Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
adivander

Suspeita de vírus

Recommended Posts

bom dia,

 

solicito a equipe do Clube do Hardware, para fazer análise do meu sistema, pois ele fica muito lento e suspeito de que há virus ou outros arquivos maliciosos.

 

segue anexo meu log do zascan

 

aguardo contato obrigado

ZA-Scan.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @adivander

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Clique duas vezes para executar o jrt.exe.
 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 3 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Por favor, aguarde pois o fórum está tendo problemas com anexos - estamos aguardando a correção.

 

Obrigado.

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • segue os logs então abaixo:

     

    adwcleaner:

    # AdwCleaner v6.000 - Relatório criado 23/08/2016 às 16:25:37
    # *Updated on 12/08/2016 by ToolsLib
    # Banco de dados : 2016-08-22.1 [Servidor]
    # Sistema operacional : Windows 10 Pro  (X86)
    # Usuário : Marcio - DESKTOP-9J7TCRI
    # Executando de : D:\Desktop\adwcleaner_6.000.exe
    # Limpar
    # Apoio : https://toolslib.net/forum

    ***** [ Serviços ] *****

    ***** [ Pastas ] *****

    [-] RestauradoC:\Users\Marcio\AppData\Local\FileViewPro


    ***** [ Arquivos ] *****

    ***** [ DLL ] *****

    ***** [ WMI ] *****

    ***** [ Atalhos ] *****

    ***** [ Tarefas agendadas ] *****

    ***** [ Registro ] *****

    ***** [ Navegadores ] *****

    [-] [br.ask.com] [Search Provider] Excluídobr.ask.com


    *************************

    :: Chaves "Tracing" excluídas
    :: Políticas do IE excluídas
    :: Políticas do Chrome excluídas

    *************************

    C:\AdwCleaner\AdwCleaner[C0].txt - [899 *Bytes] - [23/08/2016 16:25:37]
    C:\AdwCleaner\AdwCleaner[S0].txt - [1224 *Bytes] - [23/08/2016 16:24:14]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1046 *Bytes] ##########

     

     

    JRT:

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.7 (07.03.2016)
    Operating System: Windows 10 Pro x86
    Ran by Marcio (Administrator) on 23/08/2016 at 16:41:40,88
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    File System: 0


    Deleted the following from C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\gkge0b0q.default\prefs.js
    user_pref(extensions.xpiState, {\app-profile\:{\abs@avira.com\:{\d\:\C:\\\\Users\\\\Marcio\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gkge0b0q.defaul

    Registry: 0

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 23/08/2016 at 16:44:14,27
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

     

    ZHPCLEANER:

     

    ~ ZHPCleaner v2016.8.23.112 by Nicolas Coolman (2016/08/23)
    ~ Run by Marcio (Administrator)  (23/08/2016 17:42:52)
    ~ Site : https://www.nicolascoolman.com
    ~ Facebook : https://www.facebook.com/nicolascoolman1
    ~ State version :
    ~ Type : Reparo
    ~ Report : D:\Desktop\ZHPCleaner.txt
    ~ Quarantine : C:\Users\Marcio\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
    ~ UAC : Activate
    ~ Boot Mode : Normal (Normal boot)
    Windows 10 Pro, 32-bit  (Build 10586)


    ---\\  Serviços (1)
    PAROU : Service KMSELDI  =>HackTool.KMSpico


    ---\\  Navegadores de Internet (0)
    ~ Nenhum ítem malicioso o desnecessários foi encontrado.


    ---\\  Arquivo hosts (1)
    ~ O arquivo hosts é legítimo (21)


    ---\\  Tarefas automáticas agendadas. (1)
    SUPRIMIDO tarefas: [KMSpico Updater] [C:\WINDOWS\Tasks\KMSpico Updater.job (Not File) ]  =>HackTool.KMSpico


    ---\\  Explorer ( Arquivos, Pastas) (424)
    MOVIDO pasta: C:\Program Files\KMSpico\Service_KMS.exe [@ByELDI - Service_KMS]  =>HackTool.KMSpico
    MOVIDO pasta: C:\Windows\Tasks\KMSpico Updater.job    =>HackTool.KMSpico
    MOVIDO pasta: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ol.at.atwola.com_0.localstorage    =>.Superfluous.Atwola
    MOVIDO pasta: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ol.at.atwola.com_0.localstorage-journal    =>.Superfluous.Atwola
    MOVIDO pasta: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage    =>PUP.Optional.Generic
    MOVIDO pasta: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal    =>PUP.Optional.Generic
    MOVIDO pasta: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage    =>PUP.Optional.Chatango
    MOVIDO pasta: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage-journal    =>PUP.Optional.Chatango
    MOVIDO pasta: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage    =>.Superfluous.AudienceInsights
    MOVIDO pasta: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal    =>.Superfluous.AudienceInsights
    MOVIDO pasta: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.vitorchiano.com_0.localstorage    =>.Superfluous.Torch
    MOVIDO pasta: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.vitorchiano.com_0.localstorage-journal    =>.Superfluous.Torch
    MOVIDO pasta: C:\Windows\SECOH-QAD.exe    =>HackTool.KMSpico
    MOVIDO arquivo: C:\Program Files\KMSpico  =>HackTool.KMSpico
    MOVIDO arquivo: C:\Program Files\KMSpico Updater  =>HackTool.KMSpico
    MOVIDO arquivo: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico  =>HackTool.KMSpico
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI13A3.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI14AD.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI15E7.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI18AB.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI192A.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI1975.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI1A16.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI1A4B.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI1A76.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI1B7E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI1CFF.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI1E4D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI1E8A.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI1F04.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI1F57.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI200.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI2042.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI22A6.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI22D3.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI2336.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI2370.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI24AE.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI2536.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI25A9.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI25C4.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI25FA.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI261E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI2684.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI26ED.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI271C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI272C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI28CF.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI2918.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI2912.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI29BD.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI29E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI2A47.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI2B06.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI2B62.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI2DEA.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI2E49.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI2F62.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI2F9F.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI301C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI307C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI3177.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI31B4.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI32A0.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI32C7.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI330E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI3391.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI33BA.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI33B2.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI3477.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI34BC.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI359.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI3711.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI389.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI38D7.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI3903.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI397.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI39EF.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI3AE8.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI3BF3.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI3D33.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI3E18.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI3E27.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI3F3A.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI400D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI403A.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI408.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI40F5.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI435.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI43C5.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4424.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4435.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI447E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4481.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI454D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI456C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI45BA.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI45C7.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI46C7.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4712.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4722.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4772.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI47CE.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4848.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI486D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI48E9.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4965.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4A03.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4A55.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4A9B.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4AFD.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4C0E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4C56.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4E15.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4E5A.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI4F36.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5021.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI518D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI51BD.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5213.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI523C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5253.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI52A8.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5337.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5363.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5393.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5418.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5432.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI545A.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI546F.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI54DB.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI551E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI55F5.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI565C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI567C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5767.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI59B9.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI59.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5A0D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5A93.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5B2D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5BC3.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5D7D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5E32.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5E30.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5F82.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI5FC9.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI604F.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI60C3.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6104.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI61E6.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6244.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6299.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI62D1.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6466.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6488.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI678.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI678.tmp-0  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI67D9.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI68A0.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI690B.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6A26.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6A39.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6B7F.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6C0.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6C0B.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6CD7.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6D26.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6EBD.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6F0A.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6F29.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI6FD6.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7087.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7112.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7132.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7151.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI71C0.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI721E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI72AC.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7396.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI73E2.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7411.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI748B.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI74D5.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI751E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7579.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7598.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI75E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI764.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7675.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7702.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI790F.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI79CB.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI79D7.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7A88.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7C90.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7D00.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7DAA.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7E13.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7E22.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7E67.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7F0E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7F33.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7FF2.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI7FF1.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI805D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8098.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8148.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI82F5.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI830.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8313.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI83C1.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI84E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI85BF.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8614.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI86CB.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI87EA.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8831.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8833.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI88C5.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI897D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8A35.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8A95.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8B46.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8B5.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8C05.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8C7B.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8CAA.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8CBB.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8D00.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8D35.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8D97.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8DA9.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8E82.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8F6D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8FD7.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI8FD0.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI90C9.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI9143.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI923E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI9259.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI9335.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI939A.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI959B.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI9757.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI9794.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI9878.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI987E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI9970.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI99E9.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI99.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI9AF3.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI9C77.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI9CD4.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI9D7B.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSI9EC3.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIA021.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIA0E3.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIA35A.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIA497.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIA4DF.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIA4D4.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIA57D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIA6B3.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIA6DF.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIA86.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIA8E1.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIAABA.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIAACB.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIAB29.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIABC6.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIACCA.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIACFC.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIAD4E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIAE87.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIAE98.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIAEB7.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIB0AB.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIB1A8.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIB202.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIB252.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIB326.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIB50D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIB5CA.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIB696.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIB73C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIB76.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIB771.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIB9AB.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIBA18.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIBA7A.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIBA9C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIBAB1.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIBB2E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIBB8D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIBBC4.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIBC0.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIBC1D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIBCC5.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIBDC0.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIBE09.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIBE50.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIBEBC.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIBF61.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIC1CC.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIC1F2.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIC26C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIC309.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIC397.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIC651.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIC740.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIC7A0.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIC7E1.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIC819.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIC8C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIC938.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIC959.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIC9D2.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIC9E1.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSICAB2.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSICB89.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSICBE8.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSICC49.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSICC64.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSICCE4.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSICD01.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSICD03.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSICE27.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSICF34.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSICF80.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSICFC.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID05F.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID07A.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID0AB.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID179.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID1B6.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID1E5.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID265.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID2A1.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID2EA.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID30F.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID416.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID4D4.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID527.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID538.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID58.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID5F2.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID66B.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID68F.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID6A4.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID6E6.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID6FF.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID79A.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID81E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID810.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID82C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID8A4.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID8B5.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID8FC.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID969.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSID9DF.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDA11.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDA93.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDA99.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDB5D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDB87.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDC1B.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDC29.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDC31.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDCCE.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDD05.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDD42.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDDE8.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDE11.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDEDB.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDF31.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIDF9A.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE004.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE05C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE10E.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE122.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE1EE.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE238.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE2AA.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE2D2.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE2F.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE352.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE41D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE4ED.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE52D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE617.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE650.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE77A.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE866.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIE895.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIEA3F.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIEB55.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIEBA8.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIEC8F.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIECB2.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIED8C.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIEDDC.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIEED2.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIEF45.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIEFBD.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIF040.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIF11B.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIF114.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIF2A0.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIF447.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIF515.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIF581.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIF6E9.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIF897.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIF8CF.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIF92D.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIF9F8.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIFA48.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIFCBF.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIFD27.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIFD4A.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIFE60.tmp-  =>Empty
    MOVIDO arquivo: C:\WINDOWS\Installer\MSIFF0B.tmp-  =>Empty


    ---\\  Registro ( Chaves, Valores, Dados ) (8)
    SUPRIMIDO chave*: HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI [C:\Program Files\KMSpico\Service_KMS.exe (Not File)]  =>HackTool.KMSpico
    SUPRIMIDO chave*: HKLM\SOFTWARE\Classes\CLSID\{940D6050-66DF-4126-AABE-C346DB1AACC1} [NMCFEventManager Class]  =>PUP.Optional.CrossRider
    SUPRIMIDO chave*: HKLM\SOFTWARE\KMSpico []  =>HackTool.KMSpico
    SUPRIMIDO chave*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1280C1CD32C88F84A9289A840F8DD34A [C:\Program Files\KMSpico Updater\makecert.exe (Not File)]  =>HackTool.KMSpico
    SUPRIMIDO chave*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1382DD2BEF0DC964BAF6EEE0A339EF01 [C:\Program Files\Microsoft Office\Office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.SPClient.Interfaces.DLL]  =>Adware.Amonetize
    SUPRIMIDO chave: HKLM\SOFTWARE\Classes\CLSID\{940D6050-66DF-4126-AABE-C346DB1AACC1}\InprocServer32 [C:\Program Files\Common Files\Ahead\Lib\NMCoFoundation.dll]  =>PUP.Optional.CrossRider
    SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{E4D2A0BB-A390-4794-82E6-CA67D205C0FC} [C:\Program Files\KMSpico\Service_KMS.exe]  =>HackTool.KMSpico
    SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{95815D67-2D14-4C23-B939-142C58DFD621} [C:\Program Files\KMSpico\Service_KMS.exe]  =>HackTool.KMSpico


    ---\\  Resumo dos elementos encontrados na sua estação de trabalho (8)
    https://www.nicolascoolman.com/fr/pup-kmspico/ =>HackTool.KMSpico
    https://www.anti-malware.top/2016/07/21/superfluous-atwola/ =>.Superfluous.Atwola
    https://www.anti-malware.top/2016/05/01/definition-dun-logiciel-pup-lpi/ =>PUP.Optional.Generic
    https://www.nicolascoolman.com/fr/repaquetage-et_infections/ =>PUP.Optional.Chatango
    https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.AudienceInsights
    https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Torch
    https://www.anti-malware.top/2016/04/30/pup-optional-crossrider/ =>PUP.Optional.CrossRider
    https://www.anti-malware.top/2016/05/24/adware-amonetize/ =>Adware.Amonetize


    ---\\  Dodatkowe oczyszczenie. (5)
    ~ Chave de registro Tracing Supprimido (5)
    ~ Remover os relatórios antigos ZHPCleaner. (0)


    ---\\ Resultado de reparação
    Reparação efectuada com sucesso
    ~ Este navegador está faltando ! (Opera Software)


    ---\\ Estatísticas
    ~ Items scan : 964
    ~ Items encontrado : 0
    ~ items cancelados : 0
    ~ Items réparo : 434


    ~ End of clean in 00h12mn39s
    ~====================
    ZHPCleaner-[R]-23082016-17_55_31.txt
    ZHPCleaner--23082016-17_29_48.txt

     

     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @adivander

     

    Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

     

    Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


    32 bit (x86) ou 64 bit (x64)

     

    • Clique duas vezes para executar a ferramenta.
      • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
    • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar.
    • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop).
    • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta.
    • Anexe o log Addition.txt

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • SEGUE LOGS:

    FARBAR:

     

    Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 21-08-2016 01
    Executado por Marcio (administrador) em DESKTOP-9J7TCRI (25-08-2016 16:36:52)
    Executando a partir de D:\Desktop
    Perfis Carregados: Marcio (Perfis Disponíveis: Marcio)
    Platform: Microsoft Windows 10 Pro Versão 1511 (X86) Idioma: Português (Brasil)
    Internet Explorer Versão 11 (Navegador padrão: Chrome)
    Modo da Inicialização: Normal
    Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processos (Whitelisted) =================

    (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
    (InstallShield®) C:\Program Files\Common Files\InstallShield\Update\updatesvc.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
    (Google Inc.) C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
    (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
    (Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
    (MySQL AB) C:\mysql\bin\winmysqladmin.exe
    (Google) C:\Program Files\Google\Drive\googledrivesync.exe
    () C:\mysql\bin\mysqld.exe
    () C:\mysql\bin\mysqld-nt.exe
    () C:\mysql\bin\mysqld.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
    (Google) C:\Program Files\Google\Drive\googledrivesync.exe
    () C:\Nex\NexServ.exe
    () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
    (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
    (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


    ==================== Registro (Whitelisted) ===========================

    (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
    HKLM\...\Run: [RemoteControl10] => C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-02] (CyberLink Corp.)
    HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared files\brs.exe [75048 2010-03-13] (cyberlink)
    HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
    HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [23889496 2016-08-23] (Dropbox, Inc.)
    HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67864 2016-08-04] (Avira Operations GmbH & Co. KG)
    HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [831064 2016-07-28] (Avira Operations GmbH & Co. KG)
    HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [149440 2015-11-12] (IvoSoft)
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [Sistema_Restaurante] => C:\mysql\bin\winmysqladmin.exe [936448 2003-05-16] (MySQL AB)
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [C:\mysql\bin\mysqld.exe] => C:\mysql\bin\mysqld.exe [3534848 2003-05-16] ()
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [C:\mysql\bin\mysqld-nt.exe] => C:\mysql\bin\mysqld-nt.exe [2052096 2003-05-16] ()
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [DIMDownloading your update...1464359625886] => c:\Program Files\Corel\CorelDRAW Graphics Suite X8\PHOTO-PAINT\DIM.exe [542120 2016-03-05] (Corel Corporation)
    ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nex-Serv.lnk [2015-11-13]
    ShortcutTarget: Nex-Serv.lnk -> C:\Nex\NexServ.exe ()
    Startup: C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mysqld - Atalho.lnk [2015-10-27]
    ShortcutTarget: mysqld - Atalho.lnk -> C:\mysql\bin\mysqld.exe ()

    ==================== Internet (Whitelisted) ====================

    (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

    HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATENÇÃO (Restrição - ProxySettings)
    AutoConfigURL: [HKLM] => hxxp://127.0.0.1:8080/proxy.pac
    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
    Tcpip\..\Interfaces\{0eb91858-121d-4c49-adaf-2977a0e90fb2}: [DhcpNameServer] 192.168.2.1
    Tcpip\..\Interfaces\{a9b0301a-34ad-4baf-82fc-a87004760a4e}: [DhcpNameServer] 8.8.4.4 8.8.8.8
    ManualProxies: 0hxxp://127.0.0.1:8080/proxy.pac

    Internet Explorer:
    ==================
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2456171839-3119483222-2521222785-1001 -> DefaultScope {A23A1DA6-B605-4F32-BC56-A2CD0F96F963} URL = hxxp://www.google.com/search?hl=pt-br&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2456171839-3119483222-2521222785-1001 -> {A23A1DA6-B605-4F32-BC56-A2CD0F96F963} URL = hxxp://www.google.com/search?hl=pt-br&q={searchTerms}
    BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
    BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-23] (Oracle Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-23] (Oracle Corporation)
    BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-11-12] (IvoSoft)
    Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\gkge0b0q.default
    FF Homepage: www.google.com.br
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
    FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
    FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-23] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-23] (Oracle Corporation)
    FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
    FF Extension: (Avira Browser Safety) - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\gkge0b0q.default\Extensions\abs@avira.com [2016-07-14]
    FF Extension: (MEGA) - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\gkge0b0q.default\Extensions\firefox@mega.co.nz.xpi [2015-10-27] [não assinado]
    FF Extension: (Avira Safe Search Plus) - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\gkge0b0q.default\Extensions\safesearchplus@avira.com.xpi [2016-06-06]

    Chrome:
    =======
    CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
    CHR DefaultSearchURL: Default -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> Avira
    CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=pt
    CHR Profile: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Apresentações) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-23]
    CHR Extension: (Google Docs) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-23]
    CHR Extension: (Google Drive) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
    CHR Extension: (YouTube) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-23]
    CHR Extension: (Google Search) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
    CHR Extension: (Planilhas do Google) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-23]
    CHR Extension: (Segurança do navegador Avira) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-07-15]
    CHR Extension: (Documentos Google off-line) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
    CHR Extension: (Avira SafeSearch) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2016-08-16]
    CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-11-30]
    CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
    CHR Extension: (Gmail) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-23]
    CHR Extension: (Chrome Media Router) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-19]
    CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

    ==================== Serviços (Whitelisted) ========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [989696 2016-07-28] (Avira Operations GmbH & Co. KG)
    R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [472112 2016-07-28] (Avira Operations GmbH & Co. KG)
    R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [472112 2016-07-28] (Avira Operations GmbH & Co. KG)
    S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1453696 2016-07-28] (Avira Operations GmbH & Co. KG)
    R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [320672 2016-08-04] (Avira Operations GmbH & Co. KG)
    S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-02] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-02] (Dropbox, Inc.)
    S2 MySql; c:\mysql\bin\mysqld-nt.exe [2052096 2003-05-16] () [Arquivo não assinado]
    R2 updatesvc.exe; C:\Program Files\Common Files\InstallShield\Update\updatesvc.exe [346624 2015-12-07] (InstallShield®) [Arquivo não assinado]
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2016-07-01] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [120968 2016-07-28] (Avira Operations GmbH & Co. KG)
    R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [149760 2016-07-28] (Avira Operations GmbH & Co. KG)
    R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44208 2015-12-15] (Avira Operations GmbH & Co. KG)
    R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [66872 2016-06-02] (Avira Operations GmbH & Co. KG)
    R3 KMWDFILTERx86; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
    S3 NETJME; C:\WINDOWS\System32\drivers\NETJME.sys [119296 2015-10-30] (JMicron Technology Corp.)
    R1 ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [31848 2015-08-07] (Avira Operations GmbH & Co. KG)
    S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [192944 2015-12-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
    S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
    R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
    R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [87536 2010-03-13] (CyberLink Corp.)

    ==================== NetSvcs (Whitelisted) ===================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


    ==================== Três Meses Criados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2016-08-25 16:36 - 2016-08-25 16:36 - 00000000 ____D C:\FRST
    2016-08-24 17:08 - 2016-08-24 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2016-08-23 16:56 - 2016-08-23 17:55 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\ZHP
    2016-08-23 16:19 - 2016-08-23 16:25 - 00000000 ____D C:\AdwCleaner
    2016-08-22 13:17 - 2016-08-23 16:27 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2016-08-12 18:31 - 2016-08-12 18:31 - 00000000 ____D C:\Users\Todos os Usuários\GeoComply
    2016-08-12 18:31 - 2016-08-12 18:31 - 00000000 ____D C:\ProgramData\GeoComply
    2016-08-11 18:08 - 2016-08-25 15:53 - 00000000 ____D C:\Users\Marcio\AppData\Local\PokerStars
    2016-08-11 18:08 - 2016-08-11 18:08 - 00001990 _____ C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.lnk
    2016-08-11 18:08 - 2016-08-11 18:08 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
    2016-08-11 18:06 - 2016-08-11 18:08 - 00000000 ____D C:\Program Files\PokerStars
    2016-08-10 15:07 - 2016-08-10 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
    2016-08-10 15:07 - 2016-08-10 15:07 - 00000000 ____D C:\Program Files\Classic Shell
    2016-08-10 14:43 - 2016-08-10 14:43 - 00000000 ____D C:\Users\Todos os Usuários\VsTelemetry
    2016-08-10 14:43 - 2016-08-10 14:43 - 00000000 ____D C:\ProgramData\VsTelemetry
    2016-08-10 14:43 - 2016-08-10 14:43 - 00000000 ____D C:\Program Files\gs
    2016-08-10 14:42 - 2016-08-10 14:42 - 00000000 ____D C:\Program Files\Common Files\Corel
    2016-08-10 14:37 - 2016-08-10 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8
    2016-08-10 11:31 - 2016-08-10 11:31 - 00000218 _____ C:\Users\Marcio\.recently-used.xbel
    2016-08-10 11:22 - 2016-08-10 11:22 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\inkscape
    2016-08-10 11:13 - 2016-08-10 11:13 - 00001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
    2016-08-10 11:07 - 2016-08-10 11:14 - 00000000 ____D C:\Program Files\Inkscape
    2016-08-10 09:59 - 2016-08-10 09:59 - 00017639 _____ C:\ZA-Scan.txt
    2016-08-10 09:31 - 2016-08-03 02:52 - 05793632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-08-10 09:31 - 2016-08-03 02:52 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
    2016-08-10 09:31 - 2016-08-03 02:32 - 00413024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2016-08-10 09:31 - 2016-08-03 02:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2016-08-10 09:31 - 2016-08-03 02:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2016-08-10 09:31 - 2016-08-03 02:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2016-08-10 09:31 - 2016-08-03 02:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2016-08-10 09:31 - 2016-08-03 02:29 - 01337680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2016-08-10 09:31 - 2016-08-03 02:29 - 00633192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
    2016-08-10 09:31 - 2016-08-03 02:28 - 00505136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-08-10 09:31 - 2016-08-03 02:28 - 00139616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2016-08-10 09:31 - 2016-08-03 02:21 - 01712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2016-08-10 09:31 - 2016-08-03 02:21 - 00483680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2016-08-10 09:31 - 2016-08-03 01:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
    2016-08-10 09:31 - 2016-08-03 01:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
    2016-08-10 09:31 - 2016-08-03 01:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
    2016-08-10 09:31 - 2016-08-03 01:41 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2016-08-10 09:31 - 2016-08-03 01:39 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
    2016-08-10 09:31 - 2016-08-03 01:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
    2016-08-10 09:31 - 2016-08-03 01:35 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
    2016-08-10 09:31 - 2016-08-03 01:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
    2016-08-10 09:31 - 2016-08-03 01:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2016-08-10 09:31 - 2016-08-03 01:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2016-08-10 09:31 - 2016-08-03 01:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2016-08-10 09:31 - 2016-08-03 01:32 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2016-08-10 09:31 - 2016-08-03 01:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2016-08-10 09:31 - 2016-08-03 01:32 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2016-08-10 09:31 - 2016-08-03 01:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2016-08-10 09:31 - 2016-08-03 01:27 - 02973696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2016-08-10 09:31 - 2016-08-03 01:27 - 01903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2016-08-10 09:31 - 2016-08-03 01:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2016-08-10 09:31 - 2016-08-03 01:24 - 01735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
    2016-08-10 09:31 - 2016-08-03 01:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2016-08-10 09:31 - 2016-08-03 01:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-08-10 09:31 - 2016-08-03 01:22 - 01900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2016-08-10 09:31 - 2016-08-03 01:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-08-10 09:31 - 2016-08-03 01:22 - 01086976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2016-08-10 09:31 - 2016-08-03 01:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
    2016-08-10 09:30 - 2016-08-03 03:27 - 01303744 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-08-10 09:30 - 2016-08-03 03:27 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-08-10 09:30 - 2016-08-03 03:27 - 00045760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2016-08-10 09:30 - 2016-08-03 02:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
    2016-08-10 09:30 - 2016-08-03 02:43 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2016-08-10 09:30 - 2016-08-03 02:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2016-08-10 09:30 - 2016-08-03 02:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
    2016-08-10 09:30 - 2016-08-03 02:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
    2016-08-10 09:30 - 2016-08-03 02:32 - 00260448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2016-08-10 09:30 - 2016-08-03 02:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
    2016-08-10 09:30 - 2016-08-03 02:21 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2016-08-10 09:30 - 2016-08-03 02:18 - 00346464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2016-08-10 09:30 - 2016-08-03 01:58 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
    2016-08-10 09:30 - 2016-08-03 01:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
    2016-08-10 09:30 - 2016-08-03 01:48 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
    2016-08-10 09:30 - 2016-08-03 01:47 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2016-08-10 09:30 - 2016-08-03 01:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2016-08-10 09:30 - 2016-08-03 01:44 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
    2016-08-10 09:30 - 2016-08-03 01:43 - 00180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2016-08-10 09:30 - 2016-08-03 01:43 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
    2016-08-10 09:30 - 2016-08-03 01:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
    2016-08-10 09:30 - 2016-08-03 01:40 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
    2016-08-10 09:30 - 2016-08-03 01:40 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
    2016-08-10 09:30 - 2016-08-03 01:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
    2016-08-10 09:30 - 2016-08-03 01:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-08-10 09:30 - 2016-08-03 01:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2016-08-10 09:30 - 2016-08-03 01:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2016-08-10 09:30 - 2016-08-03 01:37 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
    2016-08-10 09:30 - 2016-08-03 01:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
    2016-08-10 09:30 - 2016-08-03 01:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2016-08-10 09:30 - 2016-08-03 01:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2016-08-10 09:30 - 2016-08-03 01:33 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
    2016-08-10 09:30 - 2016-08-03 01:33 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2016-08-10 09:30 - 2016-08-03 01:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2016-08-10 09:30 - 2016-08-03 01:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2016-08-10 09:30 - 2016-08-03 01:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2016-08-10 09:30 - 2016-08-03 01:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2016-08-10 09:30 - 2016-08-03 01:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-08-10 09:30 - 2016-08-03 01:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-08-10 09:30 - 2016-08-03 01:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
    2016-08-10 09:30 - 2016-08-03 01:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2016-08-10 09:30 - 2016-08-03 01:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2016-08-10 09:30 - 2016-08-03 01:20 - 03483648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
    2016-07-29 10:20 - 2016-07-29 10:20 - 00000000 ____D C:\zoek_backup
    2016-07-27 18:25 - 2016-07-27 18:25 - 00000000 ____D C:\Users\Marcio\AppData\LocalLow\Google
    2016-07-27 18:24 - 2016-07-27 18:24 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
    2016-07-21 09:02 - 2016-07-21 09:02 - 00007605 _____ C:\Users\Marcio\AppData\Local\Resmon.ResmonCfg
    2016-07-20 18:36 - 2016-07-20 18:36 - 00000000 ____D C:\Sistemas
    2016-07-20 17:27 - 2016-07-20 17:27 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú
    2016-07-14 18:58 - 2016-07-14 18:58 - 00000000 ____D C:\Program Files\CMAK
    2016-07-13 08:55 - 2016-07-01 00:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
    2016-07-13 08:55 - 2016-07-01 00:45 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
    2016-07-13 08:55 - 2016-07-01 00:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
    2016-07-13 08:55 - 2016-07-01 00:38 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
    2016-07-13 08:55 - 2016-07-01 00:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
    2016-07-13 08:55 - 2016-07-01 00:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
    2016-07-13 08:55 - 2016-07-01 00:35 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
    2016-07-13 08:55 - 2016-07-01 00:33 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
    2016-07-13 08:55 - 2016-07-01 00:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2016-07-13 08:55 - 2016-07-01 00:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2016-07-13 08:55 - 2016-07-01 00:26 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2016-07-13 08:55 - 2016-07-01 00:25 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
    2016-07-13 08:55 - 2016-07-01 00:25 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2016-07-13 08:55 - 2016-07-01 00:22 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2016-07-13 08:55 - 2016-07-01 00:18 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2016-07-13 08:54 - 2016-07-01 01:35 - 00792328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2016-07-13 08:54 - 2016-07-01 01:23 - 01334680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
    2016-07-13 08:54 - 2016-07-01 01:20 - 01300016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
    2016-07-13 08:54 - 2016-07-01 01:19 - 05598832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2016-07-13 08:54 - 2016-07-01 01:19 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2016-07-13 08:54 - 2016-07-01 01:19 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2016-07-13 08:54 - 2016-07-01 01:18 - 00995296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
    2016-07-13 08:54 - 2016-07-01 01:17 - 01536600 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
    2016-07-13 08:54 - 2016-07-01 01:12 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
    2016-07-13 08:54 - 2016-07-01 01:12 - 01866104 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
    2016-07-13 08:54 - 2016-07-01 01:11 - 01522160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
    2016-07-13 08:54 - 2016-07-01 01:11 - 00521152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2016-07-13 08:54 - 2016-07-01 01:10 - 00727752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
    2016-07-13 08:54 - 2016-07-01 00:41 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
    2016-07-13 08:54 - 2016-07-01 00:39 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2016-07-13 08:54 - 2016-07-01 00:39 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
    2016-07-13 08:54 - 2016-07-01 00:37 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
    2016-07-13 08:54 - 2016-07-01 00:37 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
    2016-07-13 08:54 - 2016-07-01 00:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
    2016-07-13 08:54 - 2016-07-01 00:34 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2016-07-13 08:54 - 2016-07-01 00:32 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
    2016-07-13 08:54 - 2016-07-01 00:32 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
    2016-07-13 08:54 - 2016-07-01 00:31 - 06529024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
    2016-07-13 08:54 - 2016-07-01 00:31 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
    2016-07-13 08:54 - 2016-07-01 00:31 - 00424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
    2016-07-13 08:54 - 2016-07-01 00:31 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
    2016-07-13 08:54 - 2016-07-01 00:31 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
    2016-07-13 08:54 - 2016-07-01 00:31 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
    2016-07-13 08:54 - 2016-07-01 00:31 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
    2016-07-13 08:54 - 2016-07-01 00:30 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
    2016-07-13 08:54 - 2016-07-01 00:30 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
    2016-07-13 08:54 - 2016-07-01 00:30 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2016-07-13 08:54 - 2016-07-01 00:30 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
    2016-07-13 08:54 - 2016-07-01 00:30 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
    2016-07-13 08:54 - 2016-07-01 00:29 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
    2016-07-13 08:54 - 2016-07-01 00:29 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
    2016-07-13 08:54 - 2016-07-01 00:29 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
    2016-07-13 08:54 - 2016-07-01 00:28 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
    2016-07-13 08:54 - 2016-07-01 00:28 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
    2016-07-13 08:54 - 2016-07-01 00:28 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
    2016-07-13 08:54 - 2016-07-01 00:26 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
    2016-07-13 08:54 - 2016-07-01 00:25 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
    2016-07-13 08:54 - 2016-07-01 00:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2016-07-13 08:54 - 2016-07-01 00:25 - 00740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
    2016-07-13 08:54 - 2016-07-01 00:25 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2016-07-13 08:54 - 2016-07-01 00:25 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
    2016-07-13 08:54 - 2016-07-01 00:24 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
    2016-07-13 08:54 - 2016-07-01 00:24 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2016-07-13 08:54 - 2016-07-01 00:24 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
    2016-07-13 08:54 - 2016-07-01 00:23 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
    2016-07-13 08:54 - 2016-07-01 00:23 - 01166848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2016-07-13 08:54 - 2016-07-01 00:22 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2016-07-13 08:54 - 2016-07-01 00:22 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2016-07-13 08:54 - 2016-07-01 00:20 - 03196928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2016-07-13 08:54 - 2016-07-01 00:19 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2016-07-13 08:54 - 2016-07-01 00:19 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2016-07-13 08:54 - 2016-07-01 00:19 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
    2016-07-13 08:54 - 2016-07-01 00:18 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
    2016-07-13 08:54 - 2016-07-01 00:17 - 01800704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2016-07-13 08:54 - 2016-07-01 00:16 - 01635840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
    2016-07-13 08:54 - 2016-07-01 00:15 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
    2016-07-13 08:54 - 2016-07-01 00:15 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
    2016-07-13 08:54 - 2016-07-01 00:15 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
    2016-07-13 08:54 - 2016-07-01 00:15 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
    2016-07-13 08:54 - 2016-07-01 00:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2016-07-13 08:54 - 2016-07-01 00:14 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
    2016-07-13 08:54 - 2016-07-01 00:14 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
    2016-07-13 08:54 - 2016-07-01 00:14 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
    2016-07-13 08:54 - 2016-07-01 00:12 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
    2016-07-13 08:54 - 2016-07-01 00:11 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2016-07-13 08:54 - 2016-07-01 00:08 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
    2016-07-13 08:53 - 2016-07-01 02:14 - 00476864 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2016-07-13 08:53 - 2016-07-01 01:38 - 01862008 _____ C:\WINDOWS\system32\CoreUIComponents.dll
    2016-07-13 08:53 - 2016-07-01 01:32 - 02885680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
    2016-07-13 08:53 - 2016-07-01 01:23 - 01349640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
    2016-07-13 08:53 - 2016-07-01 01:20 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2016-07-13 08:53 - 2016-07-01 01:20 - 00613120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
    2016-07-13 08:53 - 2016-07-01 01:19 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
    2016-07-13 08:53 - 2016-07-01 01:19 - 00569752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
    2016-07-13 08:53 - 2016-07-01 01:18 - 00510880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
    2016-07-13 08:53 - 2016-07-01 01:18 - 00064584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
    2016-07-13 08:53 - 2016-07-01 00:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
    2016-07-13 08:53 - 2016-07-01 00:34 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
    2016-07-13 08:53 - 2016-07-01 00:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
    2016-07-13 08:53 - 2016-07-01 00:34 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
    2016-07-13 08:53 - 2016-07-01 00:33 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
    2016-07-13 08:53 - 2016-07-01 00:33 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2016-07-13 08:53 - 2016-07-01 00:32 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Maps.dll
    2016-07-13 08:53 - 2016-07-01 00:32 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
    2016-07-13 08:53 - 2016-07-01 00:30 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
    2016-07-13 08:53 - 2016-07-01 00:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2016-07-13 08:53 - 2016-07-01 00:30 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
    2016-07-13 08:53 - 2016-07-01 00:30 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
    2016-07-13 08:53 - 2016-07-01 00:30 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
    2016-07-13 08:53 - 2016-07-01 00:29 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
    2016-07-13 08:53 - 2016-07-01 00:29 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
    2016-07-13 08:53 - 2016-07-01 00:28 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
    2016-07-13 08:53 - 2016-07-01 00:28 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
    2016-07-13 08:53 - 2016-07-01 00:27 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
    2016-07-13 08:53 - 2016-07-01 00:27 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
    2016-07-13 08:53 - 2016-07-01 00:27 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
    2016-07-13 08:53 - 2016-07-01 00:27 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 01746944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
    2016-07-13 08:53 - 2016-07-01 00:25 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
    2016-07-13 08:53 - 2016-07-01 00:25 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
    2016-07-13 08:53 - 2016-07-01 00:25 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
    2016-07-13 08:53 - 2016-07-01 00:25 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2016-07-13 08:53 - 2016-07-01 00:25 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
    2016-07-13 08:53 - 2016-07-01 00:24 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
    2016-07-13 08:53 - 2016-07-01 00:24 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2016-07-13 08:53 - 2016-07-01 00:24 - 01484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
    2016-07-13 08:53 - 2016-07-01 00:24 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
    2016-07-13 08:53 - 2016-07-01 00:23 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
    2016-07-13 08:53 - 2016-07-01 00:23 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
    2016-07-13 08:53 - 2016-07-01 00:23 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
    2016-07-13 08:53 - 2016-07-01 00:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
    2016-07-13 08:53 - 2016-07-01 00:23 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
    2016-07-13 08:53 - 2016-07-01 00:22 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2016-07-13 08:53 - 2016-07-01 00:21 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
    2016-07-13 08:53 - 2016-07-01 00:19 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
    2016-07-13 08:53 - 2016-07-01 00:19 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
    2016-07-13 08:53 - 2016-07-01 00:18 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
    2016-07-13 08:53 - 2016-07-01 00:17 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
    2016-07-13 08:53 - 2016-07-01 00:16 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2016-07-13 08:53 - 2016-07-01 00:16 - 00925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2016-07-13 08:53 - 2016-07-01 00:16 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
    2016-07-13 08:53 - 2016-07-01 00:15 - 04413440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2016-07-13 08:53 - 2016-07-01 00:15 - 02880512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2016-07-13 08:53 - 2016-07-01 00:15 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
    2016-07-13 08:53 - 2016-07-01 00:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
    2016-07-13 08:53 - 2016-07-01 00:14 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
    2016-07-13 08:53 - 2016-07-01 00:13 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
    2016-07-13 08:53 - 2016-07-01 00:13 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2016-07-13 08:53 - 2016-07-01 00:11 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
    2016-07-13 08:53 - 2016-07-01 00:08 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
    2016-07-13 08:52 - 2016-07-01 02:14 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2016-07-13 08:52 - 2016-07-01 02:14 - 00484544 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2016-07-13 08:52 - 2016-07-01 02:14 - 00266944 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2016-07-13 08:52 - 2016-07-01 02:14 - 00227008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2016-07-13 08:52 - 2016-07-01 01:40 - 00228704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2016-07-13 08:52 - 2016-07-01 01:39 - 01561392 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2016-07-13 08:52 - 2016-07-01 01:39 - 01051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2016-07-13 08:52 - 2016-07-01 01:39 - 00927080 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2016-07-13 08:52 - 2016-07-01 01:39 - 00875992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2016-07-13 08:52 - 2016-07-01 01:39 - 00771120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2016-07-13 08:52 - 2016-07-01 01:38 - 01083656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
    2016-07-13 08:52 - 2016-07-01 01:23 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
    2016-07-13 08:52 - 2016-07-01 01:23 - 00925576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2016-07-13 08:52 - 2016-07-01 01:23 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2016-07-13 08:52 - 2016-07-01 01:23 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2016-07-13 08:52 - 2016-07-01 01:23 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
    2016-07-13 08:52 - 2016-07-01 01:19 - 00836760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
    2016-07-13 08:52 - 2016-07-01 01:07 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
    2016-07-13 08:52 - 2016-07-01 01:06 - 01861984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2016-07-13 08:52 - 2016-07-01 01:06 - 00403920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
    2016-07-13 08:52 - 2016-07-01 00:39 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
    2016-07-13 08:52 - 2016-07-01 00:38 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
    2016-07-13 08:52 - 2016-07-01 00:35 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
    2016-07-13 08:52 - 2016-07-01 00:34 - 00350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
    2016-07-13 08:52 - 2016-07-01 00:34 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2016-07-13 08:52 - 2016-07-01 00:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
    2016-07-13 08:52 - 2016-07-01 00:32 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2016-07-13 08:52 - 2016-07-01 00:32 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
    2016-07-13 08:52 - 2016-07-01 00:31 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2016-07-13 08:52 - 2016-07-01 00:31 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
    2016-07-13 08:52 - 2016-07-01 00:31 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
    2016-07-13 08:52 - 2016-07-01 00:30 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
    2016-07-13 08:52 - 2016-07-01 00:30 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2016-07-13 08:52 - 2016-07-01 00:30 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2016-07-13 08:52 - 2016-07-01 00:30 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
    2016-07-13 08:52 - 2016-07-01 00:29 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
    2016-07-13 08:52 - 2016-07-01 00:29 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
    2016-07-13 08:52 - 2016-07-01 00:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
    2016-07-13 08:52 - 2016-07-01 00:28 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
    2016-07-13 08:52 - 2016-07-01 00:28 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
    2016-07-13 08:52 - 2016-07-01 00:28 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
    2016-07-13 08:52 - 2016-07-01 00:27 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2016-07-13 08:52 - 2016-07-01 00:27 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
    2016-07-13 08:52 - 2016-07-01 00:27 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
    2016-07-13 08:52 - 2016-07-01 00:26 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
    2016-07-13 08:52 - 2016-07-01 00:26 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
    2016-07-13 08:52 - 2016-07-01 00:26 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
    2016-07-13 08:52 - 2016-07-01 00:26 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2016-07-13 08:52 - 2016-07-01 00:25 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2016-07-13 08:52 - 2016-07-01 00:25 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2016-07-13 08:52 - 2016-07-01 00:25 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
    2016-07-13 08:52 - 2016-07-01 00:25 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
    2016-07-13 08:52 - 2016-07-01 00:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
    2016-07-13 08:52 - 2016-07-01 00:24 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
    2016-07-13 08:52 - 2016-07-01 00:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
    2016-07-13 08:52 - 2016-07-01 00:23 - 01401856 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
    2016-07-13 08:52 - 2016-07-01 00:23 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2016-07-13 08:52 - 2016-07-01 00:23 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2016-07-13 08:52 - 2016-07-01 00:23 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
    2016-07-13 08:52 - 2016-07-01 00:20 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
    2016-07-13 08:52 - 2016-07-01 00:20 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2016-07-13 08:52 - 2016-07-01 00:20 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
    2016-07-13 08:52 - 2016-07-01 00:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
    2016-07-13 08:52 - 2016-07-01 00:16 - 02771968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2016-07-13 08:52 - 2016-07-01 00:16 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2016-07-13 08:52 - 2016-07-01 00:16 - 00742400 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
    2016-07-13 08:52 - 2016-07-01 00:15 - 00748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2016-07-13 08:52 - 2016-07-01 00:15 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
    2016-07-13 08:52 - 2016-07-01 00:14 - 00737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
    2016-07-13 08:52 - 2016-07-01 00:13 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
    2016-07-13 08:52 - 2016-07-01 00:13 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
    2016-07-13 08:52 - 2016-07-01 00:13 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
    2016-07-13 08:52 - 2016-07-01 00:11 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2016-07-13 08:52 - 2016-07-01 00:08 - 01976832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
    2016-07-13 08:52 - 2016-07-01 00:08 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2016-07-13 08:52 - 2016-07-01 00:08 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
    2016-07-13 08:52 - 2016-06-17 21:22 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2016-07-13 08:52 - 2016-02-09 01:29 - 00279376 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
    2016-06-14 19:03 - 2016-05-28 02:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
    2016-06-14 19:03 - 2016-05-28 02:25 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
    2016-06-14 19:03 - 2016-05-28 02:25 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2016-06-14 19:03 - 2016-05-28 02:25 - 00173920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
    2016-06-14 19:03 - 2016-05-28 02:25 - 00096096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
    2016-06-14 19:03 - 2016-05-28 02:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
    2016-06-14 19:03 - 2016-05-28 02:22 - 00317280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
    2016-06-14 19:03 - 2016-05-28 02:10 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
    2016-06-14 19:03 - 2016-05-28 02:08 - 00203104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
    2016-06-14 19:03 - 2016-05-28 02:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2016-06-14 19:03 - 2016-05-28 02:04 - 00111608 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
    2016-06-14 19:03 - 2016-05-28 02:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
    2016-06-14 19:03 - 2016-05-28 01:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2016-06-14 19:03 - 2016-05-28 01:57 - 01396592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2016-06-14 19:03 - 2016-05-28 01:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2016-06-14 19:03 - 2016-05-28 01:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2016-06-14 19:03 - 2016-05-28 01:31 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
    2016-06-14 19:03 - 2016-05-28 01:25 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2016-06-14 19:03 - 2016-05-28 01:25 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
    2016-06-14 19:03 - 2016-05-28 01:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2016-06-14 19:03 - 2016-05-28 01:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
    2016-06-14 19:03 - 2016-05-28 01:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2016-06-14 19:03 - 2016-05-28 01:22 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
    2016-06-14 19:03 - 2016-05-28 01:22 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
    2016-06-14 19:03 - 2016-05-28 01:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
    2016-06-14 19:03 - 2016-05-28 01:20 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
    2016-06-14 19:03 - 2016-05-28 01:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
    2016-06-14 19:03 - 2016-05-28 01:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
    2016-06-14 19:03 - 2016-05-28 01:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:19 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:18 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
    2016-06-14 19:03 - 2016-05-28 01:18 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
    2016-06-14 19:03 - 2016-05-28 01:18 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
    2016-06-14 19:03 - 2016-05-28 01:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
    2016-06-14 19:03 - 2016-05-28 01:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2016-06-14 19:03 - 2016-05-28 01:17 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
    2016-06-14 19:03 - 2016-05-28 01:17 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:17 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
    2016-06-14 19:03 - 2016-05-28 01:16 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
    2016-06-14 19:03 - 2016-05-28 01:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
    2016-06-14 19:03 - 2016-05-28 01:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
    2016-06-14 19:03 - 2016-05-28 01:15 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
    2016-06-14 19:03 - 2016-05-28 01:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
    2016-06-14 19:03 - 2016-05-28 01:15 - 00527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
    2016-06-14 19:03 - 2016-05-28 01:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
    2016-06-14 19:03 - 2016-05-28 01:15 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
    2016-06-14 19:03 - 2016-05-28 01:14 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
    2016-06-14 19:03 - 2016-05-28 01:14 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
    2016-06-14 19:03 - 2016-05-28 01:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2016-06-14 19:03 - 2016-05-28 01:14 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
    2016-06-14 19:03 - 2016-05-28 01:13 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2016-06-14 19:03 - 2016-05-28 01:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
    2016-06-14 19:03 - 2016-05-28 01:13 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
    2016-06-14 19:03 - 2016-05-28 01:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2016-06-14 19:03 - 2016-05-28 01:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
    2016-06-14 19:03 - 2016-05-28 01:12 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2016-06-14 19:03 - 2016-05-28 01:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
    2016-06-14 19:03 - 2016-05-28 01:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
    2016-06-14 19:03 - 2016-05-28 01:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2016-06-14 19:03 - 2016-05-28 01:11 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2016-06-14 19:03 - 2016-05-28 01:09 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
    2016-06-14 19:03 - 2016-05-28 01:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
    2016-06-14 19:03 - 2016-05-28 01:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2016-06-14 19:03 - 2016-05-28 01:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
    2016-06-14 19:03 - 2016-05-28 01:03 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
    2016-06-14 19:03 - 2016-05-28 01:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2016-06-14 19:03 - 2016-05-28 01:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2016-06-14 19:03 - 2016-05-28 01:01 - 01193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2016-06-14 19:03 - 2016-05-28 01:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2016-06-14 19:03 - 2016-05-28 00:54 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll

    ==================== Três Meses Modificados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2016-08-25 16:38 - 2015-10-26 08:42 - 00001040 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
    2016-08-25 16:35 - 2015-10-23 15:19 - 00000000 ____D C:\copia
    2016-08-25 16:32 - 2015-10-23 13:14 - 00000000 ____D C:\Users\Marcio\AppData\Local\ClassicShell
    2016-08-25 16:23 - 2015-10-23 13:24 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2016-08-25 16:01 - 2015-10-27 09:37 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-08-25 09:38 - 2015-10-26 08:42 - 00001036 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
    2016-08-25 09:05 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-08-25 08:18 - 2015-10-23 12:47 - 00000000 __RHD C:\Users\Public\AccountPictures
    2016-08-25 08:08 - 2015-10-30 02:48 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-08-25 07:58 - 2015-11-13 08:24 - 00000000 ____D C:\Nex
    2016-08-25 07:57 - 2015-11-28 10:44 - 00000000 ___RD C:\Users\Marcio\Google Drive
    2016-08-25 07:57 - 2015-10-26 08:51 - 00000000 ___RD C:\Users\Marcio\Dropbox
    2016-08-25 07:56 - 2015-10-23 13:24 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2016-08-24 17:09 - 2015-10-26 08:41 - 00000000 ____D C:\Program Files\Dropbox
    2016-08-24 08:17 - 2015-10-23 13:24 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
    2016-08-23 18:20 - 2016-01-24 11:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-08-23 18:20 - 2015-10-30 02:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
    2016-08-23 16:54 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\system32\NDF
    2016-08-23 16:28 - 2015-10-23 14:07 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
    2016-08-23 16:28 - 2015-10-23 14:07 - 00000000 ____D C:\ProgramData\Package Cache
    2016-08-23 16:27 - 2015-10-23 13:24 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
    2016-08-23 12:09 - 2015-10-26 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
    2016-08-23 09:46 - 2015-10-23 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2016-08-18 09:48 - 2015-10-30 12:14 - 00785460 _____ C:\WINDOWS\system32\prfh0416.dat
    2016-08-18 09:48 - 2015-10-30 12:14 - 00154246 _____ C:\WINDOWS\system32\prfc0416.dat
    2016-08-18 09:48 - 2015-10-30 02:47 - 00000000 ____D C:\WINDOWS\INF
    2016-08-18 09:48 - 2015-10-23 12:49 - 01819274 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-08-17 08:05 - 2015-11-28 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
    2016-08-12 19:41 - 2016-01-24 11:33 - 00000000 ____D C:\Users\Marcio
    2016-08-12 09:41 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\rescache
    2016-08-10 20:56 - 2015-10-30 12:21 - 00000000 ____D C:\Program Files\Windows Journal
    2016-08-10 20:56 - 2015-10-30 02:48 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2016-08-10 20:56 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2016-08-10 15:18 - 2015-10-23 14:21 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Corel
    2016-08-10 15:17 - 2015-10-23 13:58 - 00000000 ____D C:\Users\Todos os Usuários\Corel
    2016-08-10 15:17 - 2015-10-23 13:58 - 00000000 ____D C:\ProgramData\Corel
    2016-08-10 15:13 - 2015-10-23 13:57 - 00000000 ____D C:\Program Files\Corel
    2016-08-10 10:01 - 2015-10-23 14:10 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-08-10 09:51 - 2015-10-23 14:10 - 144884648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-08-10 09:46 - 2015-07-10 05:28 - 00000167 _____ C:\WINDOWS\win.ini
    2016-08-10 09:43 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
    2016-08-10 09:43 - 2015-10-30 02:39 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-08-10 08:36 - 2015-10-23 15:19 - 00000337 _____ C:\ip98.txt
    2016-08-10 08:35 - 2015-10-23 14:43 - 00001143 _____ C:\WINDOWS\my.ini
    2016-08-10 08:35 - 2015-10-23 14:42 - 00000000 ____D C:\mysql
    2016-08-10 08:25 - 2015-10-30 02:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
    2016-08-09 18:45 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2016-08-04 18:29 - 2015-10-23 13:26 - 00002216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-07-28 08:01 - 2015-10-26 09:13 - 00149760 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
    2016-07-28 08:01 - 2015-10-26 09:13 - 00120968 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
    2016-07-27 18:24 - 2015-10-23 13:23 - 00000000 ____D C:\Program Files\Google
    2016-07-27 16:25 - 2015-10-23 14:17 - 00406184 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

    ==================== Arquivos na raiz de alguns diretórios =======

    2016-07-21 09:02 - 2016-07-21 09:02 - 0007605 _____ () C:\Users\Marcio\AppData\Local\Resmon.ResmonCfg
    2015-11-13 08:28 - 2015-11-13 08:28 - 0000047 _____ () C:\ProgramData\nex.ini

    Alguns arquivos em TEMP:
    ====================
    C:\Users\Marcio\AppData\Local\Temp\avgnt.exe
    C:\Users\Marcio\AppData\Local\Temp\libeay32.dll
    C:\Users\Marcio\AppData\Local\Temp\msvcr120.dll
    C:\Users\Marcio\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap =================

    (Não há correção automática para arquivos que não passaram na verificação.)

    C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


    LastRegBack: 2016-08-14 11:51

    ==================== Fim de FRST.txt ============================

    Addition.txt

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @adivander

     

    O FRST deve ser executado do Desktop de onde o Windows foi instalado, no caso C:\

     

    Executando a partir de D:\Desktop

     

    Preciso que refaça novos logs em C:\ na Área de Trabalho (Desktop)

     

    Delete-o daí, baixe um novo para o Desktop, execute o FRST, marque a opção Addition e clique no botão Examinar.

     

    Anexe os logs.

     

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 21-08-2016 01
    Executado por Marcio (administrador) em DESKTOP-9J7TCRI (26-08-2016 08:56:04)
    Executando a partir de C:\
    Perfis Carregados: Marcio (Perfis Disponíveis: Marcio)
    Platform: Microsoft Windows 10 Pro Versão 1511 (X86) Idioma: Português (Brasil)
    Internet Explorer Versão 11 (Navegador padrão: Chrome)
    Modo da Inicialização: Normal
    Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processos (Whitelisted) =================

    (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
    () C:\mysql\bin\mysqld-nt.exe
    (InstallShield®) C:\Program Files\Common Files\InstallShield\Update\updatesvc.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
    (Google Inc.) C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
    () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
    (MySQL AB) C:\mysql\bin\winmysqladmin.exe
    (Google) C:\Program Files\Google\Drive\googledrivesync.exe
    () C:\mysql\bin\mysqld.exe
    () C:\mysql\bin\mysqld-nt.exe
    () C:\mysql\bin\mysqld.exe
    (Google) C:\Program Files\Google\Drive\googledrivesync.exe
    () C:\Nex\NexServ.exe
    (Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
    (VE Software) C:\Sistema\Estacionamento\Estacionamento.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe


    ==================== Registro (Whitelisted) ===========================

    (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
    HKLM\...\Run: [RemoteControl10] => C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-02] (CyberLink Corp.)
    HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared files\brs.exe [75048 2010-03-13] (cyberlink)
    HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
    HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [23889496 2016-08-23] (Dropbox, Inc.)
    HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67864 2016-08-04] (Avira Operations GmbH & Co. KG)
    HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [831064 2016-07-28] (Avira Operations GmbH & Co. KG)
    HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [149440 2015-11-12] (IvoSoft)
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [Sistema_Restaurante] => C:\mysql\bin\winmysqladmin.exe [936448 2003-05-16] (MySQL AB)
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [C:\mysql\bin\mysqld.exe] => C:\mysql\bin\mysqld.exe [3534848 2003-05-16] ()
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [C:\mysql\bin\mysqld-nt.exe] => C:\mysql\bin\mysqld-nt.exe [2052096 2003-05-16] ()
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [DIMDownloading your update...1464359625886] => c:\Program Files\Corel\CorelDRAW Graphics Suite X8\PHOTO-PAINT\DIM.exe [542120 2016-03-05] (Corel Corporation)
    ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nex-Serv.lnk [2015-11-13]
    ShortcutTarget: Nex-Serv.lnk -> C:\Nex\NexServ.exe ()
    Startup: C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mysqld - Atalho.lnk [2015-10-27]
    ShortcutTarget: mysqld - Atalho.lnk -> C:\mysql\bin\mysqld.exe ()

    ==================== Internet (Whitelisted) ====================

    (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

    HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATENÇÃO (Restrição - ProxySettings)
    AutoConfigURL: [HKLM] => hxxp://127.0.0.1:8080/proxy.pac
    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
    Tcpip\..\Interfaces\{0eb91858-121d-4c49-adaf-2977a0e90fb2}: [DhcpNameServer] 192.168.2.1
    Tcpip\..\Interfaces\{a9b0301a-34ad-4baf-82fc-a87004760a4e}: [DhcpNameServer] 8.8.4.4 8.8.8.8
    ManualProxies: 0hxxp://127.0.0.1:8080/proxy.pac

    Internet Explorer:
    ==================
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2456171839-3119483222-2521222785-1001 -> DefaultScope {A23A1DA6-B605-4F32-BC56-A2CD0F96F963} URL = hxxp://www.google.com/search?hl=pt-br&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2456171839-3119483222-2521222785-1001 -> {A23A1DA6-B605-4F32-BC56-A2CD0F96F963} URL = hxxp://www.google.com/search?hl=pt-br&q={searchTerms}
    BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
    BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-23] (Oracle Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-23] (Oracle Corporation)
    BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-11-12] (IvoSoft)
    Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\gkge0b0q.default
    FF Homepage: www.google.com.br
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
    FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
    FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-23] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-23] (Oracle Corporation)
    FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
    FF Extension: (Avira Browser Safety) - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\gkge0b0q.default\Extensions\abs@avira.com [2016-07-14]
    FF Extension: (MEGA) - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\gkge0b0q.default\Extensions\firefox@mega.co.nz.xpi [2015-10-27] [não assinado]
    FF Extension: (Avira Safe Search Plus) - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\gkge0b0q.default\Extensions\safesearchplus@avira.com.xpi [2016-06-06]

    Chrome:
    =======
    CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
    CHR DefaultSearchURL: Default -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> Avira
    CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=pt
    CHR Profile: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Apresentações) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-23]
    CHR Extension: (Google Docs) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-23]
    CHR Extension: (Google Drive) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
    CHR Extension: (YouTube) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-23]
    CHR Extension: (Google Search) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
    CHR Extension: (Planilhas do Google) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-23]
    CHR Extension: (Segurança do navegador Avira) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-07-15]
    CHR Extension: (Documentos Google off-line) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
    CHR Extension: (Avira SafeSearch) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2016-08-16]
    CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-11-30]
    CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
    CHR Extension: (Gmail) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-23]
    CHR Extension: (Chrome Media Router) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-19]
    CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

    ==================== Serviços (Whitelisted) ========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [989696 2016-07-28] (Avira Operations GmbH & Co. KG)
    R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [472112 2016-07-28] (Avira Operations GmbH & Co. KG)
    R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [472112 2016-07-28] (Avira Operations GmbH & Co. KG)
    S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1453696 2016-07-28] (Avira Operations GmbH & Co. KG)
    R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [320672 2016-08-04] (Avira Operations GmbH & Co. KG)
    S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-02] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-02] (Dropbox, Inc.)
    R2 MySql; c:\mysql\bin\mysqld-nt.exe [2052096 2003-05-16] () [Arquivo não assinado]
    R2 updatesvc.exe; C:\Program Files\Common Files\InstallShield\Update\updatesvc.exe [346624 2015-12-07] (InstallShield®) [Arquivo não assinado]
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2016-07-01] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [120968 2016-07-28] (Avira Operations GmbH & Co. KG)
    R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [149760 2016-07-28] (Avira Operations GmbH & Co. KG)
    R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44208 2015-12-15] (Avira Operations GmbH & Co. KG)
    R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [66872 2016-06-02] (Avira Operations GmbH & Co. KG)
    R3 KMWDFILTERx86; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
    S3 NETJME; C:\WINDOWS\System32\drivers\NETJME.sys [119296 2015-10-30] (JMicron Technology Corp.)
    R1 ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [31848 2015-08-07] (Avira Operations GmbH & Co. KG)
    S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [192944 2015-12-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
    S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
    R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
    R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [87536 2010-03-13] (CyberLink Corp.)

    ==================== NetSvcs (Whitelisted) ===================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


    ==================== Três Meses Criados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2016-08-26 08:56 - 2016-08-26 08:57 - 00018319 _____ C:\FRST.txt
    2016-08-26 08:54 - 2016-08-25 16:33 - 01746432 _____ (Farbar) C:\FRST.exe
    2016-08-25 16:36 - 2016-08-26 08:56 - 00000000 ____D C:\FRST
    2016-08-24 17:08 - 2016-08-24 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2016-08-23 16:56 - 2016-08-23 17:55 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\ZHP
    2016-08-23 16:19 - 2016-08-23 16:25 - 00000000 ____D C:\AdwCleaner
    2016-08-22 13:17 - 2016-08-23 16:27 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2016-08-12 18:31 - 2016-08-12 18:31 - 00000000 ____D C:\Users\Todos os Usuários\GeoComply
    2016-08-12 18:31 - 2016-08-12 18:31 - 00000000 ____D C:\ProgramData\GeoComply
    2016-08-11 18:08 - 2016-08-26 08:03 - 00000000 ____D C:\Users\Marcio\AppData\Local\PokerStars
    2016-08-11 18:08 - 2016-08-11 18:08 - 00001990 _____ C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.lnk
    2016-08-11 18:08 - 2016-08-11 18:08 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
    2016-08-11 18:06 - 2016-08-11 18:08 - 00000000 ____D C:\Program Files\PokerStars
    2016-08-10 15:07 - 2016-08-10 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
    2016-08-10 15:07 - 2016-08-10 15:07 - 00000000 ____D C:\Program Files\Classic Shell
    2016-08-10 14:43 - 2016-08-10 14:43 - 00000000 ____D C:\Users\Todos os Usuários\VsTelemetry
    2016-08-10 14:43 - 2016-08-10 14:43 - 00000000 ____D C:\ProgramData\VsTelemetry
    2016-08-10 14:43 - 2016-08-10 14:43 - 00000000 ____D C:\Program Files\gs
    2016-08-10 14:42 - 2016-08-10 14:42 - 00000000 ____D C:\Program Files\Common Files\Corel
    2016-08-10 14:37 - 2016-08-10 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8
    2016-08-10 11:31 - 2016-08-10 11:31 - 00000218 _____ C:\Users\Marcio\.recently-used.xbel
    2016-08-10 11:22 - 2016-08-10 11:22 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\inkscape
    2016-08-10 11:13 - 2016-08-10 11:13 - 00001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
    2016-08-10 11:07 - 2016-08-10 11:14 - 00000000 ____D C:\Program Files\Inkscape
    2016-08-10 09:59 - 2016-08-10 09:59 - 00017639 _____ C:\ZA-Scan.txt
    2016-08-10 09:31 - 2016-08-03 02:52 - 05793632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-08-10 09:31 - 2016-08-03 02:52 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
    2016-08-10 09:31 - 2016-08-03 02:32 - 00413024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2016-08-10 09:31 - 2016-08-03 02:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2016-08-10 09:31 - 2016-08-03 02:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2016-08-10 09:31 - 2016-08-03 02:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2016-08-10 09:31 - 2016-08-03 02:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2016-08-10 09:31 - 2016-08-03 02:29 - 01337680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2016-08-10 09:31 - 2016-08-03 02:29 - 00633192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
    2016-08-10 09:31 - 2016-08-03 02:28 - 00505136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-08-10 09:31 - 2016-08-03 02:28 - 00139616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2016-08-10 09:31 - 2016-08-03 02:21 - 01712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2016-08-10 09:31 - 2016-08-03 02:21 - 00483680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2016-08-10 09:31 - 2016-08-03 01:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
    2016-08-10 09:31 - 2016-08-03 01:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
    2016-08-10 09:31 - 2016-08-03 01:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
    2016-08-10 09:31 - 2016-08-03 01:41 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2016-08-10 09:31 - 2016-08-03 01:39 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
    2016-08-10 09:31 - 2016-08-03 01:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
    2016-08-10 09:31 - 2016-08-03 01:35 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
    2016-08-10 09:31 - 2016-08-03 01:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
    2016-08-10 09:31 - 2016-08-03 01:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2016-08-10 09:31 - 2016-08-03 01:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2016-08-10 09:31 - 2016-08-03 01:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2016-08-10 09:31 - 2016-08-03 01:32 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2016-08-10 09:31 - 2016-08-03 01:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2016-08-10 09:31 - 2016-08-03 01:32 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2016-08-10 09:31 - 2016-08-03 01:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2016-08-10 09:31 - 2016-08-03 01:27 - 02973696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2016-08-10 09:31 - 2016-08-03 01:27 - 01903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2016-08-10 09:31 - 2016-08-03 01:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2016-08-10 09:31 - 2016-08-03 01:24 - 01735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
    2016-08-10 09:31 - 2016-08-03 01:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2016-08-10 09:31 - 2016-08-03 01:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-08-10 09:31 - 2016-08-03 01:22 - 01900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2016-08-10 09:31 - 2016-08-03 01:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-08-10 09:31 - 2016-08-03 01:22 - 01086976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2016-08-10 09:31 - 2016-08-03 01:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
    2016-08-10 09:30 - 2016-08-03 03:27 - 01303744 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-08-10 09:30 - 2016-08-03 03:27 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-08-10 09:30 - 2016-08-03 03:27 - 00045760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2016-08-10 09:30 - 2016-08-03 02:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
    2016-08-10 09:30 - 2016-08-03 02:43 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2016-08-10 09:30 - 2016-08-03 02:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2016-08-10 09:30 - 2016-08-03 02:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
    2016-08-10 09:30 - 2016-08-03 02:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
    2016-08-10 09:30 - 2016-08-03 02:32 - 00260448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2016-08-10 09:30 - 2016-08-03 02:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
    2016-08-10 09:30 - 2016-08-03 02:21 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2016-08-10 09:30 - 2016-08-03 02:18 - 00346464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2016-08-10 09:30 - 2016-08-03 01:58 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
    2016-08-10 09:30 - 2016-08-03 01:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
    2016-08-10 09:30 - 2016-08-03 01:48 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
    2016-08-10 09:30 - 2016-08-03 01:47 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2016-08-10 09:30 - 2016-08-03 01:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2016-08-10 09:30 - 2016-08-03 01:44 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
    2016-08-10 09:30 - 2016-08-03 01:43 - 00180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2016-08-10 09:30 - 2016-08-03 01:43 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
    2016-08-10 09:30 - 2016-08-03 01:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
    2016-08-10 09:30 - 2016-08-03 01:40 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
    2016-08-10 09:30 - 2016-08-03 01:40 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
    2016-08-10 09:30 - 2016-08-03 01:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
    2016-08-10 09:30 - 2016-08-03 01:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-08-10 09:30 - 2016-08-03 01:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2016-08-10 09:30 - 2016-08-03 01:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2016-08-10 09:30 - 2016-08-03 01:37 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
    2016-08-10 09:30 - 2016-08-03 01:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
    2016-08-10 09:30 - 2016-08-03 01:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2016-08-10 09:30 - 2016-08-03 01:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2016-08-10 09:30 - 2016-08-03 01:33 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
    2016-08-10 09:30 - 2016-08-03 01:33 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2016-08-10 09:30 - 2016-08-03 01:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2016-08-10 09:30 - 2016-08-03 01:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2016-08-10 09:30 - 2016-08-03 01:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2016-08-10 09:30 - 2016-08-03 01:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2016-08-10 09:30 - 2016-08-03 01:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-08-10 09:30 - 2016-08-03 01:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-08-10 09:30 - 2016-08-03 01:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
    2016-08-10 09:30 - 2016-08-03 01:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2016-08-10 09:30 - 2016-08-03 01:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2016-08-10 09:30 - 2016-08-03 01:20 - 03483648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
    2016-07-29 10:20 - 2016-07-29 10:20 - 00000000 ____D C:\zoek_backup
    2016-07-27 18:25 - 2016-07-27 18:25 - 00000000 ____D C:\Users\Marcio\AppData\LocalLow\Google
    2016-07-27 18:24 - 2016-07-27 18:24 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
    2016-07-21 09:02 - 2016-07-21 09:02 - 00007605 _____ C:\Users\Marcio\AppData\Local\Resmon.ResmonCfg
    2016-07-20 18:36 - 2016-07-20 18:36 - 00000000 ____D C:\Sistemas
    2016-07-20 17:27 - 2016-07-20 17:27 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú
    2016-07-14 18:58 - 2016-07-14 18:58 - 00000000 ____D C:\Program Files\CMAK
    2016-07-13 08:55 - 2016-07-01 00:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
    2016-07-13 08:55 - 2016-07-01 00:45 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
    2016-07-13 08:55 - 2016-07-01 00:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
    2016-07-13 08:55 - 2016-07-01 00:38 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
    2016-07-13 08:55 - 2016-07-01 00:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
    2016-07-13 08:55 - 2016-07-01 00:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
    2016-07-13 08:55 - 2016-07-01 00:35 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
    2016-07-13 08:55 - 2016-07-01 00:33 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
    2016-07-13 08:55 - 2016-07-01 00:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2016-07-13 08:55 - 2016-07-01 00:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2016-07-13 08:55 - 2016-07-01 00:26 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2016-07-13 08:55 - 2016-07-01 00:25 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
    2016-07-13 08:55 - 2016-07-01 00:25 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2016-07-13 08:55 - 2016-07-01 00:22 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2016-07-13 08:55 - 2016-07-01 00:18 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2016-07-13 08:54 - 2016-07-01 01:35 - 00792328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2016-07-13 08:54 - 2016-07-01 01:23 - 01334680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
    2016-07-13 08:54 - 2016-07-01 01:20 - 01300016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
    2016-07-13 08:54 - 2016-07-01 01:19 - 05598832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2016-07-13 08:54 - 2016-07-01 01:19 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2016-07-13 08:54 - 2016-07-01 01:19 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2016-07-13 08:54 - 2016-07-01 01:18 - 00995296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
    2016-07-13 08:54 - 2016-07-01 01:17 - 01536600 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
    2016-07-13 08:54 - 2016-07-01 01:12 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
    2016-07-13 08:54 - 2016-07-01 01:12 - 01866104 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
    2016-07-13 08:54 - 2016-07-01 01:11 - 01522160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
    2016-07-13 08:54 - 2016-07-01 01:11 - 00521152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2016-07-13 08:54 - 2016-07-01 01:10 - 00727752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
    2016-07-13 08:54 - 2016-07-01 00:41 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
    2016-07-13 08:54 - 2016-07-01 00:39 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2016-07-13 08:54 - 2016-07-01 00:39 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
    2016-07-13 08:54 - 2016-07-01 00:37 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
    2016-07-13 08:54 - 2016-07-01 00:37 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
    2016-07-13 08:54 - 2016-07-01 00:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
    2016-07-13 08:54 - 2016-07-01 00:34 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2016-07-13 08:54 - 2016-07-01 00:32 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
    2016-07-13 08:54 - 2016-07-01 00:32 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
    2016-07-13 08:54 - 2016-07-01 00:31 - 06529024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
    2016-07-13 08:54 - 2016-07-01 00:31 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
    2016-07-13 08:54 - 2016-07-01 00:31 - 00424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
    2016-07-13 08:54 - 2016-07-01 00:31 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
    2016-07-13 08:54 - 2016-07-01 00:31 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
    2016-07-13 08:54 - 2016-07-01 00:31 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
    2016-07-13 08:54 - 2016-07-01 00:31 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
    2016-07-13 08:54 - 2016-07-01 00:30 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
    2016-07-13 08:54 - 2016-07-01 00:30 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
    2016-07-13 08:54 - 2016-07-01 00:30 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2016-07-13 08:54 - 2016-07-01 00:30 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
    2016-07-13 08:54 - 2016-07-01 00:30 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
    2016-07-13 08:54 - 2016-07-01 00:29 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
    2016-07-13 08:54 - 2016-07-01 00:29 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
    2016-07-13 08:54 - 2016-07-01 00:29 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
    2016-07-13 08:54 - 2016-07-01 00:28 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
    2016-07-13 08:54 - 2016-07-01 00:28 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
    2016-07-13 08:54 - 2016-07-01 00:28 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
    2016-07-13 08:54 - 2016-07-01 00:26 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
    2016-07-13 08:54 - 2016-07-01 00:25 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
    2016-07-13 08:54 - 2016-07-01 00:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2016-07-13 08:54 - 2016-07-01 00:25 - 00740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
    2016-07-13 08:54 - 2016-07-01 00:25 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2016-07-13 08:54 - 2016-07-01 00:25 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
    2016-07-13 08:54 - 2016-07-01 00:24 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
    2016-07-13 08:54 - 2016-07-01 00:24 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2016-07-13 08:54 - 2016-07-01 00:24 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
    2016-07-13 08:54 - 2016-07-01 00:23 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
    2016-07-13 08:54 - 2016-07-01 00:23 - 01166848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2016-07-13 08:54 - 2016-07-01 00:22 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2016-07-13 08:54 - 2016-07-01 00:22 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2016-07-13 08:54 - 2016-07-01 00:20 - 03196928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2016-07-13 08:54 - 2016-07-01 00:19 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2016-07-13 08:54 - 2016-07-01 00:19 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2016-07-13 08:54 - 2016-07-01 00:19 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
    2016-07-13 08:54 - 2016-07-01 00:18 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
    2016-07-13 08:54 - 2016-07-01 00:17 - 01800704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2016-07-13 08:54 - 2016-07-01 00:16 - 01635840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
    2016-07-13 08:54 - 2016-07-01 00:15 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
    2016-07-13 08:54 - 2016-07-01 00:15 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
    2016-07-13 08:54 - 2016-07-01 00:15 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
    2016-07-13 08:54 - 2016-07-01 00:15 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
    2016-07-13 08:54 - 2016-07-01 00:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2016-07-13 08:54 - 2016-07-01 00:14 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
    2016-07-13 08:54 - 2016-07-01 00:14 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
    2016-07-13 08:54 - 2016-07-01 00:14 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
    2016-07-13 08:54 - 2016-07-01 00:12 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
    2016-07-13 08:54 - 2016-07-01 00:11 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2016-07-13 08:54 - 2016-07-01 00:08 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
    2016-07-13 08:53 - 2016-07-01 02:14 - 00476864 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2016-07-13 08:53 - 2016-07-01 01:38 - 01862008 _____ C:\WINDOWS\system32\CoreUIComponents.dll
    2016-07-13 08:53 - 2016-07-01 01:32 - 02885680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
    2016-07-13 08:53 - 2016-07-01 01:23 - 01349640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
    2016-07-13 08:53 - 2016-07-01 01:20 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2016-07-13 08:53 - 2016-07-01 01:20 - 00613120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
    2016-07-13 08:53 - 2016-07-01 01:19 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
    2016-07-13 08:53 - 2016-07-01 01:19 - 00569752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
    2016-07-13 08:53 - 2016-07-01 01:18 - 00510880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
    2016-07-13 08:53 - 2016-07-01 01:18 - 00064584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
    2016-07-13 08:53 - 2016-07-01 00:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
    2016-07-13 08:53 - 2016-07-01 00:34 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
    2016-07-13 08:53 - 2016-07-01 00:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
    2016-07-13 08:53 - 2016-07-01 00:34 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
    2016-07-13 08:53 - 2016-07-01 00:33 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
    2016-07-13 08:53 - 2016-07-01 00:33 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2016-07-13 08:53 - 2016-07-01 00:32 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Maps.dll
    2016-07-13 08:53 - 2016-07-01 00:32 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
    2016-07-13 08:53 - 2016-07-01 00:30 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
    2016-07-13 08:53 - 2016-07-01 00:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2016-07-13 08:53 - 2016-07-01 00:30 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
    2016-07-13 08:53 - 2016-07-01 00:30 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
    2016-07-13 08:53 - 2016-07-01 00:30 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
    2016-07-13 08:53 - 2016-07-01 00:29 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
    2016-07-13 08:53 - 2016-07-01 00:29 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
    2016-07-13 08:53 - 2016-07-01 00:28 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
    2016-07-13 08:53 - 2016-07-01 00:28 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
    2016-07-13 08:53 - 2016-07-01 00:27 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
    2016-07-13 08:53 - 2016-07-01 00:27 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
    2016-07-13 08:53 - 2016-07-01 00:27 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
    2016-07-13 08:53 - 2016-07-01 00:27 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 01746944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
    2016-07-13 08:53 - 2016-07-01 00:25 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
    2016-07-13 08:53 - 2016-07-01 00:25 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
    2016-07-13 08:53 - 2016-07-01 00:25 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
    2016-07-13 08:53 - 2016-07-01 00:25 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2016-07-13 08:53 - 2016-07-01 00:25 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
    2016-07-13 08:53 - 2016-07-01 00:24 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
    2016-07-13 08:53 - 2016-07-01 00:24 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2016-07-13 08:53 - 2016-07-01 00:24 - 01484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
    2016-07-13 08:53 - 2016-07-01 00:24 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
    2016-07-13 08:53 - 2016-07-01 00:23 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
    2016-07-13 08:53 - 2016-07-01 00:23 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
    2016-07-13 08:53 - 2016-07-01 00:23 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
    2016-07-13 08:53 - 2016-07-01 00:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
    2016-07-13 08:53 - 2016-07-01 00:23 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
    2016-07-13 08:53 - 2016-07-01 00:22 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2016-07-13 08:53 - 2016-07-01 00:21 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
    2016-07-13 08:53 - 2016-07-01 00:19 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
    2016-07-13 08:53 - 2016-07-01 00:19 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
    2016-07-13 08:53 - 2016-07-01 00:18 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
    2016-07-13 08:53 - 2016-07-01 00:17 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
    2016-07-13 08:53 - 2016-07-01 00:16 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2016-07-13 08:53 - 2016-07-01 00:16 - 00925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2016-07-13 08:53 - 2016-07-01 00:16 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
    2016-07-13 08:53 - 2016-07-01 00:15 - 04413440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2016-07-13 08:53 - 2016-07-01 00:15 - 02880512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2016-07-13 08:53 - 2016-07-01 00:15 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
    2016-07-13 08:53 - 2016-07-01 00:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
    2016-07-13 08:53 - 2016-07-01 00:14 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
    2016-07-13 08:53 - 2016-07-01 00:13 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
    2016-07-13 08:53 - 2016-07-01 00:13 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2016-07-13 08:53 - 2016-07-01 00:11 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
    2016-07-13 08:53 - 2016-07-01 00:08 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
    2016-07-13 08:52 - 2016-07-01 02:14 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2016-07-13 08:52 - 2016-07-01 02:14 - 00484544 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2016-07-13 08:52 - 2016-07-01 02:14 - 00266944 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2016-07-13 08:52 - 2016-07-01 02:14 - 00227008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2016-07-13 08:52 - 2016-07-01 01:40 - 00228704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2016-07-13 08:52 - 2016-07-01 01:39 - 01561392 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2016-07-13 08:52 - 2016-07-01 01:39 - 01051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2016-07-13 08:52 - 2016-07-01 01:39 - 00927080 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2016-07-13 08:52 - 2016-07-01 01:39 - 00875992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2016-07-13 08:52 - 2016-07-01 01:39 - 00771120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2016-07-13 08:52 - 2016-07-01 01:38 - 01083656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
    2016-07-13 08:52 - 2016-07-01 01:23 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
    2016-07-13 08:52 - 2016-07-01 01:23 - 00925576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2016-07-13 08:52 - 2016-07-01 01:23 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2016-07-13 08:52 - 2016-07-01 01:23 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2016-07-13 08:52 - 2016-07-01 01:23 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
    2016-07-13 08:52 - 2016-07-01 01:19 - 00836760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
    2016-07-13 08:52 - 2016-07-01 01:07 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
    2016-07-13 08:52 - 2016-07-01 01:06 - 01861984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2016-07-13 08:52 - 2016-07-01 01:06 - 00403920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
    2016-07-13 08:52 - 2016-07-01 00:39 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
    2016-07-13 08:52 - 2016-07-01 00:38 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
    2016-07-13 08:52 - 2016-07-01 00:35 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
    2016-07-13 08:52 - 2016-07-01 00:34 - 00350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
    2016-07-13 08:52 - 2016-07-01 00:34 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2016-07-13 08:52 - 2016-07-01 00:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
    2016-07-13 08:52 - 2016-07-01 00:32 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2016-07-13 08:52 - 2016-07-01 00:32 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
    2016-07-13 08:52 - 2016-07-01 00:31 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2016-07-13 08:52 - 2016-07-01 00:31 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
    2016-07-13 08:52 - 2016-07-01 00:31 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
    2016-07-13 08:52 - 2016-07-01 00:30 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
    2016-07-13 08:52 - 2016-07-01 00:30 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2016-07-13 08:52 - 2016-07-01 00:30 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2016-07-13 08:52 - 2016-07-01 00:30 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
    2016-07-13 08:52 - 2016-07-01 00:29 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
    2016-07-13 08:52 - 2016-07-01 00:29 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
    2016-07-13 08:52 - 2016-07-01 00:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
    2016-07-13 08:52 - 2016-07-01 00:28 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
    2016-07-13 08:52 - 2016-07-01 00:28 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
    2016-07-13 08:52 - 2016-07-01 00:28 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
    2016-07-13 08:52 - 2016-07-01 00:27 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2016-07-13 08:52 - 2016-07-01 00:27 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
    2016-07-13 08:52 - 2016-07-01 00:27 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
    2016-07-13 08:52 - 2016-07-01 00:26 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
    2016-07-13 08:52 - 2016-07-01 00:26 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
    2016-07-13 08:52 - 2016-07-01 00:26 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
    2016-07-13 08:52 - 2016-07-01 00:26 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2016-07-13 08:52 - 2016-07-01 00:25 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2016-07-13 08:52 - 2016-07-01 00:25 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2016-07-13 08:52 - 2016-07-01 00:25 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
    2016-07-13 08:52 - 2016-07-01 00:25 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
    2016-07-13 08:52 - 2016-07-01 00:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
    2016-07-13 08:52 - 2016-07-01 00:24 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
    2016-07-13 08:52 - 2016-07-01 00:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
    2016-07-13 08:52 - 2016-07-01 00:23 - 01401856 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
    2016-07-13 08:52 - 2016-07-01 00:23 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2016-07-13 08:52 - 2016-07-01 00:23 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2016-07-13 08:52 - 2016-07-01 00:23 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
    2016-07-13 08:52 - 2016-07-01 00:20 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
    2016-07-13 08:52 - 2016-07-01 00:20 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2016-07-13 08:52 - 2016-07-01 00:20 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
    2016-07-13 08:52 - 2016-07-01 00:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
    2016-07-13 08:52 - 2016-07-01 00:16 - 02771968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2016-07-13 08:52 - 2016-07-01 00:16 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2016-07-13 08:52 - 2016-07-01 00:16 - 00742400 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
    2016-07-13 08:52 - 2016-07-01 00:15 - 00748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2016-07-13 08:52 - 2016-07-01 00:15 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
    2016-07-13 08:52 - 2016-07-01 00:14 - 00737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
    2016-07-13 08:52 - 2016-07-01 00:13 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
    2016-07-13 08:52 - 2016-07-01 00:13 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
    2016-07-13 08:52 - 2016-07-01 00:13 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
    2016-07-13 08:52 - 2016-07-01 00:11 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2016-07-13 08:52 - 2016-07-01 00:08 - 01976832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
    2016-07-13 08:52 - 2016-07-01 00:08 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2016-07-13 08:52 - 2016-07-01 00:08 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
    2016-07-13 08:52 - 2016-06-17 21:22 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2016-07-13 08:52 - 2016-02-09 01:29 - 00279376 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
    2016-06-14 19:03 - 2016-05-28 02:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
    2016-06-14 19:03 - 2016-05-28 02:25 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
    2016-06-14 19:03 - 2016-05-28 02:25 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2016-06-14 19:03 - 2016-05-28 02:25 - 00173920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
    2016-06-14 19:03 - 2016-05-28 02:25 - 00096096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
    2016-06-14 19:03 - 2016-05-28 02:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
    2016-06-14 19:03 - 2016-05-28 02:22 - 00317280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
    2016-06-14 19:03 - 2016-05-28 02:10 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
    2016-06-14 19:03 - 2016-05-28 02:08 - 00203104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
    2016-06-14 19:03 - 2016-05-28 02:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2016-06-14 19:03 - 2016-05-28 02:04 - 00111608 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
    2016-06-14 19:03 - 2016-05-28 02:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
    2016-06-14 19:03 - 2016-05-28 01:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2016-06-14 19:03 - 2016-05-28 01:57 - 01396592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2016-06-14 19:03 - 2016-05-28 01:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2016-06-14 19:03 - 2016-05-28 01:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2016-06-14 19:03 - 2016-05-28 01:31 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
    2016-06-14 19:03 - 2016-05-28 01:25 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2016-06-14 19:03 - 2016-05-28 01:25 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
    2016-06-14 19:03 - 2016-05-28 01:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2016-06-14 19:03 - 2016-05-28 01:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
    2016-06-14 19:03 - 2016-05-28 01:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2016-06-14 19:03 - 2016-05-28 01:22 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
    2016-06-14 19:03 - 2016-05-28 01:22 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
    2016-06-14 19:03 - 2016-05-28 01:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
    2016-06-14 19:03 - 2016-05-28 01:20 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
    2016-06-14 19:03 - 2016-05-28 01:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
    2016-06-14 19:03 - 2016-05-28 01:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
    2016-06-14 19:03 - 2016-05-28 01:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:19 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:18 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
    2016-06-14 19:03 - 2016-05-28 01:18 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
    2016-06-14 19:03 - 2016-05-28 01:18 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
    2016-06-14 19:03 - 2016-05-28 01:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
    2016-06-14 19:03 - 2016-05-28 01:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2016-06-14 19:03 - 2016-05-28 01:17 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
    2016-06-14 19:03 - 2016-05-28 01:17 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:17 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
    2016-06-14 19:03 - 2016-05-28 01:16 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
    2016-06-14 19:03 - 2016-05-28 01:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
    2016-06-14 19:03 - 2016-05-28 01:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
    2016-06-14 19:03 - 2016-05-28 01:15 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
    2016-06-14 19:03 - 2016-05-28 01:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
    2016-06-14 19:03 - 2016-05-28 01:15 - 00527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
    2016-06-14 19:03 - 2016-05-28 01:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
    2016-06-14 19:03 - 2016-05-28 01:15 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
    2016-06-14 19:03 - 2016-05-28 01:14 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
    2016-06-14 19:03 - 2016-05-28 01:14 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
    2016-06-14 19:03 - 2016-05-28 01:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2016-06-14 19:03 - 2016-05-28 01:14 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
    2016-06-14 19:03 - 2016-05-28 01:13 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2016-06-14 19:03 - 2016-05-28 01:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
    2016-06-14 19:03 - 2016-05-28 01:13 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
    2016-06-14 19:03 - 2016-05-28 01:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2016-06-14 19:03 - 2016-05-28 01:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
    2016-06-14 19:03 - 2016-05-28 01:12 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2016-06-14 19:03 - 2016-05-28 01:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
    2016-06-14 19:03 - 2016-05-28 01:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
    2016-06-14 19:03 - 2016-05-28 01:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2016-06-14 19:03 - 2016-05-28 01:11 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2016-06-14 19:03 - 2016-05-28 01:09 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
    2016-06-14 19:03 - 2016-05-28 01:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
    2016-06-14 19:03 - 2016-05-28 01:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2016-06-14 19:03 - 2016-05-28 01:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
    2016-06-14 19:03 - 2016-05-28 01:03 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
    2016-06-14 19:03 - 2016-05-28 01:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2016-06-14 19:03 - 2016-05-28 01:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2016-06-14 19:03 - 2016-05-28 01:01 - 01193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2016-06-14 19:03 - 2016-05-28 01:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2016-06-14 19:03 - 2016-05-28 00:54 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll

    ==================== Três Meses Modificados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2016-08-26 08:56 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-08-26 08:54 - 2015-10-23 13:14 - 00000000 ____D C:\Users\Marcio\AppData\Local\ClassicShell
    2016-08-26 08:43 - 2016-01-24 11:33 - 00000000 ____D C:\Users\Marcio
    2016-08-26 08:40 - 2015-10-23 15:19 - 00000000 ____D C:\copia
    2016-08-26 08:38 - 2015-10-26 08:42 - 00001040 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
    2016-08-26 08:23 - 2015-10-23 13:24 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2016-08-26 08:12 - 2015-10-30 02:48 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-08-26 08:01 - 2015-10-27 09:37 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-08-26 07:58 - 2015-11-28 10:44 - 00000000 ___RD C:\Users\Marcio\Google Drive
    2016-08-26 07:58 - 2015-10-26 08:51 - 00000000 ___RD C:\Users\Marcio\Dropbox
    2016-08-26 07:57 - 2015-11-13 08:24 - 00000000 ____D C:\Nex
    2016-08-26 07:55 - 2015-10-26 08:42 - 00001036 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
    2016-08-26 07:55 - 2015-10-23 13:24 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2016-08-26 07:54 - 2016-01-24 11:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-08-26 07:53 - 2015-10-30 02:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
    2016-08-25 16:53 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\system32\NDF
    2016-08-25 08:18 - 2015-10-23 12:47 - 00000000 __RHD C:\Users\Public\AccountPictures
    2016-08-24 17:09 - 2015-10-26 08:41 - 00000000 ____D C:\Program Files\Dropbox
    2016-08-24 08:17 - 2015-10-23 13:24 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
    2016-08-23 16:28 - 2015-10-23 14:07 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
    2016-08-23 16:28 - 2015-10-23 14:07 - 00000000 ____D C:\ProgramData\Package Cache
    2016-08-23 16:27 - 2015-10-23 13:24 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
    2016-08-23 12:09 - 2015-10-26 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
    2016-08-23 09:46 - 2015-10-23 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2016-08-18 09:48 - 2015-10-30 12:14 - 00785460 _____ C:\WINDOWS\system32\prfh0416.dat
    2016-08-18 09:48 - 2015-10-30 12:14 - 00154246 _____ C:\WINDOWS\system32\prfc0416.dat
    2016-08-18 09:48 - 2015-10-30 02:47 - 00000000 ____D C:\WINDOWS\INF
    2016-08-18 09:48 - 2015-10-23 12:49 - 01819274 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-08-17 08:05 - 2015-11-28 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
    2016-08-12 09:41 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\rescache
    2016-08-10 20:56 - 2015-10-30 12:21 - 00000000 ____D C:\Program Files\Windows Journal
    2016-08-10 20:56 - 2015-10-30 02:48 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2016-08-10 20:56 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2016-08-10 15:18 - 2015-10-23 14:21 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Corel
    2016-08-10 15:17 - 2015-10-23 13:58 - 00000000 ____D C:\Users\Todos os Usuários\Corel
    2016-08-10 15:17 - 2015-10-23 13:58 - 00000000 ____D C:\ProgramData\Corel
    2016-08-10 15:13 - 2015-10-23 13:57 - 00000000 ____D C:\Program Files\Corel
    2016-08-10 10:01 - 2015-10-23 14:10 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-08-10 09:51 - 2015-10-23 14:10 - 144884648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-08-10 09:46 - 2015-07-10 05:28 - 00000167 _____ C:\WINDOWS\win.ini
    2016-08-10 09:43 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
    2016-08-10 09:43 - 2015-10-30 02:39 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-08-10 08:36 - 2015-10-23 15:19 - 00000337 _____ C:\ip98.txt
    2016-08-10 08:35 - 2015-10-23 14:43 - 00001143 _____ C:\WINDOWS\my.ini
    2016-08-10 08:35 - 2015-10-23 14:42 - 00000000 ____D C:\mysql
    2016-08-10 08:25 - 2015-10-30 02:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
    2016-08-09 18:45 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2016-08-04 18:29 - 2015-10-23 13:26 - 00002216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-07-28 08:01 - 2015-10-26 09:13 - 00149760 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
    2016-07-28 08:01 - 2015-10-26 09:13 - 00120968 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
    2016-07-27 18:24 - 2015-10-23 13:23 - 00000000 ____D C:\Program Files\Google
    2016-07-27 16:25 - 2015-10-23 14:17 - 00406184 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

    ==================== Arquivos na raiz de alguns diretórios =======

    2016-07-21 09:02 - 2016-07-21 09:02 - 0007605 _____ () C:\Users\Marcio\AppData\Local\Resmon.ResmonCfg
    2015-11-13 08:28 - 2015-11-13 08:28 - 0000047 _____ () C:\ProgramData\nex.ini

    Alguns arquivos em TEMP:
    ====================
    C:\Users\Marcio\AppData\Local\Temp\avgnt.exe
    C:\Users\Marcio\AppData\Local\Temp\libeay32.dll
    C:\Users\Marcio\AppData\Local\Temp\msvcr120.dll
    C:\Users\Marcio\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap =================

    (Não há correção automática para arquivos que não passaram na verificação.)

    C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


    LastRegBack: 2016-08-25 16:47

    ==================== Fim de FRST.txt ============================

    Addition.txt

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Amigo, deixa eu entender.

     

    De acordo com o log, seu HD possui duas partições:

     

    Citação

    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:97.17 GB) (Free:32.46 GB) NTFS
    Drive d: (Dados) (Fixed) (Total:135.23 GB) (Free:118.8 GB) NTFS

     

    O D:\ que pelo nome você guarda suas coisas e o C:\ onde instalou o Windows, certo?

     

    Agora você executou o FRST:

     

    Executando a partir de C:\

     

    Não foi do Área de Trabalho. Eu preciso que deixe o FRST em sua Área de Trabalho e que ele seja executado dela, seguindo as instruções do meu último post, ok?

     

    Qualquer dúvida é só escrever.

     

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Isso mesmo então você tem que analisar o primeiro log que postei pois foi executado da área de trabalho que fica na partição D:\desktop

     

     

     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Errado, no seu log eu devo ver um caminho deste tipo:

     

    C:\Users\USUÁRIO\Desktop

     

    Aguardo novos logs.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 31-08-2016
    Executado por Marcio (administrador) em DESKTOP-9J7TCRI (01-09-2016 12:16:03)
    Executando a partir de C:\Users\Marcio\Desktop
    Perfis Carregados: Marcio (Perfis Disponíveis: Marcio)
    Platform: Microsoft Windows 10 Pro Versão 1511 (X86) Idioma: Português (Brasil)
    Internet Explorer Versão 11 (Navegador padrão: Chrome)
    Modo da Inicialização: Normal
    Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processos (Whitelisted) =================

    (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

    (InstallShield®) C:\Program Files\Common Files\InstallShield\Update\updatesvc.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
    (Google Inc.) C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
    (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
    (Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
    (MySQL AB) C:\mysql\bin\winmysqladmin.exe
    (Google) C:\Program Files\Google\Drive\googledrivesync.exe
    () C:\mysql\bin\mysqld.exe
    () C:\mysql\bin\mysqld-nt.exe
    () C:\mysql\bin\mysqld.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
    (Google) C:\Program Files\Google\Drive\googledrivesync.exe
    () C:\Nex\NexServ.exe
    () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    (VE Software) C:\Sistema\Estacionamento\Estacionamento.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
    (Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


    ==================== Registro (Whitelisted) ===========================

    (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
    HKLM\...\Run: [RemoteControl10] => C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-02] (CyberLink Corp.)
    HKLM\...\Run: [BDRegion] => C:\Program Files\Cyberlink\Shared files\brs.exe [75048 2010-03-13] (cyberlink)
    HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
    HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [23889496 2016-08-23] (Dropbox, Inc.)
    HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67864 2016-08-04] (Avira Operations GmbH & Co. KG)
    HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [831576 2016-09-01] (Avira Operations GmbH & Co. KG)
    HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [149440 2015-11-12] (IvoSoft)
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [Sistema_Restaurante] => C:\mysql\bin\winmysqladmin.exe [936448 2003-05-16] (MySQL AB)
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [C:\mysql\bin\mysqld.exe] => C:\mysql\bin\mysqld.exe [3534848 2003-05-16] ()
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [C:\mysql\bin\mysqld-nt.exe] => C:\mysql\bin\mysqld-nt.exe [2052096 2003-05-16] ()
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\Run: [DIMDownloading your update...1464359625886] => C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Draw\DIM.EXE [542120 2016-03-05] (Corel Corporation)
    ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google)
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nex-Serv.lnk [2015-11-13]
    ShortcutTarget: Nex-Serv.lnk -> C:\Nex\NexServ.exe ()
    Startup: C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mysqld - Atalho.lnk [2015-10-27]
    ShortcutTarget: mysqld - Atalho.lnk -> C:\mysql\bin\mysqld.exe ()

    ==================== Internet (Whitelisted) ====================

    (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

    HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATENÇÃO (Restrição - ProxySettings)
    AutoConfigURL: [HKLM] => hxxp://127.0.0.1:8080/proxy.pac
    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
    Tcpip\..\Interfaces\{0eb91858-121d-4c49-adaf-2977a0e90fb2}: [DhcpNameServer] 192.168.2.1
    Tcpip\..\Interfaces\{a9b0301a-34ad-4baf-82fc-a87004760a4e}: [DhcpNameServer] 8.8.4.4 8.8.8.8
    ManualProxies: 0hxxp://127.0.0.1:8080/proxy.pac

    Internet Explorer:
    ==================
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2456171839-3119483222-2521222785-1001 -> DefaultScope {A23A1DA6-B605-4F32-BC56-A2CD0F96F963} URL = hxxp://www.google.com/search?hl=pt-br&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2456171839-3119483222-2521222785-1001 -> {A23A1DA6-B605-4F32-BC56-A2CD0F96F963} URL = hxxp://www.google.com/search?hl=pt-br&q={searchTerms}
    BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
    BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-23] (Oracle Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-23] (Oracle Corporation)
    BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-11-12] (IvoSoft)
    Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\gkge0b0q.default
    FF Homepage: www.google.com.br
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
    FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
    FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-23] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-23] (Oracle Corporation)
    FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
    FF Extension: (Avira Browser Safety) - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\gkge0b0q.default\Extensions\abs@avira.com [2016-07-14]
    FF Extension: (Firefox Hotfix) - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\gkge0b0q.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
    FF Extension: (MEGA) - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\gkge0b0q.default\Extensions\firefox@mega.co.nz.xpi [2015-10-27] [não assinado]
    FF Extension: (Avira Safe Search Plus) - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\gkge0b0q.default\Extensions\safesearchplus@avira.com.xpi [2016-06-06]

    Chrome:
    =======
    CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
    CHR DefaultSearchURL: Default -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> Avira
    CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=pt
    CHR Profile: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Apresentações) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-23]
    CHR Extension: (Google Docs) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-23]
    CHR Extension: (Google Drive) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
    CHR Extension: (YouTube) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-23]
    CHR Extension: (Google Search) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
    CHR Extension: (Planilhas do Google) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-23]
    CHR Extension: (Segurança do navegador Avira) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-07-15]
    CHR Extension: (Documentos Google off-line) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
    CHR Extension: (Avira SafeSearch) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2016-08-16]
    CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-11-30]
    CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
    CHR Extension: (Gmail) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-23]
    CHR Extension: (Chrome Media Router) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-29]
    CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

    ==================== Serviços (Whitelisted) ========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [988184 2016-09-01] (Avira Operations GmbH & Co. KG)
    R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [470600 2016-09-01] (Avira Operations GmbH & Co. KG)
    R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [470600 2016-09-01] (Avira Operations GmbH & Co. KG)
    S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1453696 2016-09-01] (Avira Operations GmbH & Co. KG)
    R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [320672 2016-08-04] (Avira Operations GmbH & Co. KG)
    S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-02] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-02] (Dropbox, Inc.)
    S2 MySql; c:\mysql\bin\mysqld-nt.exe [2052096 2003-05-16] () [Arquivo não assinado]
    R2 updatesvc.exe; C:\Program Files\Common Files\InstallShield\Update\updatesvc.exe [346624 2015-12-07] (InstallShield®) [Arquivo não assinado]
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2016-07-01] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [120968 2016-07-28] (Avira Operations GmbH & Co. KG)
    R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [149760 2016-07-28] (Avira Operations GmbH & Co. KG)
    R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44208 2015-12-15] (Avira Operations GmbH & Co. KG)
    R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [66872 2016-06-02] (Avira Operations GmbH & Co. KG)
    R3 KMWDFILTERx86; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
    S3 NETJME; C:\WINDOWS\System32\drivers\NETJME.sys [119296 2015-10-30] (JMicron Technology Corp.)
    S1 ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [18760 2016-09-01] (Avira Operations GmbH & Co. KG)
    S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [192944 2015-12-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
    S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
    R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
    R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [87536 2010-03-13] (CyberLink Corp.)

    ==================== NetSvcs (Whitelisted) ===================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


    ==================== Três Meses Criados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2016-08-26 08:58 - 2016-08-26 09:01 - 00049632 _____ C:\Addition.txt
    2016-08-26 08:56 - 2016-08-26 09:01 - 00072514 _____ C:\FRST.txt
    2016-08-26 08:54 - 2016-08-25 16:33 - 01746432 _____ (Farbar) C:\FRST.exe
    2016-08-25 16:36 - 2016-09-01 12:16 - 00000000 ____D C:\FRST
    2016-08-24 17:08 - 2016-08-24 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2016-08-23 16:56 - 2016-08-23 17:55 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\ZHP
    2016-08-23 16:19 - 2016-08-23 16:25 - 00000000 ____D C:\AdwCleaner
    2016-08-22 13:17 - 2016-09-01 12:02 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2016-08-12 18:31 - 2016-08-12 18:31 - 00000000 ____D C:\Users\Todos os Usuários\GeoComply
    2016-08-12 18:31 - 2016-08-12 18:31 - 00000000 ____D C:\ProgramData\GeoComply
    2016-08-11 18:08 - 2016-08-30 17:35 - 00000000 ____D C:\Users\Marcio\AppData\Local\PokerStars
    2016-08-11 18:08 - 2016-08-11 18:08 - 00001990 _____ C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.lnk
    2016-08-11 18:08 - 2016-08-11 18:08 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
    2016-08-11 18:06 - 2016-08-11 18:08 - 00000000 ____D C:\Program Files\PokerStars
    2016-08-10 15:07 - 2016-08-10 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
    2016-08-10 15:07 - 2016-08-10 15:07 - 00000000 ____D C:\Program Files\Classic Shell
    2016-08-10 14:43 - 2016-08-10 14:43 - 00000000 ____D C:\Users\Todos os Usuários\VsTelemetry
    2016-08-10 14:43 - 2016-08-10 14:43 - 00000000 ____D C:\ProgramData\VsTelemetry
    2016-08-10 14:43 - 2016-08-10 14:43 - 00000000 ____D C:\Program Files\gs
    2016-08-10 14:42 - 2016-08-10 14:42 - 00000000 ____D C:\Program Files\Common Files\Corel
    2016-08-10 14:37 - 2016-08-10 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8
    2016-08-10 11:31 - 2016-08-10 11:31 - 00000218 _____ C:\Users\Marcio\.recently-used.xbel
    2016-08-10 11:22 - 2016-08-10 11:22 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\inkscape
    2016-08-10 11:13 - 2016-08-10 11:13 - 00001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
    2016-08-10 11:07 - 2016-08-10 11:14 - 00000000 ____D C:\Program Files\Inkscape
    2016-08-10 09:59 - 2016-08-10 09:59 - 00017639 _____ C:\ZA-Scan.txt
    2016-08-10 09:31 - 2016-08-03 02:52 - 05793632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-08-10 09:31 - 2016-08-03 02:52 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
    2016-08-10 09:31 - 2016-08-03 02:32 - 00413024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2016-08-10 09:31 - 2016-08-03 02:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2016-08-10 09:31 - 2016-08-03 02:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2016-08-10 09:31 - 2016-08-03 02:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2016-08-10 09:31 - 2016-08-03 02:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2016-08-10 09:31 - 2016-08-03 02:29 - 01337680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2016-08-10 09:31 - 2016-08-03 02:29 - 00633192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
    2016-08-10 09:31 - 2016-08-03 02:28 - 00505136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-08-10 09:31 - 2016-08-03 02:28 - 00139616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2016-08-10 09:31 - 2016-08-03 02:21 - 01712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2016-08-10 09:31 - 2016-08-03 02:21 - 00483680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2016-08-10 09:31 - 2016-08-03 01:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
    2016-08-10 09:31 - 2016-08-03 01:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
    2016-08-10 09:31 - 2016-08-03 01:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
    2016-08-10 09:31 - 2016-08-03 01:41 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2016-08-10 09:31 - 2016-08-03 01:39 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
    2016-08-10 09:31 - 2016-08-03 01:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
    2016-08-10 09:31 - 2016-08-03 01:35 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
    2016-08-10 09:31 - 2016-08-03 01:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
    2016-08-10 09:31 - 2016-08-03 01:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2016-08-10 09:31 - 2016-08-03 01:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2016-08-10 09:31 - 2016-08-03 01:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2016-08-10 09:31 - 2016-08-03 01:32 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2016-08-10 09:31 - 2016-08-03 01:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2016-08-10 09:31 - 2016-08-03 01:32 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2016-08-10 09:31 - 2016-08-03 01:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2016-08-10 09:31 - 2016-08-03 01:27 - 02973696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2016-08-10 09:31 - 2016-08-03 01:27 - 01903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2016-08-10 09:31 - 2016-08-03 01:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2016-08-10 09:31 - 2016-08-03 01:24 - 01735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
    2016-08-10 09:31 - 2016-08-03 01:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2016-08-10 09:31 - 2016-08-03 01:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-08-10 09:31 - 2016-08-03 01:22 - 01900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2016-08-10 09:31 - 2016-08-03 01:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-08-10 09:31 - 2016-08-03 01:22 - 01086976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2016-08-10 09:31 - 2016-08-03 01:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
    2016-08-10 09:30 - 2016-08-03 03:27 - 01303744 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-08-10 09:30 - 2016-08-03 03:27 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-08-10 09:30 - 2016-08-03 03:27 - 00045760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2016-08-10 09:30 - 2016-08-03 02:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
    2016-08-10 09:30 - 2016-08-03 02:43 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2016-08-10 09:30 - 2016-08-03 02:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2016-08-10 09:30 - 2016-08-03 02:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
    2016-08-10 09:30 - 2016-08-03 02:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
    2016-08-10 09:30 - 2016-08-03 02:32 - 00260448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2016-08-10 09:30 - 2016-08-03 02:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
    2016-08-10 09:30 - 2016-08-03 02:21 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2016-08-10 09:30 - 2016-08-03 02:18 - 00346464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2016-08-10 09:30 - 2016-08-03 01:58 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
    2016-08-10 09:30 - 2016-08-03 01:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
    2016-08-10 09:30 - 2016-08-03 01:48 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
    2016-08-10 09:30 - 2016-08-03 01:47 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2016-08-10 09:30 - 2016-08-03 01:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2016-08-10 09:30 - 2016-08-03 01:44 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
    2016-08-10 09:30 - 2016-08-03 01:43 - 00180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2016-08-10 09:30 - 2016-08-03 01:43 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
    2016-08-10 09:30 - 2016-08-03 01:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
    2016-08-10 09:30 - 2016-08-03 01:40 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
    2016-08-10 09:30 - 2016-08-03 01:40 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
    2016-08-10 09:30 - 2016-08-03 01:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
    2016-08-10 09:30 - 2016-08-03 01:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-08-10 09:30 - 2016-08-03 01:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2016-08-10 09:30 - 2016-08-03 01:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2016-08-10 09:30 - 2016-08-03 01:37 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
    2016-08-10 09:30 - 2016-08-03 01:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
    2016-08-10 09:30 - 2016-08-03 01:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2016-08-10 09:30 - 2016-08-03 01:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2016-08-10 09:30 - 2016-08-03 01:33 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
    2016-08-10 09:30 - 2016-08-03 01:33 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2016-08-10 09:30 - 2016-08-03 01:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2016-08-10 09:30 - 2016-08-03 01:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2016-08-10 09:30 - 2016-08-03 01:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2016-08-10 09:30 - 2016-08-03 01:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2016-08-10 09:30 - 2016-08-03 01:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-08-10 09:30 - 2016-08-03 01:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-08-10 09:30 - 2016-08-03 01:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
    2016-08-10 09:30 - 2016-08-03 01:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2016-08-10 09:30 - 2016-08-03 01:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2016-08-10 09:30 - 2016-08-03 01:20 - 03483648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
    2016-07-29 10:20 - 2016-07-29 10:20 - 00000000 ____D C:\zoek_backup
    2016-07-27 18:25 - 2016-07-27 18:25 - 00000000 ____D C:\Users\Marcio\AppData\LocalLow\Google
    2016-07-27 18:24 - 2016-07-27 18:24 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
    2016-07-21 09:02 - 2016-07-21 09:02 - 00007605 _____ C:\Users\Marcio\AppData\Local\Resmon.ResmonCfg
    2016-07-20 18:36 - 2016-07-20 18:36 - 00000000 ____D C:\Sistemas
    2016-07-20 17:27 - 2016-07-20 17:27 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú
    2016-07-14 18:58 - 2016-07-14 18:58 - 00000000 ____D C:\Program Files\CMAK
    2016-07-13 08:55 - 2016-07-01 00:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
    2016-07-13 08:55 - 2016-07-01 00:45 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
    2016-07-13 08:55 - 2016-07-01 00:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
    2016-07-13 08:55 - 2016-07-01 00:38 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
    2016-07-13 08:55 - 2016-07-01 00:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
    2016-07-13 08:55 - 2016-07-01 00:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
    2016-07-13 08:55 - 2016-07-01 00:35 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
    2016-07-13 08:55 - 2016-07-01 00:33 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
    2016-07-13 08:55 - 2016-07-01 00:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2016-07-13 08:55 - 2016-07-01 00:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2016-07-13 08:55 - 2016-07-01 00:26 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2016-07-13 08:55 - 2016-07-01 00:25 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
    2016-07-13 08:55 - 2016-07-01 00:25 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2016-07-13 08:55 - 2016-07-01 00:22 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2016-07-13 08:55 - 2016-07-01 00:18 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2016-07-13 08:54 - 2016-07-01 01:35 - 00792328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2016-07-13 08:54 - 2016-07-01 01:23 - 01334680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
    2016-07-13 08:54 - 2016-07-01 01:20 - 01300016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
    2016-07-13 08:54 - 2016-07-01 01:19 - 05598832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2016-07-13 08:54 - 2016-07-01 01:19 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2016-07-13 08:54 - 2016-07-01 01:19 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2016-07-13 08:54 - 2016-07-01 01:18 - 00995296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
    2016-07-13 08:54 - 2016-07-01 01:17 - 01536600 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
    2016-07-13 08:54 - 2016-07-01 01:12 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
    2016-07-13 08:54 - 2016-07-01 01:12 - 01866104 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
    2016-07-13 08:54 - 2016-07-01 01:11 - 01522160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
    2016-07-13 08:54 - 2016-07-01 01:11 - 00521152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2016-07-13 08:54 - 2016-07-01 01:10 - 00727752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
    2016-07-13 08:54 - 2016-07-01 00:41 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
    2016-07-13 08:54 - 2016-07-01 00:39 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2016-07-13 08:54 - 2016-07-01 00:39 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
    2016-07-13 08:54 - 2016-07-01 00:37 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
    2016-07-13 08:54 - 2016-07-01 00:37 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
    2016-07-13 08:54 - 2016-07-01 00:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
    2016-07-13 08:54 - 2016-07-01 00:34 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2016-07-13 08:54 - 2016-07-01 00:32 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
    2016-07-13 08:54 - 2016-07-01 00:32 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
    2016-07-13 08:54 - 2016-07-01 00:31 - 06529024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
    2016-07-13 08:54 - 2016-07-01 00:31 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
    2016-07-13 08:54 - 2016-07-01 00:31 - 00424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
    2016-07-13 08:54 - 2016-07-01 00:31 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
    2016-07-13 08:54 - 2016-07-01 00:31 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
    2016-07-13 08:54 - 2016-07-01 00:31 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
    2016-07-13 08:54 - 2016-07-01 00:31 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
    2016-07-13 08:54 - 2016-07-01 00:30 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
    2016-07-13 08:54 - 2016-07-01 00:30 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
    2016-07-13 08:54 - 2016-07-01 00:30 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2016-07-13 08:54 - 2016-07-01 00:30 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
    2016-07-13 08:54 - 2016-07-01 00:30 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
    2016-07-13 08:54 - 2016-07-01 00:29 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
    2016-07-13 08:54 - 2016-07-01 00:29 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
    2016-07-13 08:54 - 2016-07-01 00:29 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
    2016-07-13 08:54 - 2016-07-01 00:28 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
    2016-07-13 08:54 - 2016-07-01 00:28 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
    2016-07-13 08:54 - 2016-07-01 00:28 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
    2016-07-13 08:54 - 2016-07-01 00:27 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
    2016-07-13 08:54 - 2016-07-01 00:26 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
    2016-07-13 08:54 - 2016-07-01 00:25 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
    2016-07-13 08:54 - 2016-07-01 00:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2016-07-13 08:54 - 2016-07-01 00:25 - 00740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
    2016-07-13 08:54 - 2016-07-01 00:25 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2016-07-13 08:54 - 2016-07-01 00:25 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
    2016-07-13 08:54 - 2016-07-01 00:24 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
    2016-07-13 08:54 - 2016-07-01 00:24 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2016-07-13 08:54 - 2016-07-01 00:24 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
    2016-07-13 08:54 - 2016-07-01 00:23 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
    2016-07-13 08:54 - 2016-07-01 00:23 - 01166848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2016-07-13 08:54 - 2016-07-01 00:22 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2016-07-13 08:54 - 2016-07-01 00:22 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2016-07-13 08:54 - 2016-07-01 00:20 - 03196928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2016-07-13 08:54 - 2016-07-01 00:19 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2016-07-13 08:54 - 2016-07-01 00:19 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2016-07-13 08:54 - 2016-07-01 00:19 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
    2016-07-13 08:54 - 2016-07-01 00:18 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
    2016-07-13 08:54 - 2016-07-01 00:17 - 01800704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2016-07-13 08:54 - 2016-07-01 00:16 - 01635840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
    2016-07-13 08:54 - 2016-07-01 00:15 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
    2016-07-13 08:54 - 2016-07-01 00:15 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
    2016-07-13 08:54 - 2016-07-01 00:15 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
    2016-07-13 08:54 - 2016-07-01 00:15 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
    2016-07-13 08:54 - 2016-07-01 00:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2016-07-13 08:54 - 2016-07-01 00:14 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
    2016-07-13 08:54 - 2016-07-01 00:14 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
    2016-07-13 08:54 - 2016-07-01 00:14 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
    2016-07-13 08:54 - 2016-07-01 00:12 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
    2016-07-13 08:54 - 2016-07-01 00:11 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2016-07-13 08:54 - 2016-07-01 00:08 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
    2016-07-13 08:53 - 2016-07-01 02:14 - 00476864 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2016-07-13 08:53 - 2016-07-01 01:38 - 01862008 _____ C:\WINDOWS\system32\CoreUIComponents.dll
    2016-07-13 08:53 - 2016-07-01 01:32 - 02885680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
    2016-07-13 08:53 - 2016-07-01 01:23 - 01349640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
    2016-07-13 08:53 - 2016-07-01 01:20 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2016-07-13 08:53 - 2016-07-01 01:20 - 00613120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
    2016-07-13 08:53 - 2016-07-01 01:19 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
    2016-07-13 08:53 - 2016-07-01 01:19 - 00569752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
    2016-07-13 08:53 - 2016-07-01 01:18 - 00510880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
    2016-07-13 08:53 - 2016-07-01 01:18 - 00064584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
    2016-07-13 08:53 - 2016-07-01 00:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
    2016-07-13 08:53 - 2016-07-01 00:34 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
    2016-07-13 08:53 - 2016-07-01 00:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
    2016-07-13 08:53 - 2016-07-01 00:34 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
    2016-07-13 08:53 - 2016-07-01 00:33 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
    2016-07-13 08:53 - 2016-07-01 00:33 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2016-07-13 08:53 - 2016-07-01 00:32 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Maps.dll
    2016-07-13 08:53 - 2016-07-01 00:32 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
    2016-07-13 08:53 - 2016-07-01 00:30 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
    2016-07-13 08:53 - 2016-07-01 00:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2016-07-13 08:53 - 2016-07-01 00:30 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
    2016-07-13 08:53 - 2016-07-01 00:30 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
    2016-07-13 08:53 - 2016-07-01 00:30 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
    2016-07-13 08:53 - 2016-07-01 00:29 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
    2016-07-13 08:53 - 2016-07-01 00:29 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
    2016-07-13 08:53 - 2016-07-01 00:28 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
    2016-07-13 08:53 - 2016-07-01 00:28 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
    2016-07-13 08:53 - 2016-07-01 00:27 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
    2016-07-13 08:53 - 2016-07-01 00:27 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
    2016-07-13 08:53 - 2016-07-01 00:27 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
    2016-07-13 08:53 - 2016-07-01 00:27 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 01746944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
    2016-07-13 08:53 - 2016-07-01 00:26 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
    2016-07-13 08:53 - 2016-07-01 00:25 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
    2016-07-13 08:53 - 2016-07-01 00:25 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
    2016-07-13 08:53 - 2016-07-01 00:25 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
    2016-07-13 08:53 - 2016-07-01 00:25 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2016-07-13 08:53 - 2016-07-01 00:25 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
    2016-07-13 08:53 - 2016-07-01 00:24 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
    2016-07-13 08:53 - 2016-07-01 00:24 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2016-07-13 08:53 - 2016-07-01 00:24 - 01484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
    2016-07-13 08:53 - 2016-07-01 00:24 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
    2016-07-13 08:53 - 2016-07-01 00:23 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
    2016-07-13 08:53 - 2016-07-01 00:23 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
    2016-07-13 08:53 - 2016-07-01 00:23 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
    2016-07-13 08:53 - 2016-07-01 00:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
    2016-07-13 08:53 - 2016-07-01 00:23 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
    2016-07-13 08:53 - 2016-07-01 00:22 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2016-07-13 08:53 - 2016-07-01 00:21 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
    2016-07-13 08:53 - 2016-07-01 00:19 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
    2016-07-13 08:53 - 2016-07-01 00:19 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
    2016-07-13 08:53 - 2016-07-01 00:18 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
    2016-07-13 08:53 - 2016-07-01 00:17 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
    2016-07-13 08:53 - 2016-07-01 00:16 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2016-07-13 08:53 - 2016-07-01 00:16 - 00925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2016-07-13 08:53 - 2016-07-01 00:16 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
    2016-07-13 08:53 - 2016-07-01 00:15 - 04413440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2016-07-13 08:53 - 2016-07-01 00:15 - 02880512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2016-07-13 08:53 - 2016-07-01 00:15 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
    2016-07-13 08:53 - 2016-07-01 00:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
    2016-07-13 08:53 - 2016-07-01 00:14 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
    2016-07-13 08:53 - 2016-07-01 00:13 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
    2016-07-13 08:53 - 2016-07-01 00:13 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2016-07-13 08:53 - 2016-07-01 00:11 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
    2016-07-13 08:53 - 2016-07-01 00:08 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
    2016-07-13 08:52 - 2016-07-01 02:14 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2016-07-13 08:52 - 2016-07-01 02:14 - 00484544 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2016-07-13 08:52 - 2016-07-01 02:14 - 00266944 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2016-07-13 08:52 - 2016-07-01 02:14 - 00227008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2016-07-13 08:52 - 2016-07-01 01:40 - 00228704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2016-07-13 08:52 - 2016-07-01 01:39 - 01561392 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2016-07-13 08:52 - 2016-07-01 01:39 - 01051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2016-07-13 08:52 - 2016-07-01 01:39 - 00927080 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2016-07-13 08:52 - 2016-07-01 01:39 - 00875992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2016-07-13 08:52 - 2016-07-01 01:39 - 00771120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2016-07-13 08:52 - 2016-07-01 01:38 - 01083656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
    2016-07-13 08:52 - 2016-07-01 01:23 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
    2016-07-13 08:52 - 2016-07-01 01:23 - 00925576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2016-07-13 08:52 - 2016-07-01 01:23 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2016-07-13 08:52 - 2016-07-01 01:23 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2016-07-13 08:52 - 2016-07-01 01:23 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
    2016-07-13 08:52 - 2016-07-01 01:19 - 00836760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
    2016-07-13 08:52 - 2016-07-01 01:07 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
    2016-07-13 08:52 - 2016-07-01 01:06 - 01861984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2016-07-13 08:52 - 2016-07-01 01:06 - 00403920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
    2016-07-13 08:52 - 2016-07-01 00:39 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
    2016-07-13 08:52 - 2016-07-01 00:38 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
    2016-07-13 08:52 - 2016-07-01 00:35 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
    2016-07-13 08:52 - 2016-07-01 00:34 - 00350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
    2016-07-13 08:52 - 2016-07-01 00:34 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2016-07-13 08:52 - 2016-07-01 00:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
    2016-07-13 08:52 - 2016-07-01 00:32 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2016-07-13 08:52 - 2016-07-01 00:32 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
    2016-07-13 08:52 - 2016-07-01 00:31 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2016-07-13 08:52 - 2016-07-01 00:31 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
    2016-07-13 08:52 - 2016-07-01 00:31 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
    2016-07-13 08:52 - 2016-07-01 00:30 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
    2016-07-13 08:52 - 2016-07-01 00:30 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2016-07-13 08:52 - 2016-07-01 00:30 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2016-07-13 08:52 - 2016-07-01 00:30 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
    2016-07-13 08:52 - 2016-07-01 00:29 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
    2016-07-13 08:52 - 2016-07-01 00:29 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
    2016-07-13 08:52 - 2016-07-01 00:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
    2016-07-13 08:52 - 2016-07-01 00:28 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
    2016-07-13 08:52 - 2016-07-01 00:28 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
    2016-07-13 08:52 - 2016-07-01 00:28 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
    2016-07-13 08:52 - 2016-07-01 00:27 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2016-07-13 08:52 - 2016-07-01 00:27 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
    2016-07-13 08:52 - 2016-07-01 00:27 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
    2016-07-13 08:52 - 2016-07-01 00:26 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
    2016-07-13 08:52 - 2016-07-01 00:26 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
    2016-07-13 08:52 - 2016-07-01 00:26 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
    2016-07-13 08:52 - 2016-07-01 00:26 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2016-07-13 08:52 - 2016-07-01 00:25 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2016-07-13 08:52 - 2016-07-01 00:25 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2016-07-13 08:52 - 2016-07-01 00:25 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
    2016-07-13 08:52 - 2016-07-01 00:25 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
    2016-07-13 08:52 - 2016-07-01 00:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
    2016-07-13 08:52 - 2016-07-01 00:24 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
    2016-07-13 08:52 - 2016-07-01 00:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
    2016-07-13 08:52 - 2016-07-01 00:23 - 01401856 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
    2016-07-13 08:52 - 2016-07-01 00:23 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2016-07-13 08:52 - 2016-07-01 00:23 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2016-07-13 08:52 - 2016-07-01 00:23 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
    2016-07-13 08:52 - 2016-07-01 00:20 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
    2016-07-13 08:52 - 2016-07-01 00:20 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2016-07-13 08:52 - 2016-07-01 00:20 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
    2016-07-13 08:52 - 2016-07-01 00:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
    2016-07-13 08:52 - 2016-07-01 00:16 - 02771968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2016-07-13 08:52 - 2016-07-01 00:16 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2016-07-13 08:52 - 2016-07-01 00:16 - 00742400 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
    2016-07-13 08:52 - 2016-07-01 00:15 - 00748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2016-07-13 08:52 - 2016-07-01 00:15 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
    2016-07-13 08:52 - 2016-07-01 00:14 - 00737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
    2016-07-13 08:52 - 2016-07-01 00:13 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
    2016-07-13 08:52 - 2016-07-01 00:13 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
    2016-07-13 08:52 - 2016-07-01 00:13 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
    2016-07-13 08:52 - 2016-07-01 00:11 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2016-07-13 08:52 - 2016-07-01 00:08 - 01976832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
    2016-07-13 08:52 - 2016-07-01 00:08 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2016-07-13 08:52 - 2016-07-01 00:08 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
    2016-07-13 08:52 - 2016-06-17 21:22 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2016-07-13 08:52 - 2016-02-09 01:29 - 00279376 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
    2016-06-14 19:03 - 2016-05-28 02:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
    2016-06-14 19:03 - 2016-05-28 02:25 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
    2016-06-14 19:03 - 2016-05-28 02:25 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2016-06-14 19:03 - 2016-05-28 02:25 - 00173920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
    2016-06-14 19:03 - 2016-05-28 02:25 - 00096096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
    2016-06-14 19:03 - 2016-05-28 02:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
    2016-06-14 19:03 - 2016-05-28 02:22 - 00317280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
    2016-06-14 19:03 - 2016-05-28 02:10 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
    2016-06-14 19:03 - 2016-05-28 02:08 - 00203104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
    2016-06-14 19:03 - 2016-05-28 02:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2016-06-14 19:03 - 2016-05-28 02:04 - 00111608 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
    2016-06-14 19:03 - 2016-05-28 02:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
    2016-06-14 19:03 - 2016-05-28 01:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2016-06-14 19:03 - 2016-05-28 01:57 - 01396592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2016-06-14 19:03 - 2016-05-28 01:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2016-06-14 19:03 - 2016-05-28 01:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2016-06-14 19:03 - 2016-05-28 01:31 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
    2016-06-14 19:03 - 2016-05-28 01:25 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2016-06-14 19:03 - 2016-05-28 01:25 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
    2016-06-14 19:03 - 2016-05-28 01:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2016-06-14 19:03 - 2016-05-28 01:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
    2016-06-14 19:03 - 2016-05-28 01:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2016-06-14 19:03 - 2016-05-28 01:22 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
    2016-06-14 19:03 - 2016-05-28 01:22 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
    2016-06-14 19:03 - 2016-05-28 01:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
    2016-06-14 19:03 - 2016-05-28 01:20 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
    2016-06-14 19:03 - 2016-05-28 01:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
    2016-06-14 19:03 - 2016-05-28 01:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
    2016-06-14 19:03 - 2016-05-28 01:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:19 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:18 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
    2016-06-14 19:03 - 2016-05-28 01:18 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
    2016-06-14 19:03 - 2016-05-28 01:18 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
    2016-06-14 19:03 - 2016-05-28 01:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
    2016-06-14 19:03 - 2016-05-28 01:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2016-06-14 19:03 - 2016-05-28 01:17 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
    2016-06-14 19:03 - 2016-05-28 01:17 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:17 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
    2016-06-14 19:03 - 2016-05-28 01:16 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
    2016-06-14 19:03 - 2016-05-28 01:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
    2016-06-14 19:03 - 2016-05-28 01:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
    2016-06-14 19:03 - 2016-05-28 01:15 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
    2016-06-14 19:03 - 2016-05-28 01:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
    2016-06-14 19:03 - 2016-05-28 01:15 - 00527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
    2016-06-14 19:03 - 2016-05-28 01:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
    2016-06-14 19:03 - 2016-05-28 01:15 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
    2016-06-14 19:03 - 2016-05-28 01:14 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
    2016-06-14 19:03 - 2016-05-28 01:14 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
    2016-06-14 19:03 - 2016-05-28 01:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2016-06-14 19:03 - 2016-05-28 01:14 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
    2016-06-14 19:03 - 2016-05-28 01:13 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2016-06-14 19:03 - 2016-05-28 01:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
    2016-06-14 19:03 - 2016-05-28 01:13 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
    2016-06-14 19:03 - 2016-05-28 01:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2016-06-14 19:03 - 2016-05-28 01:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
    2016-06-14 19:03 - 2016-05-28 01:12 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2016-06-14 19:03 - 2016-05-28 01:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
    2016-06-14 19:03 - 2016-05-28 01:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
    2016-06-14 19:03 - 2016-05-28 01:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2016-06-14 19:03 - 2016-05-28 01:11 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2016-06-14 19:03 - 2016-05-28 01:09 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
    2016-06-14 19:03 - 2016-05-28 01:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
    2016-06-14 19:03 - 2016-05-28 01:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2016-06-14 19:03 - 2016-05-28 01:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
    2016-06-14 19:03 - 2016-05-28 01:03 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
    2016-06-14 19:03 - 2016-05-28 01:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2016-06-14 19:03 - 2016-05-28 01:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2016-06-14 19:03 - 2016-05-28 01:01 - 01193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
    2016-06-14 19:03 - 2016-05-28 01:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2016-06-14 19:03 - 2016-05-28 01:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2016-06-14 19:03 - 2016-05-28 00:54 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll

    ==================== Três Meses Modificados arquivos e pastas ========

    (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

    2016-09-01 12:12 - 2015-10-23 13:14 - 00000000 ____D C:\Users\Marcio\AppData\Local\ClassicShell
    2016-09-01 12:01 - 2015-10-27 09:37 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-09-01 11:38 - 2015-10-26 08:42 - 00001040 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
    2016-09-01 11:23 - 2015-10-23 13:24 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2016-09-01 09:38 - 2015-10-26 08:42 - 00001036 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
    2016-09-01 09:19 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-09-01 08:14 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2016-09-01 08:14 - 2015-10-30 02:39 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-09-01 07:58 - 2015-11-28 10:44 - 00000000 ___RD C:\Users\Marcio\Google Drive
    2016-09-01 07:58 - 2015-11-13 08:24 - 00000000 ____D C:\Nex
    2016-09-01 07:58 - 2015-10-26 08:51 - 00000000 ___RD C:\Users\Marcio\Dropbox
    2016-09-01 07:56 - 2015-10-26 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
    2016-09-01 07:56 - 2015-10-23 13:24 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2016-09-01 07:53 - 2015-10-26 09:14 - 00018760 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\ssmdrv.sys
    2016-08-31 17:20 - 2015-10-23 15:19 - 00000000 ____D C:\copia
    2016-08-31 08:15 - 2015-10-30 02:48 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-08-29 00:14 - 2016-01-24 11:33 - 00000000 ____D C:\Users\Marcio
    2016-08-28 13:51 - 2015-11-20 09:56 - 00000000 ____D C:\Users\Marcio\AppData\Local\ElevatedDiagnostics
    2016-08-28 13:49 - 2016-01-24 12:20 - 00000000 ____D C:\Users\Marcio\AppData\Local\Comms
    2016-08-26 09:03 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\system32\NDF
    2016-08-26 07:54 - 2016-01-24 11:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-08-26 07:53 - 2015-10-30 02:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
    2016-08-25 08:18 - 2015-10-23 12:47 - 00000000 __RHD C:\Users\Public\AccountPictures
    2016-08-24 17:09 - 2015-10-26 08:41 - 00000000 ____D C:\Program Files\Dropbox
    2016-08-24 08:17 - 2015-10-23 13:24 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
    2016-08-23 16:28 - 2015-10-23 14:07 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
    2016-08-23 16:28 - 2015-10-23 14:07 - 00000000 ____D C:\ProgramData\Package Cache
    2016-08-23 16:27 - 2015-10-23 13:24 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
    2016-08-23 09:46 - 2015-10-23 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2016-08-18 09:48 - 2015-10-30 12:14 - 00785460 _____ C:\WINDOWS\system32\prfh0416.dat
    2016-08-18 09:48 - 2015-10-30 12:14 - 00154246 _____ C:\WINDOWS\system32\prfc0416.dat
    2016-08-18 09:48 - 2015-10-30 02:47 - 00000000 ____D C:\WINDOWS\INF
    2016-08-18 09:48 - 2015-10-23 12:49 - 01819274 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-08-17 08:05 - 2015-11-28 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
    2016-08-12 09:41 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\rescache
    2016-08-10 20:56 - 2015-10-30 12:21 - 00000000 ____D C:\Program Files\Windows Journal
    2016-08-10 20:56 - 2015-10-30 02:48 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2016-08-10 15:18 - 2015-10-23 14:21 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Corel
    2016-08-10 15:17 - 2015-10-23 13:58 - 00000000 ____D C:\Users\Todos os Usuários\Corel
    2016-08-10 15:17 - 2015-10-23 13:58 - 00000000 ____D C:\ProgramData\Corel
    2016-08-10 15:13 - 2015-10-23 13:57 - 00000000 ____D C:\Program Files\Corel
    2016-08-10 10:01 - 2015-10-23 14:10 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-08-10 09:51 - 2015-10-23 14:10 - 144884648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-08-10 09:46 - 2015-07-10 05:28 - 00000167 _____ C:\WINDOWS\win.ini
    2016-08-10 09:43 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
    2016-08-10 08:36 - 2015-10-23 15:19 - 00000337 _____ C:\ip98.txt
    2016-08-10 08:35 - 2015-10-23 14:43 - 00001143 _____ C:\WINDOWS\my.ini
    2016-08-10 08:35 - 2015-10-23 14:42 - 00000000 ____D C:\mysql
    2016-08-10 08:25 - 2015-10-30 02:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
    2016-08-09 18:45 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2016-08-04 18:29 - 2015-10-23 13:26 - 00002216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

    ==================== Arquivos na raiz de alguns diretórios =======

    2016-07-21 09:02 - 2016-07-21 09:02 - 0007605 _____ () C:\Users\Marcio\AppData\Local\Resmon.ResmonCfg
    2015-11-13 08:28 - 2015-11-13 08:28 - 0000047 _____ () C:\ProgramData\nex.ini

    Alguns arquivos em TEMP:
    ====================
    C:\Users\Marcio\AppData\Local\Temp\avgnt.exe
    C:\Users\Marcio\AppData\Local\Temp\libeay32.dll
    C:\Users\Marcio\AppData\Local\Temp\msvcr120.dll
    C:\Users\Marcio\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap =================

    (Não há correção automática para arquivos que não passaram na verificação.)

    C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
    C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


    LastRegBack: 2016-08-25 16:47

    ==================== Fim de FRST.txt ============================

     

    não consegui adicionar o arquivo addition segue ele abaixo:

     

    Resultado do exame Adicional Farbar Recovery Scan Tool (x86) Versão: 31-08-2016
    Executado por Marcio (01-09-2016 12:18:16)
    Executando a partir de C:\Users\Marcio\Desktop
    Microsoft Windows 10 Pro Versão 1511 (X86) (2016-01-24 14:54:53)
    Modo da Inicialização: Normal
    ==========================================================


    ==================== Contas: =============================

    Administrador (S-1-5-21-2456171839-3119483222-2521222785-500 - Administrator - Disabled)
    Convidado (S-1-5-21-2456171839-3119483222-2521222785-501 - Limited - Disabled)
    DefaultAccount (S-1-5-21-2456171839-3119483222-2521222785-503 - Limited - Disabled)
    ludy_ (S-1-5-21-2456171839-3119483222-2521222785-1002 - Limited - Enabled)
    Marcio (S-1-5-21-2456171839-3119483222-2521222785-1001 - Administrator - Enabled) => C:\Users\Marcio

    ==================== Central de Segurança ========================

    (Se uma entrada for incluída na fixlist, será removida.)

    AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Programas Instalados ======================

    (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

    Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
    Adobe Reader XI - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
    Aplicativo Itaú (HKLM\...\{A43DE586-3B07-4DC2-B40B-5D5C89B72931}) (Version: 1.0.70 - Banco Itaú)
    Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.19.164 - Avira Operations GmbH & Co. KG)
    Avira Launcher (HKLM\...\{6052a753-acc6-4c02-b5a8-70962ff8e0a4}) (Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG)
    Avira Launcher (Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG) Hidden
    Classic Shell (HKLM\...\{8EA72B6A-D11E-4B91-8657-364F4B21347F}) (Version: 4.2.5 - IvoSoft)
    Corel Graphics - Windows Shell Extension (HKLM\...\_{FD417077-C2FE-46DB-942A-228179B308D5}) (Version: 18.0.0.448 - Corel Corporation)
    Corel Graphics - Windows Shell Extension (Version: 18.0.448 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - BR (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - Capture (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - Common (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - Connect (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - CS (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - CT (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - Custom Data (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - CZ (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - DE (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - Draw (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - EN (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - ES (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - Filters (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - Font Manager (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - FR (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - IPM (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - IPM Content (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - IT (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - JP (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - NL (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - PHOTO-PAINT (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - PL (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - Redist (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - RU (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - Setup Files (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - TR (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - VBA (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - VideoBrowser (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - Workspaces (Version: 18.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 - Writing Tools (Version: 18.0 -  Corel Corporation) Hidden
    CorelDRAW Graphics Suite X8 (HKLM\...\_{86F23E59-06B3-432A-9D16-B6A4DF379571}) (Version: 18.0.0.448 - Corel Corporation)
    CorelDRAW Graphics Suite X8 (Version: 18.0 - Corel Corporation) Hidden
    CyberLink PowerDVD 10 (HKLM\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1516 - CyberLink Corp.)
    D'Accord Dicionário (HKLM\...\D'Accord Dicionário) (Version:  - )
    DOSBox SVN-Daum version 20150124 (HKLM\...\{AA388FA6-2142-4E89-B75E-C3315BA37171}_is1) (Version: 20150124 - )
    Dropbox (HKLM\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.)
    Dropbox Update Helper (Version: 1.3.27.77 - Dropbox, Inc.) Hidden
    FretPro V.2.00 (HKLM\...\Advanced FretPro) (Version:  - )
    Fritz 5.32 (HKLM\...\{32626B60-151E-11D4-A8C5-0050DA353A30}) (Version:  - )
    Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
    Ghostscript GPL 8.64 (Msi Setup) (Version: 8.64 - Corel Corporation) Hidden
    Google Chrome (HKLM\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
    Google Drive (HKLM\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
    Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
    Inkscape 0.48.0 (HKLM\...\Inkscape) (Version: 0.48.0 - )
    IPM_Common_x86 (Version: 2.1 - Your Company Name) Hidden
    Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
    Joga Loterias Profissional 2.5.1.205 (HKLM\...\Joga Loterias Profissional_is1) (Version: Joga Loterias Profissional 2.5.1.205 - AndreSoft)
    Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2015 (HKLM\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
    Mozilla Firefox 47.0.1 (x86 pt-BR) (HKLM\...\Mozilla Firefox 47.0.1 (x86 pt-BR)) (Version: 47.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
    MSI to redistribute MS VS2005 CRT libraries (HKLM\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
    MySQL Servers and Clients 4.0.13 (HKLM\...\MySQL Servers and Clients 4.0.13) (Version:  - )
    Nero 7 Essentials (HKLM\...\{862BD12A-3310-4369-89BB-7B6CEC201046}) (Version: 7.03.0504 - Nero AG)
    Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
    Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
    PARK MANAGER 32 (HKLM\...\PARK MANAGER 32) (Version:  - )
    Plano de Negócio (HKLM\...\{D233EC4A-EF4B-4CCA-AE37-7994A3E1A483}) (Version: 2.0.4 - SEBRAE)
    PokerStars (HKLM\...\PokerStars) (Version:  - PokerStars)
    Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
    Skype™ 7.12 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
    Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{7BDD179E-C954-438B-937D-EB411B701EAB}) (Version:  - Microsoft)
    WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
    Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden

    ==================== Exame Personalizado CLSID (Whitelisted): ==========================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


    ==================== Tarefas Agendadas (Whitelisted) =============

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    Task: {0253B580-E0EF-42A2-B74F-D5FC5F12E33F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {106666E2-A5D6-426B-827D-2D55C7263032} - System32\Tasks\{76F37D25-3964-4246-AF23-EF56DA4C8682} => pcalua.exe -a D:\Documents\Downloads\Instalador_Sistema_Mecanicas_Estetica_Automotiva_Estacionamento_LavaJato_Downloader.exe -d D:\Documents\Downloads
    Task: {283939EC-D96F-439C-9599-4B9E0917E80B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
    Task: {2AC89E93-8943-4C9B-8AD4-EE8B1CE9E033} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-02-02] (Dropbox, Inc.)
    Task: {3545F59C-02BE-4932-A47B-6BD0BBE5B8F8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-02-02] (Dropbox, Inc.)
    Task: {44D7C921-40F2-47A0-8290-9BDB6FE735AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-23] (Google Inc.)
    Task: {7210879A-9F99-4F14-A8CC-89236887E389} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
    Task: {76C11591-6DA3-44F5-BC1C-EC6B9B8B72F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-23] (Google Inc.)
    Task: {803DB308-CF40-4FFB-BE81-A2D3F2B5024F} - System32\Tasks\{A82CC38A-B660-4933-9645-1251F77C596F} => Chrome.exe hxxp://ui.skype.com/ui/0/7.12.0.101/pt/abandoninstall?page=tsProgressBar
    Task: {9706D337-D476-4902-845C-EB494E10315D} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files\Corel\CUH\v2\CUH.exe [2016-02-26] (Corel Corporation)
    Task: {E73D2C72-EAD7-4CF0-93E0-BA6992F5BA14} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {ED6125DC-7427-4EBD-A9A5-9833B226D340} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

    (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

    ==================== Atalhos =============================

    (As entradas podem ser listadas para serem restauradas ou removidas.)

    ==================== Módulos Carregados (Whitelisted) ==============

    2015-10-30 02:44 - 2015-10-30 02:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2016-07-13 08:53 - 2016-07-01 01:38 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2016-07-13 08:53 - 2016-07-01 01:38 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2016-01-24 17:13 - 2015-12-07 01:11 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
    2016-07-13 08:53 - 2016-07-01 00:31 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2016-07-13 08:53 - 2016-07-01 00:13 - 05340160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2016-07-13 08:53 - 2016-07-01 00:08 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2016-07-13 08:54 - 2016-07-01 00:08 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2016-07-13 08:54 - 2016-07-01 00:11 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2016-08-05 17:56 - 2016-07-11 23:07 - 00035792 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd
    2016-08-24 17:08 - 2016-07-11 23:07 - 00145864 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd
    2016-08-24 17:08 - 2016-07-11 23:07 - 00019408 _____ () C:\Program Files\Dropbox\Client\faulthandler.pyd
    2016-08-24 17:08 - 2016-07-11 23:07 - 00116688 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll
    2016-08-05 17:56 - 2016-07-11 23:07 - 00100296 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd
    2016-08-05 17:56 - 2016-07-11 23:07 - 00018888 _____ () C:\Program Files\Dropbox\Client\select.pyd
    2016-08-05 17:56 - 2016-08-23 20:17 - 00019760 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd
    2016-08-05 17:56 - 2016-07-11 23:07 - 00694224 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00020816 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
    2016-08-05 17:56 - 2016-07-11 23:07 - 00123856 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 01682760 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00020808 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
    2016-08-05 17:56 - 2016-08-23 20:17 - 00021312 _____ () C:\Program Files\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00052024 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd
    2016-08-05 17:56 - 2016-07-11 23:09 - 00105928 _____ () C:\Program Files\Dropbox\Client\win32api.pyd
    2016-08-05 17:56 - 2016-08-23 20:17 - 00025424 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00038696 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd
    2016-08-24 17:08 - 2016-07-11 23:07 - 00392144 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll
    2016-08-24 17:08 - 2016-07-11 23:09 - 00020936 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd
    2016-08-05 17:56 - 2016-07-11 23:09 - 00024528 _____ () C:\Program Files\Dropbox\Client\win32event.pyd
    2016-08-05 17:56 - 2016-07-11 23:09 - 00114640 _____ () C:\Program Files\Dropbox\Client\win32security.pyd
    2016-08-05 17:56 - 2016-08-23 20:17 - 00381752 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd
    2016-08-05 17:56 - 2016-07-11 23:09 - 00124880 _____ () C:\Program Files\Dropbox\Client\win32file.pyd
    2016-08-05 17:56 - 2016-07-11 23:09 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd
    2016-08-05 17:56 - 2016-07-11 23:09 - 00175560 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd
    2016-08-05 17:56 - 2016-07-11 23:09 - 00030160 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd
    2016-08-05 17:56 - 2016-07-11 23:09 - 00043472 _____ () C:\Program Files\Dropbox\Client\win32process.pyd
    2016-08-05 17:56 - 2016-07-11 23:09 - 00048592 _____ () C:\Program Files\Dropbox\Client\win32service.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00026456 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
    2016-08-05 17:56 - 2016-07-11 23:09 - 00057808 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd
    2016-08-05 17:56 - 2016-07-11 23:09 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00246592 _____ () C:\Program Files\Dropbox\Client\breakpad.client.windows.handler.pyd
    2016-08-05 17:56 - 2016-07-11 23:09 - 00028616 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd
    2016-08-05 17:56 - 2016-08-23 20:17 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
    2016-08-05 17:56 - 2016-08-23 20:17 - 00019776 _____ () C:\Program Files\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
    2016-08-05 17:56 - 2016-08-23 20:17 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
    2016-08-05 17:56 - 2016-07-11 23:07 - 00144848 _____ () C:\Program Files\Dropbox\Client\_elementtree.pyd
    2016-08-05 17:56 - 2016-07-11 23:08 - 00241104 _____ () C:\Program Files\Dropbox\Client\_jpegtran.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00020280 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd
    2016-08-05 17:56 - 2016-08-23 20:17 - 00023376 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
    2016-08-05 17:56 - 2016-07-11 23:09 - 00350152 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd
    2016-08-05 17:56 - 2016-08-23 20:17 - 00022352 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00024392 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
    2016-08-24 17:08 - 2016-07-11 23:09 - 00036296 _____ () C:\Program Files\Dropbox\Client\librsync.dll
    2016-08-24 17:08 - 2016-08-23 20:17 - 00031568 _____ () C:\Program Files\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
    2016-08-24 17:08 - 2016-08-23 20:02 - 00293392 _____ () C:\Program Files\Dropbox\Client\EnterpriseDataAdapter.dll
    2016-08-24 17:08 - 2016-08-23 20:17 - 00084280 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL
    2016-08-24 17:08 - 2016-08-23 20:17 - 01826096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd
    2016-08-05 17:56 - 2016-07-11 23:07 - 00083912 _____ () C:\Program Files\Dropbox\Client\sip.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 03929392 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 01972016 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00531248 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00132912 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00224056 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00207672 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd
    2016-08-05 17:56 - 2016-08-23 20:17 - 00020288 _____ () C:\Program Files\Dropbox\Client\winffi.user32._winffi_user32.pyd
    2016-08-05 17:56 - 2016-08-23 20:17 - 00037192 _____ () C:\Program Files\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
    2016-08-05 17:56 - 2016-07-11 23:09 - 00060880 _____ () C:\Program Files\Dropbox\Client\win32print.pyd
    2016-08-05 17:56 - 2016-08-23 20:17 - 00024904 _____ () C:\Program Files\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00546096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQuick.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00357680 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQml.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00168248 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
    2016-08-24 17:08 - 2016-08-23 20:17 - 00042808 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebChannel.pyd
    2015-10-26 07:47 - 2003-05-16 19:32 - 00245760 _____ () C:\mysql\bin\LIBMYSQL.dll
    2015-10-26 07:47 - 2003-05-16 19:32 - 03534848 _____ () C:\mysql\bin\mysqld.exe
    2015-10-26 07:47 - 2003-05-16 19:32 - 02052096 _____ () C:\mysql\bin\mysqld-nt.exe
    2016-09-01 07:56 - 2016-09-01 07:56 - 00098816 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\win32api.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00110080 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\pywintypes27.dll
    2016-09-01 07:56 - 2016-09-01 07:56 - 00364544 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\pythoncom27.dll
    2016-09-01 07:56 - 2016-09-01 07:56 - 00320512 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\win32com.shell.shell.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00776704 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\_hashlib.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 01176576 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\wx._core_.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00806400 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\wx._gdi_.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00816128 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\wx._windows_.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 01067008 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\wx._controls_.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00733184 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\wx._misc_.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00682496 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\pysqlite2._sqlite.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00088064 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\_ctypes.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00119808 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\win32file.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00108544 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\win32security.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00007168 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\hashobjs_ext.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00017920 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\thumbnails_ext.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00088064 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\usb_ext.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00012800 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\common.time34.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00018432 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\win32event.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00167936 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\win32gui.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00046080 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\_socket.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 01208320 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\_ssl.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00128512 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\_elementtree.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00127488 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\pyexpat.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00038912 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\win32inet.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00036864 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\_psutil_windows.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00525208 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\windows._lib_cacheinvalidation.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00011264 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\win32crypt.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00077312 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\wx._html2.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00027136 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\_multiprocessing.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00020480 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\_yappi.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00035840 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\win32process.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00686080 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\unicodedata.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00078848 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\wx._animate.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00123392 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\wx._wizard.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00024064 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\win32pipe.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00010240 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\select.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00025600 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\win32pdh.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00017408 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\win32profile.pyd
    2016-09-01 07:56 - 2016-09-01 07:56 - 00022528 ____R () C:\Users\Marcio\AppData\Local\Temp\_MEI165722\win32ts.pyd
    2015-11-13 08:24 - 2015-11-03 16:29 - 23888800 _____ () C:\Nex\NexServ.exe
    2016-04-19 08:06 - 2016-04-19 08:06 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    2016-04-19 08:06 - 2016-04-19 08:06 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
    2016-04-19 08:06 - 2016-04-19 08:06 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
    2015-10-23 15:19 - 2001-08-01 06:41 - 00217088 _____ () C:\Sistema\Estacionamento\libmysql.dll
    2016-08-16 08:17 - 2016-08-16 08:17 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
    2016-08-16 08:17 - 2016-08-16 08:17 - 11393536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.Photos.dll
    2016-06-03 07:59 - 2016-06-03 08:00 - 00541696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.DesignCore.dll
    2016-03-08 18:10 - 2016-03-08 18:12 - 00180224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\StoreRatingPromotion.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (Se uma entrada for incluída na fixlist, somente o ADS será removido.)


    ==================== Modo de Segurança (Whitelisted) ===================

    (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


    ==================== Associação (Whitelisted) ===============

    (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


    ==================== Internet Explorer confiável/restrito ===============

    (Se uma entrada for incluída na fixlist, será removida do Registro.)


    ==================== Hosts Conteúdo: ===============================

    (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

    2015-07-10 05:28 - 2015-07-10 05:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


    ==================== Outras Áreas ============================

    (Atualmente não há nenhuma correção automática para esta seção.)

    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
    DNS Servers: O Suporte não está conectado à internet.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Firewall do Windows está desabilitado.

    ==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

    (Atualmente não há nenhuma correção automática para esta seção.)

    HKLM\...\StartupApproved\Run: => "Adobe ARM"
    HKLM\...\StartupApproved\Run: => "BDRegion"
    HKLM\...\StartupApproved\Run: => "RemoteControl10"
    HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
    HKLM\...\StartupApproved\Run: => "NeroFilterCheck"
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\...\StartupApproved\Run: => "Skype"

    ==================== Regras do Firewall (Whitelisted) ===============

    (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [UDP Query User{C952D4FA-B8E2-4EA2-A264-FA26BA478E7B}C:\mysql\bin\mysqld-nt.exe] => (Block) C:\mysql\bin\mysqld-nt.exe
    FirewallRules: [TCP Query User{82EE7FB7-131A-4E74-842B-F697ABADDD9D}C:\mysql\bin\mysqld-nt.exe] => (Block) C:\mysql\bin\mysqld-nt.exe
    FirewallRules: [{1D5F3300-B89D-4ED0-93A0-3862BBF45467}] => (Allow) C:\Nex\NexAdmin.exe
    FirewallRules: [{E0BE2EF0-71D7-4BFE-A5DE-FDA1FBFB0C4F}] => (Allow) C:\Nex\NexAdmin.exe
    FirewallRules: [{B288E5FE-FEEB-40D6-B462-C0334176DB35}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{8323914B-B7A4-445A-A7D6-2C1BEA85E54E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [UDP Query User{C045D075-6F3F-4919-9A53-8E36B6B76ECE}D:\documents\downloads\instalador_sistema_mecanicas_estetica_automotiva_estacionamento_lavajato_downloader.exe] => (Allow) D:\documents\downloads\instalador_sistema_mecanicas_estetica_automotiva_estacionamento_lavajato_downloader.exe
    FirewallRules: [TCP Query User{242D4463-DA76-4BD8-9423-52DD5DBF91D1}D:\documents\downloads\instalador_sistema_mecanicas_estetica_automotiva_estacionamento_lavajato_downloader.exe] => (Allow) D:\documents\downloads\instalador_sistema_mecanicas_estetica_automotiva_estacionamento_lavajato_downloader.exe
    FirewallRules: [UDP Query User{D9118E48-4DDC-4765-A59E-3AE4C4561B08}C:\mysql\bin\mysqld.exe] => (Allow) C:\mysql\bin\mysqld.exe
    FirewallRules: [TCP Query User{9CDC7C1E-4454-4D95-86F4-3C7849CD90A3}C:\mysql\bin\mysqld.exe] => (Allow) C:\mysql\bin\mysqld.exe
    FirewallRules: [{581010EF-8A38-47CC-AE1F-444F7400FA9E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{8B9B2652-F580-4A3F-BEA9-AD744375DE11}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{70D9C563-A333-49AF-A742-852FA6330B2D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{375491FF-446F-4A5D-8177-DA10D04EDA8C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{98CA2BBF-2137-46A1-971E-65808945F05A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{40D4C76F-F61D-44BD-BF94-AE75BFFFD9DC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{0653DA7B-2E5F-4F67-A6F5-316452618A97}] => (Allow) LPort=1688
    FirewallRules: [{540B06C3-0D99-4D6B-B11C-3E8B2CFA09DB}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
    FirewallRules: [{3FF3A3F5-D84F-406D-AA14-ADDB4C69B296}] => (Allow) C:\Program Files\CyberLink\PowerDVD10\PowerDVD9.EXE
    FirewallRules: [{48BC668C-5CA5-4B34-AA7B-973FE7407DD2}] => (Allow) C:\Program Files\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
    FirewallRules: [{94BDA373-C3AA-4FEA-9303-0089120A5961}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
    FirewallRules: [{33904B46-FE3B-4A98-9C84-DD3727A25384}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs\CorelDrw.exe
    FirewallRules: [{809269D4-1109-4C0C-B10E-2E53633173B2}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs\CorelPP.exe
    FirewallRules: [{4520DC60-0F2F-4FC3-ADEF-38913ABB4F6E}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe
    FirewallRules: [{0A220094-9826-4BBC-B041-7C65E4B588B0}] => (Allow) C:\Nex\NexServ.exe
    FirewallRules: [{B862FF3D-68D2-4F0F-AC1F-3215B7A1967E}] => (Allow) C:\Nex\NexServ.exe
    StandardProfile\GloballyOpenPorts: [3050:TCP] => Enabled:Firebird

    ==================== Pontos de Restauração =========================

    19-08-2016 12:16:09 Ponto de Verificação Agendado
    23-08-2016 09:44:15 Windows Update
    23-08-2016 16:41:44 JRT Pre-Junkware Removal
    31-08-2016 17:31:17 Ponto de Verificação Agendado

    ==================== Dispositivos Apresentando Falhas No Gerenciador =============


    ==================== Erros no Log de eventos: =========================

    Erros em Aplicativos:
    ==================
    Error: (09/01/2016 07:58:07 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome do aplicativo com falha: NexServ.exe, versão: 5.0.0.294, carimbo de data/hora: 0x563913b1
    Nome do módulo com falha: NexServ.exe, versão: 5.0.0.294, carimbo de data/hora: 0x563913b1
    Código de exceção: 0xc0000005
    Deslocamento da falha: 0x0113cc34
    ID do processo com falha: 0x17fc
    Hora de início do aplicativo com falha: 0x01d2043f87d79d3e
    Caminho do aplicativo com falha: C:\Nex\NexServ.exe
    Caminho do módulo com falha: C:\Nex\NexServ.exe
    ID do Relatório: be7435ec-5536-459e-9819-52539428213f
    Nome completo do pacote com falha:
    ID do aplicativo relativo ao pacote com falha:

    Error: (08/31/2016 05:31:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

    Details:
    AddLegacyDriverFiles: Unable to back up image of binary Protocolo Microsoft LLDP.

    System Error:
    Acesso negado.
    .

    Error: (08/31/2016 11:20:17 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome do aplicativo com falha: nexserv.exe, versão: 5.0.0.294, carimbo de data/hora: 0x563913b1
    Nome do módulo com falha: nexserv.exe, versão: 5.0.0.294, carimbo de data/hora: 0x563913b1
    Código de exceção: 0xc0000005
    Deslocamento da falha: 0x0113cc34
    ID do processo com falha: 0x1578
    Hora de início do aplicativo com falha: 0x01d20392c7802ec6
    Caminho do aplicativo com falha: C:\Nex\nexserv.exe
    Caminho do módulo com falha: C:\Nex\nexserv.exe
    ID do Relatório: a838443a-1a9d-449f-8bdd-91d1680cb138
    Nome completo do pacote com falha:
    ID do aplicativo relativo ao pacote com falha:

    Error: (08/31/2016 08:10:32 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome do aplicativo com falha: NexServ.exe, versão: 5.0.0.294, carimbo de data/hora: 0x563913b1
    Nome do módulo com falha: NexServ.exe, versão: 5.0.0.294, carimbo de data/hora: 0x563913b1
    Código de exceção: 0xc0000005
    Deslocamento da falha: 0x0113cc34
    ID do processo com falha: 0x3b8
    Hora de início do aplicativo com falha: 0x01d20377f9bca6d7
    Caminho do aplicativo com falha: C:\Nex\NexServ.exe
    Caminho do módulo com falha: C:\Nex\NexServ.exe
    ID do Relatório: 33d4921c-f9d7-492e-9169-4ce592cb9652
    Nome completo do pacote com falha:
    ID do aplicativo relativo ao pacote com falha:

    Error: (08/30/2016 07:46:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-9J7TCRI)
    Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

    Error: (08/30/2016 08:12:49 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-9J7TCRI)
    Description: O pacote Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy+App foi terminado porque levou muito tempo para ser suspenso.

    Error: (08/30/2016 08:09:13 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome do aplicativo com falha: NexServ.exe, versão: 5.0.0.294, carimbo de data/hora: 0x563913b1
    Nome do módulo com falha: NexServ.exe, versão: 5.0.0.294, carimbo de data/hora: 0x563913b1
    Código de exceção: 0xc0000005
    Deslocamento da falha: 0x0113cc34
    ID do processo com falha: 0x3a7c
    Hora de início do aplicativo com falha: 0x01d202aeca85d125
    Caminho do aplicativo com falha: C:\Nex\NexServ.exe
    Caminho do módulo com falha: C:\Nex\NexServ.exe
    ID do Relatório: 947895f3-a0ce-4511-9f52-6fdb29d59b62
    Nome completo do pacote com falha:
    ID do aplicativo relativo ao pacote com falha:

    Error: (08/29/2016 11:01:19 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome do aplicativo com falha: NexServ.exe, versão: 5.0.0.294, carimbo de data/hora: 0x563913b1
    Nome do módulo com falha: NexServ.exe, versão: 5.0.0.294, carimbo de data/hora: 0x563913b1
    Código de exceção: 0xc0000005
    Deslocamento da falha: 0x0113cc34
    ID do processo com falha: 0x243c
    Hora de início do aplicativo com falha: 0x01d2026256e6838f
    Caminho do aplicativo com falha: C:\Nex\NexServ.exe
    Caminho do módulo com falha: C:\Nex\NexServ.exe
    ID do Relatório: 291862ec-d2e6-489b-ad7a-54a68a847a9d
    Nome completo do pacote com falha:
    ID do aplicativo relativo ao pacote com falha:

    Error: (08/29/2016 11:01:18 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome do aplicativo com falha: mysqld.exe, versão: 0.0.0.0, carimbo de data/hora: 0x3ec565af
    Nome do módulo com falha: mysqld.exe, versão: 0.0.0.0, carimbo de data/hora: 0x3ec565af
    Código de exceção: 0xc0000005
    Deslocamento da falha: 0x001f18ec
    ID do processo com falha: 0x4848
    Hora de início do aplicativo com falha: 0x01d202625732c7f7
    Caminho do aplicativo com falha: C:\mysql\bin\mysqld.exe
    Caminho do módulo com falha: C:\mysql\bin\mysqld.exe
    ID do Relatório: cb7f6c9e-a058-42e3-bf41-14567015eb2f
    Nome completo do pacote com falha:
    ID do aplicativo relativo ao pacote com falha:

    Error: (08/29/2016 07:33:13 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nome do aplicativo com falha: NexServ.exe, versão: 5.0.0.294, carimbo de data/hora: 0x563913b1
    Nome do módulo com falha: NexServ.exe, versão: 5.0.0.294, carimbo de data/hora: 0x563913b1
    Código de exceção: 0xc0000005
    Deslocamento da falha: 0x0113cc34
    ID do processo com falha: 0x454c
    Hora de início do aplicativo com falha: 0x01d201e0b1c6e191
    Caminho do aplicativo com falha: C:\Nex\NexServ.exe
    Caminho do módulo com falha: C:\Nex\NexServ.exe
    ID do Relatório: ff7b67a9-d909-4bf2-b916-d675e3679e08
    Nome completo do pacote com falha:
    ID do aplicativo relativo ao pacote com falha:


    Erros de Sistema:
    =============
    Error: (09/01/2016 08:46:54 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9J7TCRI)
    Description: As configurações de permissão padrão-computador não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
    {C2F03A33-21F5-47FA-B4BB-156362A2F239}
     e APPID
    {316CDED5-E4AE-4B15-9113-7055D84DCC97}
     ao usuário DESKTOP-9J7TCRI\Marcio SID (S-1-5-21-2456171839-3119483222-2521222785-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

    Error: (09/01/2016 08:46:54 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9J7TCRI)
    Description: As configurações de permissão padrão-computador não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
    {C2F03A33-21F5-47FA-B4BB-156362A2F239}
     e APPID
    {316CDED5-E4AE-4B15-9113-7055D84DCC97}
     ao usuário DESKTOP-9J7TCRI\Marcio SID (S-1-5-21-2456171839-3119483222-2521222785-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

    Error: (09/01/2016 08:46:52 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9J7TCRI)
    Description: As configurações de permissão padrão-computador não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
    {C2F03A33-21F5-47FA-B4BB-156362A2F239}
     e APPID
    {316CDED5-E4AE-4B15-9113-7055D84DCC97}
     ao usuário DESKTOP-9J7TCRI\Marcio SID (S-1-5-21-2456171839-3119483222-2521222785-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

    Error: (09/01/2016 08:46:52 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9J7TCRI)
    Description: As configurações de permissão padrão-computador não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
    {C2F03A33-21F5-47FA-B4BB-156362A2F239}
     e APPID
    {316CDED5-E4AE-4B15-9113-7055D84DCC97}
     ao usuário DESKTOP-9J7TCRI\Marcio SID (S-1-5-21-2456171839-3119483222-2521222785-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

    Error: (09/01/2016 08:35:07 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT)
    Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter.

     Código: 8 0x0 0x0

    Error: (09/01/2016 08:34:46 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT)
    Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter.

     Código: 2 0xdeaddeed 0xeeec

    Error: (09/01/2016 08:34:46 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: AUTORIDADE NT)
    Description: Configuração Automática de WLAN detectou conectividade limite; executando Reset/Recover.adapter.

     Código: 1 0xc 0x4

    Error: (09/01/2016 08:01:20 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9J7TCRI)
    Description: As configurações de permissão padrão-computador não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
    {C2F03A33-21F5-47FA-B4BB-156362A2F239}
     e APPID
    {316CDED5-E4AE-4B15-9113-7055D84DCC97}
     ao usuário DESKTOP-9J7TCRI\Marcio SID (S-1-5-21-2456171839-3119483222-2521222785-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

    Error: (09/01/2016 08:01:20 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9J7TCRI)
    Description: As configurações de permissão padrão-computador não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
    {C2F03A33-21F5-47FA-B4BB-156362A2F239}
     e APPID
    {316CDED5-E4AE-4B15-9113-7055D84DCC97}
     ao usuário DESKTOP-9J7TCRI\Marcio SID (S-1-5-21-2456171839-3119483222-2521222785-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.

    Error: (09/01/2016 08:01:20 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9J7TCRI)
    Description: As configurações de permissão padrão-computador não concedem permissão Local Ativação para o aplicativo de Servidor COM com CLSID
    {C2F03A33-21F5-47FA-B4BB-156362A2F239}
     e APPID
    {316CDED5-E4AE-4B15-9113-7055D84DCC97}
     ao usuário DESKTOP-9J7TCRI\Marcio SID (S-1-5-21-2456171839-3119483222-2521222785-1001) do endereço LocalHost (Usando LRPC) que está sendo executado no contêiner de aplicativos Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Essa permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.


    CodeIntegrity:
    ===================================
      Date: 2016-08-25 16:51:35.295
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-08-25 16:51:35.197
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-08-25 16:51:34.907
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-08-25 16:51:34.635
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-08-25 16:51:34.269
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-08-25 16:51:34.168
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-08-25 16:51:33.921
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-08-25 16:51:33.746
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-08-25 16:51:33.418
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2016-08-25 16:51:32.959
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


    ==================== Informações da Memória ===========================

    Processador: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
    Percentagem de memória em uso: 85%
    RAM física total: 2013.17 MB
    RAM física disponível: 301.91 MB
    Virtual Total: 3998 MB
    Virtual disponível: 1408.47 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:97.17 GB) (Free:30.42 GB) NTFS
    Drive d: (Dados) (Fixed) (Total:135.23 GB) (Free:118.76 GB) NTFS

    ==================== MBR & Tabela de Partições ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E59E3736)
    Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=97.2 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=135.2 GB) - (Type=07 NTFS)

    ==================== Fim de Addition.txt ============================

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Abra seu navegador e coloque o seguinte endereço:

     

    http://127.0.0.1:8080/proxy.pac

     

    Poste todo seu conteúdo em sua próxima resposta, por favor.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • // Autogenerated file; do not edit. Rewritten on attach and detach of Fiddler.

    function FindProxyForURL(url, host){
      if (shExpMatch(host, "www.google.*")) return "PROXY 127.0.0.1:8080"; if (shExpMatch(host, "cse.google.*")) return "PROXY 127.0.0.1:8080"; if (shExpMatch(host, "www.bing.com")) return "PROXY 127.0.0.1:8080"; if (shExpMatch(host, "*.search.yahoo.com")) return "PROXY 127.0.0.1:8080"; return "DIRECT";
    }

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @adivander

     

    Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

     

    Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está abaixo:

     

    Citação

    CreateRestorePoint:
    CloseProcesses:

    CMD: bitsadmin /util /setieproxy localsystem NO_PROXY RESET

    HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATENÇÃO (Restrição - ProxySettings)
    AutoConfigURL: [HKLM] => hxxp://127.0.0.1:8080/proxy.pac
    ManualProxies: 0hxxp://127.0.0.1:8080/proxy.pac

    RemoveProxy:
    CMD: bitsadmin /reset /allusers

    CMD:ipconfig /flushdns
    EmptyTemp:

     

    • Salve este arquivo na Área de Trabalho (Desktop) como fixlist.txt
    • Execute novamente o FRST e clique no botão Corrigir;
    • Aguarde... ao final será gerado o log Fixlog.txt em sua Área de Trabalho (Desktop).
    • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

     

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Resultado da Correção pela Farbar Recovery Scan Tool (x86) Versão: 31-08-2016
    Executado por Marcio (08-09-2016 09:28:14) Run:3
    Executando a partir de C:\Users\Marcio\Desktop
    Perfis Carregados: Marcio (Perfis Disponíveis: Marcio)
    Modo da Inicialização: Normal

    ==============================================

    fixlist Conteúdo:
    *****************
    CreateRestorePoint:
    CloseProcesses:

    CMD: bitsadmin /util /setieproxy localsystem NO_PROXY RESET

    HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATENÇÃO (Restrição - ProxySettings)
    AutoConfigURL: [HKLM] => hxxp://127.0.0.1:8080/proxy.pac
    ManualProxies: 0hxxp://127.0.0.1:8080/proxy.pac

    RemoveProxy:
    CMD: bitsadmin /reset /allusers

    CMD:ipconfig /flushdns
    EmptyTemp:

    *****************

    Ponto de Restauração criado com sucesso.
    Processos fechados com sucesso.

    ========= bitsadmin /util /setieproxy localsystem NO_PROXY RESET =========


    BITSADMIN version 3.0 [ 7.8.10586 ]
    BITS administration utility.
    (C) Copyright 2000-2006 Microsoft Corp.

    BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
    Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

    There's a policy in effect that disables the storage of proxy settings per user.There's a policy in effect that disables the storage of proxy settings per user.Internet proxy settings for account localsystem set to NO_PROXY.
    (connection = default)


    ========= Fim de CMD: =========

    HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxySettingsPerUser => valor removido (a) com sucesso.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => valor removido (a) com sucesso.
    HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => valor removido (a) com sucesso.

    ========= RemoveProxy: =========

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
    HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
    HKU\S-1-5-21-2456171839-3119483222-2521222785-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.


    ========= Fim de RemoveProxy: =========


    ========= bitsadmin /reset /allusers =========


    BITSADMIN version 3.0 [ 7.8.10586 ]
    BITS administration utility.
    (C) Copyright 2000-2006 Microsoft Corp.

    BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
    Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

    0 out of 0 jobs canceled.

    ========= Fim de CMD: =========


    ========= ipconfig /flushdns =========


    Configura‡Æo de IP do Windows

    Libera‡Æo do Cache do DNS Resolver bem-sucedida.

    ========= Fim de CMD: =========


    =========== EmptyTemp: ==========

    BITS transfer queue => 32768 B
    DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4278814 B
    Java, Flash, Steam htmlcache => 0 B
    Windows/system/drivers => 13218 B
    Edge => 0 B
    Chrome => 0 B
    Firefox => 6292926 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Default => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 0 B
    LocalService => 6562 B
    NetworkService => 9300 B
    Marcio => 39830733 B

    RecycleBin => 55335 B
    EmptyTemp: => 48.2 MB de dados temporários Removidos.

    ================================


    O sistema precisou ser reiniciado.

    ==== Fim de Fixlog 09:28:44 ====

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Caro @adivander

     

    Faça um novo log com o FRST, porém antes de clicar no botão Examinar, marque a opção Addition.

     

    Anexe os logs, por favor.

     

    Abraços :D

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Tópico Arquivado

     

    Como o autor não respondeu ao tópico por mais de 10 dias, o mesmo foi arquivado. Caso você seja o autor do tópico e quer que o mesmo seja reaberto, entre em contato com um Analista de Segurança do Fórum solicitando o desbloqueio.

     

    CarlosTurco

    diego_moicano

     

     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Visitante
    Este tópico está impedido de receber novos posts.





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×