Ir ao conteúdo
  • Cadastre-se
carolfarmacia

Vírus cria usuário no windows 7

Recommended Posts

Oi, boa noite!

Ontem liguei meu notebook, e meu antivírus não conseguiu inicializar com o Windows. Reiniciei o computador, e quando chegou na tela de escolha de usuário, apareceu um usuário com o nome "gpmofioeysv". Entrei no windows com o meu usuário, e procurei na internet algo a respeito, achei algo falando sobre um vírus que cria um usuário e configura o notebook para aceitar acesso remoto.
Consegui excluir o usuário. Reiniciei e não apareceu mais esse nome. Passei o antivírus, uso o ESET, mas nada foi encontrado.

Hoje, liguei o notebook e novamente, o usuário "gpmofioeysv" apareceu. Entrei no meu usuário, e o ESET novamente não conseguiu inicializar com o Windows. Dessa vez não passei antivírus e nem removi o usuário. Fiquei preocupada e resolvi procurar ajuda. Não sei o que fazer.

Segue o log do ZA-Scan.

ZA-Scan.txt

Editado por carolfarmacia
Esqueci de uma informação.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara @carolfarmacia

 

Você abriu o mesmo tópico no Linha Defensiva:

 

http://www.linhadefensiva.org/forum/topic/167689-possível-vírus-criou-usuário-do-windows/

 

Isto viola nossas regras.

 

De duas uma: ou você fica lá e tranca aqui, ou fica aqui e tranca lá! ;)

 

Aguardo sua escolha.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara @carolfarmacia

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:

 

  1. Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  2. O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  3. Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  4. Sempre coloque suas respostas neste tópico... Não abra outro!
  5. Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  6. Respeite a ordem das instruções passadas.

 

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Clique duas vezes para executar o jrt.exe.
 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 3 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano @carolfarmacia

 

# AdwCleaner v5.101 - Relatório criado 11/03/2016 às 19:33:28
# Atualizado 07/03/2016 por Xplode
# Banco de dados : 2016-03-08.1 [Servidor]
# Sistema operacional : Windows 7 Home Basic Service Pack 1 (x64)
# Usuário : Carol - CAROL-VAIO
# Executando de : C:\Users\Carol\Desktop\adwcleaner_5.101.exe
# Opção : Verificar
# Apoio : http://toolslib.net/forum

***** [ Serviços ] *****


***** [ Pastas ] *****


***** [ Arquivos ] *****

Arquivo Encontrado : C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_songr-portable.softonic.com.br_0.localstorage
Arquivo Encontrado : C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_songr-portable.softonic.com.br_0.localstorage-journal

***** [ DLL ] *****


***** [ Atalhos ] *****


***** [ Tarefas agendadas ] *****


***** [ Registro ] *****

Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}

***** [ Navegadores ] *****


*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [1039 bytes] - [11/03/2016 19:33:28]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [1132 bytes] ##########
 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 7 Home Basic x64 
Ran by Carol (Administrator) on 11/03/2016 at 19:39:05,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 41 

Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TYSD9LJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TWZDSJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\75PJC8IW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQSR1H53 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D1NSHRVV (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DABIJR91 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EGOZYJ7G (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZCLLUID (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GGEYJ7QB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HV8VTPZH (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OB0816TS (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OHZF5W2Q (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TB2806TG (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V3ASA7DU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X4TV0HBU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XFD4P6FI (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TYSD9LJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TWZDSJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\75PJC8IW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQSR1H53 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D1NSHRVV (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DABIJR91 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EGOZYJ7G (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZCLLUID (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GGEYJ7QB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HV8VTPZH (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OB0816TS (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OHZF5W2Q (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TB2806TG (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V3ASA7DU (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X4TV0HBU (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XFD4P6FI (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\SysWOW64\sho208F.tmp (File) 

Registry: 0 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11/03/2016 at 20:11:24,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

~ ZHPCleaner v2016.3.10.39 by Nicolas Coolman (2016/03/08)
~ Run by Carol (Administrator)  (11/03/2016 20:28:33)
~ Site : http://www.nicolascoolman.com
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparo
~ Report : C:\Users\Carol\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Carol\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)


---\\  Serviços (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Navegadores de Internet (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Arquivo hosts (1)
~ O arquivo hosts é legítimo (21)


---\\  Tarefas automáticas agendadas. (2)
SUPRIMIDO tarefas: [AutoKMS] [C:\Windows\Tasks\AutoKMS.job (Not File) ]  =>HackTool.AutoKMS
SUPRIMIDO tarefas: [AutoKMSDaily] [C:\Windows\Tasks\AutoKMSDaily.job (Not File) ]  =>HackTool.AutoKMS


---\\  Explorer ( Arquivos, Pastas) (6)
MOVIDO pasta: C:\Users\Carol\AppData\Roaming\unins000.exe [ - Setup/Uninstall]  =>PUP.Optional.Pirrit
MOVIDO pasta: C:\Windows\Tasks\AutoKMS.job    =>HackTool.AutoKMS
MOVIDO pasta: C:\Windows\Tasks\AutoKMSDaily.job    =>HackTool.AutoKMS
MOVIDO pasta: C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_songr-portable.softonic.com.br_0.localstorage    =>.Superfluous.Softonic
MOVIDO pasta: C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_songr-portable.softonic.com.br_0.localstorage-journal    =>.Superfluous.Softonic
MOVIDO pasta: C:\Windows\KMSEmulator.exe [ - Local KMS Host]  =>HackTool.AutoKMS


---\\  Registro ( Chaves, Valores, Dados ) (1)
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool]  =>Toolbar.Ask


---\\  Resumo dos elementos encontrados na sua estação de trabalho (4)
http://www.nicolascoolman.fr/?p=1804  =>HackTool.AutoKMS
http://www.nicolascoolman.fr/?p=914  =>PUP.Optional.Pirrit
http://www.nicolascoolman.fr/?p=5145  =>.Superfluous.Softonic
http://www.nicolascoolman.fr/?p=235  =>Toolbar.Ask


---\\  Dodatkowe oczyszczenie. (52)
~ Chave de registro Tracing Supprimido (52)
~ Remover os relatórios antigos ZHPCleaner. (0)


---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Opera Software)


---\\ Estatísticas
~ Items scan : 860
~ Items encontrado : 0
~ items cancelados : 0
~ Items réparo : 9


~ End of clean in 00h00mn18s
===================
ZHPCleaner-[R]-11032016-20_28_51.txt
ZHPCleaner--11032016-20_27_07.txt
 

Obrigada!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara @carolfarmacia

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


32 bit (x86) ou 64 bit (x64)

 

  • Clique duas vezes para executar a ferramenta.
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar.
  • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta.
  • Anexe o log Addition.txt

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:05-03-2016 01
Executado por Carol (administrador) em CAROL-VAIO (12-03-2016 14:12:48)
Executando a partir de C:\Users\Carol\Desktop
Perfis Carregados: Carol (Perfis Disponíveis: Carol)
Platform: Windows 7 Home Basic Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Spotify Ltd) C:\Users\Carol\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Carol\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Dropbox, Inc.) C:\Users\Carol\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Temp\A9AB6878-0EF0-4506-BBB0-00F235F86F45\DismHost.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-09] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [788640 2011-02-24] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-02-24] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2284328 2011-02-15] (Synaptics Incorporated)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [847160 2014-09-06] (GAS Tecnologia LTDA)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296520 2014-09-24] (RealNetworks, Inc.)
HKLM-x32\...\Run: [USB Security] => C:\Program Files (x86)\USB Disk Security\USBGuard.exe [695528 2015-01-31] (Zbshareware Lab)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-08-19] (Banco do Brasil)
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\...\Run: [Spotify Web Helper] => C:\Users\Carol\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-03-04] (Spotify Ltd)
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\...\Run: [Dropbox Update] => C:\Users\Carol\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\...\Run: [Spotify] => C:\Users\Carol\AppData\Roaming\Spotify\Spotify.exe [6754928 2016-03-04] (Spotify Ltd)
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [43816 2015-04-26] (Apple Inc.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1896320 2015-08-19] (Banco do Brasil)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carol\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carol\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carol\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carol\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carol\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carol\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carol\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Carol\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2014-09-24]
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Carol\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2015-05-27]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * 

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

AutoConfigURL: [S-1-5-21-1119962802-2877099889-4217796146-1000] => hxxp://www.grc.uenf.br/proxy.pac
Tcpip\Parameters: [DhcpNameServer] 200.222.122.134 192.168.0.1
Tcpip\..\Interfaces\{3140EEAD-C7D6-4B15-BEC8-46B151BBC376}: [DhcpNameServer] 200.222.122.134 192.168.0.1
ManualProxies: 0hxxp://www.grc.uenf.br/proxy.pac

Internet Explorer:
==================
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/pt-br/?ocid=U220DHP&pc=U220
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony.msn.com
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.sony.com.br/vaio
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-07-24] (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Nenhum Arquivo
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-07-24] (RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-08] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-02-24] (Atheros Commnucations)
BHO-x32: Auxiliar de Conexão do Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-08-19] (Banco do Brasil)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-08] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1119962802-2877099889-4217796146-1000 -> Sem Nome - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Nenhum Arquivo

FireFox:
========
FF ProfilePath: C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\5pvo9g2q.default
FF NetworkProxy: "autoconfig_url", "http://www.grc.uenf.br/proxy.pac"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.12.0 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-09-24] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.12 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-07-24] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.12.0 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-09-24] (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1119962802-2877099889-4217796146-1000: gastecnologia.com.br/sf/bb -> C:\Users\Carol\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-04-16] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-1119962802-2877099889-4217796146-1000: gastecnologia.com.br/sf/gas64 -> C:\Users\Carol\AppData\Local\GAS Tecnologia\GBBD\npsf_gas_64.dll [Nenhum Arquivo]
FF HKLM-x32\...\Firefox\Extensions: [{7C9C2591-51ED-44FA-8D03-450B92643F95}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-09-24] [não assinado]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => não encontrado (a)
FF HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Carol\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: GBBD Banco do Brasil - C:\Users\Carol\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2015-04-16] [não assinado]

Chrome: 
=======
CHR Profile: C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Planilhas do Google) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Documentos Google off-line) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (MailTrack para Gmail) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2016-03-10]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-07]
CHR Extension: (Gmail) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <não encontrado (a)>

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-02-24] (Atheros) [Arquivo não assinado]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [73376 2011-02-24] (Atheros Commnucations) [Arquivo não assinado]
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [Arquivo não assinado]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576 2015-08-12] (GAS Tecnologia)
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [46080 2010-03-25] () [Arquivo não assinado]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-24] ()
R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-09-24] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-24] () [Arquivo não assinado]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [258048 2013-03-04] (Sony Corporation) [Arquivo não assinado]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [847160 2014-09-06] (GAS Tecnologia LTDA)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [231520 2015-07-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-10-29] (GAS Tecnologia)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-09-24] ()
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-01-20] (GAS Tecnologia LTDA)
S3 esihdrv; \??\C:\Users\Carol\AppData\Local\Temp\esihdrv.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-03-12 14:12 - 2016-03-12 14:13 - 00025460 _____ C:\Users\Carol\Desktop\FRST.txt
2016-03-12 14:12 - 2016-03-12 14:12 - 00000000 ____D C:\FRST
2016-03-12 14:11 - 2016-03-12 14:11 - 02374144 _____ (Farbar) C:\Users\Carol\Desktop\FRST64.exe
2016-03-12 14:05 - 2016-03-12 14:05 - 00000000 ___RD C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-03-11 20:28 - 2016-03-11 20:28 - 00002691 _____ C:\Users\Carol\Desktop\ZHPCleaner.txt
2016-03-11 20:19 - 2016-03-11 20:28 - 00000000 ____D C:\Users\Carol\AppData\Roaming\ZHP
2016-03-11 20:19 - 2016-03-11 20:19 - 00000792 _____ C:\Users\Carol\Desktop\ZHPCleaner.lnk
2016-03-11 20:17 - 2016-03-11 20:17 - 02087424 _____ C:\Users\Carol\Desktop\ZHPCleaner.exe
2016-03-11 20:11 - 2016-03-11 20:11 - 00007176 _____ C:\Users\Carol\Desktop\JRT.txt
2016-03-11 19:38 - 2016-03-11 19:38 - 01609216 _____ (Malwarebytes) C:\Users\Carol\Desktop\JRT.exe
2016-03-11 19:32 - 2016-03-11 19:33 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-11 19:30 - 2016-03-11 19:30 - 01524224 _____ C:\Users\Carol\Desktop\adwcleaner_5.101.exe
2016-03-10 10:58 - 2016-03-10 10:58 - 00000930 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2016-03-10 10:57 - 2016-03-10 10:57 - 01199856 _____ ( ) C:\Users\Carol\Desktop\hwmonitor_1.28.exe
2016-03-09 21:11 - 2016-03-09 21:11 - 00023051 _____ C:\ZA-Scan.txt
2016-03-09 20:45 - 2016-03-09 20:46 - 01370112 _____ C:\Users\Carol\Desktop\ZA-Scan.exe
2016-03-08 18:11 - 2016-03-08 18:12 - 00003424 _____ C:\Users\Carol\Desktop\forum.txt
2016-03-08 18:09 - 2016-03-08 18:09 - 00000000 ____D C:\zoek_backup
2016-03-08 18:08 - 2016-03-08 18:08 - 01370112 _____ C:\Users\Carol\Downloads\ZA-Scan (1).exe
2016-03-08 18:07 - 2016-03-08 18:08 - 01370112 _____ C:\Users\Carol\Downloads\ZA-Scan.exe
2016-03-08 16:40 - 2016-02-09 03:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-08 16:40 - 2016-02-09 03:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-08 16:40 - 2016-02-08 18:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-08 16:40 - 2016-02-08 17:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-08 16:40 - 2016-02-08 17:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-08 16:40 - 2016-02-08 17:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-08 16:40 - 2016-02-08 17:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-08 16:40 - 2016-02-08 17:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-08 16:40 - 2016-02-08 17:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-08 16:40 - 2016-02-08 17:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-08 16:40 - 2016-02-08 17:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-08 16:40 - 2016-02-08 17:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-08 16:40 - 2016-02-08 17:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-08 16:40 - 2016-02-08 17:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-08 16:40 - 2016-02-08 17:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-08 16:40 - 2016-02-08 17:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-08 16:40 - 2016-02-08 17:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-08 16:40 - 2016-02-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-08 16:40 - 2016-02-08 17:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-08 16:40 - 2016-02-08 17:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-08 16:40 - 2016-02-08 17:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-08 16:40 - 2016-02-08 17:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-08 16:40 - 2016-02-08 17:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-08 16:40 - 2016-02-08 17:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-08 16:40 - 2016-02-08 17:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-08 16:40 - 2016-02-08 17:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-08 16:40 - 2016-02-08 17:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-08 16:40 - 2016-02-08 17:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-08 16:40 - 2016-02-08 17:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-08 16:40 - 2016-02-08 16:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-08 16:40 - 2016-02-08 16:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-08 16:40 - 2016-02-08 16:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-08 16:40 - 2016-02-08 15:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-08 16:40 - 2016-02-08 15:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-08 16:40 - 2016-02-08 15:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-08 16:40 - 2016-02-08 15:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-08 16:40 - 2016-02-08 15:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-08 16:40 - 2016-02-08 15:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-08 16:40 - 2016-02-08 15:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-08 16:40 - 2016-02-08 15:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-08 16:40 - 2016-02-08 15:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-08 16:40 - 2016-02-08 15:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-08 16:40 - 2016-02-08 15:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-08 16:40 - 2016-02-08 15:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-08 16:40 - 2016-02-08 15:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-08 16:40 - 2016-02-08 14:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-08 16:40 - 2016-02-08 14:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-08 16:40 - 2016-02-08 14:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-08 16:40 - 2016-02-08 14:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-08 16:40 - 2016-02-08 14:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-08 16:40 - 2016-02-08 14:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-08 16:40 - 2016-02-08 14:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-08 16:40 - 2016-02-08 14:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-08 16:40 - 2016-02-08 14:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-08 16:40 - 2016-02-08 14:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-08 16:40 - 2016-02-08 14:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-08 16:40 - 2016-02-08 13:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-08 16:39 - 2016-02-08 17:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-08 16:39 - 2016-02-08 15:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-08 16:39 - 2016-02-08 15:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-08 16:39 - 2016-02-08 15:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-08 16:39 - 2016-02-08 15:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-08 16:39 - 2016-02-08 15:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-08 16:39 - 2016-02-08 14:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-08 16:39 - 2016-02-08 14:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-08 16:39 - 2016-02-08 14:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-08 16:35 - 2016-02-12 15:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-08 16:35 - 2016-02-12 15:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-08 16:35 - 2016-02-04 14:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-08 16:35 - 2016-02-03 15:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-08 16:34 - 2016-02-12 15:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-08 16:34 - 2016-02-12 15:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-08 16:34 - 2016-02-12 15:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-08 16:34 - 2016-02-12 15:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-08 16:34 - 2016-02-12 15:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-08 16:34 - 2016-02-12 15:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-08 16:34 - 2016-02-12 15:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-08 16:34 - 2016-02-12 15:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-08 16:34 - 2016-02-12 15:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-08 16:34 - 2016-02-12 15:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-08 16:34 - 2016-02-12 15:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-08 16:34 - 2016-02-12 15:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-08 16:34 - 2016-02-12 15:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-08 16:34 - 2016-02-12 15:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-08 16:34 - 2016-02-03 15:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-08 16:34 - 2016-02-03 15:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-08 16:34 - 2016-02-03 15:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-08 16:34 - 2016-02-03 15:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-08 16:28 - 2016-02-11 15:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-08 16:28 - 2016-02-11 15:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-08 16:28 - 2016-02-11 15:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-08 16:28 - 2016-02-11 15:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-08 16:28 - 2016-02-11 15:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-08 16:28 - 2016-02-11 15:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-08 16:28 - 2016-02-11 15:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-08 16:28 - 2016-02-11 15:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-08 16:28 - 2016-02-11 15:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-08 16:28 - 2016-02-11 15:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-08 16:28 - 2016-02-11 15:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-08 16:28 - 2016-02-11 15:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-08 16:28 - 2016-02-11 15:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-08 16:28 - 2016-02-11 15:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-08 16:28 - 2016-02-11 15:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-08 16:28 - 2016-02-11 15:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-08 16:28 - 2016-02-11 15:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-08 16:28 - 2016-02-11 15:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-08 16:28 - 2016-02-11 15:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-08 16:28 - 2016-02-11 15:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-08 16:28 - 2016-02-11 15:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-08 16:28 - 2016-02-11 15:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-08 16:28 - 2016-02-11 15:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-08 16:28 - 2016-02-11 15:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-08 16:28 - 2016-02-11 15:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-08 16:28 - 2016-02-11 15:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-08 16:28 - 2016-02-11 15:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-08 16:28 - 2016-02-11 15:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-08 16:28 - 2016-02-11 15:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-08 16:28 - 2016-02-11 15:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-08 16:28 - 2016-02-11 15:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-08 16:28 - 2016-02-11 15:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-08 16:28 - 2016-02-11 15:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-08 16:28 - 2016-02-11 15:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-08 16:28 - 2016-02-11 15:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-08 16:28 - 2016-02-11 15:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-08 16:28 - 2016-02-11 15:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-08 16:28 - 2016-02-11 15:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-08 16:28 - 2016-02-11 15:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-08 16:28 - 2016-02-11 15:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-08 16:28 - 2016-02-11 15:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-08 16:28 - 2016-02-11 15:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-08 16:28 - 2016-02-11 15:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-08 16:28 - 2016-02-11 15:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-08 16:28 - 2016-02-11 15:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-08 16:28 - 2016-02-11 15:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 14:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-08 16:28 - 2016-02-11 14:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-08 16:28 - 2016-02-11 14:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-08 16:28 - 2016-02-11 14:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-08 16:28 - 2016-02-11 14:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-08 16:28 - 2016-02-11 14:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-08 16:28 - 2016-02-11 14:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-08 16:28 - 2016-02-11 14:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-08 16:28 - 2016-02-11 14:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-08 16:28 - 2016-02-11 14:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-08 16:28 - 2016-02-11 14:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-08 16:28 - 2016-02-11 14:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-08 16:28 - 2016-02-11 14:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-08 16:28 - 2016-02-11 14:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-08 16:28 - 2016-02-11 14:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 14:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-08 16:28 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-08 16:26 - 2016-02-09 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-08 16:26 - 2016-02-05 15:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-08 16:26 - 2016-02-05 15:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-08 16:26 - 2016-02-05 15:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-08 16:26 - 2016-02-05 15:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-08 16:26 - 2016-02-05 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-08 16:26 - 2016-02-05 15:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-08 16:26 - 2016-02-05 15:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-08 16:26 - 2016-02-05 14:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-08 16:26 - 2016-02-05 14:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-08 16:26 - 2016-02-05 14:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-08 16:26 - 2016-02-04 22:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-08 16:26 - 2016-02-04 15:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-08 16:23 - 2016-02-09 06:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-08 16:23 - 2016-02-09 06:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-08 16:23 - 2016-02-09 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-08 16:23 - 2016-02-09 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-08 16:23 - 2016-02-09 06:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-08 16:23 - 2016-02-09 06:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-08 16:23 - 2016-02-09 06:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-08 16:23 - 2016-02-09 06:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-08 16:23 - 2016-02-09 06:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-08 16:23 - 2016-02-09 06:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-02-27 12:40 - 2016-02-27 12:40 - 00000000 ____D C:\Users\Todos os Usuários\IntelDLM
2016-02-27 12:40 - 2016-02-27 12:40 - 00000000 ____D C:\Users\Carol\Downloads\Intel Components
2016-02-27 12:40 - 2016-02-27 12:40 - 00000000 ____D C:\ProgramData\IntelDLM
2016-02-27 11:53 - 2016-02-27 11:53 - 00000000 ____D C:\Users\Carol\AppData\Local\Intel
2016-02-27 11:52 - 2016-02-27 11:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-02-27 11:52 - 2016-02-27 11:52 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-02-27 11:51 - 2016-02-27 11:51 - 04985648 _____ (Intel) C:\Users\Carol\Downloads\Intel Driver Update Utility Installer.exe
2016-02-27 11:34 - 2016-02-27 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2016-02-27 11:34 - 2016-02-27 11:34 - 00000000 ____D C:\Program Files\Intel Corporation
2016-02-27 11:30 - 2016-02-27 11:32 - 60153856 _____ C:\Users\Carol\Downloads\IPDT_Installer_3.0.0.23.W_x86_3.0.0.23.W.MP_x64.exe
2016-02-24 11:13 - 2016-02-24 11:13 - 01100419 _____ C:\Users\Carol\Downloads\salmol.pdf
2016-02-24 11:11 - 2016-02-24 11:11 - 00403770 _____ C:\Users\Carol\Downloads\FS0269.pdf
2016-02-24 10:48 - 2016-02-24 10:48 - 08211660 _____ C:\Users\Carol\Downloads\vol2.pdf
2016-02-24 10:46 - 2016-02-24 10:46 - 10706791 _____ C:\Users\Carol\Downloads\vol1.pdf
2016-02-24 08:37 - 2016-02-24 08:37 - 00278920 _____ C:\Windows\Minidump\022416-30716-01.dmp
2016-02-23 11:43 - 2016-02-23 11:43 - 00131746 _____ C:\Users\Carol\Downloads\REGIMENTO-GERAL-DA-POS-GRADUACAO_8505_1317991477.pdf
2016-02-23 11:32 - 2016-02-23 11:32 - 00278920 _____ C:\Windows\Minidump\022316-38095-01.dmp
2016-02-20 18:58 - 2016-02-20 18:58 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-17 09:37 - 2016-01-11 16:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-02-17 09:37 - 2015-11-19 11:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-02-17 09:37 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-02-17 09:27 - 2016-02-17 09:27 - 00242240 _____ C:\Users\Carol\Downloads\Firefox Setup Stub 44.0.2.exe
2016-02-09 19:15 - 2016-01-06 16:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-09 19:15 - 2016-01-06 15:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-09 19:14 - 2016-01-07 14:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-09 19:14 - 2015-12-20 15:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-09 19:14 - 2015-12-20 15:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-09 19:14 - 2015-12-20 11:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-09 19:13 - 2016-01-16 16:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-09 19:13 - 2016-01-16 15:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-09 19:11 - 2016-01-22 03:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-09 19:11 - 2016-01-22 03:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-09 19:11 - 2016-01-22 03:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-09 19:11 - 2016-01-22 03:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-09 19:11 - 2016-01-22 03:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-09 19:11 - 2016-01-22 03:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-09 19:11 - 2016-01-22 03:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-08 10:52 - 2016-01-16 16:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-08 10:52 - 2016-01-16 15:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-08 10:52 - 2016-01-11 11:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-08 10:52 - 2016-01-11 11:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-08 10:52 - 2016-01-11 11:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-08 10:52 - 2016-01-11 11:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-08 10:52 - 2016-01-11 11:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-08 10:51 - 2016-01-22 03:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-08 10:51 - 2016-01-22 03:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-08 10:51 - 2016-01-22 03:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-08 10:51 - 2016-01-22 03:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-08 10:51 - 2016-01-22 03:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-08 10:51 - 2016-01-22 02:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-08 10:51 - 2016-01-22 02:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-08 10:51 - 2016-01-22 02:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-01-31 13:57 - 2016-01-31 13:57 - 05023602 _____ C:\Users\Carol\Downloads\Songr-2-Portable.zip
2016-01-23 18:31 - 2015-12-16 15:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-01-23 18:31 - 2015-12-16 15:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-01-23 18:31 - 2015-12-16 15:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-01-23 18:31 - 2015-12-16 15:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-01-23 18:31 - 2015-12-16 15:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-01-23 18:31 - 2015-12-16 15:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-01-23 18:31 - 2015-12-16 15:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-01-23 18:31 - 2015-12-16 15:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-01-18 20:13 - 2015-11-13 20:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-18 20:13 - 2015-11-13 20:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-18 20:13 - 2015-11-13 20:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-18 20:13 - 2015-11-13 19:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-18 20:13 - 2015-11-13 19:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-18 20:13 - 2015-11-13 19:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-18 20:12 - 2015-12-08 18:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-18 20:12 - 2015-12-08 18:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-18 20:12 - 2015-12-08 18:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-18 20:12 - 2015-12-08 18:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-18 20:12 - 2015-12-08 18:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-18 20:12 - 2015-12-08 18:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-18 20:12 - 2015-12-08 18:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-18 20:12 - 2015-12-08 18:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-18 20:12 - 2015-12-08 18:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-18 20:12 - 2015-12-08 18:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-18 20:12 - 2015-12-08 18:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-18 20:12 - 2015-12-08 18:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-18 20:12 - 2015-12-08 18:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-18 20:12 - 2015-12-08 18:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-18 20:12 - 2015-12-08 18:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-18 20:12 - 2015-12-08 18:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-18 20:12 - 2015-12-08 18:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-18 20:12 - 2015-12-08 18:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-18 20:12 - 2015-12-08 18:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-18 20:12 - 2015-12-08 18:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-18 20:12 - 2015-12-08 18:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-18 20:12 - 2015-12-08 18:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-18 20:12 - 2015-12-08 18:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-18 20:12 - 2015-12-08 18:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-18 20:12 - 2015-12-08 18:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-18 20:12 - 2015-12-08 18:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-18 20:12 - 2015-12-08 18:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-18 20:12 - 2015-12-08 18:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-18 20:12 - 2015-12-08 18:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-18 20:12 - 2015-12-08 18:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-18 20:12 - 2015-12-08 18:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-18 20:12 - 2015-12-08 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-18 20:12 - 2015-12-08 18:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-18 20:12 - 2015-12-08 18:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-18 20:12 - 2015-12-08 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-18 20:12 - 2015-12-08 16:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-18 20:12 - 2015-12-08 16:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-18 20:12 - 2015-12-08 16:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-18 20:12 - 2015-12-08 16:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-18 20:12 - 2015-12-08 16:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-18 20:12 - 2015-12-08 16:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-18 20:12 - 2015-12-08 16:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-18 20:12 - 2015-12-08 16:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-18 20:12 - 2015-12-08 16:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-18 20:12 - 2015-12-08 16:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-18 20:12 - 2015-12-08 16:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-18 20:12 - 2015-12-08 16:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-18 20:12 - 2015-12-08 16:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-18 20:12 - 2015-12-08 16:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-18 20:12 - 2015-12-08 16:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-18 20:12 - 2015-12-08 16:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-18 20:12 - 2015-12-08 16:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-18 20:12 - 2015-12-08 16:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-18 20:12 - 2015-12-08 16:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-18 20:12 - 2015-12-08 15:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-18 20:12 - 2015-12-08 15:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-18 20:12 - 2015-12-08 15:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-18 20:12 - 2015-11-16 17:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-18 20:09 - 2015-12-08 18:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-18 20:09 - 2015-12-08 18:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-18 20:09 - 2015-12-08 16:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-18 20:09 - 2015-12-08 16:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-11 10:44 - 2016-02-20 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-06 09:39 - 2016-01-06 09:50 - 00000000 ____D C:\Users\Carol\Documents\LIVROS
2016-01-06 09:37 - 2016-01-06 09:37 - 00000000 ____D C:\Users\Carol\Documents\Farmácia
2016-01-06 09:27 - 2016-01-08 10:08 - 00000000 ____D C:\Users\Carol\AppData\Local\5C7094E5-42F0-4E84-8E69-7AAAF5C12641.aplzod
2016-01-06 09:27 - 2016-01-08 10:07 - 00000000 ____D C:\Users\Carol\AppData\Local\Apple Computer
2016-01-06 09:26 - 2016-03-12 14:05 - 00000000 ___RD C:\Users\Carol\iCloudDrive
2016-01-06 09:26 - 2016-01-06 09:27 - 00000000 ____D C:\Users\Carol\Documents\Arquivos do Outlook
2016-01-06 09:26 - 2016-01-06 09:26 - 00000000 ____D C:\Users\Carol\AppData\Local\Apple Inc
2016-01-06 09:16 - 2016-01-06 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-01-06 09:15 - 2016-01-06 09:15 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-28 11:11 - 2015-12-28 11:46 - 00524288 ___SH C:\Windows\system32\config\components{91a25414-ad6c-11e5-91c2-90004ed1e2da}.TMContainer00000000000000000002.regtrans-ms
2015-12-28 11:11 - 2015-12-28 11:46 - 00524288 ___SH C:\Windows\system32\config\components{91a25414-ad6c-11e5-91c2-90004ed1e2da}.TMContainer00000000000000000001.regtrans-ms
2015-12-28 11:11 - 2015-12-28 11:46 - 00065536 ___SH C:\Windows\system32\config\components{91a25414-ad6c-11e5-91c2-90004ed1e2da}.TM.blf
2015-12-23 10:12 - 2015-11-11 15:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-23 10:12 - 2015-11-11 15:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-23 10:12 - 2015-11-11 15:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-23 10:12 - 2015-11-11 15:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-23 10:10 - 2015-11-05 16:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-23 10:10 - 2015-11-05 16:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-23 10:10 - 2015-11-05 06:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-23 10:10 - 2015-11-03 16:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-23 10:10 - 2015-11-03 15:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-23 10:09 - 2015-11-10 15:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-23 10:09 - 2015-11-10 15:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-23 10:09 - 2015-11-10 15:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-23 10:09 - 2015-11-10 15:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-23 10:09 - 2015-11-10 15:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-23 10:09 - 2015-11-05 16:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-23 10:09 - 2015-11-05 16:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-23 10:05 - 2015-11-03 16:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-23 10:05 - 2015-11-03 15:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-03-12 14:11 - 2014-09-21 18:46 - 00706008 _____ C:\Windows\system32\prfh0416.dat
2016-03-12 14:11 - 2014-09-21 18:46 - 00147848 _____ C:\Windows\system32\prfc0416.dat
2016-03-12 14:11 - 2009-07-14 02:13 - 01635826 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-12 14:11 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-03-12 14:07 - 2015-01-02 11:16 - 00000000 ___RD C:\Users\Carol\Dropbox
2016-03-12 14:06 - 2015-04-22 20:59 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Spotify
2016-03-12 14:06 - 2015-01-02 10:53 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Dropbox
2016-03-12 14:05 - 2015-04-22 21:05 - 00000000 ____D C:\Users\Carol\AppData\Local\Spotify
2016-03-12 14:04 - 2015-02-10 11:16 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0453c31923d65.job
2016-03-12 14:04 - 2014-11-29 12:15 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-03-12 14:04 - 2014-09-21 20:48 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-12 14:04 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-11 21:13 - 2015-06-16 20:52 - 00001030 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1119962802-2877099889-4217796146-1000UA.job
2016-03-11 21:13 - 2014-09-21 20:48 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-11 20:48 - 2015-02-10 11:16 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0453c32e6128f.job
2016-03-11 19:33 - 2009-07-14 01:45 - 00022816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-11 19:33 - 2009-07-14 01:45 - 00022816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-10 13:06 - 2015-06-16 20:52 - 00000978 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1119962802-2877099889-4217796146-1000Core.job
2016-03-10 13:06 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-10 13:06 - 2009-07-14 01:45 - 00438304 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-10 10:58 - 2015-10-07 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-03-10 10:58 - 2015-10-07 11:00 - 00000000 ____D C:\Program Files\CPUID
2016-03-10 10:18 - 2015-03-16 09:43 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-03-09 21:03 - 2014-10-15 10:23 - 00000000 ____D C:\Users\Carol\AppData\Local\CrashDumps
2016-03-08 20:29 - 2014-09-22 22:51 - 00000000 ____D C:\Windows\system32\MRT
2016-03-08 20:19 - 2014-09-22 22:51 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-08 15:16 - 2015-11-17 14:34 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-04 12:28 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-29 12:14 - 2015-05-13 10:09 - 00000000 ____D C:\Users\Carol\Documents\UENF
2016-02-27 12:38 - 2014-09-21 20:37 - 00000000 ____D C:\Users\Todos os Usuários\Intel
2016-02-27 12:38 - 2014-09-21 20:37 - 00000000 ____D C:\ProgramData\Intel
2016-02-27 11:52 - 2015-04-24 18:49 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-02-27 11:52 - 2015-04-24 18:49 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-27 11:35 - 2015-04-21 15:09 - 00000000 ____D C:\Users\Carol\AppData\Local\Downloaded Installations
2016-02-26 21:29 - 2015-04-02 14:31 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-26 21:29 - 2015-04-02 14:31 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-24 08:37 - 2015-01-04 15:46 - 516487447 _____ C:\Windows\MEMORY.DMP
2016-02-24 08:37 - 2015-01-04 15:46 - 00000000 ____D C:\Windows\Minidump
2016-02-20 18:49 - 2014-09-21 20:58 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-20 18:32 - 2014-09-22 11:16 - 00000000 ____D C:\Users\Carol\AppData\Local\Microsoft Games
2016-02-20 17:55 - 2014-10-14 10:14 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-20 17:54 - 2014-09-24 22:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-17 09:32 - 2014-10-14 10:14 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-17 09:32 - 2014-10-14 10:14 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-17 09:32 - 2014-09-22 20:24 - 00000000 ____D C:\Users\Carol\AppData\Local\Adobe
2016-02-17 09:29 - 2014-09-24 22:24 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-11 12:37 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache

==================== Arquivos na raiz de alguns diretórios =======

2015-01-30 14:04 - 2015-01-30 14:05 - 0041785 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2015-07-14 11:46 - 2015-07-14 11:46 - 0000681 _____ () C:\Program Files (x86)\CMS Uninstall Log.txt
2015-04-21 15:10 - 2015-05-20 09:36 - 0000000 _____ () C:\Users\Carol\AppData\Roaming\Sampler Instruments
2015-04-21 15:08 - 2015-04-21 15:08 - 0000268 ___RH () C:\Users\Carol\AppData\Roaming\Spacious
2014-11-29 12:12 - 2014-11-29 12:24 - 0035744 _____ () C:\Users\Carol\AppData\Roaming\unins000.dat
2014-11-28 18:29 - 2016-02-10 16:53 - 0013030 _____ () C:\Users\Carol\AppData\Local\PDOXUSRS.NET
2015-01-27 09:43 - 2015-01-27 09:43 - 0000000 _____ () C:\Users\Carol\AppData\Local\{285A9564-41EC-4630-ACD7-7F1368F7932A}
2014-09-21 20:37 - 2014-09-21 20:37 - 0000035 _____ () C:\ProgramData\AtherosServiceConfig.ini
2015-04-21 15:08 - 2015-04-21 15:08 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2015-04-21 15:11 - 2015-05-20 09:38 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT
2015-04-21 15:10 - 2015-05-20 09:36 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2015-04-21 15:10 - 2015-05-20 09:36 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT
2015-05-20 09:36 - 2015-05-20 09:36 - 0000000 _____ () C:\ProgramData\Project Templates
2015-05-20 09:36 - 2015-05-20 09:36 - 0000000 _____ () C:\ProgramData\Sampler Files
2015-04-21 15:08 - 2015-04-21 15:08 - 0000012 ___RH () C:\ProgramData\Transportation

Alguns arquivos em TEMP:
====================
C:\Users\Carol\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp58l4o1.dll
C:\Users\Carol\AppData\Local\Temp\GLF2AF.EXE
C:\Users\Carol\AppData\Local\Temp\GLF2CE.EXE
C:\Users\Carol\AppData\Local\Temp\GLF36A.EXE
C:\Users\Carol\AppData\Local\Temp\GLF3820.EXE
C:\Users\Carol\AppData\Local\Temp\GLF3A05.EXE
C:\Users\Carol\AppData\Local\Temp\GLF3C44.EXE
C:\Users\Carol\AppData\Local\Temp\GLF3E29.EXE
C:\Users\Carol\AppData\Local\Temp\GLF5DA.EXE
C:\Users\Carol\AppData\Local\Temp\GLF6D5.EXE
C:\Users\Carol\AppData\Local\Temp\GLF906.EXE
C:\Users\Carol\AppData\Local\Temp\GLF9D5.EXE
C:\Users\Carol\AppData\Local\Temp\GLFA322.EXE
C:\Users\Carol\AppData\Local\Temp\GLFA4F7.EXE
C:\Users\Carol\AppData\Local\Temp\GLFA96F.EXE
C:\Users\Carol\AppData\Local\Temp\GLFAC2E.EXE
C:\Users\Carol\AppData\Local\Temp\GLFB480.EXE
C:\Users\Carol\AppData\Local\Temp\GLFB6D2.EXE
C:\Users\Carol\AppData\Local\Temp\GLFEB77.EXE
C:\Users\Carol\AppData\Local\Temp\GLFEE07.EXE
C:\Users\Carol\AppData\Local\Temp\GLFFDF.EXE
C:\Users\Carol\AppData\Local\Temp\GLFFF15.EXE
C:\Users\Carol\AppData\Local\Temp\GLFFF83.EXE
C:\Users\Carol\AppData\Local\Temp\InstHelper.exe
C:\Users\Carol\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\setup.exe
C:\Users\Carol\AppData\Local\Temp\setup64.exe
C:\Users\Carol\AppData\Local\Temp\stubhelper.dll
C:\Users\Carol\AppData\Local\Temp\VCPerfService32.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-03-03 11:28

==================== Fim de FRST.txt ============================

Addition.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara @carolfarmacia

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está abaixo:

 

Citação

CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/pt-br/?ocid=U220DHP&pc=U220
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony.msn.com
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.sony.com.br/vaio
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
Toolbar: HKU\S-1-5-21-1119962802-2877099889-4217796146-1000 -> Sem Nome - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Nenhum Arquivo
S3 esihdrv; \??\C:\Users\Carol\AppData\Local\Temp\esihdrv.sys [X]
C:\Users\Carol\AppData\Local\Temp\esihdrv.sys
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
C:\Users\Carol\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp58l4o1.dll
C:\Users\Carol\AppData\Local\Temp\GLF2AF.EXE
C:\Users\Carol\AppData\Local\Temp\GLF2CE.EXE
C:\Users\Carol\AppData\Local\Temp\GLF36A.EXE
C:\Users\Carol\AppData\Local\Temp\GLF3820.EXE
C:\Users\Carol\AppData\Local\Temp\GLF3A05.EXE
C:\Users\Carol\AppData\Local\Temp\GLF3C44.EXE
C:\Users\Carol\AppData\Local\Temp\GLF3E29.EXE
C:\Users\Carol\AppData\Local\Temp\GLF5DA.EXE
C:\Users\Carol\AppData\Local\Temp\GLF6D5.EXE
C:\Users\Carol\AppData\Local\Temp\GLF906.EXE
C:\Users\Carol\AppData\Local\Temp\GLF9D5.EXE
C:\Users\Carol\AppData\Local\Temp\GLFA322.EXE
C:\Users\Carol\AppData\Local\Temp\GLFA4F7.EXE
C:\Users\Carol\AppData\Local\Temp\GLFA96F.EXE
C:\Users\Carol\AppData\Local\Temp\GLFAC2E.EXE
C:\Users\Carol\AppData\Local\Temp\GLFB480.EXE
C:\Users\Carol\AppData\Local\Temp\GLFB6D2.EXE
C:\Users\Carol\AppData\Local\Temp\GLFEB77.EXE
C:\Users\Carol\AppData\Local\Temp\GLFEE07.EXE
C:\Users\Carol\AppData\Local\Temp\GLFFDF.EXE
C:\Users\Carol\AppData\Local\Temp\GLFFF15.EXE
C:\Users\Carol\AppData\Local\Temp\GLFFF83.EXE
C:\Users\Carol\AppData\Local\Temp\InstHelper.exe
C:\Users\Carol\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\setup.exe
C:\Users\Carol\AppData\Local\Temp\setup64.exe
C:\Users\Carol\AppData\Local\Temp\stubhelper.dll
C:\Users\Carol\AppData\Local\Temp\VCPerfService32.exe
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Nenhum Arquivo <==== ATENÇÃO
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Nenhum Arquivo <==== ATENÇÃO
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Nenhum Arquivo <==== ATENÇÃO
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Nenhum Arquivo <==== ATENÇÃO

CMD:ipconfig /flushdns
EmptyTemp:

 

  • Salve este arquivo na Área de Trabalho (Desktop) como fixlist.txt
  • Execute novamente o FRST e clique no botão Corrigir;
  • Aguarde... ao final será gerado o log Fixlog.txt em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano

 

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão:05-03-2016 01
Executado por Carol (2016-03-15 12:28:06) Run:1
Executando a partir de C:\Users\Carol\Desktop
Perfis Carregados: Carol (Perfis Disponíveis: Carol)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/pt-br/?ocid=U220DHP&pc=U220
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony.msn.com
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.sony.com.br/vaio
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
Toolbar: HKU\S-1-5-21-1119962802-2877099889-4217796146-1000 -> Sem Nome - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Nenhum Arquivo
S3 esihdrv; \??\C:\Users\Carol\AppData\Local\Temp\esihdrv.sys [X]
C:\Users\Carol\AppData\Local\Temp\esihdrv.sys
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
C:\Users\Carol\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp58l4o1.dll
C:\Users\Carol\AppData\Local\Temp\GLF2AF.EXE
C:\Users\Carol\AppData\Local\Temp\GLF2CE.EXE
C:\Users\Carol\AppData\Local\Temp\GLF36A.EXE
C:\Users\Carol\AppData\Local\Temp\GLF3820.EXE
C:\Users\Carol\AppData\Local\Temp\GLF3A05.EXE
C:\Users\Carol\AppData\Local\Temp\GLF3C44.EXE
C:\Users\Carol\AppData\Local\Temp\GLF3E29.EXE
C:\Users\Carol\AppData\Local\Temp\GLF5DA.EXE
C:\Users\Carol\AppData\Local\Temp\GLF6D5.EXE
C:\Users\Carol\AppData\Local\Temp\GLF906.EXE
C:\Users\Carol\AppData\Local\Temp\GLF9D5.EXE
C:\Users\Carol\AppData\Local\Temp\GLFA322.EXE
C:\Users\Carol\AppData\Local\Temp\GLFA4F7.EXE
C:\Users\Carol\AppData\Local\Temp\GLFA96F.EXE
C:\Users\Carol\AppData\Local\Temp\GLFAC2E.EXE
C:\Users\Carol\AppData\Local\Temp\GLFB480.EXE
C:\Users\Carol\AppData\Local\Temp\GLFB6D2.EXE
C:\Users\Carol\AppData\Local\Temp\GLFEB77.EXE
C:\Users\Carol\AppData\Local\Temp\GLFEE07.EXE
C:\Users\Carol\AppData\Local\Temp\GLFFDF.EXE
C:\Users\Carol\AppData\Local\Temp\GLFFF15.EXE
C:\Users\Carol\AppData\Local\Temp\GLFFF83.EXE
C:\Users\Carol\AppData\Local\Temp\InstHelper.exe
C:\Users\Carol\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Carol\AppData\Local\Temp\setup.exe
C:\Users\Carol\AppData\Local\Temp\setup64.exe
C:\Users\Carol\AppData\Local\Temp\stubhelper.dll
C:\Users\Carol\AppData\Local\Temp\VCPerfService32.exe
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Nenhum Arquivo <==== ATENÇÃO
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Nenhum Arquivo <==== ATENÇÃO
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Nenhum Arquivo <==== ATENÇÃO
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Nenhum Arquivo <==== ATENÇÃO
CMD:ipconfig /flushdns
EmptyTemp:
*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => valor removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => chave removido (a) com sucesso.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => chave não encontrado (a). 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => chave removido (a) com sucesso.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => chave não encontrado (a). 
HKU\S-1-5-21-1119962802-2877099889-4217796146-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => valor removido (a) com sucesso.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => chave não encontrado (a). 
esihdrv => serviço removido (a) com sucesso.
"C:\Users\Carol\AppData\Local\Temp\esihdrv.sys" => não encontrado (a).
gbpddfac => serviço removido (a) com sucesso.
C:\Users\Carol\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp58l4o1.dll => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLF2AF.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLF2CE.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLF36A.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLF3820.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLF3A05.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLF3C44.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLF3E29.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLF5DA.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLF6D5.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLF906.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLF9D5.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLFA322.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLFA4F7.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLFA96F.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLFAC2E.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLFB480.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLFB6D2.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLFEB77.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLFEE07.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLFFDF.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLFFF15.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\GLFFF83.EXE => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\InstHelper.exe => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\jre-8u51-windows-au.exe => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\jre-8u60-windows-au.exe => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\jre-8u65-windows-au.exe => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\jre-8u66-windows-au.exe => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\jre-8u71-windows-au.exe => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\jre-8u73-windows-au.exe => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\setup.exe => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\setup64.exe => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\stubhelper.dll => movido com sucesso
C:\Users\Carol\AppData\Local\Temp\VCPerfService32.exe => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => chave removido (a) com sucesso.

========= ipconfig /flushdns =========


Configura��o de IP do Windows

Libera��o do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========

EmptyTemp: => 2.3 GB de dados temporários Removidos.


O sistema precisou ser reiniciado.

==== Fim de Fixlog 12:33:08 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara @carolfarmacia

 

Baixe a Malwarebytes Anti-Malware (MBAM).
 
Clique duas vezes no mbam-setup.exe para instalar o programa.

  • Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO.
  • Se houver atualizações a serem feitas, serão baixadas e instaladas..
  • Clique em Configurações, clique em Detecção e proteção, marque Verificar por Rootkits.
  • Volte ao Painel e por fim clique em Verificar agora.
  • Começará então o exame. Aguarde, pois pode demorar.
  • Ao acabar o exame, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Histórico -> Registros do aplicativo na janela principal do programa.
  • Clique duas vezes no log (Registro de verificação). Utilize o formato .txt para exportar o log.
  • O log de Proteção é desnecessário para a análise, exporte sempre o log correto.
  • Selecione, copie e cole o conteúdo deste log em sua próxima resposta.

 

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Data da verificação: 17/03/2016
Hora da verificação: 11:02
Arquivo de registro: log.txt
Administrador: Sim

Versão: 2.2.0.1024
Banco de dados de malware: v2016.03.17.03
Banco de dados de rootkit: v2016.03.12.01
Licença: Gratuita
Proteção contra malware: Desabilitado
Proteção contra website malicioso: Desabilitado
Autoproteção: Desabilitado

Sistema operacional: Windows 7 Service Pack 1
CPU: x64
Sistema de arquivos: NTFS
Usuário: Carol

Tipo de verificação: Verificação da ameaça
Resultado: Concluído
Objetos verificados: 358229
Tempo decorrido: 34 min, 51 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

Processos: 0
(Nenhum item malicioso detectado)

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de registro: 0
(Nenhum item malicioso detectado)

Valores de registro: 0
(Nenhum item malicioso detectado)

Dados de registro: 0
(Nenhum item malicioso detectado)

Pastas: 0
(Nenhum item malicioso detectado)

Arquivos: 1
RiskWare.Tool.CK, C:\Users\Carol\AppData\Roaming\ZHP\Quarantine\KMSEmulator.exe, Quarentena, [8f484a3eaaef2511ec667bbf34cef907], 

Setores físicos: 0
(Nenhum item malicioso detectado)


(end)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara @carolfarmacia

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Stinger e salve em sua Área de trabalho (Desktop).
32 bit (x86) ou 64 bit (x64)

  • Execute o arquivo Stinger.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Clique no botão “I Accept”


Stinger%20a.png

Na nova janela clique em “Advanced” e depois “Settings”

Stinger%20b.png

Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

9hnsyu.png

Clique em “Customize my Scan”

Stinger%20f.png

Selecione as unidades do sistema e em seguida clique no botão “Scan”

Stinger%20g.png

Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.
Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano

 

McAfee® Labs Stinger™ Version 12.1.0.1962 built on Mar 17 2016 at 14:58:16
Copyright© 2015, McAfee, Inc. All Rights Reserved.

AV Engine version v5800.7501 for Windows.
Virus data file v1000.0 created on Mar 17, 2016
Ready to scan for 9745 viruses, trojans and variants.

Custom scan initiated on quinta-feira, março 17, 2016 14:22:59

C:\Windows\AutoKMS.exe is infected with Artemis!7F171A2BADAB

Rootkit scan result : Infected.


C:\Windows\AutoKMS.exe [MD5:7f171a2badab032743efe43160a8cdcc] is infected with Artemis!7F171A2BADAB
C:\Windows\AutoKMS.exe has been Deleted

Summary Report on C:
D:
File(s)
	TotalFiles:............	481449
	Clean:.................	181071
	Not Scanned:........... 300376
	Possibly Infected:.....	2

Time: 02:39:40

Scan completed on quinta-feira, março 17, 2016 17:02:39

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara @carolfarmacia

 

Baixe Security Check, by glax24 e salve em sua Área de trabalho (Desktop).

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Aguarde enquanto a ferramenta faz o exame.
  • Ao final abrirá um log: SecurityCheck.txt.
  • Este log é salvo em C: (Disco local) na pasta SecurityCheck que foi criada.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano

 

SecurityCheck by glax24 & Severnyj v.1.4.0.37 [05.03.16]
WebSite: www.safezone.cc
DateLog: 19.03.2016 14:11:20
Path starting: C:\Users\Carol\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Carol
VersionXML: 2.61is-16.03.2016
___________________________________________________________________________

Windows 7(6.1.7601) Service Pack 1 (x64) HomeBasic Lang: Portuguese(0416)
Installation date OS: 21.09.2014 23:40:35
LicenseStatus: Windows(R) 7, HomeBasic edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
SystemDrive: C: FS: [NTFS] Capacity: [455.3 Gb] Used: [86.8 Gb] Free: [368.5 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18230
User Account Control enabled
Automatic download and scheduled installation
Date install updates: 2016-03-15 15:26:18
Windows Update (wuauserv) - The service is running
Central de Segurança (wscsvc) - The service is running
Registro remoto (RemoteRegistry) - The service has stopped
Descoberta SSDP (SSDPSRV) - The service is running
Serviços de Área de Trabalho Remota (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
ESET Smart Security 8.0 (enabled and up to date)
---------------------------- [ Firewall_WMI ] -----------------------------
Firewall pessoal da ESET (enabled)
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
ESET Smart Security 8.0 (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
ESET Smart Security v.8.0.319.1
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Silverlight v.5.1.41212.0
Picasa 3 v.3.9.140.248 Warning! Download Update
^Optional update.^
WinRAR 5.20 (32-bit) v.5.20.0 Warning! Download Update
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 73 v.8.0.730.2 Warning! Download Update
Uninstall old version and install new one.
--------------------------- [ AppleProduction ] ---------------------------
Bonjour v.3.0.0.10 Warning! Download Update
^Please use Apple Software Update tool.^
QuickTime 7 v.7.77.80.95 Warning! Download Update
Serviço do Bonjour (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 19 ActiveX v.19.0.0.226 Warning! Download Update
Adobe Flash Player 20 NPAPI v.20.0.0.306 Warning! Download Update
Adobe Shockwave Player 12.1 v.12.1.8.158 Warning! Download Update
Adobe Acrobat Reader DC - Português v.15.010.20060
------------------------------- [ Browser ] -------------------------------
Google Chrome v.49.0.2623.87
Mozilla Firefox 44.0.2 (x86 pt-BR) v.44.0.2 Warning! Download Update
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.15.4.3502.0922
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.49.0.2623.87
C:\Program Files\ESET\ESET Smart Security\egui.exe v.8.0.319.0
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe v.8.0.319.0
C:\Windows\System32\mfevtps.exe
----------------------------- [ End of Log ] ------------------------------
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Cara @carolfarmacia

 

Como está o Windows?

 

# Etapa nº 1 #

 

Baixe o Delfix by Xplode e salve na sua área de trabalho.

 

Clique duas vezes no delfix.exe para executá-lo. Marque as caixas conforme imagem.

 

** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

 

2mez6ld.png

 

Clique no botão Executar.

 

Ao final será gerado um log, mas não é necessário postar.
 
# Etapa nº 2 #
 
imageproxy.php?img=http%3A%2F%2Fi65.tiny Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.
 
Por isso, é recomendável atualizar os programas que o Security Check apontou como desatualizados (os updates opcionais ficam ao seu critério).
 
Basta clicar no Download Update de cada aviso, que irá para o site do desenvolvedor.

<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

 

# Etapa nº 3 #

 

O Ccleaner é um excelente utilitário de limpeza para o computador.

 

Faça o download dele aqui Ccleaner

 

  • Após a instalação vá até o local onde o programa foi instalado, geralmente em C:\Arquivos de programas\CCleaner.
  • Clique duas vezes nesta pasta;
  • Numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta;
  • Coloque o nome de backups.
  • Abra o programa e clique em Executar Limpeza;
  • Clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...
  • Observação: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano

 

Olha, agradeço pela consultoria, mas ontem tive que formatar o notebook... O Windows começou a travar direto, ligava e travava, reiniciava e travava de novo. Acabei formatando pois precisava do notebook funcionando hoje. Valeu mesmo pelas dicas!

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×