Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Carlos Ruesta

Com problemas no Chrome

Recommended Posts

Boa noite

 

Ao parecer um malware se instalou na minha máquina e afeto o chrome. Tudo clique no navegador abre uma aba de propaganda.

 

Segue log do za-scan.

 

Obrigado.

ZA-Scan.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites
diego_moicano    465

Caro @Carlos Ruesta

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe Como Administrador

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Execute o jrt.exe Como Administrador

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 3 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Execute o arquivo ZHPCleaner.exe Como Administrador

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
diego_moicano    465

Caro @Carlos Ruesta

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


32 bit (x86) ou 64 bit (x64)

  • Clique com o botão direito e escolha Executar como Administrador;
  • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar;
  • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop);
  • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta;
  • Anexe o log Addition.txt.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Prezado @diogo_moicano

Segue resultado abaixo e log em anexo:

Muito obrigado.

Carlos

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 13-07-2017
Executado por Carlos Ruesta (administrador) em PC-CARLOS (14-07-2017 19:21:04)
Executando a partir de E:\Desktop\Limpar PC
Perfis Carregados: Carlos Ruesta (Perfis Disponíveis: Carlos Ruesta)
Platform: Windows 10 Home Versão 1703 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Oracle Corporation) D:\oraclexe\app\oracle\product\11.2.0\server\bin\TNSLSNR.EXE
(Oracle Corporation) D:\oraclexe\app\oracle\product\11.2.0\server\bin\oracle.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Palo Alto Networks) C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPS.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Palo Alto Networks) C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(ConEmu-Maximus5) D:\ConEmuPack.150913\ConEmu64.exe
(ConEmu-Maximus5) D:\ConEmuPack.150913\ConEmu\ConEmuC64.exe
(The Git Development Community) C:\Program Files\Git\git-cmd.exe
() C:\Program Files\Git\usr\bin\bash.exe
(Martin Prikryl) D:\WinSCP\WinSCP.exe
(Slack Technologies) C:\Users\Carlos Ruesta\AppData\Local\slack\app-2.6.3\slack.exe
(Slack Technologies) C:\Users\Carlos Ruesta\AppData\Local\slack\app-2.6.3\slack.exe
(Slack Technologies) C:\Users\Carlos Ruesta\AppData\Local\slack\app-2.6.3\slack.exe
(Slack Technologies) C:\Users\Carlos Ruesta\AppData\Local\slack\app-2.6.3\slack.exe
(Slack Technologies) C:\Users\Carlos Ruesta\AppData\Local\slack\app-2.6.3\slack.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Slack Technologies) C:\Users\Carlos Ruesta\AppData\Local\slack\app-2.6.3\slack.exe
(Slack Technologies) C:\Users\Carlos Ruesta\AppData\Local\slack\app-2.6.3\slack.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8721656 2016-03-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-03-09] (Realtek Semiconductor)
HKLM\...\Run: [GlobalProtect] => C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPA.exe [2156392 2016-05-12] (Palo Alto Networks)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-07-07] (AVAST Software)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [954416 2017-03-22] (GAS Tecnologia LTDA)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-07-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2756672 2016-03-09] (Dominik Reichl)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1967328 2017-04-26] ()
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATENÇÃO
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-23] (Banco do Brasil)
Winlogon\Notify\ GbPluginuni: C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2017-02-26] (Banco Itaú Unibanco)
HKU\S-1-5-21-1559631502-1940132736-1926902864-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-1559631502-1940132736-1926902864-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150016 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [391040 2017-03-20] (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1947872 2016-06-23] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1951968 2017-02-26] (Banco Itaú Unibanco)
Startup: C:\Users\Carlos Ruesta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2016-10-23]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bf96ebb0-ff9b-4177-a809-1d85f794d808}: [NameServer] 10.142.9.19,10.142.9.20
Tcpip\..\Interfaces\{ca871921-78db-49a3-91a9-cf96ecd69ced}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f5cf61f1-e980-451f-93c5-8954c714bbb1}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1559631502-1940132736-1926902864-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-07] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java\x64\jre1.8.0_91\bin\ssv.dll [2016-04-21] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-07] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java\x64\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21] (Oracle Corporation)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2017-04-26] (Wondershare)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java\x86\jre1.8.0_91\bin\ssv.dll [2016-04-21] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2017-03-20] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-06-23] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2017-02-26] (Banco Itaú Unibanco)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java\x86\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-07] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-07] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-07] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-07] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  Nenhum Arquivo

FireFox:
========
FF DefaultProfile: 8lby8l9t.default
FF ProfilePath: C:\Users\Carlos Ruesta\AppData\Roaming\Mozilla\Firefox\Profiles\8lby8l9t.default [2017-07-14]
FF Extension: (Avast SafePrice) - C:\Users\Carlos Ruesta\AppData\Roaming\Mozilla\Firefox\Profiles\8lby8l9t.default\Extensions\sp@avast.com.xpi [2017-07-07]
FF Extension: (LastPass: Free Password Manager) - C:\Users\Carlos Ruesta\AppData\Roaming\Mozilla\Firefox\Profiles\8lby8l9t.default\Extensions\support@lastpass.com [2017-07-11]
FF Extension: (Easy Video Downloader) - C:\Users\Carlos Ruesta\AppData\Roaming\Mozilla\Firefox\Profiles\8lby8l9t.default\Extensions\vdpure@link64.xpi [2017-07-08]
FF Extension: (Avast Online Security) - C:\Users\Carlos Ruesta\AppData\Roaming\Mozilla\Firefox\Profiles\8lby8l9t.default\Extensions\wrc@avast.com.xpi [2017-07-07]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi [2017-06-26]
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> D:\Java\x64\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> D:\Java\x64\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> D:\Java\x86\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> D:\Java\x86\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Carlos Ruesta\AppData\Roaming\mozilla\plugins\npatgpc.dll [2016-04-25] (Cisco WebEx LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> mysearch.avg.com
CHR NewTab: Default ->  Not-active:"chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html"
CHR Profile: C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default [2017-07-13]
CHR Extension: (Google Apresentações) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-20]
CHR Extension: (Postman Interceptor) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aicmkgpgakddgnaphhhpliifpcfhicfo [2017-07-13]
CHR Extension: (JSON Viewer) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aimiinbnnkboelefkjlenlgimcabobli [2017-02-02]
CHR Extension: (XHR POSTER) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdbimilobjkfhgamdhneckaifceicen [2016-04-20]
CHR Extension: (Google Docs) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-20]
CHR Extension: (Google Drive) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-20]
CHR Extension: (Web Developer) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2017-02-26]
CHR Extension: (ColorZilla) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2016-12-28]
CHR Extension: (Chamada pelo Skype) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2016-04-20]
CHR Extension: (YouTube) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-20]
CHR Extension: (Google Cast) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-09-22]
CHR Extension: (CloudBees) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\cafchohddimocnpkdblklhgdaedfdpjj [2016-04-20]
CHR Extension: (Webmail Ad Blocker) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2017-07-13]
CHR Extension: (AVG Secure Search) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-07-13]
CHR Extension: (OneTab) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2017-02-26]
CHR Extension: (High Contrast) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2016-11-16]
CHR Extension: (Session Buddy) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2017-07-13]
CHR Extension: (Adobe Acrobat) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-12]
CHR Extension: (Avast SafePrice) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-09]
CHR Extension: (Planilhas do Google) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-20]
CHR Extension: (Postman) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2017-07-01]
CHR Extension: (Documentos Google off-line) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-12]
CHR Extension: (Plus for Trello (tempo, relatórios, scrum)) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjjpophepkbhejnglcmkdnncmaanojkf [2017-07-13]
CHR Extension: (Avast Online Security) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-25]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-07-13]
CHR Extension: (Advanced REST client) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmloofddffdnphfgcellkdfbfbjeloo [2017-03-19]
CHR Extension: (Eye Dropper) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2016-10-12]
CHR Extension: (GBBD Banco Santander (Brasil) S.A.) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnljhnpjegfbcohjhdnhjlnfnffmbnf [2016-04-20]
CHR Extension: (AngularJS Batarang) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ighdmehidhipcmcojjgiloacoafjmpfk [2017-04-12]
CHR Extension: (Scrum for Trello) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdbcdblgjdpmfninkoogcfpnkjmndgje [2017-06-29]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2017-05-12]
CHR Extension: (Video Downloader All) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpaglkhbmbmhlnpnehlffkgaaapoicnk [2017-06-25]
CHR Extension: (GBBD Guardião - Itaú 30 horas) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmpojlddncminmkddkpoegdjhojjipg [2016-04-20]
CHR Extension: (Momentum) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2017-07-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-04-21]
CHR Extension: (Awesome Screenshot App) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpiaehgjbbfednooihadalhehabhcjo [2016-06-16]
CHR Extension: (Desenhos do Google) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2017-05-30]
CHR Extension: (LastPass Vault) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf [2016-04-20]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-19]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2016-04-20]
CHR Extension: (draw.io) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlkggianjhjenigcpigpjehhpplldkc [2017-05-30]
CHR Extension: (Evernote Web Clipper) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2017-06-09]
CHR Extension: (Gmail) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-20]
CHR Extension: (Chrome Media Router) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-13]
CHR Profile: C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-07-13]
CHR Extension: (Google Apresentações) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-29]
CHR Extension: (Google Docs) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-29]
CHR Extension: (Google Drive) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-29]
CHR Extension: (YouTube) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-29]
CHR Extension: (Avast SafePrice) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-29]
CHR Extension: (Planilhas do Google) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-29]
CHR Extension: (Documentos Google off-line) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-29]
CHR Extension: (Avast Online Security) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-29]
CHR Extension: (Eye Dropper) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2017-06-29]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-06-29]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-29]
CHR Extension: (Gmail) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-29]
CHR Extension: (Chrome Media Router) - C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-29]
CHR Profile: C:\Users\Carlos Ruesta\AppData\Local\Google\Chrome\User Data\System Profile [2017-07-02]
CHR HKU\S-1-5-21-1559631502-1940132736-1926902864-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1559631502-1940132736-1926902864-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <não encontrado (a)>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <não encontrado (a)>

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-07-07] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-07-07] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [311592 2017-07-07] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411592 2017-06-23] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-20] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-20] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-07-12] (Dropbox, Inc.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [590048 2017-07-13] (GAS Tecnologia)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382448 2017-02-24] (Intel Corporation)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.5\my.ini [8918 2016-04-21] () [Arquivo não assinado]
S4 OracleJobSchedulerXE; d:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe [45568 2014-05-29] () [Arquivo não assinado]
R2 OracleServiceXE; d:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE [147110912 2014-05-30] (Oracle Corporation) [Arquivo não assinado]
S3 OracleXEClrAgent; D:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe [83968 2014-05-29] (Oracle Corporation) [Arquivo não assinado]
R2 OracleXETNSListener; D:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [522240 2014-05-29] (Oracle Corporation) [Arquivo não assinado]
R2 PanGPS; C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPS.exe [3282280 2016-05-12] (Palo Alto Networks)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [316152 2016-03-09] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263264 2017-02-16] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10885360 2017-05-31] (TeamViewer GmbH)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384 2015-01-26] (TechSmith Corporation) [Arquivo não assinado]
S3 wampapache; d:\WampServer54\bin\apache\apache2.4.2\bin\httpd.exe [24576 2012-05-13] (Apache Software Foundation) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [954416 2017-03-22] (GAS Tecnologia LTDA)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [319984 2017-07-07] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198944 2017-07-07] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343264 2017-07-07] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57704 2017-07-07] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [46984 2017-07-07] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41800 2017-07-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [146664 2017-07-07] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [554528 2017-07-07] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110352 2017-07-07] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84392 2017-07-07] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1015848 2017-07-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [585608 2017-07-07] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [198768 2017-07-07] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361336 2017-07-07] (AVAST Software)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2017-07-14] (GAS Tecnologia)
R0 gbpddreg; C:\WINDOWS\System32\drivers\gbpddreg64.sys [29816 2017-07-07] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-22] (GAS Tecnologia)
S3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)
S3 iaLPSS_I2C; C:\WINDOWS\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7218176 2017-03-18] (Intel Corporation)
R3 PanGpd; C:\WINDOWS\system32\DRIVERS\pangpd.sys [36352 2016-05-12] (Palo Alto Networks)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896744 2016-01-25] (Realtek                                            )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [66136 2017-02-16] (Synaptics Incorporated)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [125520 2015-09-08] (Oracle Corporation)
S3 vna_ap; C:\WINDOWS\system32\DRIVERS\vnaap.sys [161256 2009-02-15] (Check Point Software Technologies)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-22] (GAS Tecnologia LTDA)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [28376 2017-07-13] (GAS Tecnologia)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [47176 2016-11-11] (GAS Tecnologia)
R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [25184 2016-11-11] (GAS Tecnologia)
R3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [25184 2016-11-11] (GAS Tecnologia)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-07-14 19:20 - 2017-07-14 19:21 - 00000000 ____D C:\FRST
2017-07-13 15:31 - 2017-07-13 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-07-13 15:30 - 2017-07-13 15:30 - 00000000 ____D C:\Users\Todos os Usuários\SWCUTemp
2017-07-13 15:30 - 2017-07-13 15:30 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-07-13 14:49 - 2017-07-13 15:00 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\ZHP
2017-07-13 14:49 - 2017-07-13 14:49 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\ZHP
2017-07-13 12:15 - 2017-07-13 12:15 - 00000000 ____D C:\Users\Todos os Usuários\Samsung
2017-07-13 12:15 - 2017-07-13 12:15 - 00000000 ____D C:\ProgramData\Samsung
2017-07-13 11:20 - 2017-07-13 12:01 - 00000000 ____D C:\AdwCleaner
2017-07-12 20:01 - 2017-07-12 20:01 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\DBG
2017-07-12 16:58 - 2017-07-12 16:58 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-07-12 16:58 - 2017-07-12 16:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-07-12 16:58 - 2017-07-12 16:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-07-12 16:58 - 2017-07-12 16:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-07-12 10:07 - 2017-07-07 03:57 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-12 10:07 - 2017-07-07 03:57 - 00125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2017-07-12 10:07 - 2017-07-07 03:39 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-12 10:07 - 2017-07-07 03:39 - 00096128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-07-12 10:07 - 2017-07-07 03:37 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-12 10:07 - 2017-07-07 03:31 - 00129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-12 10:07 - 2017-07-07 03:30 - 02165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-12 10:07 - 2017-07-07 03:30 - 00949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-12 10:07 - 2017-07-07 03:30 - 00750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-07-12 10:07 - 2017-07-07 03:29 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-12 10:07 - 2017-07-07 03:29 - 00123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2017-07-12 10:07 - 2017-07-07 03:26 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-12 10:07 - 2017-07-07 03:25 - 00035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2017-07-12 10:07 - 2017-07-07 03:23 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-12 10:07 - 2017-07-07 03:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-12 10:07 - 2017-07-07 03:14 - 02956800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-12 10:07 - 2017-07-07 03:14 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-07-12 10:07 - 2017-07-07 03:12 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-12 10:07 - 2017-07-07 03:10 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-07-12 10:07 - 2017-07-07 03:10 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-12 10:07 - 2017-07-07 03:09 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-12 10:07 - 2017-07-07 03:07 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-12 10:07 - 2017-07-07 03:06 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-07-12 10:07 - 2017-07-07 03:05 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-07-12 10:07 - 2017-07-07 03:05 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-12 10:07 - 2017-07-07 03:04 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-12 10:07 - 2017-07-07 03:04 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-12 10:07 - 2017-07-07 03:03 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-12 10:07 - 2017-07-07 03:03 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-07-12 10:07 - 2017-07-07 03:02 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-07-12 10:07 - 2017-07-07 03:00 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-12 10:07 - 2017-07-07 03:00 - 01565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-12 10:07 - 2017-07-07 02:59 - 01494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-07-12 10:07 - 2017-07-07 02:59 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-07-12 10:07 - 2017-07-07 02:58 - 02782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-12 10:07 - 2017-07-07 02:58 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-12 10:07 - 2017-07-07 02:55 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-07-12 10:07 - 2017-07-07 02:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-07-12 10:07 - 2017-07-07 02:53 - 01301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-12 10:07 - 2017-07-07 02:53 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 10:07 - 2017-06-20 03:06 - 00279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-07-12 10:07 - 2017-06-20 02:34 - 00192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-12 10:07 - 2017-06-20 02:15 - 00455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2017-07-12 10:07 - 2017-06-20 02:13 - 00787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-12 10:07 - 2017-06-20 02:12 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2017-07-12 10:07 - 2017-06-20 02:12 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2017-07-12 10:07 - 2017-06-20 02:09 - 00406032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-07-12 10:07 - 2017-06-20 02:07 - 02475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-07-12 10:07 - 2017-06-20 02:07 - 00346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-12 10:07 - 2017-06-20 02:07 - 00138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-07-12 10:07 - 2017-06-20 02:06 - 00278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-07-12 10:07 - 2017-06-20 02:05 - 00438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-12 10:07 - 2017-06-20 02:04 - 01077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2017-07-12 10:07 - 2017-06-20 02:04 - 00181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-12 10:07 - 2017-06-20 02:04 - 00049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2017-07-12 10:07 - 2017-06-20 02:03 - 00864240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-07-12 10:07 - 2017-06-20 02:03 - 00443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2017-07-12 10:07 - 2017-06-20 02:02 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-12 10:07 - 2017-06-20 02:01 - 00176032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-07-12 10:07 - 2017-06-20 01:49 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2017-07-12 10:07 - 2017-06-20 01:49 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-12 10:07 - 2017-06-20 01:46 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 10:07 - 2017-06-20 01:45 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-12 10:07 - 2017-06-20 01:43 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2017-07-12 10:07 - 2017-06-20 01:43 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2017-07-12 10:07 - 2017-06-20 01:43 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-07-12 10:07 - 2017-06-20 01:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-07-12 10:07 - 2017-06-20 01:42 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-07-12 10:07 - 2017-06-20 01:42 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-12 10:07 - 2017-06-20 01:41 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-07-12 10:07 - 2017-06-20 01:41 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2017-07-12 10:07 - 2017-06-20 01:41 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-07-12 10:07 - 2017-06-20 01:41 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-12 10:07 - 2017-06-20 01:41 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-12 10:07 - 2017-06-20 01:40 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-07-12 10:07 - 2017-06-20 01:40 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-12 10:07 - 2017-06-20 01:40 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-07-12 10:07 - 2017-06-20 01:40 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-07-12 10:07 - 2017-06-20 01:39 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-07-12 10:07 - 2017-06-20 01:39 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2017-07-12 10:07 - 2017-06-20 01:38 - 01451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-12 10:07 - 2017-06-20 01:38 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-12 10:07 - 2017-06-20 01:38 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-12 10:07 - 2017-06-20 01:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-12 10:07 - 2017-06-20 01:35 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-12 10:07 - 2017-06-20 01:34 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-07-12 10:07 - 2017-06-20 01:30 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
2017-07-12 10:07 - 2017-06-20 01:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-07-12 10:07 - 2017-06-20 01:30 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-12 10:07 - 2017-06-20 01:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-07-12 10:06 - 2017-07-07 04:13 - 00554392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-07-12 10:06 - 2017-07-07 04:13 - 00336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-12 10:06 - 2017-07-07 03:31 - 05820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-12 10:06 - 2017-07-07 03:31 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-12 10:06 - 2017-07-07 03:27 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-12 10:06 - 2017-07-07 03:26 - 20373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-12 10:06 - 2017-07-07 03:26 - 01195240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-07-12 10:06 - 2017-07-07 03:26 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-12 10:06 - 2017-07-07 03:19 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-07-12 10:06 - 2017-07-07 03:14 - 00790016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-12 10:06 - 2017-07-07 03:13 - 13839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-12 10:06 - 2017-07-07 03:07 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-12 10:06 - 2017-07-07 03:05 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-12 10:06 - 2017-07-07 03:05 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-07-12 10:06 - 2017-07-07 03:04 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 10:06 - 2017-07-07 03:04 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-12 10:06 - 2017-07-07 03:04 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-07-12 10:06 - 2017-07-07 03:03 - 06123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-12 10:06 - 2017-07-07 03:01 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-12 10:06 - 2017-07-07 03:00 - 07596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-12 10:06 - 2017-07-07 03:00 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-07-12 10:06 - 2017-07-07 03:00 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-12 10:06 - 2017-07-07 03:00 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-12 10:06 - 2017-07-07 02:59 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-12 10:06 - 2017-07-07 02:59 - 01355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-12 10:06 - 2017-07-07 02:58 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-12 10:06 - 2017-07-07 02:58 - 01237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-12 10:06 - 2017-06-20 02:08 - 04469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-12 10:06 - 2017-06-20 02:06 - 00754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-12 10:06 - 2017-06-20 02:05 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-12 10:06 - 2017-06-20 02:04 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-12 10:06 - 2017-06-20 02:04 - 01178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-07-12 10:06 - 2017-06-20 02:03 - 05806048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-12 10:06 - 2017-06-20 02:02 - 03377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-12 10:06 - 2017-06-20 02:02 - 01121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-12 10:06 - 2017-06-20 02:00 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-12 10:06 - 2017-06-20 01:42 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2017-07-12 10:06 - 2017-06-20 01:42 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2017-07-12 10:06 - 2017-06-20 01:40 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-12 10:06 - 2017-06-20 01:40 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-07-12 10:06 - 2017-06-20 01:39 - 02814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2017-07-12 10:06 - 2017-06-20 01:39 - 02671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-12 10:06 - 2017-06-20 01:39 - 00646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2017-07-12 10:06 - 2017-06-20 01:39 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-12 10:06 - 2017-06-20 01:38 - 01171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-12 10:06 - 2017-06-20 01:38 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-12 10:06 - 2017-06-20 01:35 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-12 10:06 - 2017-06-20 01:35 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-12 10:06 - 2017-06-20 01:34 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-12 10:06 - 2017-06-20 01:34 - 02750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-12 10:06 - 2017-06-20 01:34 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-12 10:06 - 2017-06-20 01:34 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-12 10:06 - 2017-06-20 01:31 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-12 10:05 - 2017-07-07 04:24 - 00117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-12 10:05 - 2017-07-07 04:21 - 32688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-07-12 10:05 - 2017-07-07 04:20 - 02021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-07-12 10:05 - 2017-07-07 04:11 - 00094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-12 10:05 - 2017-07-07 04:10 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-12 10:05 - 2017-07-07 03:37 - 31652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2017-07-12 10:05 - 2017-07-07 03:37 - 01339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-07-12 10:05 - 2017-07-07 03:27 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-07-12 10:05 - 2017-07-07 03:23 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-07-12 10:05 - 2017-07-07 03:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-07-12 10:05 - 2017-07-07 03:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2017-07-12 10:05 - 2017-07-07 03:18 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-07-12 10:05 - 2017-07-07 03:17 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-07-12 10:05 - 2017-07-07 03:14 - 08211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-12 10:05 - 2017-07-07 03:08 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-12 10:05 - 2017-07-07 03:06 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-07-12 10:05 - 2017-06-20 03:11 - 00411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2017-07-12 10:05 - 2017-06-20 03:03 - 00820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-07-12 10:05 - 2017-06-20 03:02 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-12 10:05 - 2017-06-20 02:57 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-12 10:05 - 2017-06-20 02:13 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2017-07-12 10:05 - 2017-06-20 02:12 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-12 10:05 - 2017-06-20 02:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-07-12 10:05 - 2017-06-20 02:11 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-12 10:05 - 2017-06-20 02:10 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-12 10:05 - 2017-06-20 02:10 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-12 10:05 - 2017-06-20 02:09 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2017-07-12 10:05 - 2017-06-20 02:09 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2017-07-12 10:05 - 2017-06-20 02:08 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-07-12 10:05 - 2017-06-20 02:08 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-07-12 10:05 - 2017-06-20 02:07 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-12 10:05 - 2017-06-20 02:07 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-12 10:05 - 2017-06-20 02:06 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-07-12 10:05 - 2017-06-20 02:05 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-12 10:05 - 2017-06-20 02:05 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-12 10:05 - 2017-06-20 02:04 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-07-12 10:05 - 2017-06-20 01:56 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-12 10:05 - 2017-06-20 01:45 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-07-12 10:05 - 2017-06-20 01:43 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-12 10:05 - 2017-06-20 01:43 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-12 10:04 - 2017-07-07 11:00 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2017-07-12 10:04 - 2017-07-07 04:26 - 01065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-12 10:04 - 2017-07-07 04:25 - 00899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-12 10:04 - 2017-07-07 04:23 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-12 10:04 - 2017-07-07 04:22 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-12 10:04 - 2017-07-07 04:22 - 01186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-12 10:04 - 2017-07-07 04:21 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-12 10:04 - 2017-07-07 04:20 - 00519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-12 10:04 - 2017-07-07 04:20 - 00382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-12 10:04 - 2017-07-07 04:14 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-12 10:04 - 2017-07-07 04:14 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-12 10:04 - 2017-07-07 04:12 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-12 10:04 - 2017-07-07 04:12 - 00318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-07-12 10:04 - 2017-07-07 04:10 - 01325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-12 10:04 - 2017-07-07 04:10 - 00254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-12 10:04 - 2017-07-07 04:09 - 00041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2017-07-12 10:04 - 2017-07-07 04:07 - 01106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-12 10:04 - 2017-07-07 04:07 - 00058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-12 10:04 - 2017-07-07 03:40 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-12 10:04 - 2017-07-07 03:27 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-12 10:04 - 2017-07-07 03:20 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-12 10:04 - 2017-07-07 03:20 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-07-12 10:04 - 2017-07-07 03:19 - 07149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-12 10:04 - 2017-07-07 03:18 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-12 10:04 - 2017-07-07 03:18 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-07-12 10:04 - 2017-07-07 03:17 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-12 10:04 - 2017-07-07 03:17 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-12 10:04 - 2017-07-07 03:16 - 12786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-12 10:04 - 2017-07-07 03:16 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-12 10:04 - 2017-07-07 03:15 - 08238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-12 10:04 - 2017-07-07 03:15 - 00922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-12 10:04 - 2017-07-07 03:14 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-12 10:04 - 2017-07-07 03:14 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-07-12 10:04 - 2017-07-07 03:13 - 05892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-12 10:04 - 2017-07-07 03:12 - 04730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-12 10:04 - 2017-07-07 03:12 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-12 10:04 - 2017-07-07 03:12 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-12 10:04 - 2017-07-07 03:12 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-12 10:04 - 2017-07-07 03:11 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-12 10:04 - 2017-07-07 03:11 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-12 10:04 - 2017-07-07 03:11 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-12 10:04 - 2017-07-07 03:10 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-07-12 10:04 - 2017-07-07 03:09 - 20504576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-12 10:04 - 2017-07-07 03:06 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-07-12 10:04 - 2017-07-07 03:05 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-12 10:04 - 2017-07-07 03:05 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-12 10:04 - 2017-07-07 03:04 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-07-12 10:04 - 2017-07-07 03:02 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-07-12 10:04 - 2017-07-07 03:01 - 06287360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-12 10:04 - 2017-07-07 02:59 - 03656704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-12 10:04 - 2017-07-01 19:52 - 00031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-12 10:04 - 2017-06-20 03:17 - 00034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-12 10:04 - 2017-06-20 03:16 - 00335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-12 10:04 - 2017-06-20 03:15 - 00233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-12 10:04 - 2017-06-20 03:11 - 01395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-12 10:04 - 2017-06-20 03:10 - 02327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-12 10:04 - 2017-06-20 03:10 - 01930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-12 10:04 - 2017-06-20 03:08 - 01242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-07-12 10:04 - 2017-06-20 03:05 - 01057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-12 10:04 - 2017-06-20 03:04 - 04847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-12 10:04 - 2017-06-20 03:03 - 00102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
2017-07-12 10:04 - 2017-06-20 03:00 - 00142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-12 10:04 - 2017-06-20 02:59 - 06554928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-12 10:04 - 2017-06-20 02:59 - 01220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-12 10:04 - 2017-06-20 02:59 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-07-12 10:04 - 2017-06-20 02:58 - 00833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-07-12 10:04 - 2017-06-20 02:57 - 00204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-07-12 10:04 - 2017-06-20 02:15 - 01620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-12 10:04 - 2017-06-20 02:14 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-12 10:04 - 2017-06-20 02:11 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-12 10:04 - 2017-06-20 02:10 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-12 10:04 - 2017-06-20 02:10 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2017-07-12 10:04 - 2017-06-20 02:09 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2017-07-12 10:04 - 2017-06-20 02:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-07-12 10:04 - 2017-06-20 02:09 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-12 10:04 - 2017-06-20 02:09 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-12 10:04 - 2017-06-20 02:08 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-12 10:04 - 2017-06-20 02:08 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-12 10:04 - 2017-06-20 02:08 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-12 10:04 - 2017-06-20 02:08 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-07-12 10:04 - 2017-06-20 02:07 - 00823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2017-07-12 10:04 - 2017-06-20 02:07 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-12 10:04 - 2017-06-20 02:06 - 00847872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-07-12 10:04 - 2017-06-20 02:06 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-12 10:04 - 2017-06-20 02:06 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-07-12 10:04 - 2017-06-20 02:05 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-12 10:04 - 2017-06-20 02:05 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-12 10:04 - 2017-06-20 02:04 - 01425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-12 10:04 - 2017-06-20 02:04 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-12 10:04 - 2017-06-20 02:04 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-12 10:04 - 2017-06-20 02:04 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-07-12 10:04 - 2017-06-20 02:03 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-12 10:04 - 2017-06-20 02:01 - 04536320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-12 10:04 - 2017-06-20 02:01 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-12 10:04 - 2017-06-20 02:01 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-12 10:04 - 2017-06-20 02:00 - 02171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-12 10:04 - 2017-06-20 01:59 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-07-12 10:04 - 2017-06-20 01:59 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-12 10:04 - 2017-06-20 01:54 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-07-12 10:04 - 2017-06-20 01:43 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-12 10:04 - 2017-06-20 01:42 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-12 10:04 - 2017-06-20 01:42 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-12 10:04 - 2017-06-20 01:38 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-12 10:04 - 2017-06-20 01:37 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-12 10:03 - 2017-07-07 04:27 - 01147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-12 10:03 - 2017-07-07 04:27 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-12 10:03 - 2017-07-07 04:27 - 00965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-07-12 10:03 - 2017-07-07 04:27 - 00821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-07-12 10:03 - 2017-07-07 04:27 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-12 10:03 - 2017-07-07 04:22 - 00119384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-07-12 10:03 - 2017-07-07 04:20 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-12 10:03 - 2017-07-07 04:17 - 01017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-07-12 10:03 - 2017-07-07 04:15 - 02444696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-12 10:03 - 2017-07-07 04:14 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-07-12 10:03 - 2017-07-07 04:14 - 01171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-12 10:03 - 2017-07-07 04:13 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-07-12 10:03 - 2017-07-07 04:13 - 00147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2017-07-12 10:03 - 2017-07-07 04:12 - 00228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-12 10:03 - 2017-07-07 04:11 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-12 10:03 - 2017-07-07 04:10 - 21353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-12 10:03 - 2017-07-07 04:10 - 01337848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-07-12 10:03 - 2017-07-07 04:10 - 00372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-12 10:03 - 2017-07-07 03:27 - 03670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-12 10:03 - 2017-07-07 03:27 - 01640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-07-12 10:03 - 2017-07-07 03:27 - 01050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-12 10:03 - 2017-07-07 03:27 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-07-12 10:03 - 2017-07-07 03:27 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2017-07-12 10:03 - 2017-07-07 03:27 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-12 10:03 - 2017-07-07 03:26 - 17364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-12 10:03 - 2017-07-07 03:25 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-12 10:03 - 2017-07-07 03:24 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-07-12 10:03 - 2017-07-07 03:23 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-07-12 10:03 - 2017-07-07 03:23 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-12 10:03 - 2017-07-07 03:22 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-12 10:03 - 2017-07-07 03:22 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-12 10:03 - 2017-07-07 03:21 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-07-12 10:03 - 2017-07-07 03:21 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-12 10:03 - 2017-07-07 03:19 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-12 10:03 - 2017-07-07 03:19 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-12 10:03 - 2017-07-07 03:19 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-12 10:03 - 2017-07-07 03:18 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-12 10:03 - 2017-07-07 03:18 - 00563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-07-12 10:03 - 2017-07-07 03:17 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-12 10:03 - 2017-07-07 03:17 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-12 10:03 - 2017-07-07 03:17 - 00536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-07-12 10:03 - 2017-07-07 03:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-07-12 10:03 - 2017-07-07 03:16 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-12 10:03 - 2017-07-07 03:14 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-12 10:03 - 2017-07-07 03:14 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-07-12 10:03 - 2017-07-07 03:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-12 10:03 - 2017-07-07 03:12 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-12 10:03 - 2017-07-07 03:12 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-12 10:03 - 2017-07-07 03:12 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-07-12 10:03 - 2017-07-07 03:12 - 01420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-12 10:03 - 2017-07-07 03:12 - 01305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-07-12 10:03 - 2017-07-07 03:12 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-12 10:03 - 2017-07-07 03:11 - 03139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-07-12 10:03 - 2017-07-07 03:11 - 02649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-12 10:03 - 2017-07-07 03:11 - 02177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-12 10:03 - 2017-07-07 03:11 - 00986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-07-12 10:03 - 2017-07-07 03:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-07-12 10:03 - 2017-07-07 03:10 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-12 10:03 - 2017-07-07 03:10 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-12 10:03 - 2017-07-07 03:07 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-12 10:03 - 2017-07-07 03:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-07-12 10:03 - 2017-07-07 03:05 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-12 10:03 - 2017-07-07 03:04 - 01703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-07-12 10:03 - 2017-07-07 03:04 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-12 10:03 - 2017-06-20 03:18 - 01564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-12 10:03 - 2017-06-20 03:18 - 00096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-12 10:03 - 2017-06-20 03:17 - 00629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-12 10:03 - 2017-06-20 03:17 - 00544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-12 10:03 - 2017-06-20 03:17 - 00334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-12 10:03 - 2017-06-20 03:17 - 00136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-12 10:03 - 2017-06-20 03:16 - 01214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-12 10:03 - 2017-06-20 03:04 - 00472728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-07-12 10:03 - 2017-06-20 03:03 - 00179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-07-12 10:03 - 2017-06-20 03:02 - 02645688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-12 10:03 - 2017-06-20 03:02 - 00426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-12 10:03 - 2017-06-20 03:00 - 00558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-12 10:03 - 2017-06-20 03:00 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-12 10:03 - 2017-06-20 02:59 - 01054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-07-12 10:03 - 2017-06-20 02:59 - 00583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-07-12 10:03 - 2017-06-20 02:58 - 00406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-12 10:03 - 2017-06-20 02:58 - 00203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-12 10:03 - 2017-06-20 02:16 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2017-07-12 10:03 - 2017-06-20 02:16 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-12 10:03 - 2017-06-20 02:14 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-07-12 10:03 - 2017-06-20 02:13 - 00216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 10:03 - 2017-06-20 02:13 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2017-07-12 10:03 - 2017-06-20 02:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2017-07-12 10:03 - 2017-06-20 02:12 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-07-12 10:03 - 2017-06-20 02:12 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-12 10:03 - 2017-06-20 02:10 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-07-12 10:03 - 2017-06-20 02:10 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-07-12 10:03 - 2017-06-20 02:09 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2017-07-12 10:03 - 2017-06-20 02:09 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-07-12 10:03 - 2017-06-20 02:09 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-12 10:03 - 2017-06-20 02:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2017-07-12 10:03 - 2017-06-20 02:09 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-12 10:03 - 2017-06-20 02:09 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-07-12 10:03 - 2017-06-20 02:08 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2017-07-12 10:03 - 2017-06-20 02:08 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-07-12 10:03 - 2017-06-20 02:07 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-07-12 10:03 - 2017-06-20 02:07 - 00916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-07-12 10:03 - 2017-06-20 02:07 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-12 10:03 - 2017-06-20 02:07 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-07-12 10:03 - 2017-06-20 02:07 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-12 10:03 - 2017-06-20 02:06 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-07-12 10:03 - 2017-06-20 02:06 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 10:03 - 2017-06-20 02:06 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-12 10:03 - 2017-06-20 02:06 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-07-12 10:03 - 2017-06-20 02:06 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-07-12 10:03 - 2017-06-20 02:05 - 04447744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-12 10:03 - 2017-06-20 02:05 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2017-07-12 10:03 - 2017-06-20 02:05 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-12 10:03 - 2017-06-20 02:05 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-07-12 10:03 - 2017-06-20 02:05 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2017-07-12 10:03 - 2017-06-20 02:05 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-12 10:03 - 2017-06-20 02:05 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-12 10:03 - 2017-06-20 02:04 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-12 10:03 - 2017-06-20 02:04 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-07-12 10:03 - 2017-06-20 02:03 - 01396224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-07-12 10:03 - 2017-06-20 02:02 - 03204096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-07-12 10:03 - 2017-06-20 02:02 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-12 10:03 - 2017-06-20 02:02 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-12 10:03 - 2017-06-20 02:02 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-12 10:03 - 2017-06-20 02:02 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2017-07-12 10:03 - 2017-06-20 02:01 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-12 10:03 - 2017-06-20 02:01 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-07-12 10:03 - 2017-06-20 02:01 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-12 10:03 - 2017-06-20 02:01 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-07-12 10:03 - 2017-06-20 02:01 - 00397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-07-12 10:03 - 2017-06-20 02:00 - 03057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-12 10:03 - 2017-06-20 01:59 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-07-12 10:03 - 2017-06-20 01:58 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-07-12 10:03 - 2017-06-20 01:57 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-07-12 10:03 - 2017-06-20 01:57 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2017-07-12 10:03 - 2017-06-20 01:56 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-07-12 10:03 - 2017-06-20 01:56 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv
2017-07-12 04:42 - 2017-07-12 04:42 - 00000099 _____ C:\Users\Carlos Ruesta\.bash_profile
2017-07-09 10:26 - 2017-07-09 10:26 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\RStudio
2017-07-08 12:19 - 2017-07-08 12:19 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\R
2017-07-08 07:38 - 2017-07-08 07:38 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\LocalStorage
2017-07-08 07:23 - 2017-07-08 07:23 - 00000307 _____ C:\Users\Carlos Ruesta\.bashrc
2017-07-08 06:09 - 2017-07-11 06:59 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\Postman
2017-07-08 06:09 - 2017-07-08 06:09 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Postman
2017-07-08 06:09 - 2017-07-08 06:09 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\Postman
2017-07-08 06:01 - 2017-07-09 10:26 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\RStudio-Desktop
2017-07-08 06:01 - 2017-07-08 06:02 - 00018432 _____ C:\Users\Carlos Ruesta\AppData\Local\WebpageIcons.db
2017-07-07 07:13 - 2017-07-07 07:13 - 00028187 _____ C:\ZA-Scan.txt
2017-07-07 05:01 - 2017-07-07 05:01 - 00000000 ____D C:\zoek_backup
2017-07-07 04:05 - 2017-07-07 04:04 - 00400464 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-07-05 05:11 - 2017-07-05 05:12 - 00003294 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-07-05 05:02 - 2017-07-05 05:02 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2017-07-05 05:02 - 2017-07-05 05:02 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-07-05 05:00 - 2017-07-05 05:00 - 00000020 ___SH C:\Users\Carlos Ruesta\ntuser.ini
2017-07-04 18:06 - 2017-07-04 18:07 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-07-04 18:06 - 2017-07-04 18:07 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-07-04 18:01 - 2017-07-14 19:16 - 00004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3BF6FE82-3880-4C1A-BE0D-F02EE6665C73}
2017-07-04 18:01 - 2017-07-13 15:04 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-04 18:01 - 2017-07-08 05:07 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-07-04 18:01 - 2017-07-07 05:16 - 00004016 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1461195703
2017-07-04 18:01 - 2017-07-04 18:02 - 00003568 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-07-04 18:01 - 2017-07-04 18:02 - 00003124 _____ C:\WINDOWS\System32\Tasks\TechSmith Updater
2017-07-04 18:01 - 2017-07-04 18:01 - 00003514 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-04 18:01 - 2017-07-04 18:01 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-07-04 18:01 - 2017-07-04 18:01 - 00003344 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-07-04 18:01 - 2017-07-04 18:01 - 00003290 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-04 18:01 - 2017-07-04 18:01 - 00002544 _____ C:\WINDOWS\System32\Tasks\GridinSoft Anti-Malware
2017-07-04 18:01 - 2017-07-04 18:01 - 00002528 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2017-07-04 18:01 - 2017-07-04 18:01 - 00002528 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2017-07-04 18:01 - 2017-07-04 18:01 - 00002304 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton
2017-07-04 18:01 - 2017-07-04 18:01 - 00002146 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-07-04 18:01 - 2017-07-04 18:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-07-04 17:57 - 2017-07-13 15:10 - 01896798 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-04 17:47 - 2017-07-04 17:47 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-07-04 17:47 - 2017-07-04 17:47 - 00000000 ____D C:\Users\Todos os Usuários\USOShared
2017-07-04 17:47 - 2017-07-04 17:47 - 00000000 ____D C:\ProgramData\USOShared
2017-07-04 17:43 - 2017-07-04 17:49 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-07-04 17:41 - 2017-07-12 04:42 - 00000000 ____D C:\Users\Carlos Ruesta
2017-07-04 17:41 - 2017-07-04 17:41 - 00000000 _SHDL C:\Users\Carlos Ruesta\Modelos
2017-07-04 17:41 - 2017-07-04 17:41 - 00000000 _SHDL C:\Users\Carlos Ruesta\Meus Documentos
2017-07-04 17:41 - 2017-07-04 17:41 - 00000000 _SHDL C:\Users\Carlos Ruesta\Menu Iniciar
2017-07-04 17:41 - 2017-07-04 17:41 - 00000000 _SHDL C:\Users\Carlos Ruesta\Dados de Aplicativos
2017-07-04 17:41 - 2017-07-04 17:41 - 00000000 _SHDL C:\Users\Carlos Ruesta\Configurações Locais
2017-07-04 17:41 - 2017-07-04 17:41 - 00000000 _SHDL C:\Users\Carlos Ruesta\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-04 17:41 - 2017-07-04 17:41 - 00000000 _SHDL C:\Users\Carlos Ruesta\AppData\Local\Histórico
2017-07-04 17:41 - 2017-07-04 17:41 - 00000000 _SHDL C:\Users\Carlos Ruesta\AppData\Local\Dados de Aplicativos
2017-07-04 17:41 - 2017-07-04 17:41 - 00000000 _SHDL C:\Users\Carlos Ruesta\Ambiente de Rede
2017-07-04 17:41 - 2017-07-04 17:41 - 00000000 _SHDL C:\Users\Carlos Ruesta\Ambiente de Impressão
2017-07-04 17:40 - 2017-07-04 17:44 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-07-04 17:40 - 2017-07-04 17:44 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-04 17:40 - 2017-07-04 17:40 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-07-04 17:40 - 2017-07-04 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-07-04 17:40 - 2017-07-04 17:40 - 00000000 ____D C:\Program Files\Synaptics
2017-07-04 17:40 - 2017-07-04 17:40 - 00000000 ____D C:\Program Files (x86)\AMD
2017-07-04 17:39 - 2017-07-04 17:40 - 00000000 ____D C:\Program Files\AMD
2017-07-04 17:39 - 2017-07-04 17:39 - 01019725 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat
2017-07-04 17:39 - 2017-07-04 17:39 - 00456036 _____ C:\WINDOWS\system32\Drivers\rtwavesmapro.dat
2017-07-04 17:39 - 2017-07-04 17:39 - 00031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2017-07-04 17:39 - 2017-07-04 17:39 - 00010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2017-07-04 17:39 - 2017-07-04 17:39 - 00000000 ____H C:\Users\Todos os Usuários\DP45977C.lfl
2017-07-04 17:39 - 2017-07-04 17:39 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-07-04 17:39 - 2017-07-04 17:39 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-07-04 17:39 - 2017-07-04 17:39 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2017-07-04 17:39 - 2017-07-04 17:39 - 00000000 ____D C:\Program Files\Realtek
2017-07-04 17:39 - 2017-07-04 17:39 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-07-04 17:38 - 2017-07-13 15:05 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-04 17:38 - 2017-07-04 17:38 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-07-04 17:38 - 2017-07-04 17:38 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-07-04 17:38 - 2017-07-04 17:38 - 00000000 ____D C:\Program Files\Intel
2017-07-04 17:38 - 2017-07-04 17:38 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-07-04 17:38 - 2017-03-18 17:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-07-04 17:36 - 2017-07-14 19:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-04 17:36 - 2017-07-13 11:43 - 00409776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-04 17:32 - 2017-07-04 17:32 - 00000000 ____D C:\Windows.old
2017-07-04 17:31 - 2017-07-04 17:31 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-07-04 17:31 - 2017-07-04 17:31 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-07-04 17:31 - 2017-07-04 17:31 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-07-04 17:31 - 2017-07-04 17:31 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-07-04 17:31 - 2017-07-04 17:31 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-07-04 17:31 - 2017-07-04 17:31 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-07-04 17:30 - 2017-07-04 17:30 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-07-04 17:30 - 2017-07-04 17:30 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-07-04 17:30 - 2017-07-04 17:30 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-07-04 17:30 - 2017-07-04 17:30 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-04 17:30 - 2017-07-04 17:30 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-07-04 17:30 - 2017-07-04 17:30 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-07-04 17:30 - 2017-07-04 17:30 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-07-04 17:25 - 2017-07-04 17:36 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-07-04 17:24 - 2017-07-04 17:24 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-07-04 17:21 - 2017-07-04 17:21 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-07-02 07:08 - 2017-07-05 05:00 - 00000000 ___DC C:\WINDOWS\Panther
2017-07-01 18:40 - 2017-07-01 18:40 - 01277728 _____ C:\WINDOWS\isRS-000.tmp
2017-07-01 17:32 - 2017-07-02 06:54 - 00000000 ____D C:\Program Files\GridinSoft Anti-Malware
2017-07-01 17:32 - 2017-07-01 17:32 - 00000000 ____D C:\Users\Todos os Usuários\GridinSoft
2017-07-01 17:32 - 2017-07-01 17:32 - 00000000 ____D C:\ProgramData\GridinSoft
2017-07-01 17:04 - 2017-07-04 17:53 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-01 12:20 - 2017-07-13 15:09 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\LocalLow\Mozilla
2017-06-30 13:54 - 2017-06-30 13:54 - 00029456 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\gtkdrv.sys
2017-06-30 00:36 - 2017-07-02 07:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-29 19:13 - 2017-06-29 19:13 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\UNP
2017-06-26 06:00 - 2017-07-04 17:42 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2017-06-26 05:59 - 2017-06-26 06:00 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\Amazon
2017-06-26 05:47 - 2017-06-26 05:47 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\Wondershare Video Converter Ultimate
2017-06-26 05:47 - 2017-06-26 05:47 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2017-06-26 05:45 - 2017-07-04 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-06-26 05:45 - 2017-06-26 05:45 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\Wondershare
2017-06-26 05:44 - 2017-06-26 05:47 - 00000000 ____D C:\Users\Todos os Usuários\Wondershare Video Converter Ultimate
2017-06-26 05:44 - 2017-06-26 05:47 - 00000000 ____D C:\Users\Todos os Usuários\Wondershare
2017-06-26 05:44 - 2017-06-26 05:47 - 00000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
2017-06-26 05:44 - 2017-06-26 05:47 - 00000000 ____D C:\ProgramData\Wondershare
2017-06-26 05:44 - 2017-06-26 05:44 - 00000000 ____D C:\Program Files (x86)\Wondershare
2017-06-26 05:44 - 2015-02-27 14:38 - 00721263 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll
2017-06-26 05:44 - 2015-02-27 14:38 - 00214528 _____ () C:\WINDOWS\SysWOW64\WSCM32.dll
2017-06-25 17:34 - 2017-06-25 17:34 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-23 22:58 - 2017-07-04 17:49 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-06-23 22:58 - 2017-06-29 19:32 - 00000000 ____D C:\Program Files\UNP
2017-06-13 07:49 - 2017-06-13 07:54 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\CutePDF Writer
2017-06-13 07:48 - 2017-07-04 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
2017-06-13 07:48 - 2017-06-13 07:48 - 00000000 ____D C:\Program Files (x86)\GPLGS
2017-06-13 07:48 - 2017-06-13 07:48 - 00000000 ____D C:\Program Files (x86)\Acro Software
2017-06-13 07:48 - 2012-10-04 19:49 - 00087152 _____ C:\WINDOWS\system32\cpwmon64.dll
2017-06-06 22:13 - 2017-06-06 22:13 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\SpotifyWebRecorder
2017-06-06 22:13 - 2017-06-06 22:13 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\Geckofx
2017-06-06 12:15 - 2017-07-07 04:06 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-01 05:23 - 2017-02-16 02:07 - 00066136 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynRMIHID.sys
2017-05-29 22:05 - 2017-07-04 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saraiva Reader
2017-05-27 11:28 - 2017-05-27 11:28 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\calibre-cache
2017-05-27 11:27 - 2017-05-27 13:30 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\calibre
2017-05-27 11:26 - 2017-07-04 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2017-05-27 11:26 - 2017-05-27 11:26 - 00000000 ____D C:\Program Files (x86)\Calibre2
2017-05-20 10:01 - 2017-07-04 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2017-05-20 10:01 - 2017-07-01 19:00 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\Code
2017-05-20 10:01 - 2017-05-20 10:01 - 00000000 ____D C:\Users\Carlos Ruesta\.vscode
2017-05-20 10:00 - 2017-05-20 10:01 - 00000000 ____D C:\Program Files (x86)\Microsoft VS Code
2017-05-20 00:39 - 2017-05-20 00:39 - 00087904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UNPUXWorker.exe
2017-05-17 12:17 - 2017-03-04 03:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-12 16:12 - 2017-05-12 16:12 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\Google
2017-05-07 06:00 - 2017-05-07 07:34 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\Oracle SQL Developer Data Modeler
2017-05-07 06:00 - 2017-05-07 07:34 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\datamodeler
2017-04-25 01:06 - 2017-04-25 01:06 - 00795616 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-04-25 01:06 - 2017-04-25 01:06 - 00795616 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-04-25 00:56 - 2017-04-25 00:56 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-04-25 00:55 - 2017-04-25 00:55 - 00204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2017-04-25 00:55 - 2017-04-25 00:55 - 00204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2017-04-25 00:55 - 2017-04-25 00:55 - 00157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2017-04-25 00:55 - 2017-04-25 00:55 - 00157144 _____ C:\WINDOWS\system32\ativvsva.dat
2017-04-25 00:51 - 2017-04-25 00:51 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2017-04-22 14:36 - 2017-07-08 07:23 - 00000898 _____ C:\Users\Carlos Ruesta\.viminfo

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-07-14 19:22 - 2016-04-21 06:38 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2017-07-14 19:20 - 2017-03-18 18:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-14 19:20 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-14 06:00 - 2016-04-21 20:00 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\Slack
2017-07-13 15:31 - 2016-04-20 21:34 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-07-13 15:10 - 2017-03-20 00:58 - 00793316 _____ C:\WINDOWS\system32\prfh0416.dat
2017-07-13 15:10 - 2017-03-20 00:58 - 00182616 _____ C:\WINDOWS\system32\prfc0416.dat
2017-07-13 15:05 - 2016-04-21 06:37 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2017-07-13 15:05 - 2016-04-21 06:37 - 00000000 ____D C:\ProgramData\GbPlugin
2017-07-13 15:05 - 2015-09-01 19:17 - 00000000 __SHD C:\Users\Carlos Ruesta\IntelGraphicsProfiles
2017-07-13 15:04 - 2017-03-18 18:01 - 00000000 ____D C:\WINDOWS\INF
2017-07-13 15:04 - 2016-05-21 06:41 - 00028376 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2017-07-13 15:04 - 2016-04-21 06:37 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2017-07-13 15:03 - 2017-03-18 08:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-07-13 12:18 - 2016-04-20 20:01 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\Packages
2017-07-13 11:48 - 2015-09-07 09:24 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-13 11:40 - 2017-03-18 18:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-13 11:40 - 2017-03-18 18:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-07-13 11:40 - 2017-03-18 18:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-13 11:40 - 2017-03-18 18:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-07-13 11:40 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-13 11:40 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-07-13 11:40 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-13 11:40 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-07-13 11:40 - 2017-03-18 18:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-13 11:40 - 2017-03-18 18:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-13 11:40 - 2017-03-18 18:03 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-13 06:36 - 2016-04-20 20:26 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-12 10:10 - 2017-03-18 17:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-12 10:02 - 2016-04-20 22:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-12 10:00 - 2016-04-20 22:04 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-12 07:36 - 2016-04-21 17:39 - 00000600 _____ C:\Users\Carlos Ruesta\AppData\Roaming\winscp.rnd
2017-07-12 04:11 - 2016-04-20 20:48 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-07-08 06:09 - 2016-04-21 20:00 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\SquirrelTemp
2017-07-08 06:04 - 2016-04-21 07:00 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\TortoiseGit
2017-07-07 19:45 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\rescache
2017-07-07 19:31 - 2016-03-21 05:48 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\LocalLow\LastPass
2017-07-07 05:34 - 2016-04-21 09:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-07-07 05:17 - 2017-03-18 08:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-07-07 05:16 - 2016-04-20 20:41 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-07-07 05:15 - 2016-04-21 06:38 - 00029816 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddreg64.sys
2017-07-07 04:35 - 2017-03-18 18:03 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2017-07-07 04:35 - 2017-03-18 18:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-07 04:15 - 2016-04-21 06:55 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\Skype
2017-07-07 04:09 - 2016-08-26 05:40 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\Spotify
2017-07-07 04:09 - 2016-08-26 05:39 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\Spotify
2017-07-07 04:06 - 2016-04-20 20:39 - 00361336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2017-07-07 04:04 - 2016-04-20 20:39 - 00585608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-07-07 04:04 - 2016-04-20 20:39 - 00360792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.149941116662506
2017-07-07 04:04 - 2016-04-20 20:39 - 00198768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-07-07 04:04 - 2016-04-20 20:39 - 00146664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-07-07 04:04 - 2016-04-20 20:39 - 00110352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-07-07 04:04 - 2016-04-20 20:39 - 00084392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-07-07 04:04 - 2016-04-20 20:39 - 00046984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-07-07 04:03 - 2017-03-13 05:39 - 00343264 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-07-07 04:03 - 2017-03-13 05:39 - 00319984 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-07-07 04:03 - 2017-03-13 05:39 - 00198944 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-07-07 04:03 - 2017-03-13 05:39 - 00057704 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-07-07 04:03 - 2016-04-20 20:39 - 01015848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-07-07 04:03 - 2016-04-20 20:39 - 00554528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-07-07 04:03 - 2015-09-05 08:12 - 00041800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-07-05 05:12 - 2016-04-20 20:07 - 00002399 _____ C:\Users\Carlos Ruesta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-05 05:12 - 2015-09-04 15:18 - 00000000 ___RD C:\Users\Carlos Ruesta\OneDrive
2017-07-05 03:25 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-07-04 18:09 - 2017-03-18 18:03 - 00000000 ____D C:\Program Files\Windows NT
2017-07-04 18:08 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-07-04 18:08 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\Registration
2017-07-04 18:06 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-07-04 18:02 - 2017-03-20 00:59 - 00000000 ____D C:\WINDOWS\HoloShell
2017-07-04 18:02 - 2016-09-14 05:57 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-07-04 18:01 - 2017-03-18 18:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-07-04 17:49 - 2017-03-21 05:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
2017-07-04 17:49 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-07-04 17:49 - 2016-10-05 05:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2017-07-04 17:49 - 2016-05-15 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AceMoney
2017-07-04 17:49 - 2016-04-27 20:41 - 00000000 ____D C:\Users\Todos os Usuários\regid.1995-08.com.techsmith
2017-07-04 17:49 - 2016-04-27 20:41 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2017-07-04 17:49 - 2016-04-27 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2017-07-04 17:49 - 2016-04-27 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SnagIt 7
2017-07-04 17:49 - 2016-04-21 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2017-07-04 17:49 - 2016-04-21 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2017-07-04 17:49 - 2016-04-21 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2017-07-04 17:49 - 2016-04-21 17:49 - 00000000 ____D C:\WINDOWS\system32\instantclient_11_2
2017-07-04 17:49 - 2016-04-21 17:48 - 00000000 ____D C:\WINDOWS\SysWOW64\instantclient_11_2
2017-07-04 17:49 - 2016-04-21 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Database 11g Express Edition
2017-07-04 17:49 - 2016-04-21 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2017-07-04 17:49 - 2016-04-21 07:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-07-04 17:49 - 2016-04-21 06:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseGit
2017-07-04 17:49 - 2016-04-21 06:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2017-07-04 17:49 - 2016-04-21 06:34 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-04 17:49 - 2016-04-21 06:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-04 17:49 - 2016-04-21 06:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-07-04 17:49 - 2016-04-21 06:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-07-04 17:49 - 2016-04-21 05:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-07-04 17:47 - 2017-03-18 18:03 - 00000000 ____D C:\Users\Todos os Usuários\USOPrivate
2017-07-04 17:47 - 2017-03-18 18:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-07-04 17:45 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-07-04 17:45 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-07-04 17:44 - 2017-04-04 05:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB2017
2017-07-04 17:44 - 2017-03-29 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2017-07-04 17:44 - 2017-03-18 18:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-04 17:44 - 2017-03-15 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-07-04 17:44 - 2016-09-25 11:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-07-04 17:44 - 2016-07-18 04:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Palo Alto Networks
2017-07-04 17:44 - 2016-04-29 05:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
2017-07-04 17:42 - 2017-04-04 05:17 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2017
2017-07-04 17:42 - 2016-04-21 20:00 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies
2017-07-04 17:42 - 2016-04-21 10:12 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MySQL
2017-07-04 17:40 - 2017-03-18 08:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-07-04 17:39 - 2015-09-07 13:31 - 00000000 ____D C:\AMD
2017-07-04 17:35 - 2017-03-18 18:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-07-04 17:32 - 2017-03-18 18:06 - 00000000 ____D C:\WINDOWS\Setup
2017-07-04 17:31 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-07-04 17:31 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-07-04 17:31 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-07-04 17:31 - 2017-03-18 08:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-07-04 17:03 - 2017-03-20 01:28 - 00000000 ___HD C:\$WINDOWS.~BT
2017-07-04 06:08 - 2016-09-17 06:39 - 00565416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-07-02 07:14 - 2016-04-21 07:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-02 06:53 - 2016-04-21 21:09 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\CheckPoint
2017-07-01 18:40 - 2016-04-21 10:56 - 00000645 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2017-07-01 17:04 - 2016-04-20 20:12 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-30 13:26 - 2016-04-21 06:55 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2017-06-30 13:26 - 2016-04-21 06:55 - 00000000 ____D C:\ProgramData\Skype
2017-06-30 11:47 - 2017-03-18 18:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 11:47 - 2017-03-18 18:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-27 12:20 - 2017-04-11 05:33 - 00001042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-06-26 06:47 - 2016-04-21 05:10 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Roaming\Audacity
2017-06-25 18:04 - 2016-04-21 20:00 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\slack
2017-06-14 18:30 - 2016-04-20 21:34 - 00000000 ____D C:\Users\Carlos Ruesta\AppData\Local\Dropbox

==================== Arquivos na raiz de alguns diretórios =======

2016-04-21 17:39 - 2017-07-12 07:36 - 0000600 _____ () C:\Users\Carlos Ruesta\AppData\Roaming\winscp.rnd
2017-07-08 06:01 - 2017-07-08 06:02 - 0018432 _____ () C:\Users\Carlos Ruesta\AppData\Local\WebpageIcons.db
2017-07-04 17:39 - 2017-07-04 17:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2017-07-04 17:36

==================== Fim de FRST.txt ============================

 

 

Addition.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites
diego_moicano    465

Amigo,

 

Citação

Prezado @diogo_moicano

 

É Diego ;)

 

O FRST deve ser executado diretamente da Área de Trabalho (Desktop), no entanto você executou da pasta:

 

Executando a partir de E:\Desktop\Limpar PC

 

Delete-o daí, baixe um novo para o Desktop, execute o FRST, marque a opção Addition e clique no botão Examinar.

 

Note: você deve executá-lo no Desktop da partição na qual o Windows está instalado.

 

Anexe os logs.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
diego_moicano    465

Caro @Carlos Ruesta

 

>>> Amigo, este computador é pessoal ou pertence a FMB?

 

>>> Não é recomendável ter mais de um antivírus instalado no Windows

 

Citação

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

 

Escolha um deles e desinstale/desative o outro. Caso escolha o Windows Defender, desinstale completamente o Avast.

 

Me informe qual ficou.

 

>>> Ative o firewall do Windows?

 

>>> As propagandas ainda continuam?

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite @diego_moicano

 

- Este computador é pessoal. FMB é um produto

- Desinstalei o AVast e ativei o Winder Defender;

- Após ativar firewall, verifiquei o chrome e constatei que continua com o mesmo problema

 

- Tentei reinstalando o chrome, mas o problema persiste. Após a instalação percebi que todos os arquivos  ficam com data/hora da instalação, exceto o chrome.exe que fica com data de 23/06/2017 00:21.

Acreito que tem algum virus recolocando esse arquivo infetado no local do chrome.

 

Obrigado,

 

 

 

 

 

Editado por Carlos Ruesta
Mais detalhes do problema

Compartilhar este post


Link para o post
Compartilhar em outros sites
diego_moicano    465

Caro @Carlos Ruesta

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o arquivo (fixlist.txt) no anexo deste post e salve-o na Área de Trabalho (Desktop).

Execute o FRST.exe (ou FRST64.exe) e clique no botão Corrigir.

Aguarde... ao final será gerado o log Fixlog.txt  salvo em sua Área de Trabalho (Desktop).

Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

fixlist.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite @diego_moicano

 

Segue o log em anexo.

 

Verifiquei que o Chrome passou a funcionar normalmente.

 

Muito obrigado pela ajuda.

 

Carlos.

Fixlog.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites
diego_moicano    465

Caro @Carlos Ruesta

 

Acesse o site Malwarebytes, clique em Download Gratuito e baixe o arquivo para sua Área de Trabalho (Desktop).

 

Desative antivírus, antispywares, enfim, programas de prevenção para não causar conflitos.

 

Clique com o botão direito do mouse no arquivo setup.exe e escolha: Executar como Administrador

 

  • Siga os passos para a instalação;
  • Ao clicar em Concluir aguarde o programa ser aberto;
  • No alto à direita clique em Atualizar agora;
  • O navegador irá abrir, pode fechá-lo e aguarde o término das atualizações;
  • No painel à esquerda clique em Configurações;
  • Na aba Proteção ative Procurar rootkits;
  • Depois clique em Análise no painel à esquerda;
  • Então clique no botão Iniciar Análise e aguarde;
  • Quando o scan terminar uma janela irá se abrir próximo ao relógio;
  • Nela clique em Ver Resultado;
  • Deixe todas as entradas marcadas e clique no botão Colocar em Quarentena;
  • Na janela que abrir clique em Sim para que o computador seja reiniciado;
  • Uma vez reiniciado, abra novamente o Malwarebytes e clique em Histórico e cliquem em Excluir Tudo (opcional);
  • O log será salvo automaticamente pelo programa.
  • Para exportá-lo, clique na aba Histórico > Registros do aplicativo na janela principal do programa;
  • Clique duas vezes em cima do log mais atual e exporte em .TXT;
  • Poste em sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia @diego_moicano

 

Desculpe a demora para responder. Estive de férias essas 2 ultimas semanas e não deu para fazer os passos enviados no seu ultimo post.

 

Agora eu consegui e ao parecer está tudo ok. Pois ele não encontrou ameaças. Segue o relatório dos resultados da análise.

 

Muito obrigado.

 

Carlos

 

 

 

Resultado.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites
diego_moicano    465

Caro @Carlos Ruesta

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Stinger e salve em sua Área de trabalho (Desktop).
32 bit (x86) ou 64 bit (x64)

  • Execute o arquivo Stinger.exe como Administrador.
  • Clique no botão “I Accept”


Stinger%20a.png

Na nova janela clique em “Advanced” e depois “Settings”

Stinger%20b.png

Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

9hnsyu.png

Clique em “Customize my Scan”

Stinger%20f.png

Selecione as unidades do sistema e em seguida clique no botão “Scan”

Stinger%20g.png

Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.
Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
diego_moicano    465

Caro @Carlos Ruesta

 

Baixe Security Check, by glax24 e salve em sua Área de trabalho (Desktop).

 

Execute o arquivo como Administrador

  • Aguarde enquanto a ferramenta faz o exame.
  • Ao final salve log como SecurityCheck.html
  • Abra o arquivo com o bloco de notas;
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia @diego_moicano,

 

Segue em anexo o log da execução solicitado.

 

Uma nova máquina aqui em casa se infectou com esse cara do browser do chrome. Seria possível verificar para mim também? Ela está com o mesmo comportamento de abri propagandas quando clico em links dentro do chrome.

 

Muito obrigado.

 

Carlos.

 

SecurityCheck.txt

Editado por Carlos Ruesta

Compartilhar este post


Link para o post
Compartilhar em outros sites
diego_moicano    465

Caro @Carlos Ruesta

 

Preciso que o log seja salvo em html e que seja copiado aqui e não anexado, por favor. ;)

 

Citação

Ao final salve log como SecurityCheck.html

 

Amigo, sobre o outro computador irei precisar entrar em contato com a coordenação, pois em princípio e de acordo com as regras não poderia.

 

Por favor, me aguarde com a resposta, porém já pode ir postando o log em sua próxima resposta.

 

Abraços :D

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia @diego_moicano

 

Segue o log do Security Check. Obrigado pela ajuda.

 

SecurityCheck by glax24 & Severnyj v.1.4.0.52 [25.07.17]
WebSite: www.safezone.cc
DateLog: 08.08.2017 06:23:28
Path starting: C:\Users\Carlos Ruesta\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Carlos Ruesta
VersionXML: 4.54is-05.08.2017
___________________________________________________________________________

Windows 10(6.3.15063) (x64) Core Release: 1703 Lang: Portuguese(0416)
Installation date OS: 04.07.2017 21:09:43
LicenseStatus: Windows(R), Core edition The machine is permanently activated.
LicenseStatus: Office 16, Office16O365HomePremR_Subscription4 edition Timebased activation will expire :55430 minutes
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [194.3 Gb] Used: [63.8 Gb] Free: [130.5 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.483.15063.0
User Account Control enabled
Automatically download and schedule installation
Windows Update (wuauserv) - The service is running
Central de Segurança (wscsvc) - The service is running
Registro remoto (RemoteRegistry) - The service has stopped
Descoberta SSDP (SSDPSRV) - The service is running
Serviços de Área de Trabalho Remota (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Firewall do Windows (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
-------------------------- [ SecurityUtilities ] --------------------------
GridinSoft Anti-Malware v.3.1.2
--------------------------- [ OtherUtilities ] ----------------------------
WinRAR 5.31 (64-bit) v.5.31.0 Warning! Download Update
KeePass Password Safe 2.32 v.2.32
TeamViewer 12 v.12.0.81460
TeamViewer 12 (TeamViewer) - The service is running
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.38 v.7.38.101 Warning! Download Update
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 91 (64-bit) v.8.0.910.14 Warning! Download Update
Uninstall old version and install new one (jre-8u144-windows-x64.exe).
Java SE Development Kit 8 Update 91 (64-bit) v.8.0.910.14 Warning! Download Update
Uninstall old version and install new one (jdk-8u144-windows-x64.exe).
Java 8 Update 91 v.8.0.910.14 Warning! Download Update
Uninstall old version and install new one (jre-8u144-windows-i586.exe).
Java SE Development Kit 8 Update 91 v.8.0.910.14 Warning! Download Update
Uninstall old version and install new one (jdk-8u144-windows-i586.exe).
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Acrobat Reader DC - Português v.17.009.20058
------------------------------- [ Browser ] -------------------------------
Google Chrome v.60.0.3112.90
Mozilla Firefox 54.0.1 (x86 en-US) v.54.0.1
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.59.0.3071.115
------------------ [ AntivirusFirewallProcessServices ] -------------------
McAfee Validation Trust Protection Service (mfevtp) - The service is running
C:\Windows\System32\mfevtps.exe
C:\Program Files\Windows Defender\MsMpEng.exe v.4.11.15063.447
C:\Program Files\Windows Defender\NisSrv.exe v.4.11.15063.0
C:\Program Files\Windows Defender\MSASCuiL.exe v.4.11.15063.0
Serviço Windows Defender Antivirus (WinDefend) - The service is running
Serviço de Inspeção de Rede do Windows Defender Antivirus (WdNisSvc) - The service is running
----------------------------- [ End of Log ] ------------------------------
 

Compartilhar este post


Link para o post
Compartilhar em outros sites
diego_moicano    465

Caro @Carlos Ruesta

 

Como está seu Windows?

 

PS: estou esperando a resposta do seu pedido.

 

# Etapa nº 1 #

 

Baixe o Delfix by Xplode e salve na sua área de trabalho.

 

Clique duas vezes no delfix.exe para executá-lo. Marque as caixas conforme imagem.

 

** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

 

2mez6ld.png

 

Clique no botão Executar.

 

Ao final será gerado um log, mas não é necessário postar.

# Etapa nº 2 #

imageproxy.php?img=http%3A%2F%2Fi65.tiny Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.

Por isso, é recomendável atualizar os programas que o Security Check apontou como desatualizados (os updates opcionais ficam ao seu critério).

Basta clicar no Download Update de cada aviso (post acima), que irá para o site do desenvolvedor.

<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

 

# Etapa nº 3 #

 

O Ccleaner é um excelente utilitário de limpeza para o computador.

 

Faça o download dele aqui Ccleaner

 

  • Após a instalação vá até o local onde o programa foi instalado, geralmente em C:\Arquivos de programas\CCleaner.
  • Clique duas vezes nesta pasta;
  • Numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta;
  • Coloque o nome de backups.
  • Abra o programa e clique em Executar Limpeza;
  • Clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...
  • Observação: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia @diego_moicano

 

Executei os passos indicados no último post. Agora o Windows e todos as minhas aplicações estão 100%. Muito obrigado!!!

 

Ainda me resta resolver o outro computador que ficou infetado aqui em casa. Se puder me ajudar desde já agradeço muito mesmo.

 

Abraço.

 

Carlos Ruesta

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites
diego_moicano    465

Caro @Carlos Ruesta

 

Ok amigo, foi liberado a postagem aqui, vamos continuar então... ;)

 

Siga os procedimentos do meu tópico inicial e poste os logs:

 

http://www.clubedohardware.com.br/forums/topic/1241859-com-problemas-no-chrome/?do=findComment&comment=6826926

 

Abraços :D

 

Compartilhar este post


Link para o post
Compartilhar em outros sites
diego_moicano    465

Caro @Carlos Ruesta

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


32 bit (x86) ou 64 bit (x64)

  • Clique com o botão direito e escolha Executar como Administrador;
  • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar;
  • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop);
  • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta;
  • Anexe o log Addition.txt.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário







Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×