Ir ao conteúdo
  • Cadastre-se
Henrique Oliveira Machado

Instalei um programa que veio com malware e não consigo removê-lo.

Recommended Posts

Olá pessoal. primeiramente agradeço a ajuda de antemão.

Eu instalei um programa no meu PC que aconteceu de ter alguns PUPs embutidos que me deram uma dor de cabeça. Eu consegui remover um (MPC cleaner, se eu não me engano), e achei ter removido o segundo, mas agora ele voltou, e fica abrindo aqueles termos de consentimento, de 10 em 10 minutos aproximadamente, como se eu tivesse clicado para instalar um APP ou programa. Eu preciso ficar apertando "fechar" e confirmando o tempo todo. Além disso, as vezes quando eu clico em algum link, ele me redireciona para uma outra página da internet.

já rodei o avast na reinicialização, e ao fazer isso, ele sumiu por 1 dia, mas agora voltou novamente. O primeiro, como era um PUP, eu o exclui manualmente usando o Regedit e excluindo a pasta manualmente, mas esse eu não sei como resolver, nem acho nada na internet para me ajudar, já que não sei uma referência para encontra-lo.

ZA-Scan.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Henrique Oliveira Machado

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Clique duas vezes para executar o jrt.exe.
 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 3 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano Obrigado pela ajuda. Segue o solicitado:

ADWCleaner:

# AdwCleaner v5.200 - Relatório criado 21/06/2016 às 01:09:57
# Atualizado 14/06/2016 por ToolsLib
# Banco de dados : 2016-06-20.3 [Servidor]
# Sistema operacional : Windows 10 Pro  (X64)
# Usuário : CLIENTE - CLIENTE-PC
# Executando de : C:\Users\CLIENTE\Desktop\adwcleaner_5.200.exe
# Opção : Limpar
# Apoio : https://toolslib.net/forum

***** [ Serviços ] *****

[-] Serviço Excluído : MPCKpt
[-] Serviço Excluído : kowixyhizbt
[-] Serviço Excluído : mezokylyzbt

***** [ Pastas ] *****

[-] Pasta Excluído : C:\ProgramData\MailUpdate
[-] Pasta Excluído : C:\ProgramData\9664d5bf00005fed
[-] Pasta Excluído : C:\ProgramData\eae5306b00000349
[-] Pasta Excluído : C:\Users\Public\Documents\Guid
[-] Pasta Excluído : C:\Program Files (x86)\B67B34F7-1465962400-04DB-2570-AC9E17DF77E1
[-] Pasta Excluído : C:\Users\CLIENTE\AppData\Local\Temp\MPC
[-] Pasta Excluído : C:\Users\CLIENTE\AppData\Local\globalUpdate
[-] Pasta Excluído : C:\Users\CLIENTE\AppData\Roaming\MailUpdate
[-] Pasta Excluído : C:\Users\CLIENTE\AppData\Roaming\SpringFiles
[-] Pasta Excluído : C:\Users\CLIENTE\AppData\Roaming\MCorp
[-] Pasta Excluído : C:\Users\CLIENTE\AppData\Local\app
[#] Pasta Excluído : C:\Users\CLIENTE\AppData\Roaming\MCorp

***** [ Arquivos ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Atalhos ] *****


***** [ Tarefas agendadas ] *****


***** [ Registro ] *****

[-] Chave Excluída : HKLM\SOFTWARE\6b63fefb-823b-64df-3112-a4c4dd932a36
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{8FF10FED-2F0A-4F7F-BE87-B04F1DCD4319}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Chave Excluída : HKCU\Software\GlobalUpdate
[-] Chave Excluída : HKCU\Software\Kromtech
[-] Chave Excluída : HKCU\Software\Linkey
[-] Chave Excluída : HKCU\Software\simplytech
[-] Chave Excluída : HKCU\Software\Tutorials
[-] Chave Excluída : HKCU\Software\WEBAPP
[-] Chave Excluída : HKCU\Software\SrpnFiles
[-] Chave Excluída : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Chave Excluída : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[-] Chave Excluída : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Chave Excluída : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[-] Chave Excluída : HKLM\SOFTWARE\AIM Toolbar
[-] Chave Excluída : HKLM\SOFTWARE\Clara
[-] Chave Excluída : HKLM\SOFTWARE\Conduit
[-] Chave Excluída : HKLM\SOFTWARE\DESKTOPPLAY

 

JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Pro x64 
Ran by CLIENTE (Administrator) on 21/06/2016 at  1:20:25,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 2 

Successfully deleted: C:\Users\CLIENTE\AppData\Roaming\appdataFr3.bin (File) 
Successfully deleted: C:\WINDOWS\prefetch\DRIVERINTERFACE.EXE-78CCB6B6.pf (File) 

Registry: 14 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4CA7A89B-B509-4CBF-AB97-6307132C0EF3} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D0196D2A-1578-4CC2-8692-9F617C64D184} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13cb2ab9-d813-46ce-bbc0-df50d16281c2} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1442d6c6-9b78-49aa-a66b-6c0028f51d1a} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ed115a7d-d886-442b-a96c-c2fe656a54d8} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f85da2d8-2224-402a-8cb6-adb4fd89b39d} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13cb2ab9-d813-46ce-bbc0-df50d16281c2} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1442d6c6-9b78-49aa-a66b-6c0028f51d1a} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ed115a7d-d886-442b-a96c-c2fe656a54d8} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f85da2d8-2224-402a-8cb6-adb4fd89b39d} (Registry Key)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21/06/2016 at  1:22:41,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

ZHP Cleaner:
 

~ ZHPCleaner v2016.6.18.75 by Nicolas Coolman (2016/06/18)
~ Run by CLIENTE (Administrator)  (21/06/2016 01:37:21)
~ Site : http://www.nicolascoolman.com
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparo
~ Report : C:\Users\CLIENTE\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\CLIENTE\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit  (Build 10586)


---\\  Serviços (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Navegadores de Internet (1)
SUPRIMIDO dados: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : 127.0.0.1;localhost;<local>;]  =>Hijacker.Proxy


---\\  Arquivo hosts (1)
~ O arquivo hosts é legítimo (33)


---\\  Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Explorer ( Arquivos, Pastas) (15)
MOVIDO pasta: C:\Windows\Prefetch\SRPNFILES.EXE-9E9B4F75.pf    =>.Superfluous.SpringFiles
MOVIDO pasta: C:\Users\CLIENTE\AppData\Local\Temp\NUHIdOwe4x.exe [Optimal Software s.r.o. - ]  =>.Superfluous.OptimalSoftware
MOVIDO pasta: C:\Users\CLIENTE\AppData\Local\Temp\etilqs_kCwPm7CnOveUd4g    =>PUP.Optional.WpManager
MOVIDO arquivo: C:\Program Files (x86)\QuickTime  =>Riskware.QuickTime
MOVIDO arquivo: C:\WINDOWS\Installer\MSI1D87.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI3359.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI783.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI870D.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI89EB.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI8C1E.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI9F4.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIA6B1.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIC6CF.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIC7AA.tmp-  =>Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIC941.tmp-  =>Empty


---\\  Registro ( Chaves, Valores, Dados ) (41)
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13cb2ab9-d813-46ce-bbc0-df50d16281c2} [RoboSaveR]  =>PUP.Optional.RoboSaver
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1442d6c6-9b78-49aa-a66b-6c0028f51d1a} [ReguliarrDeals]  =>PUP.Optional.RegularDeals
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ed115a7d-d886-442b-a96c-c2fe656a54d8} [FunnDEals]  =>PUP.Optional.FunDeals
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f85da2d8-2224-402a-8cb6-adb4fd89b39d} [5e0Cooupons]  =>PUP.Optional.50Coupons
SUPRIMIDO chave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{13cb2ab9-d813-46ce-bbc0-df50d16281c2} []  =>PUP.Optional.RoboSaver
SUPRIMIDO chave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{13cb2ab9-d813-46ce-bbc0-df50d16281c2} []  =>PUP.Optional.RoboSaver
SUPRIMIDO chave*: [X64] HKLM\Software\Classes\CLSID\{13cb2ab9-d813-46ce-bbc0-df50d16281c2} [RoboSaveR]  =>PUP.Optional.RoboSaver
SUPRIMIDO chave*: [X64] HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{13cb2ab9-d813-46ce-bbc0-df50d16281c2} []  =>PUP.Optional.RoboSaver
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13cb2ab9-d813-46ce-bbc0-df50d16281c2} [RoboSaveR]  =>PUP.Optional.RoboSaver
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{13cb2ab9-d813-46ce-bbc0-df50d16281c2} []  =>PUP.Optional.RoboSaver
SUPRIMIDO chave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1442d6c6-9b78-49aa-a66b-6c0028f51d1a} []  =>PUP.Optional.RegularDeals
SUPRIMIDO chave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1442d6c6-9b78-49aa-a66b-6c0028f51d1a} []  =>PUP.Optional.RegularDeals
SUPRIMIDO chave*: [X64] HKLM\Software\Classes\CLSID\{1442d6c6-9b78-49aa-a66b-6c0028f51d1a} [ReguliarrDeals]  =>PUP.Optional.RegularDeals
SUPRIMIDO chave*: [X64] HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1442d6c6-9b78-49aa-a66b-6c0028f51d1a} []  =>PUP.Optional.RegularDeals
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1442d6c6-9b78-49aa-a66b-6c0028f51d1a} [ReguliarrDeals]  =>PUP.Optional.RegularDeals
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1442d6c6-9b78-49aa-a66b-6c0028f51d1a} []  =>PUP.Optional.RegularDeals
SUPRIMIDO chave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ed115a7d-d886-442b-a96c-c2fe656a54d8} []  =>PUP.Optional.FunDeals
SUPRIMIDO chave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ed115a7d-d886-442b-a96c-c2fe656a54d8} []  =>PUP.Optional.FunDeals
SUPRIMIDO chave*: [X64] HKLM\Software\Classes\CLSID\{ed115a7d-d886-442b-a96c-c2fe656a54d8} [FunnDEals]  =>PUP.Optional.FunDeals
SUPRIMIDO chave*: [X64] HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ed115a7d-d886-442b-a96c-c2fe656a54d8} []  =>PUP.Optional.FunDeals
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ed115a7d-d886-442b-a96c-c2fe656a54d8} [FunnDEals]  =>PUP.Optional.FunDeals
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ed115a7d-d886-442b-a96c-c2fe656a54d8} []  =>PUP.Optional.FunDeals
SUPRIMIDO chave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f85da2d8-2224-402a-8cb6-adb4fd89b39d} []  =>PUP.Optional.50Coupons
SUPRIMIDO chave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f85da2d8-2224-402a-8cb6-adb4fd89b39d} []  =>PUP.Optional.50Coupons
SUPRIMIDO chave*: [X64] HKLM\Software\Classes\CLSID\{f85da2d8-2224-402a-8cb6-adb4fd89b39d} [5e0Cooupons]  =>PUP.Optional.50Coupons
SUPRIMIDO chave*: [X64] HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f85da2d8-2224-402a-8cb6-adb4fd89b39d} []  =>PUP.Optional.50Coupons
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{f85da2d8-2224-402a-8cb6-adb4fd89b39d} [5e0Cooupons]  =>PUP.Optional.50Coupons
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f85da2d8-2224-402a-8cb6-adb4fd89b39d} []  =>PUP.Optional.50Coupons
SUPRIMIDO chave*: HKEY_USERS\S-1-5-21-3552114292-3178845751-548872437-1000\SOFTWARE\Messenger_Plus_LATAM []  =>.Superfluous.Conduit
SUPRIMIDO chave: HKCU\Software\Messenger_Plus_LATAM []  =>.Superfluous.Conduit
SUPRIMIDO chave*: HKCU\Software\AppDataLow\Software\MessengerPlusLive_Latin_America_TB []  =>.Superfluous.Conduit
SUPRIMIDO chave*: HKCU\Software\AppDataLow\Software\SpeedCheck []  =>PUP.Optional.SpeedCheck
SUPRIMIDO chave*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\istartsurf.com []  =>PUP.Optional.IsStart
SUPRIMIDO chave*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.istartsurf.com [15043]  =>PUP.Optional.IsStart
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\Pd67eeabe_2e8f_42ca_a52d_ffb59f1025eb_.Pd67eeabe_2e8f_42ca_a52d_ffb59f1025eb_ [youtubeadblocker]  =>PUP.Optional.Multiplug
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\Pd67eeabe_2e8f_42ca_a52d_ffb59f1025eb_.Pd67eeabe_2e8f_42ca_a52d_ffb59f1025eb_.9 [youtubeadblocker]  =>PUP.Optional.Multiplug
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\CLSID\{0e2e9cd3-b846-4c3e-93ce-7a4e37a18abc} [unisaeles]  =>PUP.Optional.UniSales
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\CLSID\{d67eeabe-2e8f-42ca-a52d-ffb59f1025eb} [youtubeadblocker]  =>PUP.Optional.YouTubeAdBlock
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\DtsEncodeTools []  =>PUP.Optional.WeatherTool
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Messenger_Plus_LATAM []  =>.Superfluous.Conduit
SUPRIMIDO chave: [X64] HKLM\SOFTWARE\Classes\CLSID\{d67eeabe-2e8f-42ca-a52d-ffb59f1025eb}\InprocServer32 [C:\Program Files (x86)\youtubeadblocker\ThmMBqPKO8XSU5.x64.dll (Not File)]  =>PUP.Optional.Multiplug


---\\  Resumo dos elementos encontrados na sua estação de trabalho (16)
https://www.nicolascoolman.info/2016/06/09/pirate-de-serveur-proxy-hijacker-proxy/  =>Hijacker.Proxy
https://www.nicolascoolman.info/2016/04/26/superfluous-springfiles/  =>.Superfluous.SpringFiles
http://www.nicolascoolman.fr/?p=5145  =>.Superfluous.OptimalSoftware
http://www.nicolascoolman.fr/?p=173  =>PUP.Optional.WpManager
https://www.nicolascoolman.info/2016/04/21/riskware-quicktime/  =>Riskware.QuickTime
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.RoboSaver
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.RegularDeals
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.FunDeals
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.50Coupons
http://www.nicolascoolman.fr/?p=210  =>.Superfluous.Conduit
https://www.nicolascoolman.info/2016/05/03/pup-optional-speedcheck/  =>PUP.Optional.SpeedCheck
http://www.nicolascoolman.fr/pup-isstart/  =>PUP.Optional.IsStart
https://www.nicolascoolman.info/2016/04/28/pup-optional-multiplug/  =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.UniSales
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.YouTubeAdBlock
http://www.nicolascoolman.fr/pup-optional-weathertool  =>PUP.Optional.WeatherTool


---\\  Dodatkowe oczyszczenie. (10)
~ Chave de registro Tracing Supprimido (10)
~ Remover os relatórios antigos ZHPCleaner. (0)


---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Mozilla Firefox)
~ Este navegador está faltando ! (Opera Software)


---\\ Estatísticas
~ Items scan : 291
~ Items encontrado : 0
~ items cancelados : 0
~ Items réparo : 57


~ End of clean in 00h00mn46s
~====================
ZHPCleaner-[R]-21062016-01_38_07.txt
ZHPCleaner--21062016-01_30_42.txt
ZHPCleaner--21062016-01_36_42.txt
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Henrique Oliveira Machado

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


32 bit (x86) ou 64 bit (x64)

 

  • Clique duas vezes para executar a ferramenta.
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar.
  • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta.
  • Anexe o log Addition.txt

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano Mais uma vez obrigado pela ajuda.

FRST:

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 20-06-2016 01
Executado por CLIENTE (administrador) em CLIENTE-PC (22-06-2016 16:56:49)
Executando a partir de C:\Users\CLIENTE\Desktop
Perfis Carregados: CLIENTE (Perfis Disponíveis: CLIENTE & DefaultAppPool)
Platform: Windows 10 Pro Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
(Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradserv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(BitTorrent Inc.) C:\Users\CLIENTE\AppData\Roaming\uTorrent\uTorrent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(BitTorrent Inc.) C:\Users\CLIENTE\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(BitTorrent Inc.) C:\Users\CLIENTE\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
() C:\Windows\USB Vibration\7906\USB Gamepad.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.22051.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-29] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [904928 2015-11-04] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-24] (Avast Software s.r.o.)
HKLM-x32\...\Run: [USB Gamepad] => C:\Windows\USB Vibration\7906\USB Gamepad.exe -boot
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298504 2014-11-08] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\...\Run: [uTorrent] => C:\Users\CLIENTE\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-13] (BitTorrent Inc.)
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-14] (Valve Corporation)
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\...\RunOnce: [Uninstall C:\Users\CLIENTE\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\CLIENTE\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [232960 2015-10-30] (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-24] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CLIENTE\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-04] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

AutoConfigURL: [S-1-5-21-3552114292-3178845751-548872437-1000] => hxxp://un-stop.info/wpad.dat?85a41231425558c47644ad2147d06d5b11637358
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3c2ec683-70a1-4258-9c87-8a3da0b0cf3e}: [DhcpNameServer] 192.168.0.1
ManualProxies: 0hxxp://un-stop.info/wpad.dat?85a41231425558c47644ad2147d06d5b11637358

Internet Explorer:
==================
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131096720151426656&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131096720158446669&GUID=00000000-0000-0000-0000-000000000000
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL = hxxp://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
SearchScopes: HKLM -> {4CA7A89B-B509-4CBF-AB97-6307132C0EF3} URL = hxxp://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
SearchScopes: HKLM -> {AC129BF9-68BF-4bc4-A1DC-ECB62712FF99} URL = hxxp://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
SearchScopes: HKLM -> {D0196D2A-1578-4CC2-8692-9F617C64D184} URL = hxxp://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3552114292-3178845751-548872437-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3552114292-3178845751-548872437-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-24] (Avast Software s.r.o.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-24] (Avast Software s.r.o.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-3552114292-3178845751-548872437-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-26] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3552114292-3178845751-548872437-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\CLIENTE\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-02-19] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com.br/
CHR StartupUrls: Default -> "hxxps://www.facebook.com/","hxxp://www.google.com.br/"
CHR Profile: C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Backup Default
CHR Extension: (YouTube) - C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Avast Online Security) - C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-21]
CHR Extension: (Gmail) - C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-10]
CHR Profile: C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-16]
CHR Extension: (Google Docs) - C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-16]
CHR Extension: (Google Drive) - C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-16]
CHR Extension: (YouTube) - C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-16]
CHR Extension: (Planilhas do Google) - C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-16]
CHR Extension: (Documentos Google off-line) - C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-16]
CHR Extension: (Avast Online Security) - C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-16]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-16]
CHR Extension: (Gmail) - C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-16]
CHR Extension: (Chrome Media Router) - C:\Users\CLIENTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-07]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-24] (Avast Software s.r.o.)
R2 FastTrackProAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe [1688336 2013-05-23] (M-Audio)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-29] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Arquivo não assinado]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3477816 2015-08-26] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-29] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-29] (NVIDIA Corporation)
R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [1925136 2016-05-29] (Scopus Soluções em TI Ltda)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-24] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-24] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-24] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-24] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-24] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-24] ()
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-01-12] (Disc Soft Ltd)
S3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-03] (GAS Tecnologia)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [23680 2013-01-25] (ASUSTeK Computer Inc.)
R3 MAUSBFASTTRACKPRO; C:\Windows\system32\DRIVERS\MAudioFastTrackPro.sys [184592 2013-05-23] (M-Audio)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Arquivo não assinado]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project)
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [117248 2010-11-20] (Microsoft Corporation) [Arquivo não assinado]
S3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-11-03] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-06-06] (GAS Tecnologia)
S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
U3 idsvc; não ImagePath
U3 wpcsvc; não ImagePath

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-22 16:56 - 2016-06-22 16:57 - 00026430 _____ C:\Users\CLIENTE\Desktop\FRST.txt
2016-06-22 16:56 - 2016-06-22 16:56 - 00000000 ____D C:\FRST
2016-06-22 16:55 - 2016-06-22 16:55 - 02387456 _____ (Farbar) C:\Users\CLIENTE\Desktop\FRST64.exe
2016-06-22 15:34 - 2016-06-22 15:34 - 00000000 ____D C:\Users\CLIENTE\AppData\LocalLow\uTorrent
2016-06-21 01:38 - 2016-06-21 01:38 - 00009923 _____ C:\Users\CLIENTE\Desktop\ZHPCleaner1.txt
2016-06-21 01:38 - 2016-06-21 01:38 - 00009920 _____ C:\Users\CLIENTE\Desktop\ZHPCleaner.txt
2016-06-21 01:24 - 2016-06-21 01:38 - 00000000 ____D C:\Users\CLIENTE\AppData\Roaming\ZHP
2016-06-21 01:23 - 2016-06-21 01:23 - 00002774 _____ C:\Users\CLIENTE\Desktop\JRT1.txt
2016-06-21 01:22 - 2016-06-21 01:22 - 00002774 _____ C:\Users\CLIENTE\Desktop\JRT.txt
2016-06-21 01:13 - 2016-06-21 01:13 - 00005177 _____ C:\Users\CLIENTE\Desktop\AdwCleaner[C1].txt
2016-06-21 01:07 - 2016-06-21 01:09 - 00000000 ____D C:\AdwCleaner
2016-06-20 14:31 - 2016-06-20 14:31 - 00384859 _____ C:\Users\CLIENTE\Downloads\Aryan 3.pdf
2016-06-19 21:07 - 2016-06-19 21:07 - 00000000 _____ C:\WINDOWS\SysWOW64\vns51BF.tmp
2016-06-19 21:07 - 2016-06-19 21:07 - 00000000 _____ C:\WINDOWS\SysWOW64\vns51BE.tmp
2016-06-19 20:16 - 2016-06-19 20:16 - 00385138 _____ C:\Users\CLIENTE\Downloads\Darx 3 (1).pdf
2016-06-19 20:12 - 2016-06-19 20:12 - 00385110 _____ C:\Users\CLIENTE\Downloads\Darx 3.pdf
2016-06-19 19:07 - 2016-06-19 19:07 - 00000000 _____ C:\WINDOWS\SysWOW64\vns6ADA.tmp
2016-06-19 19:07 - 2016-06-19 19:07 - 00000000 _____ C:\WINDOWS\SysWOW64\vns6AD9.tmp
2016-06-19 15:41 - 2016-06-19 15:41 - 00000000 _____ C:\WINDOWS\SysWOW64\vnsDED7.tmp
2016-06-19 15:41 - 2016-06-19 15:41 - 00000000 _____ C:\WINDOWS\SysWOW64\vnsDED6.tmp
2016-06-18 21:39 - 2016-06-18 21:39 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-06-18 21:39 - 2016-06-18 21:39 - 00000000 ____D C:\ProgramData\GbPlugin
2016-06-17 13:09 - 2016-06-17 13:09 - 00024826 _____ C:\ZA-Scan.txt
2016-06-17 13:07 - 2016-06-17 13:07 - 01370112 _____ C:\Users\CLIENTE\Downloads\ZA-Scan.exe
2016-06-17 13:07 - 2016-06-17 13:07 - 00000000 ____D C:\zoek_backup
2016-06-17 02:14 - 2016-06-17 02:14 - 00000000 _____ C:\WINDOWS\SysWOW64\vns3D1D.tmp
2016-06-17 02:14 - 2016-06-17 02:14 - 00000000 _____ C:\WINDOWS\SysWOW64\vns3D0D.tmp
2016-06-17 02:14 - 2016-06-17 02:14 - 00000000 _____ C:\WINDOWS\SysWOW64\vns3CEE.tmp
2016-06-17 02:14 - 2016-06-17 02:14 - 00000000 _____ C:\WINDOWS\SysWOW64\vns3CBF.tmp
2016-06-16 12:27 - 2016-06-16 12:27 - 00001258 _____ C:\Users\Public\Desktop\Outlast.lnk
2016-06-16 12:27 - 2016-06-16 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Barrels
2016-06-16 12:23 - 2016-06-16 12:23 - 00000000 ____D C:\Program Files (x86)\Red Barrels
2016-06-16 11:43 - 2016-06-16 11:44 - 01772031 _____ C:\Users\CLIENTE\Downloads\Fastplay.pdf
2016-06-16 10:59 - 2016-06-16 12:53 - 00000000 ____D C:\Users\CLIENTE\Downloads\Alan.Wake-SKIDROW
2016-06-16 10:50 - 2016-06-16 11:22 - 00000000 ____D C:\Users\CLIENTE\Downloads\Outlast [MULTI9][PCDVD][PROPHET][WwW.GamesTorrents.CoM]
2016-06-16 10:50 - 2016-06-16 10:50 - 00016882 _____ C:\Users\CLIENTE\Downloads\outlast-pc-www.gamestorrent.biz.torrent.torrent
2016-06-16 10:44 - 2016-06-16 10:54 - 00000000 ____D C:\Users\CLIENTE\Downloads\[R.G. Mechanics] Condemned - Criminal Origins
2016-06-15 18:13 - 2016-06-15 18:13 - 00000000 _____ C:\WINDOWS\SysWOW64\vns811B.tmp
2016-06-15 13:39 - 2016-06-15 13:39 - 00001248 _____ C:\Users\CLIENTE\Desktop\AIDA64 Extreme.lnk
2016-06-15 13:39 - 2016-06-15 13:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2016-06-15 13:39 - 2016-06-15 13:39 - 00000000 ____D C:\Program Files (x86)\FinalWire
2016-06-15 13:38 - 2016-06-15 13:38 - 16335712 _____ (FinalWire Ltd. ) C:\Users\CLIENTE\Downloads\aida64extreme570.exe
2016-06-15 00:44 - 2016-06-15 00:44 - 04456448 _____ C:\Users\CLIENTE\Downloads\memtest86.5.0.pro.edition.iso
2016-06-14 23:55 - 2016-05-28 03:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-14 23:55 - 2016-05-28 03:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-14 23:55 - 2016-05-28 03:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-14 23:55 - 2016-05-28 02:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-14 23:55 - 2016-05-28 02:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-14 23:55 - 2016-05-28 02:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-14 23:55 - 2016-05-28 02:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-14 23:55 - 2016-05-28 02:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-14 23:55 - 2016-05-28 02:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-14 23:55 - 2016-05-28 02:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-14 23:55 - 2016-05-28 01:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-14 23:55 - 2016-05-28 01:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-14 23:55 - 2016-05-28 01:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-14 23:55 - 2016-05-28 01:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-14 23:55 - 2016-05-28 01:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-14 23:55 - 2016-05-28 01:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-14 23:55 - 2016-05-28 01:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-14 23:55 - 2016-05-28 01:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-14 23:55 - 2016-05-28 01:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-14 23:55 - 2016-05-28 01:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-14 23:55 - 2016-05-28 01:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-14 23:55 - 2016-05-28 01:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-14 23:55 - 2016-05-28 01:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-14 23:55 - 2016-05-28 01:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-14 23:55 - 2016-05-28 01:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-14 23:55 - 2016-05-28 01:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-14 23:55 - 2016-05-28 01:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-14 23:55 - 2016-05-28 01:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-14 23:55 - 2016-05-28 01:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-14 23:55 - 2016-05-28 01:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-14 23:55 - 2016-05-28 01:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-14 23:55 - 2016-05-28 01:18 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2016-06-14 23:55 - 2016-05-28 01:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-14 23:55 - 2016-05-28 01:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-14 23:55 - 2016-05-28 01:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-14 23:55 - 2016-05-28 01:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-14 23:55 - 2016-05-28 01:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-14 23:55 - 2016-05-28 01:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-14 23:55 - 2016-05-28 01:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-14 23:55 - 2016-05-28 01:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-14 23:55 - 2016-05-28 01:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-14 23:55 - 2016-05-28 01:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-14 23:55 - 2016-05-28 01:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-14 23:55 - 2016-05-28 01:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-14 23:55 - 2016-05-28 01:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-14 23:55 - 2016-05-28 01:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-14 23:55 - 2016-05-28 01:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-14 23:55 - 2016-05-28 01:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-14 23:55 - 2016-05-28 01:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-14 23:55 - 2016-05-28 01:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-14 23:55 - 2016-05-28 01:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-14 23:55 - 2016-05-28 01:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-14 23:55 - 2016-05-28 01:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-14 23:55 - 2016-05-28 01:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-14 23:55 - 2016-05-28 01:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-14 23:55 - 2016-05-28 01:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-14 23:55 - 2016-05-28 01:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-14 23:55 - 2016-05-28 01:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-14 23:55 - 2016-05-28 01:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-14 23:55 - 2016-05-28 01:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-14 23:55 - 2016-05-28 01:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-14 23:55 - 2016-05-28 01:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-14 23:55 - 2016-05-28 01:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-14 23:55 - 2016-05-28 01:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-14 23:55 - 2016-05-28 01:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-14 23:55 - 2016-05-28 01:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-14 23:55 - 2016-05-28 01:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 23:55 - 2016-05-28 01:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-14 23:55 - 2016-05-28 01:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-14 23:55 - 2016-05-28 01:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-14 23:55 - 2016-05-28 01:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-14 23:55 - 2016-05-28 01:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-14 23:55 - 2016-05-28 01:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-14 23:55 - 2016-05-28 01:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-14 23:55 - 2016-05-28 01:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-14 23:55 - 2016-05-28 01:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-14 23:55 - 2016-05-28 01:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-14 23:55 - 2016-05-28 01:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-14 23:55 - 2016-05-28 01:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-14 23:55 - 2016-05-28 00:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-14 23:55 - 2016-05-28 00:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-14 23:55 - 2016-05-28 00:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-14 23:55 - 2016-05-28 00:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-14 23:55 - 2016-05-28 00:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-14 23:54 - 2016-05-28 03:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-14 23:54 - 2016-05-28 03:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-14 23:54 - 2016-05-28 03:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-14 23:54 - 2016-05-28 02:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-14 23:54 - 2016-05-28 02:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-14 23:54 - 2016-05-28 02:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-14 23:54 - 2016-05-28 02:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-14 23:54 - 2016-05-28 02:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-14 23:54 - 2016-05-28 02:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-14 23:54 - 2016-05-28 02:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-14 23:54 - 2016-05-28 02:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-14 23:54 - 2016-05-28 02:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-14 23:54 - 2016-05-28 02:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-14 23:54 - 2016-05-28 02:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-14 23:54 - 2016-05-28 02:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-14 23:54 - 2016-05-28 02:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-14 23:54 - 2016-05-28 02:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-14 23:54 - 2016-05-28 02:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-14 23:54 - 2016-05-28 02:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-14 23:54 - 2016-05-28 02:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-14 23:54 - 2016-05-28 02:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-14 23:54 - 2016-05-28 02:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-14 23:54 - 2016-05-28 02:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-14 23:54 - 2016-05-28 02:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-14 23:54 - 2016-05-28 02:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-14 23:54 - 2016-05-28 02:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-14 23:54 - 2016-05-28 02:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-14 23:54 - 2016-05-28 02:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-14 23:54 - 2016-05-28 02:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-14 23:54 - 2016-05-28 02:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-14 23:54 - 2016-05-28 02:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-14 23:54 - 2016-05-28 02:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-14 23:54 - 2016-05-28 02:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-14 23:54 - 2016-05-28 01:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-14 23:54 - 2016-05-28 01:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-14 23:54 - 2016-05-28 01:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-14 23:54 - 2016-05-28 01:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-14 23:54 - 2016-05-28 01:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-14 23:54 - 2016-05-28 01:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-14 23:54 - 2016-05-28 01:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-14 23:54 - 2016-05-28 01:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-14 23:54 - 2016-05-28 01:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-14 23:54 - 2016-05-28 01:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-14 23:54 - 2016-05-28 01:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-14 23:54 - 2016-05-28 01:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-14 23:54 - 2016-05-28 01:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-14 23:54 - 2016-05-28 01:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-14 23:54 - 2016-05-28 01:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-14 23:54 - 2016-05-28 01:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-14 23:54 - 2016-05-28 01:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-14 23:54 - 2016-05-28 01:25 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2016-06-14 23:54 - 2016-05-28 01:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-14 23:54 - 2016-05-28 01:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-14 23:54 - 2016-05-28 01:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-14 23:54 - 2016-05-28 01:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-14 23:54 - 2016-05-28 01:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-14 23:54 - 2016-05-28 01:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-14 23:54 - 2016-05-28 01:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-14 23:54 - 2016-05-28 01:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-14 23:54 - 2016-05-28 01:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-14 23:54 - 2016-05-28 01:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-14 23:54 - 2016-05-28 01:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-14 23:54 - 2016-05-28 01:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-14 23:54 - 2016-05-28 01:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-14 23:54 - 2016-05-28 01:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-14 23:54 - 2016-05-28 01:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-14 23:54 - 2016-05-28 01:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-14 23:54 - 2016-05-28 01:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-14 23:54 - 2016-05-28 01:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-14 23:54 - 2016-05-28 01:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-14 23:54 - 2016-05-28 01:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-14 23:54 - 2016-05-28 01:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-14 23:54 - 2016-05-28 01:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-14 23:54 - 2016-05-28 01:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2016-06-14 23:54 - 2016-05-28 01:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-14 23:54 - 2016-05-28 01:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-14 23:54 - 2016-05-28 01:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-14 23:54 - 2016-05-28 01:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-14 23:54 - 2016-05-28 01:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-14 23:54 - 2016-05-28 01:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-14 23:54 - 2016-05-28 01:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-14 23:54 - 2016-05-28 01:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-14 23:54 - 2016-05-28 01:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-14 23:54 - 2016-05-28 01:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-14 23:54 - 2016-05-28 01:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-14 23:54 - 2016-05-28 01:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-14 23:54 - 2016-05-28 01:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-14 23:54 - 2016-05-28 01:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-14 23:54 - 2016-05-28 01:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-14 23:54 - 2016-05-28 01:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-14 23:54 - 2016-05-28 01:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-14 23:54 - 2016-05-28 01:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-14 23:54 - 2016-05-28 01:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-14 23:54 - 2016-05-28 01:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-14 23:54 - 2016-05-28 01:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-14 23:54 - 2016-05-28 01:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-14 23:54 - 2016-05-28 01:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-14 23:54 - 2016-05-28 01:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-14 23:54 - 2016-05-28 01:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-14 23:54 - 2016-05-28 01:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-14 23:54 - 2016-05-28 01:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-14 23:54 - 2016-05-28 01:15 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2016-06-14 23:54 - 2016-05-28 01:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-14 23:54 - 2016-05-28 01:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-14 23:54 - 2016-05-28 01:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-14 23:54 - 2016-05-28 01:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-14 23:54 - 2016-05-28 01:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-14 23:54 - 2016-05-28 01:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-14 23:54 - 2016-05-28 01:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-14 23:54 - 2016-05-28 01:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-14 23:54 - 2016-05-28 01:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-14 23:54 - 2016-05-28 01:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-14 23:54 - 2016-05-28 01:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-14 23:54 - 2016-05-28 01:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-14 23:54 - 2016-05-28 01:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-14 23:54 - 2016-05-28 01:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-14 23:54 - 2016-05-28 01:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-14 23:54 - 2016-05-28 01:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-14 23:54 - 2016-05-28 01:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-14 23:54 - 2016-05-28 01:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-14 23:54 - 2016-05-28 01:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-14 23:54 - 2016-05-28 01:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-14 23:54 - 2016-05-28 01:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-14 23:54 - 2016-05-28 01:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-14 23:54 - 2016-05-28 01:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-14 23:54 - 2016-05-28 01:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-14 23:54 - 2016-05-28 01:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-14 23:54 - 2016-05-28 01:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-14 23:54 - 2016-05-28 01:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-14 23:54 - 2016-05-28 01:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-14 23:54 - 2016-05-28 01:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-14 23:54 - 2016-05-28 00:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-14 23:54 - 2016-05-28 00:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-14 23:54 - 2016-05-28 00:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-14 23:54 - 2016-05-28 00:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-13 13:21 - 2016-06-13 13:22 - 49626608 _____ C:\Users\CLIENTE\Downloads\torbrowser-install-6.0.1_en-US.exe
2016-06-08 13:31 - 2016-06-08 13:31 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-06-08 13:27 - 2016-06-08 13:27 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-06-07 23:33 - 2016-06-07 23:33 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-06-07 17:11 - 2016-06-07 17:11 - 00000000 ____D C:\Users\CLIENTE\AppData\Local\PeerDistRepub
2016-06-07 16:39 - 2016-06-07 16:39 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-07 16:39 - 2016-06-03 00:28 - 00111552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-06-07 16:39 - 2016-05-03 23:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-06-07 16:39 - 2016-05-03 23:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-06-07 16:39 - 2016-05-03 23:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-06-07 16:39 - 2016-05-03 23:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-06-07 16:37 - 2016-06-03 04:22 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 31641656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 25404864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 21812056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 21355464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 18151128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 17746664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 17432544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 02844608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 02470336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00983488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00910392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00786176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00631288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00601752 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00549240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00452616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00385592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00379808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00316632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00177952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00155768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00153232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00131584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-06-07 16:37 - 2016-06-03 04:22 - 00000594 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-06-07 16:37 - 2016-06-03 04:22 - 00000594 _____ C:\WINDOWS\system32\nv-vk64.json
2016-06-07 16:17 - 2016-03-21 17:01 - 00109632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-06-07 16:17 - 2016-03-21 17:01 - 00100416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-06-07 04:09 - 2016-06-07 14:07 - 00000000 ____D C:\Users\CLIENTE\AppData\Local\Comms
2016-06-07 04:02 - 2016-06-12 14:51 - 00000000 ____D C:\Users\DefaultAppPool
2016-06-07 04:02 - 2016-06-07 04:02 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-06-07 04:02 - 2016-06-07 04:02 - 00000000 _SHDL C:\Users\DefaultAppPool\Modelos
2016-06-07 04:02 - 2016-06-07 04:02 - 00000000 _SHDL C:\Users\DefaultAppPool\Meus Documentos
2016-06-07 04:02 - 2016-06-07 04:02 - 00000000 _SHDL C:\Users\DefaultAppPool\Menu Iniciar
2016-06-07 04:02 - 2016-06-07 04:02 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Minhas Músicas
2016-06-07 04:02 - 2016-06-07 04:02 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Minhas Imagens
2016-06-07 04:02 - 2016-06-07 04:02 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Meus Vídeos
2016-06-07 04:02 - 2016-06-07 04:02 - 00000000 _SHDL C:\Users\DefaultAppPool\Dados de Aplicativos
2016-06-07 04:02 - 2016-06-07 04:02 - 00000000 _SHDL C:\Users\DefaultAppPool\Configurações Locais
2016-06-07 04:02 - 2016-06-07 04:02 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-07 04:02 - 2016-06-07 04:02 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Histórico
2016-06-07 04:02 - 2016-06-07 04:02 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Dados de Aplicativos
2016-06-07 04:02 - 2016-06-07 04:02 - 00000000 _SHDL C:\Users\DefaultAppPool\Ambiente de Rede
2016-06-07 04:02 - 2016-06-07 04:02 - 00000000 _SHDL C:\Users\DefaultAppPool\Ambiente de Impressão
2016-06-07 04:02 - 2016-06-07 03:31 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2016-06-07 04:02 - 2016-06-07 03:31 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\AVAST Software
2016-06-07 04:02 - 2016-06-07 03:31 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2016-06-07 03:54 - 2016-06-07 03:54 - 00002375 _____ C:\Users\CLIENTE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-06-07 03:54 - 2016-06-07 03:54 - 00000000 ___RD C:\Users\CLIENTE\OneDrive
2016-06-07 03:52 - 2015-10-29 19:43 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-06-07 03:52 - 2015-10-29 19:43 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-06-07 03:52 - 2015-10-29 19:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2016-06-07 03:52 - 2015-10-29 19:25 - 06359040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-06-07 03:52 - 2015-10-29 19:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2016-06-07 03:51 - 2016-06-07 03:51 - 00001047 _____ C:\Users\CLIENTE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recursos Opcionais.lnk
2016-06-07 03:51 - 2016-06-07 03:51 - 00000000 ____D C:\Users\CLIENTE\AppData\Local\Publishers
2016-06-07 03:50 - 2016-06-07 03:50 - 00000000 ____D C:\Users\CLIENTE\AppData\Local\ActiveSync
2016-06-07 03:48 - 2016-06-08 13:36 - 00000000 ____D C:\Users\CLIENTE\AppData\Local\Packages
2016-06-07 03:48 - 2016-06-07 03:48 - 00000020 ___SH C:\Users\CLIENTE\ntuser.ini
2016-06-07 03:48 - 2016-06-07 03:48 - 00000000 ____D C:\Users\CLIENTE\AppData\Local\TileDataLayer
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Músicas
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Imagens
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus Vídeos
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de Aplicativos
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default\Modelos
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default\Meus Documentos
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Músicas
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Imagens
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default\Documents\Meus Vídeos
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default\Dados de Aplicativos
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default\Configurações Locais
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default\Ambiente de Rede
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default\Ambiente de Impressão
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Músicas
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Imagens
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default User\Documents\Meus Vídeos
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-06-07 03:43 - 2016-06-07 03:43 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de Aplicativos
2016-06-07 03:42 - 2016-06-07 03:42 - 00022956 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-06-07 03:31 - 2016-06-07 03:31 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-06-07 03:31 - 2016-06-07 03:31 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\Media Center Programs
2016-06-07 03:31 - 2016-06-07 03:31 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\AVAST Software
2016-06-07 03:31 - 2016-06-07 03:31 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\Microsoft Help
2016-06-07 03:31 - 2016-06-07 03:31 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-06-07 03:31 - 2016-06-07 03:31 - 00000000 ____D C:\Users\Default\AppData\Roaming\AVAST Software
2016-06-07 03:31 - 2016-06-07 03:31 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-06-07 03:31 - 2016-06-07 03:31 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-06-07 03:31 - 2016-06-07 03:31 - 00000000 ____D C:\Users\Default User\AppData\Roaming\AVAST Software
2016-06-07 03:31 - 2016-06-07 03:31 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-06-07 03:26 - 2016-06-07 03:26 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-06-07 03:22 - 2016-06-21 01:10 - 00000000 ____D C:\Users\CLIENTE
2016-06-07 03:22 - 2016-06-07 03:22 - 00000000 _SHDL C:\Users\CLIENTE\Modelos
2016-06-07 03:22 - 2016-06-07 03:22 - 00000000 _SHDL C:\Users\CLIENTE\Meus Documentos
2016-06-07 03:22 - 2016-06-07 03:22 - 00000000 _SHDL C:\Users\CLIENTE\Menu Iniciar
2016-06-07 03:22 - 2016-06-07 03:22 - 00000000 _SHDL C:\Users\CLIENTE\Documents\Minhas Músicas
2016-06-07 03:22 - 2016-06-07 03:22 - 00000000 _SHDL C:\Users\CLIENTE\Documents\Minhas Imagens
2016-06-07 03:22 - 2016-06-07 03:22 - 00000000 _SHDL C:\Users\CLIENTE\Documents\Meus Vídeos
2016-06-07 03:22 - 2016-06-07 03:22 - 00000000 _SHDL C:\Users\CLIENTE\Dados de Aplicativos
2016-06-07 03:22 - 2016-06-07 03:22 - 00000000 _SHDL C:\Users\CLIENTE\Configurações Locais
2016-06-07 03:22 - 2016-06-07 03:22 - 00000000 _SHDL C:\Users\CLIENTE\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-07 03:22 - 2016-06-07 03:22 - 00000000 _SHDL C:\Users\CLIENTE\AppData\Local\Histórico
2016-06-07 03:22 - 2016-06-07 03:22 - 00000000 _SHDL C:\Users\CLIENTE\AppData\Local\Dados de Aplicativos
2016-06-07 03:22 - 2016-06-07 03:22 - 00000000 _SHDL C:\Users\CLIENTE\Ambiente de Rede
2016-06-07 03:22 - 2016-06-07 03:22 - 00000000 _SHDL C:\Users\CLIENTE\Ambiente de Impressão
2016-06-07 03:21 - 2016-06-07 03:21 - 02004266 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-06-07 03:19 - 2016-06-21 13:56 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-06-07 03:19 - 2016-06-21 13:56 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-07 03:19 - 2016-06-07 16:40 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
2016-06-07 03:19 - 2016-06-07 16:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-07 03:19 - 2016-06-07 16:38 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-07 03:19 - 2016-06-07 03:26 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-06-07 03:19 - 2016-06-07 03:19 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-06-07 03:19 - 2016-06-03 00:59 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-06-07 03:19 - 2016-06-03 00:59 - 06364216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-06-07 03:19 - 2016-06-03 00:59 - 02455608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-06-07 03:19 - 2016-06-03 00:59 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-06-07 03:19 - 2016-06-03 00:59 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-07 03:19 - 2016-06-03 00:59 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-06-07 03:19 - 2016-06-03 00:59 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-06-07 03:17 - 2016-06-07 03:49 - 00000000 ___DC C:\WINDOWS\Panther
2016-06-07 03:14 - 2016-06-07 03:14 - 00000000 ____D C:\Windows.old
2016-06-07 03:13 - 2016-06-07 03:13 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-06-07 03:13 - 2016-06-07 03:13 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-06-07 03:13 - 2016-06-07 03:13 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-06-07 03:13 - 2016-06-07 03:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-06-07 03:13 - 2016-06-07 03:13 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-06-07 03:13 - 2016-06-07 03:13 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-06-07 03:13 - 2016-06-07 03:13 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-06-07 03:13 - 2016-06-07 03:13 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-06-07 03:13 - 2016-06-07 03:13 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-06-07 03:13 - 2016-06-07 03:13 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-06-07 03:13 - 2016-06-07 03:13 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-06-07 03:13 - 2016-06-07 03:13 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-06-07 03:13 - 2016-06-07 03:13 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-06-07 03:13 - 2016-06-07 03:13 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-06-07 03:09 - 2016-06-07 03:09 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-06-07 03:07 - 2016-06-07 03:34 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-06-07 03:07 - 2016-06-07 03:07 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-06-07 03:07 - 2016-06-07 03:07 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-06-07 03:07 - 2016-06-07 03:07 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-06-07 03:07 - 2016-06-07 03:07 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-06-07 03:07 - 2016-06-07 03:07 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-06-07 03:07 - 2016-06-07 03:07 - 00000000 ____D C:\Program Files\MSBuild
2016-06-07 03:07 - 2016-06-07 03:07 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-06-07 03:07 - 2016-06-07 03:07 - 00000000 ____D C:\inetpub
2016-06-07 03:06 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-06-07 03:06 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-06-07 03:06 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-06-07 03:06 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-06-07 03:06 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-06-07 03:06 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-06-07 02:54 - 2016-06-07 03:43 - 00010449 _____ C:\WINDOWS\diagerr.xml
2016-06-07 02:54 - 2016-06-07 03:43 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2016-06-07 00:16 - 2016-06-07 00:16 - 00000000 ____D C:\Users\CLIENTE\AppData\Local\GWX
2016-06-06 23:11 - 2016-06-07 03:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-06 23:10 - 2016-06-06 23:10 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-06 23:10 - 2016-06-06 23:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-06 19:26 - 2016-06-06 19:26 - 00000000 ____D C:\0ae3568ae7e83383e14936
2016-06-06 19:23 - 2016-06-07 03:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-06 19:23 - 2016-06-06 19:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-06 18:56 - 2016-06-15 03:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-06 18:56 - 2016-06-15 03:43 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-06 15:01 - 2016-06-07 03:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-06-06 15:01 - 2016-06-06 15:01 - 01664456 _____ ( ) C:\Users\CLIENTE\Downloads\cpu-z_1.76-en.exe
2016-06-06 15:01 - 2016-06-06 15:01 - 00000869 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2016-06-06 15:01 - 2016-06-06 15:01 - 00000000 ____D C:\Program Files\CPUID
2016-06-06 14:24 - 2016-05-21 18:10 - 01581624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2016-06-06 14:24 - 2016-05-21 18:10 - 00141256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-06-06 14:24 - 2016-05-21 18:10 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-06-06 14:19 - 2016-03-21 17:01 - 00056384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-06-05 16:59 - 2016-06-05 16:59 - 00000000 ____D C:\Users\CLIENTE\AppData\Local\FLT
2016-06-05 16:29 - 2015-01-09 00:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\powertracker.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-localization-l1-2-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-synch-l1-2-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l2-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l1-2-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-06-05 16:18 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-06-05 16:13 - 2016-02-12 15:18 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2016-06-05 16:10 - 2015-07-22 13:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2016-06-05 16:09 - 2012-08-21 18:01 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\OxpsConverter.exe
2016-06-05 16:05 - 2016-04-23 01:40 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2016-06-05 16:05 - 2016-04-23 01:06 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2016-06-05 16:05 - 2016-04-23 00:30 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2016-06-05 16:05 - 2012-04-26 02:34 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrmemptylst.exe
2016-06-04 14:14 - 2016-06-04 14:14 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-06-04 14:14 - 2016-06-04 14:14 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-06-04 14:13 - 2016-06-04 14:13 - 00000020 _____ C:\WINDOWS\¸úÚ
2016-06-04 14:13 - 2016-06-04 14:13 - 00000000 ____D C:\Program Files (x86)\Windows Live
2016-06-04 14:09 - 2016-06-04 14:15 - 00000000 ____D C:\Users\CLIENTE\AppData\Local\Windows Live
2016-06-04 14:08 - 2016-06-04 14:09 - 01242312 _____ (Microsoft Corporation) C:\Users\CLIENTE\Downloads\wlsetup-web.exe
2016-06-04 04:31 - 2016-06-04 04:31 - 00271578 _____ C:\Users\CLIENTE\Downloads\Conquistas D&D.pdf
2016-06-02 23:48 - 2016-06-05 12:31 - 00000000 ____D C:\Program Files (x86)\Ryse Son of Rome
2016-06-02 00:55 - 2016-06-07 13:43 - 00000000 ____D C:\Users\CLIENTE\Downloads\Bioshock.Infinite-Black.Box
2016-06-02 00:53 - 2016-06-02 00:53 - 00015902 _____ C:\Users\CLIENTE\Downloads\BioShock.Infinite.PC.torrent
2016-06-01 22:35 - 2016-06-01 22:35 - 00001771 _____ C:\Users\CLIENTE\Desktop\NSUNS4 - Atalho.lnk
2016-05-26 21:42 - 2016-06-07 03:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Walking Dead Season 2
2016-05-26 21:42 - 2016-05-26 21:42 - 00001161 _____ C:\Users\CLIENTE\Desktop\The Walking Dead Season 2.lnk
2016-05-26 21:38 - 2016-05-26 21:46 - 00000000 ____D C:\Program Files (x86)\The Walking Dead Season 2
2016-05-26 17:25 - 2016-05-26 18:11 - 00000000 ____D C:\Users\CLIENTE\Downloads\[R.G. Mechanics] The Walking Dead - Season 2
2016-05-26 16:28 - 2016-05-26 16:29 - 00024066 _____ C:\Users\CLIENTE\Downloads\NARUTO.SHIPPUDEN.Ultimate.Ninja.STORM.4.Update.8.Incl.DLC.torrent
2016-05-26 16:25 - 2016-05-26 16:25 - 00003704 _____ C:\Users\CLIENTE\Downloads\FlashPlayer_Update.vbs
2016-05-26 13:15 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-05-26 13:13 - 2016-05-26 13:13 - 00000222 _____ C:\Users\CLIENTE\Desktop\Neverwinter.url
2016-05-24 22:27 - 2016-05-24 22:27 - 00860672 _____ C:\Users\CLIENTE\Downloads\Não confirmado 679563.crdownload
2016-05-20 13:33 - 2016-05-20 13:33 - 00000000 ____D C:\Program Files (x86)\Desire Dungeon
2016-05-19 17:57 - 2016-05-19 17:57 - 00392443 _____ C:\Users\CLIENTE\Downloads\Ficha de APS PDCV.pdf
2016-05-19 15:17 - 2016-06-18 22:06 - 00000964 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-05-19 15:17 - 2016-06-17 13:45 - 00004036 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-05-19 15:11 - 2016-05-19 15:15 - 00000000 _____ C:\Users\CLIENTE\AppData\Local\{D45DF5F9-E00E-408D-8E4B-607C080FF157}
2016-05-19 15:07 - 2016-06-17 22:21 - 00002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-19 15:06 - 2016-06-22 16:20 - 00001070 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-19 15:06 - 2016-06-22 15:34 - 00001066 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-19 15:06 - 2016-06-07 03:42 - 00003924 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-17 15:49 - 2016-05-17 15:49 - 00394190 _____ C:\Users\CLIENTE\Downloads\Trabalho de Políticas de Exportação Argentina.pdf
2016-05-17 00:10 - 2016-05-17 00:10 - 11176503 _____ C:\Users\CLIENTE\Downloads\Paint Tool Sai Português.rar
2016-05-14 21:49 - 2016-05-14 21:49 - 00000000 ____D C:\Users\CLIENTE\Documents\psicologia jessy
2016-05-14 15:37 - 2016-05-14 15:37 - 00674967 _____ C:\Users\CLIENTE\Downloads\Ficha de Personagem D&D 5E (1).pdf
2016-05-11 13:18 - 2016-05-11 13:34 - 1310027894 _____ C:\Users\CLIENTE\Downloads\SW-331.mp4
2016-05-07 20:59 - 2016-05-07 20:59 - 00054656 _____ C:\Users\CLIENTE\Downloads\FORMULARIO DE ACOMPANHAMENTO DE ATIVIDADE COMPLEMENTAR.xls.xlsx
2016-05-06 00:25 - 2016-05-06 00:25 - 00674967 _____ C:\Users\CLIENTE\Downloads\Ficha de Personagem D&D 5E.pdf
2016-05-03 23:23 - 2016-05-03 23:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1-1-0-11-1.dll
2016-05-03 23:22 - 2016-05-03 23:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1-1-0-11-1.dll
2016-05-03 23:22 - 2016-05-03 23:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo-1-1-0-11-1.exe
2016-05-03 23:22 - 2016-05-03 23:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-11-1.exe
2016-05-02 16:41 - 2016-05-02 16:41 - 00170492 _____ C:\Users\CLIENTE\Downloads\Memórias de aulas 02 (1).pdf
2016-04-27 05:35 - 2016-06-07 02:54 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-27 04:18 - 2016-04-27 04:18 - 00002364 _____ C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-27 04:18 - 2016-04-27 04:18 - 00000000 ___RD C:\Users\Administrador\OneDrive
2016-04-27 04:15 - 2016-06-15 12:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-27 04:15 - 2016-04-27 04:15 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-04-27 04:15 - 2016-04-27 04:15 - 00000000 ____D C:\Users\Administrador\AppData\Roaming\Adobe
2016-04-27 04:15 - 2016-04-27 04:15 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-04-27 04:11 - 2016-06-21 14:04 - 02100084 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-27 04:11 - 2016-04-27 04:11 - 00000000 ____D C:\Users\Administrador\AppData\Local\ActiveSync
2016-04-27 04:07 - 2016-04-27 04:18 - 00000000 ____D C:\Users\Administrador
2016-04-27 04:07 - 2016-04-27 04:15 - 00000000 ____D C:\Users\Administrador\AppData\Local\Packages
2016-04-27 04:07 - 2016-04-27 04:07 - 00000020 ___SH C:\Users\Administrador\ntuser.ini
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 _SHDL C:\Users\Administrador\Modelos
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 _SHDL C:\Users\Administrador\Meus Documentos
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 _SHDL C:\Users\Administrador\Menu Iniciar
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 _SHDL C:\Users\Administrador\Documents\Minhas Músicas
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 _SHDL C:\Users\Administrador\Documents\Minhas Imagens
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 _SHDL C:\Users\Administrador\Documents\Meus Vídeos
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 _SHDL C:\Users\Administrador\Dados de Aplicativos
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 _SHDL C:\Users\Administrador\Configurações Locais
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 _SHDL C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 _SHDL C:\Users\Administrador\AppData\Local\Histórico
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 _SHDL C:\Users\Administrador\AppData\Local\Dados de Aplicativos
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 _SHDL C:\Users\Administrador\Ambiente de Rede
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 _SHDL C:\Users\Administrador\Ambiente de Impressão
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 ____D C:\Users\Todos os Usuários\USOShared
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 ____D C:\Users\Administrador\AppData\Local\TileDataLayer
2016-04-27 04:07 - 2016-04-27 04:07 - 00000000 ____D C:\ProgramData\USOShared
2016-04-27 04:06 - 2016-06-21 13:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-27 04:06 - 2016-05-28 02:55 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-04-27 03:59 - 2016-04-27 00:02 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-04-27 03:49 - 2015-10-30 04:18 - 00032200 _____ C:\WINDOWS\Professional.xml
2016-04-27 03:47 - 2016-06-07 03:34 - 00000000 ____D C:\WINDOWS\ShellNew
2016-04-27 03:47 - 2016-06-07 03:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-04-27 03:47 - 2016-04-27 03:47 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2016-04-27 03:30 - 2016-06-07 03:52 - 00000000 ____D C:\WINDOWS\OCR
2016-04-27 03:30 - 2016-04-27 03:30 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-04-27 03:30 - 2016-04-27 03:30 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-04-27 03:30 - 2016-04-27 03:30 - 00000000 ____D C:\WINDOWS\SKB
2016-04-27 03:29 - 2016-04-27 03:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-04-27 03:29 - 2016-04-27 03:29 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-04-27 03:29 - 2016-04-27 03:29 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-04-27 03:29 - 2016-04-27 03:29 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-04-27 03:29 - 2016-04-27 03:29 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-04-27 03:29 - 2016-04-27 03:29 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-04-27 03:29 - 2016-04-27 03:29 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-04-27 03:29 - 2016-04-27 03:29 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-04-27 03:29 - 2016-04-27 03:29 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-04-27 03:29 - 2016-04-27 03:29 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-04-27 03:29 - 2016-04-27 03:29 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-04-27 03:29 - 2016-04-27 03:29 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-04-27 03:29 - 2016-04-27 03:29 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-04-27 03:29 - 2016-04-27 03:29 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-04-27 03:29 - 2016-04-27 03:29 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-27 03:29 - 2016-04-27 03:29 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-04-27 03:29 - 2016-04-27 03:29 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-04-27 03:29 - 2016-04-27 03:29 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-27 03:29 - 2016-04-27 03:29 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-04-27 03:29 - 2016-04-27 03:29 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-04-27 03:29 - 2016-04-27 03:29 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-04-27 03:29 - 2016-04-27 03:29 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-04-27 03:29 - 2016-04-27 03:29 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-04-27 03:29 - 2016-04-27 03:29 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-04-27 03:29 - 2016-04-27 03:29 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-04-27 03:29 - 2016-04-27 03:29 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-04-27 03:29 - 2016-04-27 03:29 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-04-27 03:29 - 2016-04-27 03:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-27 03:29 - 2016-04-27 03:29 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-04-27 03:29 - 2016-04-27 03:29 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-04-27 03:29 - 2016-04-27 03:29 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-04-27 03:29 - 2016-04-27 03:29 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-04-27 03:29 - 2016-04-27 03:29 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-04-27 03:28 - 2016-04-27 03:28 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-04-27 03:28 - 2016-04-27 03:28 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-04-27 03:28 - 2016-04-27 03:28 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-27 03:28 - 2016-04-27 03:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-04-27 03:28 - 2016-04-27 03:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-04-27 03:28 - 2016-04-27 03:28 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-04-27 03:28 - 2016-04-27 03:28 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-04-27 03:28 - 2016-04-27 03:28 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-04-27 03:28 - 2016-04-27 03:28 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-04-27 03:28 - 2016-04-27 03:28 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-04-27 03:28 - 2016-04-27 03:28 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-04-27 03:24 - 2016-06-21 14:04 - 00890074 _____ C:\WINDOWS\system32\prfh0416.dat
2016-04-27 03:24 - 2016-06-21 14:04 - 00193318 _____ C:\WINDOWS\system32\prfc0416.dat
2016-04-27 03:24 - 2016-04-27 03:24 - 00328354 _____ C:\WINDOWS\system32\prfi0416.dat
2016-04-27 03:24 - 2016-04-27 03:24 - 00040752 _____ C:\WINDOWS\system32\prfd0416.dat
2016-04-27 03:24 - 2016-04-27 03:24 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-04-27 03:24 - 2016-04-27 03:24 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-04-27 03:24 - 2016-04-27 03:24 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-04-27 03:24 - 2016-04-27 03:24 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-04-27 03:24 - 2016-04-27 03:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-04-27 03:24 - 2016-04-27 03:24 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-04-27 03:24 - 2016-04-27 03:24 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-04-27 03:24 - 2016-04-27 03:24 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-04-27 03:24 - 2016-04-27 03:24 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-04-27 03:24 - 2016-04-27 03:24 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-04-27 03:24 - 2016-04-27 03:24 - 00000000 ____D C:\WINDOWS\system32\0409
2016-04-27 03:24 - 2016-04-27 03:24 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-04-27 00:46 - 2016-04-27 01:01 - 00015151 _____ C:\Users\CLIENTE\Downloads\Cópia de Ruth gheler.xlsx
2016-04-27 00:01 - 2016-06-15 12:00 - 00350224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-26 13:44 - 2016-04-26 13:44 - 02550272 _____ C:\Users\CLIENTE\Downloads\Bibliometria3.ppt
2016-04-26 13:44 - 2016-04-26 13:44 - 02548224 _____ C:\Users\CLIENTE\Downloads\Bibliometria3 (1).ppt
2016-04-10 14:43 - 2016-04-10 15:16 - 00000000 ____D C:\Users\CLIENTE\Desktop\entrevista jessy
2016-04-10 14:02 - 2016-04-10 14:02 - 02097386 _____ C:\Users\CLIENTE\Downloads\NascimentoBrunoSavioNogueira_TCC.pdf
2016-04-08 21:10 - 2016-04-08 21:10 - 01002504 _____ C:\Users\CLIENTE\Downloads\image001.emz

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-22 16:56 - 2015-01-11 14:42 - 00000000 ____D C:\Users\CLIENTE\AppData\Roaming\uTorrent
2016-06-22 16:45 - 2015-07-25 11:11 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-22 16:18 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-22 16:18 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-22 15:35 - 2015-01-25 11:09 - 00000000 ____D C:\Users\CLIENTE\Documents\Assassin's Creed Unity
2016-06-22 15:34 - 2015-05-27 14:58 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-21 14:04 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-21 13:59 - 2015-03-07 00:08 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-06-21 02:04 - 2015-12-02 10:45 - 00000000 ____D C:\Users\CLIENTE\Desktop\Faculdade
2016-06-21 02:02 - 2015-01-15 21:19 - 00000000 ____D C:\Program Files (x86)\The Elder Scrolls V Skyrim
2016-06-21 01:11 - 2015-10-30 03:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-21 01:10 - 2015-02-20 00:09 - 00000008 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-06-21 01:10 - 2015-02-20 00:09 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-17 12:45 - 2015-07-25 11:11 - 00003876 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-06-16 23:59 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-16 15:21 - 2015-01-12 22:32 - 00000000 ____D C:\Users\CLIENTE\Documents\My Games
2016-06-16 13:21 - 2015-12-29 19:06 - 00000000 ____D C:\Users\CLIENTE\AppData\Local\CrashDumps
2016-06-16 12:20 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-15 03:51 - 2015-10-30 04:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-15 03:51 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-15 03:51 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-15 03:50 - 2014-12-20 08:43 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-06-15 01:13 - 2015-05-26 22:38 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-06-15 01:04 - 2015-03-15 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair
2016-06-14 15:33 - 2015-10-30 04:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 15:33 - 2015-10-30 04:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-12 22:36 - 2015-05-02 16:23 - 00000000 ____D C:\Users\CLIENTE\Desktop\Momo
2016-06-08 13:26 - 2009-07-13 23:34 - 00000580 _____ C:\WINDOWS\win.ini
2016-06-07 16:40 - 2014-12-20 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-07 16:18 - 2014-12-20 11:30 - 00000000 ____D C:\Users\CLIENTE\AppData\Local\NVIDIA Corporation
2016-06-07 16:18 - 2014-12-20 11:30 - 00000000 ____D C:\Users\CLIENTE\AppData\Local\NVIDIA
2016-06-07 04:01 - 2009-07-14 02:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-06-07 03:51 - 2015-12-03 11:31 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2016-06-07 03:48 - 2016-03-09 03:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-06-07 03:48 - 2016-03-09 03:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2016-06-07 03:47 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-06-07 03:43 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-06-07 03:43 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files\Windows NT
2016-06-07 03:42 - 2016-02-14 21:08 - 00003916 _____ C:\WINDOWS\System32\Tasks\klcp_update
2016-06-07 03:42 - 2016-02-05 12:17 - 00004176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-07 03:42 - 2015-12-08 00:14 - 00003118 _____ C:\WINDOWS\System32\Tasks\{E7A517B0-5F56-4124-9062-AC4762982BE6}
2016-06-07 03:42 - 2015-12-08 00:14 - 00003118 _____ C:\WINDOWS\System32\Tasks\{6C6A5B1D-6505-4B59-BF72-282586819B99}
2016-06-07 03:42 - 2015-12-08 00:13 - 00003118 _____ C:\WINDOWS\System32\Tasks\{BA27F07B-F1EF-4625-951C-B310ED9AD467}
2016-06-07 03:42 - 2015-12-08 00:13 - 00003118 _____ C:\WINDOWS\System32\Tasks\{48083A13-3A37-452C-B7AF-2DF3E6B94448}
2016-06-07 03:42 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Registration
2016-06-07 03:42 - 2015-06-25 11:25 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-06-07 03:42 - 2015-04-22 23:48 - 00003156 _____ C:\WINDOWS\System32\Tasks\{E4092F1E-3734-4707-A889-C882F11FD212}
2016-06-07 03:42 - 2015-04-05 22:39 - 00003234 _____ C:\WINDOWS\System32\Tasks\{C48E598D-E897-4F04-9FFB-3AB4555A7139}
2016-06-07 03:42 - 2015-04-05 22:38 - 00003234 _____ C:\WINDOWS\System32\Tasks\{94CD8072-1BB5-49ED-A81E-06783713F5A6}
2016-06-07 03:42 - 2015-01-15 18:12 - 00003196 _____ C:\WINDOWS\System32\Tasks\{591293CE-B672-4620-8F62-3D9F14E92087}
2016-06-07 03:41 - 2015-10-30 04:24 - 00000000 __RSD C:\WINDOWS\Media
2016-06-07 03:41 - 2015-10-30 04:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-06-07 03:34 - 2016-03-17 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Componente de Segurança Bradesco
2016-06-07 03:34 - 2016-03-09 03:33 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2016-06-07 03:34 - 2016-03-09 03:28 - 00000000 ____D C:\WINDOWS\system32\1033
2016-06-07 03:34 - 2016-03-09 03:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.3.3f1 (64-bit)
2016-06-07 03:34 - 2016-03-04 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars
2016-06-07 03:34 - 2016-02-19 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NARUTO SHIPPUDEN Ultimate Ninja STORM 4
2016-06-07 03:34 - 2016-02-14 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-06-07 03:34 - 2016-02-11 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Darkest Dungeon
2016-06-07 03:34 - 2015-12-20 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.2
2016-06-07 03:34 - 2015-12-08 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2016-06-07 03:34 - 2015-11-20 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Addictive Drums
2016-06-07 03:34 - 2015-10-30 04:24 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-06-07 03:34 - 2015-10-30 04:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-07 03:34 - 2015-10-30 03:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-06-07 03:34 - 2015-09-18 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3500 series Manual
2016-06-07 03:34 - 2015-09-17 18:10 - 00000000 ____D C:\WINDOWS\system32\STRING
2016-06-07 03:34 - 2015-08-11 09:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
2016-06-07 03:34 - 2015-07-02 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free YouTube Downloader Converter
2016-06-07 03:34 - 2015-05-27 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-07 03:34 - 2015-04-11 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game of Thrones A Telltale Games Series
2016-06-07 03:34 - 2015-04-02 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker VX Ace
2016-06-07 03:34 - 2015-03-07 00:21 - 00000000 ____D C:\Users\CLIENTE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-07 03:34 - 2015-03-07 00:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-06-07 03:34 - 2015-03-04 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-06-07 03:34 - 2015-02-03 18:45 - 00000000 ____D C:\Users\CLIENTE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-06-07 03:34 - 2015-01-25 10:28 - 00000000 ____D C:\Users\CLIENTE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-06-07 03:34 - 2015-01-15 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOOT
2016-06-07 03:34 - 2015-01-15 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BOSS
2016-06-07 03:34 - 2015-01-12 23:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-06-07 03:34 - 2015-01-12 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skyrim Update 13
2016-06-07 03:34 - 2015-01-12 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-06-07 03:34 - 2014-12-20 11:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2016-06-07 03:34 - 2014-12-20 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-07 03:34 - 2014-12-20 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-06-07 03:34 - 2014-12-20 08:41 - 00000000 ____D C:\Users\CLIENTE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-07 03:34 - 2014-12-20 08:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-07 03:31 - 2009-07-14 00:20 - 00000000 ____D C:\Users\Default.migrated
2016-06-07 03:27 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-06-07 03:27 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-06-07 03:27 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-06-07 03:27 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-07 03:27 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\IME
2016-06-07 03:27 - 2014-12-20 11:19 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2016-06-07 03:27 - 2011-02-07 02:08 - 00000000 ____D C:\WINDOWS\system32\SPReview
2016-06-07 03:27 - 2011-02-07 01:10 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-06-07 03:26 - 2016-03-09 03:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2016-06-07 03:26 - 2016-03-09 03:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2016-06-07 03:26 - 2015-10-30 04:24 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-06-07 03:26 - 2015-10-30 04:24 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-06-07 03:26 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\schemas
2016-06-07 03:26 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-06-07 03:26 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-07 03:26 - 2015-09-17 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-06-07 03:26 - 2015-02-09 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2016-06-07 03:26 - 2015-02-09 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk
2016-06-07 03:26 - 2015-01-29 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-06-07 03:26 - 2015-01-15 18:07 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-06-07 03:26 - 2015-01-12 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2016-06-07 03:26 - 2015-01-11 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2016-06-07 03:26 - 2014-12-20 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
2016-06-07 03:26 - 2011-02-05 12:15 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-06-07 03:26 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\Microsoft Games
2016-06-07 03:26 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\DVD Maker
2016-06-07 03:21 - 2015-10-30 03:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-06-07 03:19 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Help
2016-06-07 03:17 - 2015-10-30 04:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-06-07 03:14 - 2015-10-30 04:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-06-07 03:14 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-06-07 03:14 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-07 03:14 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-06-07 03:14 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-06-07 03:07 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-06-07 03:07 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-06-07 03:07 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-06-07 03:07 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-06-07 03:07 - 2015-10-30 04:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-06-07 03:07 - 2015-10-30 04:19 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2016-06-07 03:07 - 2015-10-30 04:19 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2016-06-07 03:07 - 2015-10-30 04:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-06-07 03:07 - 2015-10-30 04:19 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2016-06-07 03:07 - 2015-10-30 04:19 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2016-06-07 03:07 - 2015-10-30 04:19 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2016-06-07 03:07 - 2015-10-30 04:19 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2016-06-07 03:07 - 2015-10-30 04:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-06-07 03:07 - 2015-10-30 04:19 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2016-06-07 03:07 - 2015-10-30 04:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-06-07 03:07 - 2015-10-30 04:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-06-07 03:07 - 2015-10-30 04:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-06-07 03:07 - 2015-10-30 04:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-06-07 03:07 - 2015-10-30 04:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-06-07 03:07 - 2015-10-30 04:19 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2016-06-07 03:07 - 2015-10-30 04:18 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-06-07 03:07 - 2015-10-30 04:18 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-06-07 03:07 - 2015-10-30 04:18 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-06-07 03:07 - 2015-10-30 04:18 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-06-07 03:07 - 2015-10-30 04:18 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-06-07 03:07 - 2015-10-30 04:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-06-07 03:07 - 2015-10-30 04:18 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-06-07 03:07 - 2015-10-30 04:18 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-06-07 03:07 - 2015-10-30 04:18 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-06-07 03:07 - 2015-10-30 04:18 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-06-07 03:07 - 2015-10-30 04:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-06-07 03:07 - 2015-10-30 04:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-06-07 03:07 - 2015-10-30 04:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-06-07 03:07 - 2015-10-30 04:18 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-06-07 03:07 - 2015-10-30 04:18 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-06-07 03:07 - 2015-10-30 04:18 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-06-07 03:07 - 2015-10-30 04:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-06-07 03:07 - 2015-10-30 04:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-06-07 03:07 - 2015-10-30 04:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-06-07 03:07 - 2015-10-30 04:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-06-07 03:07 - 2015-10-30 04:18 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-06-07 02:59 - 2009-07-14 01:45 - 00020544 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-07 02:59 - 2009-07-14 01:45 - 00020544 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-06 23:51 - 2016-03-23 20:05 - 00101080 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2016-06-06 22:33 - 2014-12-20 11:21 - 00112456 _____ C:\Users\CLIENTE\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-06 22:32 - 2009-07-14 02:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-06-06 19:23 - 2014-12-20 08:42 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-06-06 19:23 - 2014-12-20 08:42 - 00000000 ____D C:\ProgramData\Skype
2016-06-06 19:12 - 2014-12-20 11:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-06-05 12:31 - 2015-06-21 15:34 - 00000000 ____D C:\Program Files (x86)\Valiant Hearts The Great War
2016-06-04 23:42 - 2015-03-07 12:14 - 00000000 ____D C:\Users\CLIENTE\Desktop\Mestrar D&D
2016-06-04 14:32 - 2015-04-26 01:27 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2016-06-04 14:13 - 2016-03-09 03:38 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-06-03 21:51 - 2015-08-29 00:31 - 13553096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-03 04:22 - 2015-08-29 00:31 - 20375488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-03 04:22 - 2015-08-29 00:31 - 17729184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-03 04:22 - 2015-08-29 00:31 - 14462536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-03 04:22 - 2015-08-29 00:31 - 03811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-03 04:22 - 2015-08-29 00:31 - 03371624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-06-03 04:22 - 2015-08-07 08:10 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-03 00:59 - 2015-12-26 14:34 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-06-03 00:59 - 2015-12-26 14:34 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-06-01 14:25 - 2016-02-05 18:51 - 00000000 ___SD C:\Users\CLIENTE\AppData\LocalLow\Temp
2016-05-29 13:13 - 2016-03-17 18:14 - 00000000 ____D C:\Program Files (x86)\scpbrad
2016-05-28 10:12 - 2016-02-19 20:08 - 00000000 ____D C:\Program Files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 4
2016-05-27 12:10 - 2015-03-07 14:34 - 613147157 _____ C:\WINDOWS\MEMORY.DMP
2016-05-26 21:46 - 2015-04-06 23:17 - 00000000 ____D C:\Users\CLIENTE\Documents\Telltale Games

==================== Arquivos na raiz de alguns diretórios =======

2015-08-30 00:18 - 2014-03-19 19:24 - 0000226 _____ () C:\Program Files (x86)\update-simcity.bat
2015-08-30 00:18 - 2013-10-12 20:47 - 0000732 _____ () C:\Program Files (x86)\visit-www.nosteam.ro.html
2016-03-14 23:56 - 2016-04-15 15:31 - 0006656 _____ () C:\Users\CLIENTE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-12 19:34 - 2015-02-12 19:34 - 0000000 ___SH () C:\Users\CLIENTE\AppData\Local\LumaEmu
2015-08-06 17:48 - 2015-08-06 17:48 - 0007606 _____ () C:\Users\CLIENTE\AppData\Local\Resmon.ResmonCfg
2016-05-19 15:11 - 2016-05-19 15:15 - 0000000 _____ () C:\Users\CLIENTE\AppData\Local\{D45DF5F9-E00E-408D-8E4B-607C080FF157}

Alguns arquivos em TEMP:
====================
C:\Users\CLIENTE\AppData\Local\Temp\160F.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\1A38.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\1C03.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\1D25.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\1DA0.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\22BE.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\22F7.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\40CE.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\439E.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\4844.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\4A58.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\4A7A.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\4C37.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\4E19.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\561B.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\5ADF.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\5E11.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\6048.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\6A36.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\6B8F.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\6FA9.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\72A6.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\738F.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\74E2.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\789D.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\7F40.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\956B.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\A0F9.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\A9DA.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\AE89.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\AEE7.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\AF78.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\B042.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\BC85.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\D575.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\DB2.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\DDCA.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\DEDB.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\DFD8.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\E84E.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\EAC2.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\EBA3.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\EBA5.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\libeay32.dll
C:\Users\CLIENTE\AppData\Local\Temp\msvcr120.dll
C:\Users\CLIENTE\AppData\Local\Temp\nssC0FC.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\CLIENTE\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\CLIENTE\AppData\Local\Temp\nvStInst.exe
C:\Users\CLIENTE\AppData\Local\Temp\sqlite3.dll
C:\Users\CLIENTE\AppData\Local\Temp\ZdXhsDftWP.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-06-17 12:43

==================== Fim de FRST.txt ============================

Addition.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Henrique Oliveira Machado

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o arquivo (fixlist.txt) no anexo deste post e salve-o na Área de Trabalho (Desktop).

Execute o FRST.exe (ou FRST64.exe) e clique no botão Corrigir.

Aguarde... ao final será gerado o log Fixlog.txt  salvo em sua Área de Trabalho (Desktop).

Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

fixlist.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano Obrigado.

Segue o Fixlist:

 

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 20-06-2016 01
Executado por CLIENTE (2016-06-23 13:35:08) Run:1
Executando a partir de C:\Users\CLIENTE\Desktop
Perfis Carregados: CLIENTE (Perfis Disponíveis: CLIENTE & DefaultAppPool)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
CMD: bitsadmin /util /setieproxy localsystem NO_PROXY RESET
AutoConfigURL: [S-1-5-21-3552114292-3178845751-548872437-1000] => hxxp://un-stop.info/wpad.dat?85a41231425558c47644ad2147d06d5b11637358
ManualProxies: 0hxxp://un-stop.info/wpad.dat?85a41231425558c47644ad2147d06d5b11637358
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131096720151426656&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131096720158446669&GUID=00000000-0000-0000-0000-000000000000
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL = hxxp://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
SearchScopes: HKLM -> {4CA7A89B-B509-4CBF-AB97-6307132C0EF3} URL = hxxp://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
SearchScopes: HKLM -> {AC129BF9-68BF-4bc4-A1DC-ECB62712FF99} URL = hxxp://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
SearchScopes: HKLM -> {D0196D2A-1578-4CC2-8692-9F617C64D184} URL = hxxp://www.google.com/cse?cx=partner-pub-9609672093949948%3A2pdkvfm6u5y&ie=ISO-8859-1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3552114292-3178845751-548872437-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3552114292-3178845751-548872437-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
U3 idsvc; não ImagePath
U3 wpcsvc; não ImagePath
2015-02-12 19:34 - 2015-02-12 19:34 - 0000000 ___SH () C:\Users\CLIENTE\AppData\Local\LumaEmu
C:\Users\CLIENTE\AppData\Local\Temp\160F.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\1A38.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\1C03.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\1D25.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\1DA0.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\22BE.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\22F7.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\40CE.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\439E.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\4844.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\4A58.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\4A7A.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\4C37.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\4E19.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\561B.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\5ADF.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\5E11.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\6048.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\6A36.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\6B8F.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\6FA9.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\72A6.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\738F.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\74E2.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\789D.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\7F40.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\956B.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\A0F9.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\A9DA.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\AE89.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\AEE7.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\AF78.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\B042.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\BC85.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\D575.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\DB2.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\DDCA.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\DEDB.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\DFD8.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\E84E.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\EAC2.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\EBA3.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\EBA5.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\libeay32.dll
C:\Users\CLIENTE\AppData\Local\Temp\msvcr120.dll
C:\Users\CLIENTE\AppData\Local\Temp\nssC0FC.tmp.exe
C:\Users\CLIENTE\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\CLIENTE\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\CLIENTE\AppData\Local\Temp\nvStInst.exe
C:\Users\CLIENTE\AppData\Local\Temp\sqlite3.dll
C:\Users\CLIENTE\AppData\Local\Temp\ZdXhsDftWP.exe
Task: {20A68ACA-86C1-4A80-AE63-CAF6B3F5841E} - \Microsoft\Windows\Setup\gwx\rundetector -> Nenhum Arquivo <==== ATENÇÃO
Task: {53AD5D34-818E-4239-A616-D58AE861F36E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {548B7807-3534-4D56-95E3-6E34D9C46C15} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {5593AA4A-3EEB-417B-A13D-EA5C2116D1C4} - \APSnotifierPP1 -> Nenhum Arquivo <==== ATENÇÃO
Task: {622CDB49-CEC9-4BAE-8713-75F7D082C821} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {6385914E-D210-48C4-95D8-BCD5F9293DE1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {6C13DE4C-17E7-444E-9D10-8794F2821D80} - \APSnotifierPP2 -> Nenhum Arquivo <==== ATENÇÃO
Task: {71C185A4-88CE-441E-BA8D-133A2F01A99B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {A553CC4D-9076-48C0-B003-4566EF6D37B6} - \APSnotifierPP3 -> Nenhum Arquivo <==== ATENÇÃO
Task: {C032C6F1-A496-4631-B3E8-2DD6E135F8ED} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Nenhum Arquivo <==== ATENÇÃO
Task: {F720D899-BC2B-4073-8837-10C570D03C67} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\Software\Classes\exefile:  <===== ATENÇÃO
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\Software\Classes\.exe: exefile =>  <===== ATENÇÃO
RemoveProxy:
Hosts:
CMD: bitsadmin /reset /allusers
CMD: ipconfig /flushdns
EmptyTemp:

*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.

=========  bitsadmin /util /setieproxy localsystem NO_PROXY RESET =========


BITSADMIN version 3.0 [ 7.8.10586 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Internet proxy settings for account localsystem set to NO_PROXY.
(connection = default)


========= Fim de CMD: =========

HKU\S-1-5-21-3552114292-3178845751-548872437-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => valor removido (a) com sucesso.
"HKU\S-1-5-21-3552114292-3178845751-548872437-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => chave removido (a) com sucesso.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => chave removido (a) com sucesso.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => chave não encontrado (a). 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}" => chave removido (a) com sucesso.
HKCR\CLSID\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} => chave não encontrado (a). 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4CA7A89B-B509-4CBF-AB97-6307132C0EF3}" => chave removido (a) com sucesso.
HKCR\CLSID\{4CA7A89B-B509-4CBF-AB97-6307132C0EF3} => chave não encontrado (a). 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99}" => chave removido (a) com sucesso.
HKCR\CLSID\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99} => chave não encontrado (a). 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => chave removido (a) com sucesso.
HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => chave não encontrado (a). 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D0196D2A-1578-4CC2-8692-9F617C64D184}" => chave removido (a) com sucesso.
HKCR\CLSID\{D0196D2A-1578-4CC2-8692-9F617C64D184} => chave não encontrado (a). 
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
"HKU\S-1-5-21-3552114292-3178845751-548872437-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => chave removido (a) com sucesso.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => chave não encontrado (a). 
gbpddfac => serviço removido (a) com sucesso.
gbpddreg => serviço removido (a) com sucesso.
idsvc => serviço removido (a) com sucesso.
wpcsvc => serviço removido (a) com sucesso.
C:\Users\CLIENTE\AppData\Local\LumaEmu => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\160F.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\1A38.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\1C03.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\1D25.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\1DA0.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\22BE.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\22F7.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\40CE.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\439E.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\4844.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\4A58.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\4A7A.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\4C37.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\4E19.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\561B.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\5ADF.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\5E11.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\6048.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\6A36.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\6B8F.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\6FA9.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\72A6.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\738F.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\74E2.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\789D.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\7F40.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\956B.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\A0F9.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\A9DA.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\AE89.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\AEE7.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\AF78.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\B042.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\BC85.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\D575.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\DB2.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\DDCA.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\DEDB.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\DFD8.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\E84E.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\EAC2.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\EBA3.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\EBA5.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\libeay32.dll => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\msvcr120.dll => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\nssC0FC.tmp.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\nvSCPAPI.dll => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\nvSCPAPI64.dll => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\nvStInst.exe => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\sqlite3.dll => movido com sucesso
C:\Users\CLIENTE\AppData\Local\Temp\ZdXhsDftWP.exe => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20A68ACA-86C1-4A80-AE63-CAF6B3F5841E}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20A68ACA-86C1-4A80-AE63-CAF6B3F5841E}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53AD5D34-818E-4239-A616-D58AE861F36E}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53AD5D34-818E-4239-A616-D58AE861F36E}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{548B7807-3534-4D56-95E3-6E34D9C46C15}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{548B7807-3534-4D56-95E3-6E34D9C46C15}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5593AA4A-3EEB-417B-A13D-EA5C2116D1C4}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5593AA4A-3EEB-417B-A13D-EA5C2116D1C4}" => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1 => chave não encontrado (a). 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{622CDB49-CEC9-4BAE-8713-75F7D082C821}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{622CDB49-CEC9-4BAE-8713-75F7D082C821}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6385914E-D210-48C4-95D8-BCD5F9293DE1}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6385914E-D210-48C4-95D8-BCD5F9293DE1}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C13DE4C-17E7-444E-9D10-8794F2821D80}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C13DE4C-17E7-444E-9D10-8794F2821D80}" => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2 => chave não encontrado (a). 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{71C185A4-88CE-441E-BA8D-133A2F01A99B}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71C185A4-88CE-441E-BA8D-133A2F01A99B}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A553CC4D-9076-48C0-B003-4566EF6D37B6}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A553CC4D-9076-48C0-B003-4566EF6D37B6}" => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3 => chave não encontrado (a). 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C032C6F1-A496-4631-B3E8-2DD6E135F8ED}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C032C6F1-A496-4631-B3E8-2DD6E135F8ED}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F720D899-BC2B-4073-8837-10C570D03C67}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F720D899-BC2B-4073-8837-10C570D03C67}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => chave removido (a) com sucesso.
"HKU\S-1-5-21-3552114292-3178845751-548872437-1000\Software\Classes\exefile" => chave removido (a) com sucesso.
"HKU\S-1-5-21-3552114292-3178845751-548872437-1000\Software\Classes\.exe" => chave removido (a) com sucesso.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\S-1-5-21-3552114292-3178845751-548872437-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.


========= Fim de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido com sucesso
Hosts restaurado com sucesso.

=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.8.10586 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{E4969759-8B13-4C89-94F9-05A9F221E04E} canceled.
{B5374D3A-F811-4014-AE0C-F59D8174B81E} canceled.
{E863A926-1E4F-4D00-B749-056749240D71} canceled.
Unable to cancel {B17A0863-173A-4F87-A221-2C8BB9ADDB24}.
Unable to cancel {CA7191D8-97E3-4F25-9D38-B05787AEED08}.
3 out of 5 jobs canceled.

========= Fim de CMD: =========


=========  ipconfig /flushdns =========


Configura��o de IP do Windows

Libera��o do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 26166141 B
Java, Flash, Steam htmlcache => 330232638 B
Windows/system/drivers => 33564451 B
Edge => 0 B
Chrome => 1064297643 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 21276 B
NetworkService => 2850 B
CLIENTE => 164233850 B
DefaultAppPool => 0 B

RecycleBin => 18595141712 B
EmptyTemp: => 18.8 GB de dados temporários Removidos.

================================


O sistema precisou ser reiniciado.

==== Fim de Fixlog 13:36:28 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Henrique Oliveira Machado

 

Baixe a Malwarebytes Anti-Malware (MBAM).
 
Clique duas vezes no mbam-setup.exe para instalar o programa.

  • Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO.
  • Se houver atualizações a serem feitas, serão baixadas e instaladas..
  • Clique em Configurações, clique em Detecção e proteção, marque Verificar por Rootkits.
  • Volte ao Painel e por fim clique em Verificar agora.
  • Começará então o exame. Aguarde, pois pode demorar.
  • Ao acabar o exame, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Histórico -> Registros do aplicativo na janela principal do programa.
  • Clique duas vezes no log (Registro de verificação). Utilize o formato .txt para exportar o log.
  • O log de Proteção é desnecessário para a análise, exporte sempre o log correto.
  • Selecione, copie e cole o conteúdo deste log em sua próxima resposta.

 

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano
 

Malwarebytes Anti-Malware
www.malwarebytes.org

Data da verificação: 24/06/2016
Hora da verificação: 13:47
Arquivo de registro: log malwarebytes.txt
Administrador: Sim

Versão: 2.2.1.1043
Banco de dados de malware: v2016.06.24.03
Banco de dados de rootkit: v2016.05.27.01
Licença: Gratuita
Proteção contra malware: Desabilitado
Proteção contra website malicioso: Desabilitado
Autoproteção: Desabilitado

Sistema operacional: Windows 10
CPU: x64
Sistema de arquivos: NTFS
Usuário: CLIENTE

Tipo de verificação: Verificação da ameaça
Resultado: Concluído
Objetos verificados: 431004
Tempo decorrido: 18 min, 7 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

Processos: 0
(Nenhum item malicioso detectado)

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de registro: 0
(Nenhum item malicioso detectado)

Valores de registro: 1
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IPHLPSVC\PARAMETERS\PROXYMGR\{4076AD43-9B01-4063-A5E2-F0DF0CD61253}|AutoConfigUrl, http://un-stop.info/wpad.dat?85a41231425558c47644ad2147d06d5b11637358, Quarentena, [00c307f9831730061ad0e3e359a9659b]

Dados de registro: 0
(Nenhum item malicioso detectado)

Pastas: 0
(Nenhum item malicioso detectado)

Arquivos: 1
PUP.Optional.PCSpeedUp, C:\Users\CLIENTE\AppData\Roaming\ZHP\Quarantine\NUHIdOwe4x.exe, Quarentena, [339060a0693102341072dc5013ee53ad], 

Setores físicos: 0
(Nenhum item malicioso detectado)


(end)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Henrique Oliveira Machado

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Stinger e salve em sua Área de trabalho (Desktop).
32 bit (x86) ou 64 bit (x64)

  • Execute o arquivo Stinger.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Clique no botão “I Accept”


Stinger%20a.png

Na nova janela clique em “Advanced” e depois “Settings”

Stinger%20b.png

Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

9hnsyu.png

Clique em “Customize my Scan”

Stinger%20f.png

Selecione as unidades do sistema e em seguida clique no botão “Scan”

Stinger%20g.png

Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.
Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Henrique Oliveira Machado

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Stinger e salve em sua Área de trabalho (Desktop).
32 bit (x86) ou 64 bit (x64)

  • Execute o arquivo Stinger.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Clique no botão “I Accept”


Stinger%20a.png

Na nova janela clique em “Advanced” e depois “Settings”

Stinger%20b.png

Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

9hnsyu.png

Clique em “Customize my Scan”

Stinger%20f.png

Selecione as unidades do sistema e em seguida clique no botão “Scan”

Stinger%20g.png

Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.
Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano Bom dia.
Segue resultado:


 

McAfee Stinger Scan Results

McAfee® Labs Stinger™ Version 12.1.0.2047 built on Jun 30 2016 at 12:47:56 Copyright© 2015, McAfee, Inc. All Rights Reserved. AV Engine version v5800.7501 for Windows. Virus data file v1000.0 created on Jun 30, 2016 Ready to scan for 9814 viruses, trojans and variants. Custom scan initiated on sexta-feira, julho 01, 2016 03:18:29 Rootkit scan result : Clean. Summary Report on C: File(s) TotalFiles:............ 1275643 Clean:................. 542600 Not Scanned:........... 733043 Possibly Infected:..... 0 Time: 03:38:49 Scan completed on sexta-feira, julho 01, 2016 06:57:18

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Henrique Oliveira Machado

 

Baixe Security Check, by glax24 e salve em sua Área de trabalho (Desktop).

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Aguarde enquanto a ferramenta faz o exame.
  • Ao final salve log como SecurityCheck.html
  • Abra o arquivo com o bloco de notas;
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano

Segue conteúdo. Obrigado

 

SecurityCheck by glax24 & Severnyj v.1.4.0.40 [21.05.16]
WebSite: www.safezone.cc
DateLog: 04.07.2016 15:14:42
Path starting: C:\Users\CLIENTE\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: CLIENTE
VersionXML: 3.16is-02.07.2016
___________________________________________________________________________

Windows 10(6.3.10586) (x64) Professional Lang: Portuguese(0416)
Installation date OS: 07.06.2016 06:47:54
LicenseStatus: Windows(R), Professional edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [931 Gb] Used: [476.2 Gb] Free: [454.8 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.420.10586.0
User Account Control enabled
Automatic download and scheduled installation
Windows Update (wuauserv) - The service has stopped
Central de Segurança (wscsvc) - The service is running
Registro remoto (RemoteRegistry) - The service has stopped
Descoberta SSDP (SSDPSRV) - The service is running
Serviços de Área de Trabalho Remota (TermService) - The service has stopped
Serviço de Publicação da World Wide Web (W3SVC) - The service is running
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2007 v.12.0.6612.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (disabled and up to date)
avast! Antivirus (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Firewall do Windows (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (disabled and up to date)
avast! Antivirus (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.10.2.2218
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware versão 2.2.1.1043 v.2.2.1.1043
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Silverlight v.5.1.50428.0
WinRAR 5.11 (32-bit) v.5.11.0 Warning! Download Update
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.0 v.7.0.102 Warning! Download Update
^Optional update.^
--------------------------------- [ P2P ] ---------------------------------
µTorrent v.3.4.7.42330 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 31 v.8.0.310 Warning! Download Update
Uninstall old version and install new one (jre-8u92-windows-i586.exe).
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 22 NPAPI v.22.0.0.192
Adobe Flash Player 22 PPAPI v.22.0.0.192
Adobe Shockwave Player 12.1 v.12.1.4.154 Warning! Download Update
Adobe Reader XI (11.0.16)  MUI v.11.0.16
------------------------------- [ Browser ] -------------------------------
Google Chrome v.51.0.2704.103 Warning! Download Update
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.51.0.2704.103
------------------ [ AntivirusFirewallProcessServices ] -------------------
Avast Antivirus (avast! Antivirus) - The service is running
C:\Program Files\AVAST Software\Avast\AvastSvc.exe v.10.2.2218.942
C:\Program Files\AVAST Software\Avast\AvastUI.exe v.10.2.2218.944
McAfee Validation Trust Protection Service (mfevtp) - The service is running
C:\Windows\System32\mfevtps.exe
Serviço Windows Defender (WinDefend) - The service has stopped
Serviço de Inspeção de Rede do Windows Defender (WdNisSvc) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
Unity Web Player v.5.3.3f1 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @Henrique Oliveira Machado

 

# Etapa nº 1 #

 

Baixe o Delfix by Xplode e salve na sua área de trabalho.

 

Clique duas vezes no delfix.exe para executá-lo. Marque as caixas conforme imagem.

 

** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

 

2mez6ld.png

 

Clique no botão Executar.

 

Ao final será gerado um log, mas não é necessário postar.
 
# Etapa nº 2 #
 
imageproxy.php?img=http%3A%2F%2Fi65.tiny Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.
 
Por isso, é recomendável atualizar os programas que o Security Check apontou como desatualizados (os updates opcionais ficam ao seu critério).
 
Basta clicar no Download Update de cada aviso (post acima), que irá para o site do desenvolvedor.

<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

 

# Etapa nº 3 #

 

O Ccleaner é um excelente utilitário de limpeza para o computador.

 

Faça o download dele aqui Ccleaner

 

  • Após a instalação vá até o local onde o programa foi instalado, geralmente em C:\Arquivos de programas\CCleaner.
  • Clique duas vezes nesta pasta;
  • Numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta;
  • Coloque o nome de backups.
  • Abra o programa e clique em Executar Limpeza;
  • Clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...
  • Observação: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×