Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
luishtr

Lentidão, uso do disco em 100%

Recommended Posts

Boa noite.

 

Meu pc tem estado muito lento e reparei que passa boa parte do tempo com o uso do disco em 100%.

Segue em anexo o log do ZA-scan.

 

Grato

ZA-Scan.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @luishtr

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Clique duas vezes para executar o jrt.exe.
 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 3 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • Prezado @diego_moicano agradeço pela ajuda.

     

    Seguem em anexo os log's. Durante o scan do ZHPCleaner apareceu uma mensagem, e cliquei em "Sim" mas não tinha certeza da informação. Está em anexo também o print dessa mensagem.

     

    Atenciosamente

    AdwCleaner[C0].txt

    JRT.txt

    print.jpg

    ZHPCleaner.txt

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @luishtr

     

    Ok!

     

    Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

     

    Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


    32 bit (x86) ou 64 bit (x64)

     

    • Clique duas vezes para executar a ferramenta.
      • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
    • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar.
    • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop).
    • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta.
    • Anexe o log Addition.txt

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Aqui está.

     

    Grato.

     

    Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 14-08-2016
    Executado por Luís Henrique (administrador) em PC-LUIS (15-08-2016 09:34:53)
    Executando a partir de C:\Users\LuísHenrique\Desktop
    Perfis Carregados: Luís Henrique (Perfis Disponíveis: Luís Henrique & Convidado)
    Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Português (Brasil)
    Internet Explorer Versão 11 (Navegador padrão: Chrome)
    Modo da Inicialização: Normal
    Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processos (Whitelisted) =================

    (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

    () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
    (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
    (National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
    (National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    (National Instruments Corporation) C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
    (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe


    ==================== Registro (Whitelisted) ===========================

    (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-02] (Realtek Semiconductor)
    HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [704344 2015-02-05] (Alps Electric Co., Ltd.)
    HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Hewlett-Packard)
    HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Hewlett-Packard)
    HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Hewlett-Packard)
    HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
    HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [831064 2016-07-28] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
    HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
    HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-07-11] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-12-01] (Hewlett-Packard Development Company, L.P.)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-3010929395-2408178633-1518302278-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
    HKU\S-1-5-21-3010929395-2408178633-1518302278-1001\...\Run: [NIRegistrationWizard] => C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [847000 2013-04-19] ()
    HKU\S-1-5-21-3010929395-2408178633-1518302278-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
    HKU\S-1-5-21-3010929395-2408178633-1518302278-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-28] (Microsoft Corporation)
    HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILDE.EXE [297024 2014-12-02] (SEIKO EPSON CORPORATION)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2016-02-10]
    ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation)

    ==================== Internet (Whitelisted) ====================

    (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

    Winsock: Catalog5 07 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512 2014-06-06] (National Instruments Corporation)
    Winsock: Catalog5-x64 07 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [28560 2014-06-06] (National Instruments Corporation)
    Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
    Tcpip\..\Interfaces\{60413B54-0B0E-4ED4-8271-6DD328051CAF}: [DhcpNameServer] 192.168.25.1
    Tcpip\..\Interfaces\{7B35F4B5-AEFE-4D38-B513-8A68EDDF2062}: [DhcpNameServer] 201.17.128.73 201.17.128.78 201.6.4.116

    Internet Explorer:
    ==================
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPCON14/3
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/3
    HKU\S-1-5-21-3010929395-2408178633-1518302278-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPCON14/3
    HKU\S-1-5-21-3010929395-2408178633-1518302278-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/3
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-3010929395-2408178633-1518302278-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-27] (Oracle Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-27] (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)

    FireFox:
    ========
    FF ProfilePath: C:\Users\LuísHenrique\AppData\Roaming\Mozilla\Firefox\Profiles\phj2lqp2.default
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-27] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-27] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3010929395-2408178633-1518302278-1001: gastecnologia.com.br/sf/abn -> C:\Users\LuísHenrique\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll [2014-09-20] (GAS Tecnologia)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npIMAQAXControl.dll [2010-05-24] (National Instruments)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2011win32.dll [2012-07-13] (National Instruments)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll [2014-05-13] (National Instruments)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2013win32.dll [2013-06-20] (National Instruments)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)

    Chrome: 
    =======
    CHR Profile: C:\Users\LuísHenrique\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Segurança do navegador Avira) - C:\Users\LuísHenrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-08-13]
    CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\LuísHenrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-13]
    CHR Extension: (Chrome Media Router) - C:\Users\LuísHenrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-13]
    CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

    ==================== Serviços (Whitelisted) ========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [989696 2016-07-28] (Avira Operations GmbH & Co. KG)
    R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [472112 2016-07-28] (Avira Operations GmbH & Co. KG)
    R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [472112 2016-07-28] (Avira Operations GmbH & Co. KG)
    S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1453696 2016-07-28] (Avira Operations GmbH & Co. KG)
    R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [87384 2015-02-05] (Alps Electric Co., Ltd.)
    R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-07-11] (Avira Operations GmbH & Co. KG)
    R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [Arquivo não assinado]
    R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-05] (CyberLink)
    R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-05] (CyberLink)
    R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [573704 2014-12-01] (Hewlett-Packard Development Company, L.P.)
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
    S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
    R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2014-01-14] (National Instruments, Inc.)
    R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [53032 2014-06-09] (National Instruments Corporation)
    R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [63280 2014-06-09] (National Instruments Corporation)
    R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [84280 2014-07-16] (National Instruments Corporation)
    R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57184 2014-06-10] (National Instruments Corporation)
    S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [80736 2014-06-10] (National Instruments Corporation)
    R2 niauth; C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe [569152 2014-06-20] (National Instruments Corporation)
    R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [394544 2014-06-09] (National Instruments Corporation)
    S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
    R2 niLXIDiscovery; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [383352 2014-06-13] (National Instruments Corporation)
    R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [320368 2014-06-06] (National Instruments Corporation)
    R2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [177536 2014-06-19] (National Instruments Corporation)
    R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [89928 2014-06-06] (National Instruments Corporation)
    R2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57168 2014-06-10] (National Instruments Corporation)
    R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [687944 2013-06-15] (National Instruments Corporation)
    R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [Arquivo não assinado]
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-08-23] (Realtek Semiconductor)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
    S3 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]

    ===================== Drivers (Whitelisted) ==========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-17] (Qualcomm Atheros Communications, Inc.)
    R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-28] (Avira Operations GmbH & Co. KG)
    R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-28] (Avira Operations GmbH & Co. KG)
    R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-17] (Avira Operations GmbH & Co. KG)
    R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-06-02] (Avira Operations GmbH & Co. KG)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2016-08-08] (Malwarebytes Corporation)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
    S3 ni1045k; C:\Windows\system32\drivers\ni1045kl.sys [12984 2014-05-16] (National Instruments Corporation)
    S3 ni1065k; C:\Windows\system32\drivers\ni1065k.sys [30032 2014-05-16] (National Instruments Corporation)
    S3 nidimk; C:\Windows\system32\drivers\nidimkl.sys [15200 2014-03-13] (National Instruments Corporation)
    S3 nimdbgk; C:\Windows\system32\drivers\nimdbgkl.sys [15200 2014-03-13] (National Instruments Corporation)
    S3 nimxdfk; C:\Windows\system32\drivers\nimxdfkl.sys [15184 2014-03-13] (National Instruments Corporation)
    S3 niorbk; C:\Windows\system32\drivers\niorbkl.sys [15184 2014-03-12] (National Instruments Corporation)
    S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [15232 2014-06-05] (National Instruments Corporation)
    R0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [773464 2014-06-05] (National Instruments Corporation)
    S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [15224 2014-06-05] (National Instruments Corporation)
    R0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [19288 2014-02-28] (National Instruments Corporation)
    R0 nipxibaf; C:\Windows\System32\drivers\nipxibaf.sys [89992 2014-06-12] (National Instruments Corporation)
    R0 nipxibrc; C:\Windows\System32\drivers\nipxibrc.sys [70336 2014-05-16] (National Instruments Corporation)
    S3 nipxifpk; C:\Windows\system32\drivers\nipxifpk.sys [37272 2013-09-10] (National Instruments Corporation)
    S3 nipxigpk; C:\Windows\system32\drivers\nipxigpk.sys [22680 2011-08-09] (National Instruments Corporation)
    R2 nipxirmk; C:\Windows\system32\drivers\nipxirmkl.sys [15184 2014-01-09] (National Instruments Corporation)
    R3 NiViPciK; C:\Windows\System32\drivers\NiViPciKl.sys [15200 2014-09-13] (National Instruments Corporation)
    R2 NiViPxiK; C:\Windows\System32\drivers\NiViPxiKl.sys [15200 2014-09-13] (National Instruments Corporation)
    S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290520 2013-08-26] (Realtek Semiconductor Corp.)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
    R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
    S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena\plugins\UI\safedrv.sys [X]
    U3 McMPFSvc; não ImagePath
    U3 McNaiAnn; não ImagePath
    U3 mcpltsvc; não ImagePath
    U3 McProxy; não ImagePath
    U3 mfecore; não ImagePath
    U3 MSK80Service; não ImagePath
    S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
    S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


    ==================== Três Meses Criados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2016-08-15 09:34 - 2016-08-15 09:35 - 00022587 _____ C:\Users\LuísHenrique\Desktop\FRST.txt
    2016-08-15 09:34 - 2016-08-15 09:34 - 00000000 ____D C:\FRST
    2016-08-15 09:32 - 2016-08-15 09:32 - 02394624 _____ (Farbar) C:\Users\LuísHenrique\Desktop\FRST64.exe
    2016-08-15 08:25 - 2016-08-15 08:25 - 00095194 _____ C:\Users\LuísHenrique\Downloads\arquivo.pdf
    2016-08-13 12:38 - 2016-08-13 12:39 - 04270728 _____ C:\Users\LuísHenrique\Downloads\Introduction to Electrodynamics (solutions manual) - Griffiths.pdf
    2016-08-13 09:53 - 2016-08-13 09:53 - 00041739 _____ C:\Users\LuísHenrique\Desktop\ZHPCleaner.txt
    2016-08-13 09:25 - 2016-08-13 09:53 - 00000000 ____D C:\Users\LuísHenrique\AppData\Roaming\ZHP
    2016-08-13 09:25 - 2016-08-13 09:25 - 00000890 _____ C:\Users\LuísHenrique\Desktop\ZHPCleaner.lnk
    2016-08-13 09:14 - 2016-08-13 09:14 - 00000567 _____ C:\Users\LuísHenrique\Desktop\JRT.txt
    2016-08-13 09:10 - 2016-08-13 09:10 - 00001129 _____ C:\Users\LuísHenrique\Desktop\AdwCleaner[C0].txt
    2016-08-13 09:03 - 2016-08-13 09:06 - 00000000 ____D C:\AdwCleaner
    2016-08-13 09:01 - 2016-08-13 09:01 - 02341376 _____ C:\Users\LuísHenrique\Desktop\ZHPCleaner.exe
    2016-08-13 09:00 - 2016-08-13 09:00 - 00002163 _____ C:\Users\LuísHenrique\Desktop\a.txt
    2016-08-13 08:59 - 2016-08-13 08:59 - 03784256 _____ C:\Users\LuísHenrique\Desktop\adwcleaner_6.000.exe
    2016-08-13 08:59 - 2016-08-13 08:59 - 01610560 _____ (Malwarebytes) C:\Users\LuísHenrique\Desktop\JRT.exe
    2016-08-12 11:03 - 2016-08-12 11:03 - 00898368 _____ C:\Users\LuísHenrique\Downloads\AIII-2016.pdf
    2016-08-10 14:46 - 2016-08-10 14:46 - 00028824 _____ C:\Users\LuísHenrique\Downloads\ZA-Scan.txt
    2016-08-09 11:52 - 2016-08-14 11:52 - 00000380 _____ C:\Windows\Tasks\HPCeeScheduleForLuís Henrique.job
    2016-08-09 11:52 - 2016-08-09 11:52 - 00003210 _____ C:\Windows\System32\Tasks\HPCeeScheduleForLuís Henrique
    2016-08-08 22:15 - 2016-08-08 22:15 - 00028824 _____ C:\ZA-Scan.txt
    2016-08-08 22:09 - 2016-08-08 22:09 - 00000000 ____D C:\zoek_backup
    2016-07-31 22:02 - 2016-07-31 22:03 - 00000000 ____D C:\Users\LuísHenrique\AppData\Local\Windows Live
    2016-07-31 17:33 - 2016-07-31 17:33 - 00008253 _____ C:\Users\LuísHenrique\Downloads\Ontologia (1).pdf
    2016-07-31 08:24 - 2016-07-31 08:24 - 00028025 _____ C:\Users\LuísHenrique\Downloads\versaocurricularFilosofia 2009 Bacharelado.pdf
    2016-07-31 08:23 - 2016-07-31 08:23 - 00008253 _____ C:\Users\LuísHenrique\Downloads\Ontologia.pdf
    2016-07-26 20:19 - 2016-07-26 20:19 - 14699896 _____ C:\Users\LuísHenrique\Downloads\13775-42474-1-PB.pdf
    2016-07-26 20:14 - 2016-07-26 20:14 - 00415333 _____ C:\Users\LuísHenrique\Downloads\lfis.5wcp.pdf
    2016-07-26 20:14 - 2016-07-26 20:14 - 00378556 _____ C:\Users\LuísHenrique\Downloads\letj.2015.pdf
    2016-07-26 16:28 - 2016-07-26 16:28 - 02171954 _____ C:\Users\LuísHenrique\Downloads\Analise I - Djairo guedes Figueiredo Capitulo 1 (Números Reais).pdf
    2016-07-25 18:01 - 2016-07-25 18:01 - 00031780 _____ C:\Users\LuísHenrique\Downloads\geraldo-azevedo-fumar-pra-que.pdf
    2016-07-10 16:46 - 2016-07-10 16:46 - 00046592 _____ C:\Users\LuísHenrique\Downloads\horarios_MAT_diurno_2014_1s.xls
    2016-07-10 16:46 - 2016-07-10 16:46 - 00046080 _____ C:\Users\LuísHenrique\Downloads\horarios_MAT_diurno_2014_2s.xls
    2016-07-10 12:50 - 2016-07-10 12:50 - 09545162 _____ C:\Users\LuísHenrique\Downloads\%5bTel%5d_Chaotic_Dynamics_-_An_Introduction_Based_on_(BookZZ.org).pdf
    2016-07-05 09:45 - 2016-07-05 09:45 - 00000000 ____D C:\Users\LuísHenrique\Downloads\[1989] O Outro Lado da Banda
    2016-07-05 09:45 - 2016-07-05 09:45 - 00000000 ____D C:\Users\LuísHenrique\Downloads\[1978] Arruar
    2016-07-05 09:45 - 2016-07-05 09:45 - 00000000 ____D C:\Users\LuísHenrique\Downloads\[1976] Assim... Amém
    2016-07-05 09:45 - 2016-07-05 09:45 - 00000000 ____D C:\Users\LuísHenrique\Downloads\[1973] Vivência
    2016-07-05 09:44 - 2016-07-05 09:44 - 00000000 ____D C:\Users\LuísHenrique\Downloads\[1994] Acervo Especial
    2016-07-05 09:44 - 2016-07-05 09:44 - 00000000 ____D C:\Users\LuísHenrique\Downloads\[1992] Cristalina
    2016-07-05 09:44 - 2016-07-05 09:44 - 00000000 ____D C:\Users\LuísHenrique\Downloads\[1980] Nossa Dança
    2016-07-05 09:44 - 2016-07-05 09:44 - 00000000 ____D C:\Users\LuísHenrique\Downloads\[1979] Pelas Ruas do Recife
    2016-07-05 09:44 - 2016-07-05 09:44 - 00000000 ____D C:\Users\LuísHenrique\Downloads\[1974] Redenção
    2016-06-27 19:21 - 2016-06-27 19:21 - 09952669 _____ C:\Users\LuísHenrique\Downloads\Marion - Classical Dynamics of Particles and Systems Manual Solution.pdf
    2016-06-26 17:27 - 2016-06-26 17:27 - 00000000 ____D C:\Users\LuísHenrique\AppData\Local\GWX
    2016-06-25 20:10 - 2016-06-26 03:30 - 00000000 ___SD C:\Windows\system32\GWX
    2016-06-25 20:10 - 2016-06-25 20:10 - 00000000 ___SD C:\Windows\SysWOW64\GWX
    2016-06-25 20:10 - 2016-06-25 20:10 - 00000000 ____D C:\Windows\system32\appraiser
    2016-06-25 14:41 - 2014-04-15 20:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
    2016-06-25 14:41 - 2014-04-15 20:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
    2016-06-25 08:11 - 2016-06-03 14:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2016-06-25 08:11 - 2016-06-03 10:38 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2016-06-25 08:11 - 2016-06-02 14:51 - 00050352 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2016-06-25 08:11 - 2016-05-29 12:04 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2016-06-25 08:11 - 2016-05-29 12:04 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2016-06-25 08:11 - 2016-05-29 12:04 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2016-06-25 08:11 - 2016-05-29 12:04 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2016-06-25 08:11 - 2016-05-29 12:04 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
    2016-06-25 08:11 - 2016-05-29 12:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2016-06-25 08:11 - 2016-03-28 10:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2016-06-25 08:11 - 2015-07-14 18:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2016-06-25 08:11 - 2015-07-14 18:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
    2016-06-25 08:11 - 2015-07-14 18:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
    2016-06-25 08:11 - 2015-04-28 10:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
    2016-06-25 08:11 - 2015-04-28 10:13 - 00513480 _____ C:\Windows\system32\locale.nls
    2016-06-25 08:11 - 2015-03-19 22:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
    2016-06-25 08:11 - 2015-03-01 22:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
    2016-06-25 08:11 - 2015-03-01 22:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
    2016-06-25 08:11 - 2015-01-23 04:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
    2016-06-25 08:11 - 2015-01-23 02:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
    2016-06-25 08:11 - 2014-11-14 03:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
    2016-06-25 08:10 - 2016-02-08 22:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2016-06-25 08:10 - 2016-02-08 22:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2016-06-25 08:10 - 2016-02-08 22:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
    2016-06-25 08:10 - 2016-02-08 22:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
    2016-06-25 08:10 - 2016-02-08 22:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
    2016-06-25 08:10 - 2016-02-08 17:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
    2016-06-25 08:10 - 2016-02-08 17:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
    2016-06-25 08:10 - 2016-02-08 17:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
    2016-06-25 08:10 - 2016-02-08 16:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
    2016-06-25 08:10 - 2016-02-08 16:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
    2016-06-25 08:10 - 2016-02-08 16:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
    2016-06-25 08:10 - 2016-02-08 16:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
    2016-06-25 08:10 - 2016-02-08 16:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
    2016-06-25 08:10 - 2016-02-08 16:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
    2016-06-25 08:10 - 2016-02-08 16:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
    2016-06-25 08:10 - 2016-02-08 15:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
    2016-06-25 08:10 - 2016-02-08 14:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
    2016-06-25 08:10 - 2016-02-08 14:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
    2016-06-25 08:10 - 2016-02-08 14:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
    2016-06-25 08:10 - 2016-02-08 14:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
    2016-06-25 08:10 - 2016-02-08 13:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
    2016-06-25 08:10 - 2016-02-08 13:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
    2016-06-25 08:10 - 2016-02-08 13:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
    2016-06-25 08:10 - 2016-02-08 13:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
    2016-06-25 08:10 - 2016-02-08 13:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
    2016-06-25 08:10 - 2016-02-08 13:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
    2016-06-25 08:10 - 2016-02-08 13:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
    2016-06-25 08:10 - 2016-02-08 13:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
    2016-06-25 08:10 - 2016-02-08 13:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
    2016-06-25 08:10 - 2016-02-04 15:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
    2016-06-25 08:10 - 2016-02-04 14:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
    2016-06-25 08:10 - 2016-02-03 12:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
    2016-06-25 08:10 - 2016-02-02 14:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
    2016-06-25 08:10 - 2016-01-24 15:19 - 00419160 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
    2016-06-25 08:10 - 2016-01-24 15:19 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
    2016-06-25 08:10 - 2016-01-24 08:57 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
    2016-06-25 08:10 - 2016-01-24 08:45 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
    2016-06-25 08:10 - 2016-01-05 12:00 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2016-06-25 08:10 - 2015-04-09 21:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
    2016-06-25 08:10 - 2015-04-09 21:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
    2016-06-25 08:10 - 2015-04-01 01:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
    2016-06-25 08:10 - 2015-04-01 01:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
    2016-06-25 08:10 - 2015-04-01 01:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
    2016-06-25 08:10 - 2015-04-01 01:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
    2016-06-25 08:10 - 2015-04-01 00:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2016-06-25 08:10 - 2015-04-01 00:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
    2016-06-25 08:10 - 2015-04-01 00:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
    2016-06-25 08:10 - 2015-03-31 23:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
    2016-06-25 08:10 - 2015-03-31 23:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
    2016-06-25 08:10 - 2015-03-31 23:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2016-06-25 08:10 - 2015-03-31 23:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
    2016-06-25 08:10 - 2015-03-31 23:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
    2016-06-25 08:10 - 2015-03-31 23:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
    2016-06-25 08:10 - 2014-11-07 23:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
    2016-06-25 08:10 - 2014-11-07 23:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
    2016-06-25 08:08 - 2016-03-14 13:50 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
    2016-06-25 08:08 - 2016-02-05 12:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
    2016-06-25 08:08 - 2016-02-05 12:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
    2016-06-25 08:08 - 2016-02-05 12:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
    2016-06-25 08:08 - 2016-02-05 12:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2016-06-25 08:08 - 2016-02-04 13:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2016-06-25 08:08 - 2016-02-04 13:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
    2016-06-25 08:08 - 2016-02-02 14:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
    2016-06-25 08:08 - 2016-01-26 16:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
    2016-06-25 08:08 - 2016-01-21 16:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
    2016-06-25 08:08 - 2016-01-21 15:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
    2016-06-25 08:08 - 2015-11-19 11:33 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
    2016-06-25 08:08 - 2015-11-19 11:26 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
    2016-06-25 08:08 - 2015-08-22 10:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
    2016-06-25 08:08 - 2015-08-22 10:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
    2016-06-25 08:08 - 2015-07-16 15:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
    2016-06-25 08:08 - 2015-06-12 14:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
    2016-06-25 08:08 - 2015-06-12 13:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
    2016-06-25 08:08 - 2015-05-03 12:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-06-25 08:08 - 2015-05-03 11:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-06-25 08:08 - 2015-05-03 11:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
    2016-06-25 08:08 - 2015-05-03 11:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
    2016-06-25 08:08 - 2015-04-29 20:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
    2016-06-25 08:08 - 2015-04-09 21:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2016-06-25 08:08 - 2015-04-09 21:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
    2016-06-25 08:08 - 2014-12-19 05:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2016-06-25 08:08 - 2014-12-19 05:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2016-06-25 08:08 - 2014-11-09 23:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
    2016-06-25 08:08 - 2014-11-09 22:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
    2016-06-25 08:07 - 2016-04-14 12:25 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2016-06-25 08:07 - 2016-04-14 12:11 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2016-06-25 08:07 - 2016-03-10 16:17 - 01133752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2016-06-25 08:07 - 2016-03-10 14:48 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2016-06-25 08:07 - 2016-03-10 14:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
    2016-06-25 08:07 - 2016-03-10 13:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
    2016-06-25 08:07 - 2016-03-10 13:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
    2016-06-25 08:07 - 2016-01-31 16:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2016-06-25 08:07 - 2016-01-31 15:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2016-06-25 08:07 - 2016-01-31 14:42 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2016-06-25 08:07 - 2016-01-31 14:17 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
    2016-06-25 08:07 - 2016-01-31 14:14 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2016-06-25 08:07 - 2016-01-22 02:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
    2016-06-25 08:07 - 2016-01-22 02:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
    2016-06-25 08:07 - 2016-01-10 13:41 - 01707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
    2016-06-25 08:07 - 2016-01-10 13:31 - 01344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
    2016-06-25 08:07 - 2016-01-08 22:38 - 00091992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
    2016-06-25 08:07 - 2015-10-05 15:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
    2016-06-25 08:07 - 2015-08-28 19:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
    2016-06-25 08:07 - 2015-08-06 13:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
    2016-06-25 08:07 - 2015-08-06 13:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2016-06-25 08:07 - 2015-04-02 21:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
    2016-06-25 08:07 - 2015-04-02 21:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
    2016-06-25 08:07 - 2015-03-13 01:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
    2016-06-25 08:07 - 2015-03-13 01:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
    2016-06-25 08:07 - 2015-03-12 23:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
    2016-06-25 08:07 - 2015-03-05 23:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2016-06-25 08:07 - 2014-11-04 22:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
    2016-06-25 08:07 - 2014-11-04 22:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
    2016-06-25 08:06 - 2016-04-12 12:46 - 14467584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
    2016-06-25 08:06 - 2016-03-15 22:58 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2016-06-25 08:06 - 2016-03-15 22:58 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2016-06-25 08:06 - 2016-03-11 21:49 - 02466136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2016-06-25 08:06 - 2016-03-11 21:47 - 00160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
    2016-06-25 08:06 - 2016-03-11 21:47 - 00121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
    2016-06-25 08:06 - 2016-03-10 13:55 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
    2016-06-25 08:06 - 2016-03-10 13:52 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
    2016-06-25 08:06 - 2016-03-10 13:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
    2016-06-25 08:06 - 2016-02-27 15:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2016-06-25 08:06 - 2016-02-27 14:57 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
    2016-06-25 08:06 - 2016-02-27 14:19 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
    2016-06-25 08:06 - 2016-02-27 13:32 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2016-06-25 08:06 - 2016-02-05 16:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
    2016-06-25 08:06 - 2016-02-05 11:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
    2016-06-25 08:06 - 2016-02-03 12:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
    2016-06-25 08:06 - 2016-02-02 15:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
    2016-06-25 08:06 - 2016-01-27 12:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
    2016-06-25 08:06 - 2016-01-20 19:40 - 00099672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
    2016-06-25 08:06 - 2016-01-08 22:49 - 00218448 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
    2016-06-25 08:06 - 2016-01-08 22:49 - 00192120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
    2016-06-25 08:06 - 2015-10-08 13:11 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
    2016-06-25 08:06 - 2015-10-08 12:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
    2016-06-25 08:06 - 2015-09-04 16:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
    2016-06-25 08:06 - 2015-08-06 14:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
    2016-06-25 08:06 - 2015-08-06 13:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
    2016-06-25 08:06 - 2015-07-09 13:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2016-06-25 08:06 - 2015-06-11 17:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
    2016-06-25 08:06 - 2015-04-23 12:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
    2016-06-25 08:06 - 2015-04-23 12:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
    2016-06-25 08:06 - 2015-04-16 03:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
    2016-06-25 08:06 - 2015-04-08 19:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
    2016-06-25 08:06 - 2015-03-12 22:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
    2016-06-25 08:06 - 2015-03-12 21:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
    2016-06-25 08:06 - 2015-03-03 22:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
    2016-06-25 08:06 - 2015-03-03 22:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
    2016-06-25 08:06 - 2015-02-07 20:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
    2016-06-25 08:06 - 2015-02-07 20:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
    2016-06-25 08:06 - 2015-02-02 21:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
    2016-06-25 08:06 - 2015-02-02 21:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
    2016-06-25 08:06 - 2015-01-29 23:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
    2016-06-25 08:06 - 2015-01-29 23:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
    2016-06-25 08:06 - 2015-01-29 23:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
    2016-06-25 08:06 - 2015-01-29 22:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
    2016-06-25 08:06 - 2015-01-29 22:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
    2016-06-25 08:06 - 2015-01-29 22:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
    2016-06-25 08:06 - 2015-01-29 22:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
    2016-06-25 08:06 - 2015-01-29 22:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
    2016-06-25 08:06 - 2015-01-29 22:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
    2016-06-25 08:06 - 2015-01-29 22:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
    2016-06-25 08:06 - 2015-01-29 22:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
    2016-06-25 08:06 - 2015-01-29 22:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
    2016-06-25 08:06 - 2015-01-19 15:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
    2016-06-25 08:06 - 2014-12-11 02:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
    2016-06-25 08:06 - 2014-11-04 16:25 - 00059712 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
    2016-06-25 08:06 - 2014-11-04 16:25 - 00051008 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
    2016-06-25 08:06 - 2014-11-04 03:55 - 00026112 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
    2016-06-25 08:06 - 2014-11-04 03:54 - 00108544 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
    2016-06-25 08:06 - 2014-11-04 03:54 - 00032256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
    2016-06-25 08:06 - 2014-11-04 03:54 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
    2016-06-25 08:06 - 2014-10-30 20:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2016-06-25 08:06 - 2014-10-30 20:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2016-06-25 08:05 - 2016-04-12 12:30 - 12879872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
    2016-06-25 08:05 - 2016-03-10 14:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsparse.dll
    2016-06-25 08:05 - 2016-03-10 13:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsparse.dll
    2016-06-25 08:05 - 2016-03-05 14:44 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
    2016-06-25 08:05 - 2016-03-05 14:04 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
    2016-06-25 08:05 - 2016-02-02 14:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
    2016-06-25 08:05 - 2016-02-02 14:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
    2016-06-25 08:05 - 2016-02-02 14:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
    2016-06-25 08:05 - 2016-02-02 13:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2016-06-25 08:05 - 2016-02-02 13:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2016-06-25 08:05 - 2016-02-02 13:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
    2016-06-25 08:05 - 2016-02-02 13:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2016-06-25 08:05 - 2016-02-02 13:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2016-06-25 08:05 - 2016-01-06 20:46 - 00148752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
    2016-06-25 08:05 - 2016-01-06 20:45 - 00177712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
    2016-06-25 08:05 - 2016-01-06 13:47 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
    2016-06-25 08:05 - 2015-12-30 18:53 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2016-06-25 08:05 - 2015-12-30 17:49 - 00470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
    2016-06-25 08:05 - 2015-12-20 11:57 - 00839168 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
    2016-06-25 08:05 - 2015-12-20 11:56 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
    2016-06-25 08:05 - 2015-12-20 11:43 - 00696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
    2016-06-25 08:05 - 2015-09-29 09:24 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
    2016-06-25 08:05 - 2015-09-02 23:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2016-06-25 08:05 - 2015-09-02 23:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2016-06-25 08:05 - 2015-07-22 11:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2016-06-25 08:05 - 2015-07-22 10:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2016-06-25 08:05 - 2015-07-17 11:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2016-06-25 08:05 - 2015-07-17 11:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2016-06-25 08:05 - 2015-05-11 13:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
    2016-06-25 08:05 - 2015-04-24 23:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
    2016-06-25 08:05 - 2015-03-08 23:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
    2016-06-25 08:05 - 2015-03-06 00:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2016-06-25 08:05 - 2015-03-05 23:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2016-06-25 08:05 - 2015-01-28 22:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
    2016-06-25 08:05 - 2015-01-28 22:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
    2016-06-25 08:05 - 2015-01-27 00:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
    2016-06-25 08:05 - 2015-01-23 22:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
    2016-06-25 08:04 - 2016-02-06 20:05 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
    2016-06-25 08:04 - 2016-02-06 13:58 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-06-25 08:04 - 2016-02-06 13:32 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2016-06-25 08:04 - 2015-10-11 03:34 - 00468824 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
    2016-06-25 08:04 - 2015-10-11 03:34 - 00462168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
    2016-06-25 08:04 - 2015-10-11 03:34 - 00443224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
    2016-06-25 08:04 - 2015-10-11 03:34 - 00027992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
    2016-06-25 08:04 - 2015-10-10 15:41 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
    2016-06-25 08:04 - 2015-10-10 15:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
    2016-06-25 08:04 - 2015-10-03 16:41 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2016-06-25 08:04 - 2015-10-03 16:41 - 01124384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2016-06-25 08:04 - 2015-05-12 10:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
    2016-06-25 08:04 - 2015-05-07 12:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
    2016-06-25 08:04 - 2015-05-07 12:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
    2016-06-25 08:04 - 2015-04-13 19:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
    2016-06-25 08:04 - 2015-04-13 19:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
    2016-06-25 08:04 - 2015-04-01 19:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
    2016-06-25 08:04 - 2015-04-01 19:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
    2016-06-25 08:04 - 2015-04-01 00:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
    2016-06-25 08:04 - 2015-03-31 23:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
    2016-06-25 08:04 - 2015-01-27 23:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
    2016-06-25 08:04 - 2015-01-27 22:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
    2016-06-25 08:04 - 2014-04-08 19:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
    2016-06-25 08:04 - 2014-04-08 19:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
    2016-06-25 08:04 - 2014-04-08 15:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
    2016-06-25 08:04 - 2014-04-08 15:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
    2016-06-23 19:27 - 2016-07-31 22:06 - 00000000 ____D C:\Users\LuísHenrique\Downloads\fotos TamborMineiro
    2016-06-23 19:01 - 2016-06-23 19:10 - 2702270294 _____ C:\Users\LuísHenrique\Downloads\fotos TamborMineiro.rar
    2016-06-23 18:39 - 2016-06-23 18:47 - 892035087 _____ C:\Users\LuísHenrique\Downloads\_DSC0771.rar
    2016-06-23 18:39 - 2016-06-23 18:46 - 675932556 _____ C:\Users\LuísHenrique\Downloads\_DSC0711.rar
    2016-06-23 18:39 - 2016-06-23 18:46 - 601814754 _____ C:\Users\LuísHenrique\Downloads\_DSC0734.rar
    2016-06-23 18:37 - 2016-06-23 18:39 - 413627917 _____ C:\Users\LuísHenrique\Downloads\_DSC0710.rar
    2016-06-23 18:35 - 2016-06-23 18:37 - 555795656 _____ C:\Users\LuísHenrique\Downloads\_DSC0707.rar
    2016-06-23 18:34 - 2016-06-23 18:36 - 125075492 _____ C:\Users\LuísHenrique\Downloads\_DSC0698.rar
    2016-06-23 18:34 - 2016-06-23 18:35 - 145991391 _____ C:\Users\LuísHenrique\Downloads\_DSC0697.rar
    2016-06-22 09:42 - 2016-06-22 09:42 - 00315720 _____ C:\Users\LuísHenrique\Downloads\Horarios2016-2-Diurno (2).pdf
    2016-06-22 09:41 - 2016-06-22 09:41 - 00315720 _____ C:\Users\LuísHenrique\Downloads\Horarios2016-2-Diurno (1).pdf
    2016-06-22 09:41 - 2016-06-22 09:41 - 00289321 _____ C:\Users\LuísHenrique\Downloads\Horarios2016-2-Noturno.pdf
    2016-06-22 09:38 - 2016-06-22 09:38 - 00315720 _____ C:\Users\LuísHenrique\Downloads\Horarios2016-2-Diurno.pdf
    2016-06-15 07:38 - 2016-05-18 02:31 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2016-06-15 07:38 - 2016-05-18 02:31 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2016-06-15 07:38 - 2016-05-16 18:13 - 00563016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2016-06-15 07:38 - 2016-05-16 18:13 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2016-06-15 07:38 - 2016-05-16 18:13 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
    2016-06-15 07:38 - 2016-05-16 18:13 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2016-06-15 07:38 - 2016-05-13 20:09 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-06-15 07:38 - 2016-05-13 20:07 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2016-06-15 07:38 - 2016-05-13 20:07 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
    2016-06-15 07:38 - 2016-05-13 20:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2016-06-15 07:38 - 2016-05-13 20:04 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2016-06-15 07:38 - 2016-05-13 19:34 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2016-06-15 07:38 - 2016-05-13 19:19 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2016-06-15 07:38 - 2016-05-13 18:58 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2016-06-15 07:38 - 2016-05-12 15:38 - 00135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
    2016-06-15 07:38 - 2016-05-12 14:43 - 00115704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
    2016-06-15 07:38 - 2016-05-12 13:17 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
    2016-06-15 07:38 - 2016-05-12 13:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
    2016-06-15 07:38 - 2016-05-12 13:07 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
    2016-06-15 07:38 - 2016-05-12 12:59 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
    2016-06-15 07:38 - 2016-05-12 12:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
    2016-06-15 07:38 - 2016-05-12 12:37 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
    2016-06-15 07:38 - 2016-05-09 18:35 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
    2016-06-15 07:38 - 2016-05-09 17:56 - 05270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
    2016-06-15 07:38 - 2016-05-09 17:45 - 07793152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
    2016-06-15 07:38 - 2016-05-09 17:23 - 05265920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
    2016-06-15 07:38 - 2016-05-06 12:45 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
    2016-06-15 07:38 - 2016-05-06 12:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
    2016-06-15 07:37 - 2016-05-21 14:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-06-15 07:37 - 2016-05-21 13:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2016-06-15 07:37 - 2016-05-20 19:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-06-15 07:37 - 2016-05-20 19:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-06-15 07:37 - 2016-05-20 19:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-06-15 07:37 - 2016-05-20 18:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2016-06-15 07:37 - 2016-05-20 18:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2016-06-15 07:37 - 2016-05-20 18:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-06-15 07:37 - 2016-05-20 18:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2016-06-15 07:37 - 2016-05-20 18:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2016-06-15 07:37 - 2016-05-20 18:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2016-06-15 07:37 - 2016-05-20 18:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-06-15 07:37 - 2016-05-20 18:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-06-15 07:37 - 2016-05-20 18:25 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2016-06-15 07:37 - 2016-05-20 18:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2016-06-15 07:37 - 2016-05-20 18:21 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2016-06-15 07:37 - 2016-05-20 18:19 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2016-06-15 07:37 - 2016-05-20 18:16 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2016-06-15 07:37 - 2016-05-20 18:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2016-06-15 07:37 - 2016-05-20 18:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2016-06-15 07:37 - 2016-05-20 18:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-06-15 07:37 - 2016-05-20 18:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2016-06-15 07:37 - 2016-05-20 18:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2016-06-15 07:37 - 2016-05-20 18:09 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2016-06-15 07:37 - 2016-05-20 18:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2016-06-15 07:37 - 2016-05-20 18:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-06-15 07:37 - 2016-05-20 18:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-06-15 07:37 - 2016-05-20 17:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-06-15 07:37 - 2016-05-20 17:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2016-06-15 07:37 - 2016-05-20 17:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2016-06-15 07:37 - 2016-05-20 17:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2016-06-15 07:37 - 2016-05-20 17:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-06-15 07:37 - 2016-05-20 17:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2016-06-15 07:37 - 2016-05-18 20:15 - 01379040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2016-06-15 07:37 - 2016-05-18 17:35 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2016-06-15 07:37 - 2016-05-14 17:01 - 00363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
    2016-06-15 07:37 - 2016-05-14 17:01 - 00320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
    2016-06-15 07:37 - 2016-05-13 20:07 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
    2016-06-15 07:37 - 2016-05-13 18:58 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
    2016-06-15 07:37 - 2016-05-13 18:45 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
    2016-06-15 07:37 - 2016-05-13 18:35 - 00286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
    2016-06-15 07:37 - 2016-05-13 18:26 - 00631808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
    2016-06-12 20:16 - 2016-06-12 20:17 - 09145242 _____ C:\Users\LuísHenrique\Downloads\powell_complete_a_l.zip
    2016-06-05 19:07 - 2016-06-05 19:07 - 00001411 _____ C:\Users\LuísHenrique\Downloads\main (1).txt
    2016-06-04 20:51 - 2016-06-04 20:51 - 00001411 _____ C:\Users\LuísHenrique\Downloads\main.txt
    2016-06-04 19:12 - 2016-06-04 19:12 - 00002443 _____ C:\Users\LuísHenrique\Downloads\teste.txt
    2016-06-04 17:00 - 2016-06-04 17:00 - 00033484 _____ C:\Users\LuísHenrique\Downloads\Trabalho-2.pdf
    2016-05-31 21:03 - 2016-05-31 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy
    2016-05-31 20:59 - 2016-05-31 21:53 - 00000000 ____D C:\Users\LuísHenrique\AppData\Roaming\Andy
    2016-05-31 20:59 - 2016-05-31 20:59 - 00000000 ____D C:\Users\LuísHenrique\Andy
    2016-05-31 20:54 - 2016-05-31 20:55 - 16292578 _____ C:\Users\LuísHenrique\Downloads\com.tinder.apk
    2016-05-31 20:21 - 2016-05-31 20:21 - 00000000 ____D C:\Program Files\Bonjour
    2016-05-31 20:21 - 2016-05-31 20:21 - 00000000 ____D C:\Program Files (x86)\Bonjour
    2016-05-31 20:14 - 2016-05-31 20:16 - 452003264 _____ (Andy OS, inc.) C:\Users\LuísHenrique\Downloads\Andy_46.2_207_x64bit.exe
    2016-05-31 19:52 - 2016-05-31 19:52 - 00000000 ____D C:\Users\LuísHenrique\AppData\Local\Macromedia
    2016-05-31 19:48 - 2016-05-31 19:48 - 00000000 ____D C:\Users\LuísHenrique\AppData\Local\Bluestacks
    2016-05-31 19:40 - 2016-05-31 19:47 - 272676640 _____ (BlueStack Systems Inc.) C:\Users\LuísHenrique\Downloads\bluestacks-app-player-2-2-27-6431.exe
    2016-05-27 12:16 - 2016-05-27 12:16 - 03622968 _____ C:\Users\LuísHenrique\Downloads\Schulman_Path Integrals.djvu
    2016-05-26 15:19 - 2016-05-26 15:24 - 00000000 ____D C:\LAB FIT
    2016-05-26 15:19 - 2016-05-26 15:19 - 00000000 ____D C:\Users\LuísHenrique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LAB Fit
    2016-05-26 15:18 - 2016-05-26 15:18 - 00000000 ____D C:\Users\LuísHenrique\Downloads\LABFit
    2016-05-26 15:16 - 2016-05-26 15:17 - 04517645 _____ C:\Users\LuísHenrique\Downloads\LABFit.zip
    2016-05-24 19:04 - 2016-05-24 19:04 - 00973818 _____ C:\Users\LuísHenrique\Downloads\Scientific-Background-on-the-Nobel-Prize-in-Physics-2011-The-Accelerating-Universe.pdf
    2016-05-24 19:04 - 2016-05-24 19:04 - 00973818 _____ C:\Users\LuísHenrique\Downloads\Scientific-Background-on-the-Nobel-Prize-in-Physics-2011-The-Accelerating-Universe (1).pdf
    2016-05-23 22:26 - 2016-05-23 22:26 - 00149314 _____ C:\Users\LuísHenrique\Downloads\arquivoq.pdf
    2016-05-23 22:22 - 2016-05-23 22:22 - 00095047 _____ C:\Users\LuísHenrique\Downloads\a.pdf
    2016-05-22 16:50 - 2016-05-22 16:50 - 00382594 _____ C:\Users\LuísHenrique\Downloads\cap6.pdf
    2016-05-22 16:46 - 2016-05-22 16:46 - 00244481 _____ C:\Users\LuísHenrique\Downloads\cap5.pdf
    2016-05-22 15:42 - 2016-05-22 15:42 - 00140920 _____ C:\Users\LuísHenrique\Downloads\Parte-3a (1).pdf
    2016-05-22 15:41 - 2016-05-22 15:41 - 00250184 _____ C:\Users\LuísHenrique\Downloads\Parte-1.pdf
    2016-05-22 15:41 - 2016-05-22 15:41 - 00155490 _____ C:\Users\LuísHenrique\Downloads\Parte-2-e-Trabalho-1.pdf
    2016-05-22 15:41 - 2016-05-22 15:41 - 00140920 _____ C:\Users\LuísHenrique\Downloads\Parte-3a.pdf
    2016-05-17 17:50 - 2016-05-17 17:50 - 00000000 ____D C:\Users\Convidado\AppData\Local\National Instruments

    ==================== Três Meses Modificados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2016-08-15 09:31 - 2014-11-22 14:16 - 00000000 ____D C:\Users\LuísHenrique\AppData\Roaming\ClassicShell
    2016-08-15 09:22 - 2014-04-28 15:18 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2016-08-14 18:48 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf
    2016-08-14 10:05 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\NDF
    2016-08-13 09:55 - 2014-04-28 16:43 - 00931840 ___SH C:\Users\LuísHenrique\Desktop\Thumbs.db
    2016-08-13 09:11 - 2014-04-28 15:14 - 00000000 ____D C:\Users\LuísHenrique\Documents\Youcam
    2016-08-13 09:09 - 2014-04-28 15:18 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2016-08-13 09:07 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-08-10 09:21 - 2014-04-28 15:18 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3010929395-2408178633-1518302278-1001
    2016-08-09 21:30 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
    2016-08-08 22:27 - 2015-06-23 16:32 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2016-08-08 20:24 - 2014-04-28 15:24 - 00002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-08-02 21:31 - 2015-11-25 17:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2016-07-29 13:17 - 2014-04-28 15:18 - 00004064 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2016-07-29 13:17 - 2014-04-28 15:18 - 00003828 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2016-07-28 08:52 - 2014-07-25 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
    2016-07-28 08:50 - 2014-07-25 10:10 - 00154392 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
    2016-07-28 08:50 - 2014-07-25 10:10 - 00144664 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
    2016-07-25 11:07 - 2015-07-03 10:03 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
    2016-07-25 11:07 - 2015-07-03 10:03 - 00000000 ____D C:\ProgramData\Package Cache

    ==================== Arquivos na raiz de alguns diretórios =======

    2014-08-01 21:28 - 2014-08-01 21:28 - 0016157 _____ () C:\Users\LuísHenrique\AppData\Roaming\unins000.dat
    2016-02-03 10:31 - 2016-02-03 10:59 - 0007611 _____ () C:\Users\LuísHenrique\AppData\Local\Resmon.ResmonCfg

    Alguns arquivos em TEMP:
    ====================
    C:\Users\Convidado\AppData\Local\Temp\avgnt.exe
    C:\Users\LuísHenrique\AppData\Local\Temp\avgnt.exe
    C:\Users\LuísHenrique\AppData\Local\Temp\libeay32.dll
    C:\Users\LuísHenrique\AppData\Local\Temp\msvcr120.dll
    C:\Users\LuísHenrique\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap =================

    (Não há correção automática para arquivos que não passaram na verificação.)

    C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
    C:\Windows\explorer.exe => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
    C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
    C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
    C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
    C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
    C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


    LastRegBack: 2016-08-14 19:02

    ==================== Fim de FRST.txt ============================

    Addition.txt

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @luishtr

     

    Ative o Firewall do Windows. ;)

     

    Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

     

    Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está abaixo:

     

    Citação

    CreateRestorePoint:
    CloseProcesses:

    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3010929395-2408178633-1518302278-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
    S3 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
    C:\Program Files\McAfee\MSC\McAPExe.exe
    S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena\plugins\UI\safedrv.sys [X]
    U3 McMPFSvc; não ImagePath
    U3 McNaiAnn; não ImagePath
    U3 mcpltsvc; não ImagePath
    U3 McProxy; não ImagePath
    U3 mfecore; não ImagePath
    U3 MSK80Service; não ImagePath
    S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
    S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
    C:\Users\Convidado\AppData\Local\Temp\avgnt.exe
    C:\Users\LuísHenrique\AppData\Local\Temp\avgnt.exe
    C:\Users\LuísHenrique\AppData\Local\Temp\libeay32.dll
    C:\Users\LuísHenrique\AppData\Local\Temp\msvcr120.dll
    C:\Users\LuísHenrique\AppData\Local\Temp\sqlite3.dll

    CMD:ipconfig /flushdns
    EmptyTemp:

     

    • Salve este arquivo na Área de Trabalho (Desktop) como fixlist.txt
    • Execute novamente o FRST e clique no botão Corrigir;
    • Aguarde... ao final será gerado o log Fixlog.txt em sua Área de Trabalho (Desktop).
    • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

     

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Tópico Arquivado

     

    Como o autor não respondeu ao tópico por mais de 10 dias, o mesmo foi arquivado. Caso você seja o autor do tópico e quer que o mesmo seja reaberto, entre em contato com um Analista de Segurança do Fórum solicitando o desbloqueio.

     

    CarlosTurco

    diego_moicano

     

     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Visitante
    Este tópico está impedido de receber novos posts.





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×