadamente. Isto aconteceu 1 vez(es).

Error: (08/14/2017 11:03:24 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: O servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} não foi registado no DCOM dentro do tempo limite necessário.

Error: (08/14/2017 11:03:02 PM) (Source: DCOM) (EventID: 10010) (User: ASUS)
Description: O servidor {14286318-B6CF-49A1-81FC-D74AD94902F9} não foi registado no DCOM dentro do tempo limite necessário.

Error: (08/14/2017 11:00:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As definições de permissão de application-specific não concedem permissão de Local Activation para a aplicação de Servidor COM com CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 e APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 ao SID (S-1-5-19) de utilizador NT AUTHORITY\LOCAL SERVICE a partir do endereço LocalHost (Using LRPC) em execução no SID (Unavailable) de contentor aplicacional Unavailable. Esta permissão de segurança pode ser modificada utilizando a ferramenta administrativa de Serviços de Componentes.

Error: (08/14/2017 11:00:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As definições de permissão de application-specific não concedem permissão de Local Activation para a aplicação de Servidor COM com CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 e APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 ao SID (S-1-5-19) de utilizador NT AUTHORITY\LOCAL SERVICE a partir do endereço LocalHost (Using LRPC) em execução no SID (Unavailable) de contentor aplicacional Unavailable. Esta permissão de segurança pode ser modificada utilizando a ferramenta administrativa de Serviços de Componentes.

Error: (08/14/2017 11:00:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As definições de permissão de application-specific não concedem permissão de Local Activation para a aplicação de Servidor COM com CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 e APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 ao SID (S-1-5-19) de utilizador NT AUTHORITY\LOCAL SERVICE a partir do endereço LocalHost (Using LRPC) em execução no SID (Unavailable) de contentor aplicacional Unavailable. Esta permissão de segurança pode ser modificada utilizando a ferramenta administrativa de Serviços de Componentes.

Error: (08/14/2017 11:00:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: As definições de permissão de application-specific não concedem permissão de Local Activation para a aplicação de Servidor COM com CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 e APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 ao SID (S-1-5-19) de utilizador NT AUTHORITY\LOCAL SERVICE a partir do endereço LocalHost (Using LRPC) em execução no SID (Unavailable) de contentor aplicacional Unavailable. Esta permissão de segurança pode ser modificada utilizando a ferramenta administrativa de Serviços de Componentes.

Error: (08/14/2017 11:00:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Connected Devices Platform User Service_52b44 terminou com o seguinte erro: 
Erro não especificado

Error: (08/14/2017 10:59:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: O serviço Freemake Improver falhou o arranque devido ao seguinte erro: 
O serviço não respondeu ao pedido de início ou controlo atempadamente.

Error: (08/14/2017 10:59:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Foi atingido o tempo limite (30000 milissegundos) ao aguardar pela ligação do serviço Freemake Improver.


CodeIntegrity:
===================================
  Date: 2017-08-15 00:27:00.160
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-13 10:06:04.860
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-13 10:06:04.849
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-12 22:00:56.357
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-12 22:00:56.355
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-12 12:38:30.681
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-12 12:38:29.610
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-12 12:31:05.032
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-12 12:06:27.312
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-12 12:06:27.308
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 24%
Total physical RAM: 12171.06 MB
Available physical RAM: 9229.88 MB
Total Virtual: 14027.06 MB
Available Virtual: 11196.91 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:285.41 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:471.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 76B5D821)

Partition: GPT.

==================== End of Addition.txt ============================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Fix result of Farbar Recovery Scan Tool (x64) Version: 16-08-2017
Ran by Márcio (16-08-2017 22:45:42) Run:1
Running from C:\Users\Márcio\Desktop
Loaded Profiles: Márcio (Available Profiles: Márcio)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION 
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR HKU\S-1-5-21-1209883281-597615554-778349054-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
Task: {18A34A52-8EDE-4B4C-BC64-CD03A37FD620} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {19E888EF-1874-4823-B868-BC3DDB57D73D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {47006896-6656-464F-8CAA-455EA7DB8728} - \WPD\SqmUpload_S-1-5-21-1209883281-597615554-778349054-1002 -> No File <==== ATTENTION
Task: {51633BBC-5D1D-4FA4-9E45-38A7C1F0B2D9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {532C9825-5A70-45F7-80B8-3FFBFCC5CA69} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1209883281-597615554-778349054-1002 -> No File <==== ATTENTION
Task: {97ED6FF9-A816-42A1-A2A2-FD56E05BE4AE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {AADFB9E1-3345-4281-97BE-6F82BB050520} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AFE3BBCE-99F7-458D-BDED-0AB2AFF42A2E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BE41ABAC-5506-4BB9-9C94-9ED430B95249} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D68D7582-BD6F-41D4-AE82-A83D577DA602} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {DD59FF91-EA3E-4B35-9CB3-D91042D78B0A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {DEDE6352-74CD-441E-A4ED-C597336CC070} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DF37726B-086E-4605-9268-979626F8616E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
EmptyTemp:
end

*****************

Restore point was successfully created.
HKLM\SOFTWARE\Policies\Google => key removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
HKU\S-1-5-21-1209883281-597615554-778349054-1002\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18A34A52-8EDE-4B4C-BC64-CD03A37FD620} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18A34A52-8EDE-4B4C-BC64-CD03A37FD620} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19E888EF-1874-4823-B868-BC3DDB57D73D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19E888EF-1874-4823-B868-BC3DDB57D73D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47006896-6656-464F-8CAA-455EA7DB8728} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47006896-6656-464F-8CAA-455EA7DB8728} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1209883281-597615554-778349054-1002 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51633BBC-5D1D-4FA4-9E45-38A7C1F0B2D9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51633BBC-5D1D-4FA4-9E45-38A7C1F0B2D9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{532C9825-5A70-45F7-80B8-3FFBFCC5CA69} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{532C9825-5A70-45F7-80B8-3FFBFCC5CA69} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1209883281-597615554-778349054-1002 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97ED6FF9-A816-42A1-A2A2-FD56E05BE4AE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97ED6FF9-A816-42A1-A2A2-FD56E05BE4AE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AADFB9E1-3345-4281-97BE-6F82BB050520} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AADFB9E1-3345-4281-97BE-6F82BB050520} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AFE3BBCE-99F7-458D-BDED-0AB2AFF42A2E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFE3BBCE-99F7-458D-BDED-0AB2AFF42A2E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE41ABAC-5506-4BB9-9C94-9ED430B95249} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE41ABAC-5506-4BB9-9C94-9ED430B95249} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D68D7582-BD6F-41D4-AE82-A83D577DA602} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D68D7582-BD6F-41D4-AE82-A83D577DA602} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD59FF91-EA3E-4B35-9CB3-D91042D78B0A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD59FF91-EA3E-4B35-9CB3-D91042D78B0A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DEDE6352-74CD-441E-A4ED-C597336CC070} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEDE6352-74CD-441E-A4ED-C597336CC070} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF37726B-086E-4605-9268-979626F8616E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF37726B-086E-4605-9268-979626F8616E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9986048 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30422559 B
Java, Flash, Steam htmlcache => 728 B
Windows/system/drivers => 196167375 B
Edge => 1361 B
Chrome => 578397839 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 6492 B
Márcio => 499403355 B

RecycleBin => 39401535 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:48:27 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe Security Check, by glax24 e salve na sua área de trabalho.

* No Windows Vista, 7, 8 e 10:

Clique com o direito sobre o SecurityCheck.exe e selecione Executar como administrador.

Aguarde enquanto a ferramenta faz o exame.

Ao final, abrirá um log, o SecurityCheck.txt. Este log é salvo em C: (Disco local) na pasta SecurityCheck que foi criada.

Selecione, copie e cole o conteúdo deste log na sua próxima resposta.

 


 

 

xerl_roums_16.JPG

Compartilhar este post


Link para o post
Compartilhar em outros sites

SecurityCheck by glax24 & Severnyj v.1.4.0.52 [25.07.17]
WebSite: www.safezone.cc
DateLog: 17.08.2017 00:27:42
Path starting: C:\Users\Márcio\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Márcio
VersionXML: 4.56is-14.08.2017
___________________________________________________________________________

Windows 10(6.3.15063) (x64) Core Release: 1703 Lang: English(0809)
Installation date OS: 07.06.2017 23:06:50
LicenseStatus: Windows(R), Core edition The machine is permanently activated.
LicenseStatus: Office 15, OfficeHomeStudentR_Retail edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [372.6 Gb] Used: [87.9 Gb] Free: [284.7 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.540.15063.0 [+]
User Account Control enabled
Automatically download and schedule installation
Windows Update (wuauserv) - The service is running
Centro de segurança (wscsvc) - The service is running
Registo remoto (RemoteRegistry) - The service has stopped
Deteção SSDP (SSDPSRV) - The service is running
Serviços de Ambiente de Trabalho Remoto (TermService) - The service has stopped
Gestão Remota do Windows (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Firewall do Windows (MpsSvc) - The service is running
Disabled the public profile of Windows Firewall
Disabled the standard profile for Windows Firewall
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
ESET Online Scanner v3
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware versão 2.2.1.1043 v.2.2.1.1043
--------------------------- [ OtherUtilities ] ----------------------------
WinRAR 5.21 (64-bit) v.5.21.0 Warning! Download Update
Microsoft Silverlight v.5.1.50907.0
TeamViewer 11 v.11.0.66695 Warning! Download Update
TeamViewer 11 (TeamViewer) - The service is running
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.39 v.7.39.102
--------------------------- [ AppleProduction ] ---------------------------
Bonjour v.3.1.0.1
iTunes v.12.6.0.100 Warning! Download Update
^Please use Apple Software Update tool.^
QuickTime 7 v.7.76.80.95 Warning! This software is no longer supported. Please uninstall it and use another software.
Serviço de Bonjour (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Shockwave Player 12.1 v.12.1.7.157 Warning! Download Update
Adobe Acrobat Reader DC - Português v.17.012.20095 [+]
------------------------------- [ Browser ] -------------------------------
Google Chrome v.60.0.3112.90
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.60.0.3112.90
------------------ [ AntivirusFirewallProcessServices ] -------------------
C:\Program Files\Windows Defender\MsMpEng.exe v.4.11.15063.447
C:\Program Files\Windows Defender\NisSrv.exe v.4.11.15063.0
C:\Program Files\Windows Defender\MSASCuiL.exe v.4.11.15063.0
Serviço Antivírus do Windows Defender (WinDefend) - The service is running
Serviço de Inspeção de Rede do Antivírus do Windows Defender (WdNisSvc) - The service is running
---------------------------- [ UnwantedApps ] -----------------------------
Update Installer for WildTangent Games App << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
WildTangent Games App v.4.0.10.25 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
Skype Click to Call v.8.5.0.9167 Warning! Browser's toolbar. It can slow down the working of your browser and have violation privacy problems.
----------------------------- [ End of Log ] ------------------------------
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

×