Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
iZehel

Vírus nos navegadores

Recommended Posts

Olá, há algum tempo(uns 6 meses +ou-) eu venho tendo problemas com relação a um vírus que vem trocando meus navegadores(chrome, firefox e edge) por navegadores falsos, chegando a inclusive instalar o internet explorer, já tentei de várias formas excluir, com o malwarebytes e o adwcleaner, mas mesmo assim continuou, parece que o vírus desabilita meu antivirus. Para resolver o problema eu meio que deixo o gerenciador de tarefas aberto e fico deletando o processo que se abre de vez em quando, normalmente nomeado de "cat.exe", "kitty.exe" ou "zaitchi.exe", também abre muitos processos do cmd, eu excluo o navegador falso, continuando a acessar normalmente o chrome, mas mesmo assim o vírus volta. Depois de 6 meses eu perdi a paciência de ter que ficar excluindo isso no gerenciador de tarefas, pois ele fecha os navegadores do nada, às vezes até perco algo importante que eu estava fazendo.
Eu executei o ZA-Scan por mais de 7 horas e não achei normal a demora toda, então eu gostaria de saber se é normal essa demora ou não. Perdão por não anexar o log do ZA-Scan, mas é que realmente não estou achando normal essa demora, inclusive suspeito que seja culpa do vírus que causa problema no cmd, utilizado pelo ZA-Scan também, pelo que pude perceber.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @iZehel

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Clique duas vezes para executar o jrt.exe.
 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 3 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano Desculpa a demora pra responder, mas vamos lá.
Notei que existem 2 processos que ficam abrindo no gerenciador de tarefas sozinho, o "TrustedInstaller.exe" e "InstallAgent.exe", creio que o tal TrustedInstaller seja o problema, pois fui dar uma olhada nos arquivos antes de você responder e percebi que em quase todas as pastas e arquivos, o TrustedInstaller estava como se fosse um usuário, no qual ele tinha controle total sobre os arquivos, fazendo com que eu não pudesse excluir e precisasse de permissão dele, dei um jeito nisso, mas acho que fiz ***** ashasu, até agora não tenho tido maiores problemas, pois continuo excluindo os processos no gerenciador de tarefas. Segue os logs:

AdwCleaner:
 

# AdwCleaner v6.046 - Relatório criado 12/05/2017 às 19:59:37
# Atualizado em 24/04/2017 por Malwarebytes
# Banco de dados : 2017-05-12.1 [Servidor]
# Sistema operacional : Windows 10 Home Single Language  (X64)
# Usuário : pc - DESKTOP-GHI4R9G
# Executando de : C:\Users\pc\Desktop\adwcleaner_6.046.exe
# Modo: Limpo
# Apoio : https://www.malwarebytes.com/support

***** [ Serviços ] *****

[-] Serviço excluído:FirefoxU
[-] Serviço excluído:SNARE
[-] Serviço excluído:Kitty


***** [ Pastas ] *****

[-] Pasta excluída:C:\Users\pc\AppData\Local\Alltie
[-] Pasta excluída:C:\Users\pc\AppData\Roaming\WiperSoft
[-] Pasta excluída:C:\Users\pc\AppData\Roaming\Kyubey
[-] Pasta excluída:C:\Program Files\WiperSoft
[-] Pasta excluída:C:\Users\pc\AppData\Roaming\Firefox
[-] Pasta excluída:C:\Users\pc\AppData\Local\SNARE


***** [ Arquivos ] *****

[-] Arquivo excluído:C:\Users\Public\Documents\temp.dat
[-] Arquivo excluído:C:\Users\Public\Documents\report.dat
[-] Arquivo excluído:C:\ProgramData\SOFTWARE\APPLE\APPS\NOTIFICATION.DLL
[-] Arquivo excluído:C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\hxxps_pstatic.eshopcomp.com_0.localstorage
[-] Arquivo excluído:C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\hxxps_pstatic.eshopcomp.com_0.localstorage-journal
[-] Arquivo excluído:C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage
[-] Arquivo excluído:C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage-journal
[-] Arquivo excluído:C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Arquivo excluído:C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Arquivo excluído:C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\hxxp_www.solvusoft.com_0.localstorage
[-] Arquivo excluído:C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\hxxp_www.solvusoft.com_0.localstorage-journal


***** [ DLL ] *****

***** [ WMI ] *****

***** [ Atalhos ] *****

***** [ Atividades agendadas ] *****

[-] Tarefa eliminada:Milimili
[-] Tarefa eliminada:Windows-PG


***** [ Registro ] *****

[-] Chave excluída:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE
[#] Chave excluída na reinicialização:[x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE
[-] Chave excluída:HKU\S-1-5-21-4159765478-414766487-3359474227-1001\Software\WiperSoft
[#] Chave excluída na reinicialização:HKCU\Software\WiperSoft
[-] Chave excluída:HKLM\SOFTWARE\startpageing123Software
[-] Chave excluída:HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
[#] Chave excluída na reinicialização:[x64] HKCU\Software\WiperSoft
[-] Chave excluída:[x64] HKLM\SOFTWARE\InterSect Alliance
[-] Dados restaurados:HKU\S-1-5-21-4159765478-414766487-3359474227-1001\Software\Microsoft\Internet Explorer\Main [Search Page] 
[-] Dados restaurados:HKU\S-1-5-21-4159765478-414766487-3359474227-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Dados restaurados:HKU\S-1-5-21-4159765478-414766487-3359474227-1001\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Dados restaurados:HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] 
[-] Dados restaurados:HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Dados restaurados:HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Dados restaurados:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Dados restaurados:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Dados restaurados:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] 
[-] Dados restaurados:[x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] 
[-] Dados restaurados:[x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Dados restaurados:[x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Dados restaurados:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Dados restaurados:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Dados restaurados:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] 
[-] Chave excluída:HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Chave excluída:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Dados restaurados:HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [] "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
[-] Chave excluída:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\startpageing123.com
[-] Chave excluída:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.startpageing123.com
[-] Chave excluída:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\startpageing123.com
[-] Chave excluída:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.startpageing123.com
[#] Chave excluída na reinicialização:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\startpageing123.com
[#] Chave excluída na reinicialização:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.startpageing123.com
[#] Chave excluída na reinicialização:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\startpageing123.com
[#] Chave excluída na reinicialização:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.startpageing123.com
[-] Chave excluída:HKCU\SOFTWARE\Clients\StartMenuInternet\ChromeHTML


***** [ Verificando navegadores ... ] *****

[-] Preferências do Firefox limpas:"browser.search.hiddenOneOffs" -  "Bing,BuscaPé,MercadoLivre,startpageing123"
[-] Preferências do Firefox limpas:"browser.startup.homepage" -  "hxxp://www.startpageing123.com/?type=hp&ts=1489094989&z=8c9735d559a6f9db7771e07gcz9bdt5eft3z1t5qbq&from=pr0302&uid=ST1000LM024XHN-M101MBB_S33AJ5AG804342"
[-] [C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2] [startup_urls] Eliminado:hxxp://www.startpageing123.com/?type=hp&ts=1489094989&z=8c9735d559a6f9db7771e07gcz9bdt5eft3z1t5qbq&from=pr0302&uid=ST1000LM024XHN-M101MBB_S33AJ5AG804342
[-] [C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2] [favicon_url] Eliminado:hxxp://www.startpageing123.com/searchfavicon.ico


*************************

:: Chaves "Tracing" excluídas
:: Configurações Winsock restauradas
:: Políticas do IE excluídas
:: Políticas do Chrome excluídas

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1930 Bytes] - [25/01/2017 14:10:07]
C:\AdwCleaner\AdwCleaner[C10].txt - [2901 Bytes] - [21/02/2017 15:36:43]
C:\AdwCleaner\AdwCleaner[C11].txt - [3490 Bytes] - [14/04/2017 19:02:31]
C:\AdwCleaner\AdwCleaner[C12].txt - [8074 Bytes] - [12/05/2017 19:59:37]
C:\AdwCleaner\AdwCleaner[C2].txt - [1606 Bytes] - [26/01/2017 20:58:36]
C:\AdwCleaner\AdwCleaner[C3].txt - [2779 Bytes] - [03/02/2017 23:24:33]
C:\AdwCleaner\AdwCleaner[C4].txt - [3899 Bytes] - [21/02/2017 13:57:48]
C:\AdwCleaner\AdwCleaner[C5].txt - [2434 Bytes] - [21/02/2017 14:31:29]
C:\AdwCleaner\AdwCleaner[C6].txt - [1893 Bytes] - [21/02/2017 14:38:33]
C:\AdwCleaner\AdwCleaner[C7].txt - [3069 Bytes] - [21/02/2017 14:49:31]
C:\AdwCleaner\AdwCleaner[C8].txt - [3211 Bytes] - [21/02/2017 15:03:29]
C:\AdwCleaner\AdwCleaner[C9].txt - [3496 Bytes] - [21/02/2017 15:22:02]
C:\AdwCleaner\AdwCleaner[S0].txt - [1979 Bytes] - [25/01/2017 13:59:28]
C:\AdwCleaner\AdwCleaner[S10].txt - [2982 Bytes] - [21/02/2017 15:35:15]
C:\AdwCleaner\AdwCleaner[S11].txt - [2866 Bytes] - [21/02/2017 21:18:21]
C:\AdwCleaner\AdwCleaner[S12].txt - [3477 Bytes] - [14/04/2017 19:00:07]
C:\AdwCleaner\AdwCleaner[S13].txt - [11491 Bytes] - [12/05/2017 19:51:56]
C:\AdwCleaner\AdwCleaner[S1].txt - [1564 Bytes] - [26/01/2017 20:57:53]
C:\AdwCleaner\AdwCleaner[S2].txt - [2824 Bytes] - [03/02/2017 23:18:56]
C:\AdwCleaner\AdwCleaner[S3].txt - [3814 Bytes] - [21/02/2017 13:56:56]
C:\AdwCleaner\AdwCleaner[S4].txt - [2719 Bytes] - [21/02/2017 14:22:18]
C:\AdwCleaner\AdwCleaner[S5].txt - [2549 Bytes] - [21/02/2017 14:31:04]
C:\AdwCleaner\AdwCleaner[S6].txt - [2124 Bytes] - [21/02/2017 14:37:52]
C:\AdwCleaner\AdwCleaner[S7].txt - [3084 Bytes] - [21/02/2017 14:48:54]
C:\AdwCleaner\AdwCleaner[S8].txt - [3186 Bytes] - [21/02/2017 14:58:03]
C:\AdwCleaner\AdwCleaner[S9].txt - [3376 Bytes] - [21/02/2017 15:19:41]

########## EOF - C:\AdwCleaner\AdwCleaner[C12].txt - [9759 Bytes] ##########



JRT:
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home Single Language x64 
Ran by pc (Administrator) on 12/05/2017 at 21:21:23,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 0 


Registry: 0 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/05/2017 at 21:59:11,81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



ZHP:

 

~ ZHPCleaner v2017.5.12.80 by Nicolas Coolman (2017/05/12)
~ Run by pc (Administrator)  (12/05/2017 22:02:12)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\pc\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\pc\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home Single Language, 64-bit  (Build 14393)


---\\  Serviços (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Navegadores de Internet (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Arquivo hosts (2)
ENCONTRADO: 0.0.0.1    mssplus.mcafee.com
Número de redirecionamentos encontrados 1/26


---\\  Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Explorer ( Arquivos, Pastas) (82)
ENCONTRADO pasta: C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [Copyright 2009 - Starter Module]  =>.Superfluous.Skillbrains
ENCONTRADO pasta: C:\Windows\Installer\wix{7D84E343-A23D-451C-B123-0195B2D903A6}.SchedServiceConfig.rmi    =>.Superfluous.Empty
ENCONTRADO pasta: C:\Users\pc\Downloads\setup-lightshot.exe [Skillbrains - lightshot Setup]  =>.Superfluous.Skillbrains
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\1ca1.rra    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\3C9D.tmp.node    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\5342.tmp    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\7za.exe    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\80e831433086install.rdf    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\A3B4.tmp.node    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\ado529D.tmp.dat    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\appdata.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\BsSndRpt.ini    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\CC7D.tmp.node    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\CFGA9D8.tmp    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\chromium.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\crash_checkpoint.txt    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\databases.txt    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\DeleteOnReboot.bat    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\delregkeys.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\desktop.txt    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\downloads.txt    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\EvernoteSetup.log    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\extensions.txt    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\extensions1.txt    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\ffprofiles.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\hijackthis.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\HKEY_USERS.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\iedefaults.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\ispr1f7f.rra    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\javafolders.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\lgt2ECB.tmp    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\localappdata.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\LocalStorage.txt    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\log.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\operation_log.txt    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\path.txt    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\PEVZ.EXE    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\regsearch.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\regsearch2.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\remove.exe    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\sample.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\search.ico    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\sed.exe    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\service.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\shortcut.exe [Optimum X - Creates, modifies or queries Windows shell]  =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\swreg.exe [SteelWerX - Freeware implementation of REG.EXE]  =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\swxcacls.exe [SteelWerX - Freeware implementation of XCACLS]  =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\tempfolders.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\test9.bat    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\thpDAEB.tmp    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\tmp2BA1.tmp    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\tmp78EA.tmp    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\tmp7B69.tmp    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\tmp7BC.tmp    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\tmp7DEB.tmp    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\tmpBB5.tmp    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\tmpED2F.tmp    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\urlzoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\users.zoek    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\wmsetup.log    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\ZA-Scan    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\ZAscan    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\ZAScan.exe [E Dev - SplashLite]  =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\zoek-delete.exe    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\zoek.bat    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\zoek.hta    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\zoekrun.bat    =>.Superfluous.Temporary.Empty
ENCONTRADO pasta: C:\Users\pc\AppData\Local\Temp\zoekrun.hta    =>.Superfluous.Temporary.Empty
ENCONTRADO arquivo: C:\Program Files (x86)\Skillbrains\lightshot  =>.Superfluous.Skillbrains
ENCONTRADO arquivo: C:\Program Files (x86)\Skillbrains\Updater  =>.Superfluous.Skillbrains
ENCONTRADO arquivo: C:\Program Files (x86)\Skillbrains  =>.Superfluous.Skillbrains
ENCONTRADO pasta: C:\Windows\AutoKMS\AutoKMS.ini    =>HackTool.AutoKMS
ENCONTRADO arquivo: C:\WINDOWS\AutoKMS  =>HackTool.AutoKMS
ENCONTRADO arquivo: C:\Users\pc\AppData\Local\CrashRpt\UnsentCrashReports  =>.Superfluous.CrashReports
ENCONTRADO arquivo: C:\Users\pc\AppData\Local\CrashRpt  =>.Superfluous.CrashReports
ENCONTRADO arquivo: C:\Users\pc\AppData\Local\Temp\scoped_dir1624_28169  =>.Superfluous.Temporary.Steam
ENCONTRADO arquivo: C:\ProgramData\Software  =>PUP.Optional.Boxore
ENCONTRADO arquivo: C:\WINDOWS\Installer\MSI18D3.tmp-  =>.Superfluous.Empty
ENCONTRADO arquivo: C:\WINDOWS\Installer\MSI1CCC.tmp-  =>.Superfluous.Empty
ENCONTRADO arquivo: C:\WINDOWS\Installer\MSI3A38.tmp-  =>.Superfluous.Empty
ENCONTRADO arquivo: C:\WINDOWS\Installer\MSI63EA.tmp-  =>.Superfluous.Empty
ENCONTRADO arquivo: C:\WINDOWS\Installer\MSI69F7.tmp-  =>.Superfluous.Empty


---\\  Registro ( Chaves, Valores, Dados ) (17)
ENCONTRADO valor: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Lightshot [C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe]  =>.Superfluous.Skillbrains
ENCONTRADO chave: HKEY_USERS\S-1-5-21-4159765478-414766487-3359474227-1001\SOFTWARE\SkillBrains []  =>.Superfluous.Skillbrains
ENCONTRADO chave: HKCU\Software\SkillBrains []  =>.Superfluous.Skillbrains
ENCONTRADO chave: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\adwcleaner.br.uptodown.com []  =>PUP.Optional.UpToDown
ENCONTRADO chave: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com []  =>PUP.Optional.Chatango
ENCONTRADO chave: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\uptodown.com []  =>PUP.Optional.UpToDown
ENCONTRADO chave: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\adwcleaner.br.uptodown.com [82]  =>PUP.Optional.UpToDown
ENCONTRADO chave: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com [24]  =>PUP.Optional.Chatango
ENCONTRADO chave: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\uptodown.com []  =>PUP.Optional.UpToDown
ENCONTRADO chave: HKLM\SOFTWARE\Wow6432Node\Firefox []  =>Adware.GhokswaBrowser
ENCONTRADO chave: HKLM\SOFTWARE\Firefox []  =>Adware.GhokswaBrowser
ENCONTRADO chave: [X64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool]  =>Toolbar.Ask
ENCONTRADO chave: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\007EF3EE2C65144ED31B26DD1F4B4382 [C:\Program Files (x86)\WinSnare(4.1.3)\LICENSE.txt (Not File)]  =>.Superfluous.WinSnare
ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\Skillbrains []  =>.Superfluous.Skillbrains
ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1 [Skillbrains]  =>.Superfluous.Skillbrains
ENCONTRADO chave: HKCU\SOFTWARE\52DCA7A49A43106857CB72DE17CA1B57 []  =>Hijacker.Browser
ENCONTRADO chave: [X64] HKLM\SOFTWARE\52DCA7A49A43106857CB72DE17CA1B57 []  =>Hijacker.Browser


---\\  Resumo dos elementos encontrados na sua estação de trabalho (13)
https://www.anti-malware.top/2016/04/30/superfluous-skillbrains/  =>.Superfluous.Skillbrains
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Temporary.Empty
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/  =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.CrashReports
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Temporary.Steam
https://nicolascoolman.eu/2017/03/14/pup-optional-boxore/  =>PUP.Optional.Boxore
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.UpToDown
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.Chatango
https://nicolascoolman.eu/2017/02/19/adware-ghokswabrowser/  =>Adware.GhokswaBrowser
https://nicolascoolman.eu/2017/02/28/toolbar-ask/  =>Toolbar.Ask
https://nicolascoolman.eu/2017/01/12/superfluous-winsnare/  =>.Superfluous.WinSnare
https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/  =>Hijacker.Browser


---\\ Resultado de reparação
~ Eventuais reparações feita
~ Este navegador está faltando ! (Opera Software)


---\\ Estatísticas
~ Items scan : 95331
~ Items encontrado : 104
~ items cancelados : 0
~ Items réparo : 0


~ End of search in 00h06mn22s
~====================
ZHPCleaner--12052017-22_08_34.txt

OBS: Foi necessário executar o JRT várias vezes, pois quando ele ia verificar os navegadores ele ficava buscando infinitamente, pois como eu disse, o(s) vírus causa(m) problemas no CMD

AdwCleaner[C12].txt

JRT.txt

ZHPCleaner.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @iZehel

 

O TrustedInstaller faz parte do Windows.

 

Citação

pois continuo excluindo os processos no gerenciador de tarefas.

 

Amigo, peço que pare de fazer isso, pois irá influenciar em minha análises.

 

E lembre-se dos recados dados em meu primeiro post: Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

Então deixe tudo como está, reinicie o Windows, execute os procedimentos abaixo.

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


32 bit (x86) ou 64 bit (x64)

 

  • Clique duas vezes para executar a ferramenta.
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar.
  • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta.
  • Anexe o log Addition.txt

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano Meu medo de deixar essas coisas abertas é instalar de novo essa porcaria, ficando aparecendo internet explorer, firefox, e zuando o edge junto, mas ok. Tem um tal de ielowutil.exe também. Segue os logs:

FRST:
 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 08-05-2017
Executado por pc (administrador) em DESKTOP-GHI4R9G (14-05-2017 11:19:42)
Executando a partir de C:\Users\pc\Desktop
Perfis Carregados: pc (Perfis Disponíveis: pc)
Platform: Windows 10 Home Single Language Versão 1607 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
(Malwarebytes) D:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) D:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
() C:\Program Files (x86)\DFX\DFX.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
() C:\Program Files (x86)\DFX\Universal\Apps\dfxItunesSong.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => D:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [954416 2017-01-18] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-05-31] ()
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1274840 2013-10-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-12-06] (Banco do Brasil)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2016-06-22] (Caixa Economica Federal)
HKU\S-1-5-21-4159765478-414766487-3359474227-1001\...\Run: [Google Update] => C:\Users\pc\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-16] (Google Inc.)
HKU\S-1-5-21-4159765478-414766487-3359474227-1001\...\Run: [DAEMON Tools Lite] => D:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-4159765478-414766487-3359474227-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-4159765478-414766487-3359474227-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-18] (Valve Corporation)
HKU\S-1-5-21-4159765478-414766487-3359474227-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-4159765478-414766487-3359474227-1001\...\MountPoints2: {3321861b-b90b-11e6-9be2-f832e48e987c} - "G:\setup.exe" 
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellExecuteHooks: Sem Nome - {B6DE7B40-DE3F-11E6-BEE0-64006A5CFC23} -  -> Nenhum Arquivo
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1903328 2016-06-22] (Caixa Economica Federal)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1947872 2016-12-06] (Banco do Brasil)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2016-11-07]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (Nenhum Arquivo)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-03-31]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-11-21]
ShortcutTarget: Curse.lnk -> C:\Users\pc\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{df87e542-b9f6-4897-80c9-abaaa9df59ec}: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{f9c86e11-f750-4ead-bcbf-7dd95e515721}: [DhcpNameServer] 172.168.8.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131366051653932141&GUID=B8EB4E7B-6EA6-42E9-8FF0-D3A08D129543
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131366051653935621&GUID=B8EB4E7B-6EA6-42E9-8FF0-D3A08D129543
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-4159765478-414766487-3359474227-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131366051653939890&GUID=B8EB4E7B-6EA6-42E9-8FF0-D3A08D129543
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-03-17] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-12-06] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2016-06-22] (Caixa Economica Federal)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-17] (Oracle Corporation)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-4159765478-414766487-3359474227-1001 -> hxxp://www.google.com.br/

FireFox:
========
FF DefaultProfile: 1lhcdxne.default
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\1lhcdxne.default [2017-04-14]
FF Extension: (Adblock Plus) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\1lhcdxne.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (Disable Prefetch) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\1lhcdxne.default\features\{64ab8727-4d4f-4189-8cd3-8c9f7888c877}\disable-prefetch@mozilla.org.xpi [2017-04-05]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-24] [não assinado]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4159765478-414766487-3359474227-1001: @tools.google.com/Google Update;version=3 -> C:\Users\pc\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-4159765478-414766487-3359474227-1001: @tools.google.com/Google Update;version=9 -> C:\Users\pc\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: Profile 2
CHR StartupUrls: Profile 2 -> "hxxp://www.google.com/","hxxp://www.youtube.com/","hxxp://animazone.com.br/animes-legendados/fairy-tail-episodios/","hxxps://www.facebook.com/","hxxp://www.lolcounter.com/champ/masteryi","hxxp://www.startpageing123.com/?type=hp&ts=1489094989&z=8c9735d559a6f9db7771e07gcz9bdt5eft3z1t5qbq&from=pr0302&uid=ST1000LM024XHN-M101MBB_S33AJ5AG804342"
CHR Session Restore: Profile 2 -> está habilitado.
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default [2017-05-07]
CHR Extension: (Google Apresentações) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-13]
CHR Extension: (Google Docs) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-13]
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-13]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-13]
CHR Extension: (Planilhas do Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-13]
CHR Extension: (Documentos Google off-line) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-07]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-13]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-13]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-07]
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-04-14]
CHR Extension: (Google Docs) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-26]
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-26]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-26]
CHR Extension: (Documentos Google off-line) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-26]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-26]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-26]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-26]
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-05-14]
CHR Extension: (Google Apresentações) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-26]
CHR Extension: (Google Docs) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-26]
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-26]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-26]
CHR Extension: (Adblock Plus) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-20]
CHR Extension: (Planilhas do Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-26]
CHR Extension: (Documentos Google off-line) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-26]
CHR Extension: (AdBlock) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13]
CHR Extension: (Felix Theme) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kibegfpjckpnoeiplfehgadgjdoggckn [2017-02-08]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-26]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-14]
HKU\.DEFAULT\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Cuptony\Application\chrome.exe <==== ATENÇÃO
HKU\S-1-5-18\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Cuptony\Application\chrome.exe <==== ATENÇÃO

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [Arquivo não assinado]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe [121560 2015-07-21] ()
S3 Disc Soft Lite Bus Service; D:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395536 2016-12-16] (EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1385640 2015-08-03] (Intel Corporation)
S2 EvernoteEvernote; C:\Program Files (x86)\Evernote\EvernoteEvernote.dll [225280 2017-01-26] () [Arquivo não assinado]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [631520 2016-06-22] (GAS Tecnologia)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Arquivo não assinado]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Arquivo não assinado]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-22] (Intel Corporation)
R2 MBAMService; D:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe [404376 2017-03-20] (McAfee, Inc.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7847256 2016-10-18] (INCA Internet Co., Ltd.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [954416 2017-01-18] (GAS Tecnologia LTDA)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
S2 AlltieSU; "C:\Users\pc\AppData\Local\Temp\hp7BF.tmp\BaofengUpdate_U.exe" /i [X] <==== ATENÇÃO
S2 EvernessSU; "C:\Users\pc\AppData\Local\Temp\hp4D2E.tmp\zaichti.exe" -r [X] <==== ATENÇÃO
S2 Gherfwardervtain; C:\Program Files (x86)\Qobatheranogech\mpwhost.dll [X]
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [X]
S2 TrueKey; "C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe" [X]
S2 TrueKeyScheduler; "C:\Program Files\TrueKey\McTkSchedulerService.exe" [X]
S2 TrueKeyServiceHelper; "C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe" [X]

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2016-06-30] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2016-06-30] (Windows (R) Win 7 DDK provider)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [43512 2015-08-03] (Intel Corporation)
R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [41976 2015-08-03] (Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30352 2016-12-04] (Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [251384 2015-08-03] (Intel Corporation)
R1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2017-05-14] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2016-06-22] (GAS Tecnologia)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-25] (Intel Corporation)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-16] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [250816 2017-02-21] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-14] (Realtek                                            )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [600832 2015-07-16] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2016-06-22] (GAS Tecnologia LTDA)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [28376 2017-05-12] (GAS Tecnologia)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [47176 2016-06-21] (GAS Tecnologia)
S1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [25184 2016-11-11] (GAS Tecnologia)
S3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [25184 2016-11-11] (GAS Tecnologia)
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-05-12 22:08 - 2017-05-12 22:22 - 00012885 _____ C:\Users\pc\Desktop\ZHPCleaner.txt
2017-05-12 22:01 - 2017-05-12 22:22 - 00000000 ____D C:\Users\pc\AppData\Roaming\ZHP
2017-05-12 22:01 - 2017-05-12 22:10 - 00000000 ____D C:\Users\pc\AppData\Local\ZHP
2017-05-12 22:01 - 2017-05-12 22:01 - 02769920 _____ C:\Users\pc\Desktop\ZHPCleaner.exe
2017-05-12 22:01 - 2017-05-12 22:01 - 00000874 _____ C:\Users\pc\Desktop\ZHPCleaner.lnk
2017-05-12 21:59 - 2017-05-12 21:59 - 00000560 _____ C:\Users\pc\Desktop\JRT.txt
2017-05-12 19:59 - 2017-05-12 19:59 - 00009895 _____ C:\Users\pc\Desktop\AdwCleaner[C12].txt
2017-05-12 19:39 - 2017-05-12 19:49 - 04102600 _____ C:\Users\pc\Desktop\adwcleaner_6.046.exe
2017-05-11 21:25 - 2017-05-11 23:15 - 00000000 ____D C:\Users\pc\Documents\Gravações de som
2017-05-11 19:43 - 2017-05-11 19:43 - 00001717 _____ C:\Users\pc\Desktop\Fixlog.txt
2017-05-11 19:28 - 2017-05-14 11:18 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-01 16:36 - 2017-05-09 22:35 - 00000000 ____D C:\Users\pc\Desktop\FRST-OlderVersion
2017-05-01 10:14 - 2017-05-13 10:55 - 00042414 _____ C:\Users\pc\Desktop\Addition.txt
2017-05-01 10:12 - 2017-05-14 11:21 - 00025180 _____ C:\Users\pc\Desktop\FRST.txt
2017-05-01 10:12 - 2017-05-14 11:19 - 00000000 ____D C:\FRST
2017-05-01 10:10 - 2017-05-09 22:35 - 02429440 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2017-05-01 10:06 - 2017-05-01 10:06 - 00000000 ____D C:\Users\Todos os Usuários\HitmanPro
2017-05-01 10:06 - 2017-05-01 10:06 - 00000000 ____D C:\ProgramData\HitmanPro
2017-04-30 17:05 - 2017-04-30 17:05 - 00019435 _____ C:\Users\pc\Downloads\8431.tmp
2017-04-28 20:11 - 2017-04-28 20:11 - 00000000 ____D C:\WINDOWS\SysWOW64\{454257A5-3C5F-4134-BD5F-5071448E7C00}
2017-04-28 16:11 - 2017-04-28 16:11 - 00000000 ____D C:\Program Files (x86)\n1
2017-04-28 16:10 - 2017-04-28 16:10 - 00000000 ____D C:\WINDOWS\SysWOW64\{C506F72F-0602-4FAB-A462-4FAEF007B109}
2017-04-28 14:17 - 2017-04-28 14:17 - 00000000 ____D C:\Users\Public\Documents\Google
2017-04-28 14:16 - 2017-04-28 14:16 - 00000000 ____D C:\WINDOWS\psgo
2017-04-28 14:08 - 2017-04-28 19:49 - 00000537 _____ C:\runcheck.txt
2017-04-28 14:07 - 2017-04-28 14:07 - 00000000 ____D C:\zoek_backup
2017-04-28 14:05 - 2017-04-28 14:07 - 01370112 _____ C:\Users\pc\Desktop\ZA-Scan.exe
2017-04-27 23:34 - 2017-04-27 23:35 - 01663672 _____ (Malwarebytes) C:\Users\pc\Desktop\JRT.exe
2017-04-27 23:24 - 2017-04-27 23:24 - 00000000 ____D C:\WINDOWS\SysWOW64\{A191D033-2F0A-4767-904A-B9DB2385B1F9}
2017-04-27 19:26 - 2017-04-28 14:16 - 00000000 _____ C:\WINDOWS\SysWOW64\22
2017-04-27 19:26 - 2017-04-27 23:25 - 00000000 _____ C:\WINDOWS\SysWOW64\1111111
2017-04-27 19:25 - 2017-04-27 19:25 - 00000000 ____D C:\Users\Todos os Usuários\Apple
2017-04-27 19:25 - 2017-04-27 19:25 - 00000000 ____D C:\ProgramData\Apple
2017-04-27 19:23 - 2017-04-27 19:23 - 00000000 ____D C:\WINDOWS\SysWOW64\{6579D28B-385F-44AE-9D9E-D0C21B87DD52}
2017-04-25 12:12 - 2017-04-25 12:12 - 00008760 _____ C:\Users\pc\Downloads\Contracheque(4).pdf
2017-04-25 12:12 - 2017-04-25 12:12 - 00008758 _____ C:\Users\pc\Downloads\Contracheque(5).pdf
2017-04-25 12:11 - 2017-04-25 12:11 - 00008757 _____ C:\Users\pc\Downloads\Contracheque(3).pdf
2017-04-25 12:09 - 2017-04-25 12:09 - 00008759 _____ C:\Users\pc\Downloads\Contracheque(2).pdf
2017-04-21 07:35 - 2017-04-21 07:35 - 00000000 _____ C:\WINDOWS\SysWOW64\33
2017-04-21 07:29 - 2017-04-28 14:14 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2017-04-20 14:19 - 2017-04-28 14:16 - 00000000 _____ C:\WINDOWS\SysWOW64\11
2017-04-20 14:19 - 2017-04-20 14:19 - 00000000 _____ C:\WINDOWS\SysWOW64\44
2017-04-20 14:16 - 2017-04-20 14:16 - 00000000 ____D C:\WINDOWS\SysWOW64\{51AE5E6E-BAE8-49C9-9657-A12123483ECB}
2017-04-15 03:08 - 2017-04-15 03:08 - 00000000 ____D C:\WINDOWS\SysWOW64\{8AC610DF-843A-4BE8-922B-273F63AF42FF}
2017-04-14 23:08 - 2017-04-14 23:08 - 00000000 ____D C:\WINDOWS\SysWOW64\{4CA75681-68B4-40F3-8E0D-01CFA63C58BA}
2017-04-14 19:08 - 2017-04-14 19:08 - 00000000 ____D C:\WINDOWS\SysWOW64\{210DCF5C-ACFA-4DEC-BB4E-9566B180433B}
2017-04-14 19:01 - 2017-04-14 19:01 - 00000000 ____D C:\Program Files (x86)\GUMD127.tmp
2017-04-14 18:57 - 2017-04-30 17:05 - 00002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-14 18:55 - 2017-04-28 18:51 - 00003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-14 18:55 - 2017-04-28 18:51 - 00003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-14 18:54 - 2017-04-14 18:54 - 01129376 _____ (Google Inc.) C:\Users\pc\Downloads\ChromeSetup.exe
2017-04-14 15:20 - 2017-04-14 15:20 - 00000000 ____D C:\WINDOWS\SysWOW64\{F15340F3-5486-4FF2-8D78-D9B356E7E690}
2017-04-14 11:10 - 2017-04-14 19:04 - 00000000 ____D C:\WINDOWS\SysWOW64\{A6684A85-EC6E-4FAB-80BD-89E65D6DFE6A}
2017-04-11 23:27 - 2017-03-28 04:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-04-11 23:27 - 2017-03-28 04:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-11 23:27 - 2017-03-28 03:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-11 23:27 - 2017-03-28 03:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-11 23:27 - 2017-03-28 03:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-11 23:27 - 2017-03-28 03:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-11 23:27 - 2017-03-28 03:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-11 23:27 - 2017-03-28 03:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-11 23:27 - 2017-03-28 03:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-11 23:27 - 2017-03-28 03:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-11 23:27 - 2017-03-28 03:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-04-11 23:27 - 2017-03-28 03:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-04-11 23:27 - 2017-03-28 03:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-11 23:27 - 2017-03-28 03:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-04-11 23:27 - 2017-03-28 03:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-04-11 23:27 - 2017-03-28 03:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-04-11 23:27 - 2017-03-28 03:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-04-11 23:27 - 2017-03-28 03:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-04-11 23:27 - 2017-03-28 02:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-11 23:27 - 2017-03-28 02:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-04-11 23:27 - 2017-03-28 02:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-11 23:27 - 2017-03-28 02:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-11 23:27 - 2017-03-28 02:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-04-11 23:27 - 2017-03-28 02:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-04-11 23:27 - 2017-03-28 02:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-04-11 23:27 - 2017-03-28 02:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-04-11 23:27 - 2017-03-28 02:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-04-11 23:27 - 2017-03-28 02:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-11 23:27 - 2017-03-28 02:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-11 23:27 - 2017-03-28 02:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-11 23:27 - 2017-03-28 02:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-04-11 23:27 - 2017-03-28 02:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-04-11 23:27 - 2017-03-28 02:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-11 23:27 - 2017-03-28 02:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-04-11 23:27 - 2017-03-28 02:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-11 23:27 - 2017-03-28 02:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-04-11 23:27 - 2017-03-28 02:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-04-11 23:27 - 2017-03-28 02:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-11 23:27 - 2017-03-28 02:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-04-11 23:27 - 2017-03-28 02:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-04-11 23:27 - 2017-03-28 02:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-04-11 23:27 - 2017-03-28 02:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-11 23:27 - 2017-03-28 02:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-11 23:27 - 2017-03-28 02:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-04-11 23:27 - 2017-03-28 02:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-11 23:27 - 2017-03-28 02:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-04-11 23:27 - 2017-03-28 02:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-04-11 23:27 - 2017-03-28 02:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-04-11 23:27 - 2017-03-28 02:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-11 23:27 - 2017-03-28 02:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-04-11 23:27 - 2017-03-28 02:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-04-11 23:27 - 2017-03-28 02:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-11 23:27 - 2017-03-28 02:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-11 23:27 - 2017-03-28 02:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-11 23:27 - 2017-03-28 02:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-11 23:27 - 2017-03-28 02:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-11 23:27 - 2017-03-28 02:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-04-11 23:27 - 2017-03-28 02:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-04-11 23:27 - 2017-03-28 02:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-11 23:27 - 2017-03-28 02:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-11 23:27 - 2017-03-28 02:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-11 23:27 - 2017-03-28 02:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-04-11 23:27 - 2017-03-28 02:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-11 23:27 - 2017-03-28 02:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-04-11 23:27 - 2017-03-28 02:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-04-11 23:27 - 2017-03-28 02:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-04-11 23:27 - 2017-03-28 02:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-11 23:27 - 2017-03-28 02:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-04-11 23:27 - 2017-03-28 02:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-04-11 23:27 - 2017-03-28 02:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-04-11 23:27 - 2017-03-28 02:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-11 23:27 - 2017-03-28 02:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-11 23:27 - 2017-03-28 02:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-04-11 23:27 - 2017-03-28 02:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-11 23:27 - 2017-03-28 02:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-11 23:27 - 2017-03-28 02:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-04-11 23:27 - 2017-03-28 02:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-04-11 23:27 - 2017-03-28 02:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-11 23:27 - 2017-03-28 02:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-11 23:27 - 2017-03-28 02:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-11 23:27 - 2017-03-28 02:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-11 23:27 - 2017-03-28 02:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-11 23:27 - 2017-03-28 02:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-04-11 23:27 - 2017-03-28 02:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-04-11 23:27 - 2017-03-28 02:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-11 23:27 - 2017-03-28 02:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-04-11 23:27 - 2017-03-28 02:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-11 23:27 - 2017-03-28 02:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-04-11 23:27 - 2017-03-28 02:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-04-11 23:27 - 2017-03-28 02:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-11 23:27 - 2017-03-28 02:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-11 23:27 - 2017-03-28 02:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-04-11 23:27 - 2017-03-28 02:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-11 23:27 - 2017-03-28 02:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-11 23:27 - 2017-03-28 02:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-04-11 23:27 - 2017-03-28 02:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-04-11 23:27 - 2017-03-28 02:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-04-11 23:27 - 2017-03-28 02:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-04-11 23:27 - 2017-03-28 02:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-04-11 23:27 - 2017-03-28 02:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-04-11 23:27 - 2017-03-28 02:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-04-11 23:27 - 2017-03-28 02:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-04-11 23:27 - 2017-03-28 02:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-04-11 23:27 - 2017-03-28 02:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-04-11 23:27 - 2017-03-28 02:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-04-11 23:27 - 2017-03-28 02:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-04-11 23:27 - 2017-03-28 02:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-04-11 23:27 - 2017-03-28 02:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-11 23:27 - 2017-03-28 02:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-11 23:27 - 2017-03-28 02:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-11 23:27 - 2017-03-28 02:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-04-11 23:27 - 2017-03-28 02:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-04-11 23:27 - 2017-03-28 02:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-11 23:27 - 2017-03-28 02:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-11 23:27 - 2017-03-28 02:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-04-11 23:27 - 2017-03-28 02:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-04-11 23:27 - 2017-03-28 02:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-04-11 23:27 - 2017-03-28 02:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-04-11 23:27 - 2017-03-28 02:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-04-11 23:27 - 2017-03-28 02:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-04-11 23:27 - 2017-03-28 02:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-11 23:27 - 2017-03-28 02:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-04-11 23:27 - 2017-03-28 02:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-11 23:27 - 2017-03-28 02:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-11 23:27 - 2017-03-28 02:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-04-11 23:27 - 2017-03-28 02:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-04-11 23:27 - 2017-03-28 02:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-04-11 23:27 - 2017-03-28 02:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-04-11 23:27 - 2017-03-28 02:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-04-11 23:27 - 2017-03-28 02:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-04-11 23:27 - 2017-03-28 02:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-04-11 23:27 - 2017-03-28 02:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-04-11 23:27 - 2017-03-28 02:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-11 23:27 - 2017-03-28 02:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-04-11 23:27 - 2017-03-28 02:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-11 23:27 - 2017-03-28 02:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-04-11 23:27 - 2017-03-28 02:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-04-11 23:27 - 2017-03-28 02:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-04-11 23:27 - 2017-03-28 02:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-11 23:27 - 2017-03-28 02:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-11 23:27 - 2017-03-28 02:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-04-11 23:27 - 2017-03-28 02:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-04-11 23:27 - 2017-03-28 02:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-11 23:27 - 2017-03-28 02:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-04-11 23:27 - 2017-03-28 02:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-04-11 23:27 - 2017-03-28 02:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-04-11 23:27 - 2017-03-28 02:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-04-11 23:27 - 2017-03-28 02:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-04-11 23:27 - 2017-03-28 02:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-04-11 23:27 - 2017-03-28 02:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-11 23:27 - 2017-03-28 02:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-04-11 23:27 - 2017-03-28 02:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-04-11 23:27 - 2017-03-28 02:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-04-11 23:27 - 2017-03-28 02:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-04-11 23:27 - 2017-03-28 02:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-11 23:27 - 2017-03-28 02:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-04-11 23:27 - 2017-03-28 02:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-11 23:27 - 2017-03-28 02:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-04-11 23:27 - 2017-03-28 02:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-04-11 23:27 - 2017-03-28 02:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-11 23:27 - 2017-03-28 02:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-11 23:27 - 2017-03-28 02:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-04-11 23:27 - 2017-03-28 02:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-04-11 23:27 - 2017-03-28 02:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-04-11 23:27 - 2017-03-28 02:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-04-11 23:27 - 2017-03-28 02:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-04-11 23:27 - 2017-03-28 02:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-04-11 23:27 - 2017-03-28 02:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-11 23:27 - 2017-03-28 02:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-04-11 23:27 - 2017-03-28 02:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-11 23:27 - 2017-03-28 02:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-11 23:27 - 2017-03-28 02:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-11 23:27 - 2017-03-28 02:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-04-11 23:27 - 2017-03-28 02:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-11 23:27 - 2017-03-28 02:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-11 23:27 - 2017-03-28 02:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-11 23:27 - 2017-03-28 02:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-04-11 23:27 - 2017-03-28 02:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-11 23:27 - 2017-03-28 02:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-04-11 23:27 - 2017-03-28 02:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-04-11 23:27 - 2017-03-28 01:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-11 23:27 - 2017-03-16 01:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-04-11 23:26 - 2017-03-28 03:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-11 23:26 - 2017-03-28 03:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-11 23:26 - 2017-03-28 03:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-11 23:26 - 2017-03-28 03:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-11 23:26 - 2017-03-28 03:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-11 23:26 - 2017-03-28 03:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-11 23:26 - 2017-03-28 03:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-11 23:26 - 2017-03-28 03:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-11 23:26 - 2017-03-28 03:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-11 23:26 - 2017-03-28 03:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-11 23:26 - 2017-03-28 03:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-11 23:26 - 2017-03-28 03:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-11 23:26 - 2017-03-28 03:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-11 23:26 - 2017-03-28 03:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-11 23:26 - 2017-03-28 03:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-11 23:26 - 2017-03-28 03:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-11 23:26 - 2017-03-28 03:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-11 23:26 - 2017-03-28 03:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-11 23:26 - 2017-03-28 03:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-11 23:26 - 2017-03-28 03:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-11 23:26 - 2017-03-28 02:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-11 23:26 - 2017-03-28 02:58 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-11 23:26 - 2017-03-28 02:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-11 23:26 - 2017-03-28 02:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-11 23:26 - 2017-03-28 02:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-11 23:26 - 2017-03-28 02:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-11 23:26 - 2017-03-28 02:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-11 23:26 - 2017-03-28 02:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-11 23:26 - 2017-03-28 02:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-11 23:26 - 2017-03-28 02:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-11 23:26 - 2017-03-28 02:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-11 23:26 - 2017-03-28 02:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-11 23:26 - 2017-03-28 02:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-11 23:26 - 2017-03-28 02:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-11 23:26 - 2017-03-28 02:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-11 23:26 - 2017-03-28 02:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-11 23:26 - 2017-03-28 02:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-11 23:26 - 2017-03-28 02:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-04-11 23:26 - 2017-03-28 02:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-11 23:26 - 2017-03-28 02:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-04-11 23:26 - 2017-03-28 02:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-11 23:26 - 2017-03-28 02:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-11 23:26 - 2017-03-28 02:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-11 23:26 - 2017-03-28 02:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-11 23:26 - 2017-03-28 02:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-11 23:26 - 2017-03-28 02:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-11 23:26 - 2017-03-28 02:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-11 23:26 - 2017-03-28 02:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-11 23:26 - 2017-03-28 02:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-11 23:26 - 2017-03-28 02:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-11 23:26 - 2017-03-28 02:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-04-11 23:26 - 2017-03-28 02:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-04-11 23:26 - 2017-03-28 02:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-04-11 23:26 - 2017-03-28 02:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-11 23:26 - 2017-03-28 02:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-11 23:26 - 2017-03-28 02:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-11 23:26 - 2017-03-28 02:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-11 23:26 - 2017-03-28 02:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-11 23:26 - 2017-03-28 02:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-11 23:26 - 2017-03-28 02:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-11 23:26 - 2017-03-28 02:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-11 23:26 - 2017-03-28 02:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-11 23:26 - 2017-03-28 02:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-11 23:26 - 2017-03-28 02:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-11 23:26 - 2017-03-28 02:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-11 23:26 - 2017-03-28 02:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-11 23:26 - 2017-03-28 02:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-11 23:26 - 2017-03-28 02:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-11 23:26 - 2017-03-28 02:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-04-11 23:26 - 2017-03-28 02:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-11 23:26 - 2017-03-28 02:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-11 23:26 - 2017-03-28 02:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-04-11 23:26 - 2017-03-28 02:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-04-11 23:26 - 2017-03-28 02:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-11 23:26 - 2017-03-28 02:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-11 23:26 - 2017-03-28 02:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-04-11 23:26 - 2017-03-28 02:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-11 23:26 - 2017-03-28 02:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-11 23:26 - 2017-03-28 02:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-11 23:26 - 2017-03-28 02:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-11 23:26 - 2017-03-28 02:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-11 23:26 - 2017-03-28 02:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-11 23:26 - 2017-03-28 02:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-11 23:26 - 2017-03-28 02:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-11 23:26 - 2017-03-28 02:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-11 23:26 - 2017-03-28 02:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-11 23:26 - 2017-03-28 02:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-11 23:26 - 2017-03-28 02:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-11 23:26 - 2017-03-28 02:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-11 23:26 - 2017-03-28 02:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-11 23:25 - 2017-03-28 03:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-11 23:25 - 2017-03-28 03:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-11 23:25 - 2017-03-28 03:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-11 23:25 - 2017-03-28 03:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-11 23:25 - 2017-03-28 03:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-11 23:25 - 2017-03-28 03:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-11 23:25 - 2017-03-28 03:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-11 23:25 - 2017-03-28 03:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-11 23:25 - 2017-03-28 03:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-11 23:25 - 2017-03-28 03:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-11 23:25 - 2017-03-28 03:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-11 23:25 - 2017-03-28 03:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-11 23:25 - 2017-03-28 02:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-04-11 23:25 - 2017-03-28 02:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-11 23:25 - 2017-03-28 02:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-11 23:25 - 2017-03-28 02:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-11 23:25 - 2017-03-28 02:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-11 23:25 - 2017-03-28 02:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-11 23:25 - 2017-03-28 02:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-11 23:25 - 2017-03-28 02:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-11 23:25 - 2017-03-28 02:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-11 23:25 - 2017-03-28 02:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-11 23:25 - 2017-03-28 02:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-11 23:25 - 2017-03-28 02:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-11 23:25 - 2017-03-28 02:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-11 23:25 - 2017-03-28 02:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-11 23:25 - 2017-03-28 02:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-11 23:25 - 2017-03-28 02:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-04-11 23:25 - 2017-03-28 02:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-11 23:25 - 2017-03-28 02:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-11 23:25 - 2017-03-28 02:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-11 23:25 - 2017-03-28 02:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-11 23:25 - 2017-03-28 02:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-11 23:25 - 2017-03-28 02:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-11 23:25 - 2017-03-28 02:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-11 23:25 - 2017-03-28 02:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-11 23:25 - 2017-03-28 02:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-11 23:25 - 2017-03-28 02:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-11 23:25 - 2017-03-28 02:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-11 23:25 - 2017-03-28 02:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-11 23:25 - 2017-03-28 02:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-11 23:25 - 2017-03-28 02:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-11 23:25 - 2017-03-28 02:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-11 23:25 - 2017-03-28 02:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-11 23:25 - 2017-03-28 02:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-11 23:25 - 2017-03-28 02:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-11 23:25 - 2017-03-28 02:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-11 23:25 - 2017-03-28 02:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-11 23:25 - 2017-03-28 02:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-11 23:25 - 2017-03-28 02:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-11 23:25 - 2017-03-28 02:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-11 23:25 - 2017-03-28 02:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-11 23:25 - 2017-03-28 02:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-04-11 23:25 - 2017-03-28 02:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-11 23:25 - 2017-03-28 02:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-11 23:25 - 2017-03-28 02:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-11 23:25 - 2017-03-28 02:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-11 23:25 - 2017-03-28 02:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-11 23:25 - 2017-03-28 02:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-11 23:25 - 2017-03-28 02:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-11 23:25 - 2017-03-28 02:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-11 23:25 - 2017-03-28 02:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-11 23:25 - 2017-03-28 02:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-11 23:25 - 2017-03-28 02:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-11 23:25 - 2017-03-28 02:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-11 23:25 - 2017-03-28 02:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-11 23:25 - 2017-03-28 02:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-11 23:25 - 2017-03-28 02:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-11 23:25 - 2017-03-28 02:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-11 23:25 - 2017-03-28 02:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-11 23:25 - 2017-03-28 02:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-11 23:25 - 2017-03-28 02:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-11 23:25 - 2017-03-28 02:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-11 23:25 - 2017-03-28 02:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-11 23:25 - 2017-03-28 02:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-11 23:25 - 2017-03-28 02:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-11 23:25 - 2017-03-28 02:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-11 23:25 - 2017-03-28 02:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-04-11 23:25 - 2017-03-28 02:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-11 23:25 - 2017-03-28 02:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-11 23:25 - 2017-03-28 02:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-11 23:25 - 2017-03-28 02:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-11 23:25 - 2017-03-28 02:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-11 23:25 - 2017-03-28 02:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-11 23:25 - 2017-03-28 02:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-11 23:25 - 2017-03-28 02:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-11 23:25 - 2017-03-28 02:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-11 23:25 - 2017-03-28 02:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-11 23:25 - 2017-03-28 02:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-11 23:25 - 2017-03-28 02:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-11 23:25 - 2017-03-28 02:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-11 23:25 - 2017-03-28 02:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-04-11 23:25 - 2017-03-28 02:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-11 23:25 - 2017-03-28 02:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-11 23:25 - 2017-03-28 02:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-11 23:25 - 2017-03-28 02:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-11 23:25 - 2017-03-28 02:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-11 23:25 - 2017-03-28 02:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-11 23:25 - 2017-03-28 02:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-11 23:25 - 2017-03-18 13:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-11 23:24 - 2017-03-28 03:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-04-11 23:24 - 2017-03-28 03:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-04-11 23:24 - 2017-03-28 03:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-04-11 23:24 - 2017-03-28 03:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-11 23:24 - 2017-03-28 03:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-11 23:24 - 2017-03-28 03:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-11 23:24 - 2017-03-28 03:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-11 23:24 - 2017-03-28 03:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-11 23:24 - 2017-03-28 03:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-11 23:24 - 2017-03-28 03:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-04-11 23:24 - 2017-03-28 03:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-11 23:24 - 2017-03-28 03:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-11 23:24 - 2017-03-28 03:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-11 23:24 - 2017-03-28 03:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-11 23:24 - 2017-03-28 03:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-11 23:24 - 2017-03-28 03:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-11 23:24 - 2017-03-28 02:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-11 23:24 - 2017-03-28 02:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-11 23:24 - 2017-03-28 02:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-11 23:24 - 2017-03-28 02:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-11 23:24 - 2017-03-28 02:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-11 23:24 - 2017-03-28 02:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-11 23:24 - 2017-03-28 02:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-04-11 23:24 - 2017-03-28 02:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-11 23:24 - 2017-03-28 02:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-11 23:24 - 2017-03-28 02:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-11 23:24 - 2017-03-28 02:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-11 23:24 - 2017-03-28 02:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-11 23:24 - 2017-03-28 02:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-11 23:24 - 2017-03-28 02:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-11 23:24 - 2017-03-28 02:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-11 23:24 - 2017-03-28 02:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-11 23:24 - 2017-03-28 02:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-11 23:24 - 2017-03-28 02:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-11 23:24 - 2017-03-28 02:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-11 23:24 - 2017-03-28 02:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-11 23:24 - 2017-03-28 02:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-11 23:24 - 2017-03-28 02:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-11 23:24 - 2017-03-28 02:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-11 23:24 - 2017-03-28 02:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-11 23:24 - 2017-03-28 02:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-11 23:24 - 2017-03-28 02:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-11 23:24 - 2017-03-28 02:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-11 23:24 - 2017-03-28 02:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-11 23:24 - 2017-03-28 02:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-11 23:24 - 2017-03-28 02:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-11 23:24 - 2017-03-28 02:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-11 23:24 - 2017-03-28 02:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-11 23:24 - 2017-03-28 02:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-11 23:24 - 2017-03-28 02:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-11 23:24 - 2017-03-28 02:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-11 23:24 - 2017-03-28 02:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-04-11 23:24 - 2017-03-28 02:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-04-11 23:24 - 2017-03-28 02:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-11 23:24 - 2017-03-28 02:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-11 23:24 - 2017-03-28 02:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-11 23:24 - 2017-03-28 02:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-11 23:24 - 2017-03-28 02:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-11 23:24 - 2017-03-28 02:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-11 23:24 - 2017-03-28 02:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-11 23:24 - 2017-03-28 02:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-11 23:24 - 2017-03-28 02:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-11 23:24 - 2017-03-28 02:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-11 23:24 - 2017-03-28 02:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-11 23:24 - 2017-03-28 02:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-11 23:24 - 2017-03-28 02:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-11 23:24 - 2017-03-28 02:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-11 23:24 - 2017-03-28 02:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-11 23:24 - 2017-03-28 02:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-11 23:24 - 2017-03-28 02:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-11 23:24 - 2017-03-28 02:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-11 23:24 - 2017-03-28 02:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-11 23:24 - 2017-03-28 02:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-11 23:24 - 2017-03-28 02:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-11 23:24 - 2017-03-28 02:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-11 23:24 - 2017-03-28 02:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-11 23:24 - 2017-03-28 02:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-11 23:24 - 2017-03-18 13:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-11 23:24 - 2017-03-16 01:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-09 20:38 - 2017-04-09 20:58 - 00000000 ____D C:\é
2017-04-03 09:52 - 2017-04-03 09:53 - 00011311 _____ C:\Users\pc\Downloads\imprimir(1).pdf
2017-04-03 09:42 - 2017-04-03 09:43 - 00212559 _____ C:\Users\pc\Downloads\VIVO_FATURA_SEGUNDA_VIA.pdf
2017-04-02 12:42 - 2017-04-02 12:42 - 00002126 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-04-02 12:42 - 2017-04-02 12:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-04-02 12:41 - 2017-04-02 12:46 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2017-04-02 12:41 - 2017-04-02 12:46 - 00000000 ____D C:\ProgramData\Adobe
2017-03-31 23:49 - 2017-03-31 23:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-03-27 13:23 - 2017-03-28 11:15 - 00000000 ____D C:\Users\pc\Documents\Nova pasta (2)
2017-03-27 10:55 - 2017-03-27 10:55 - 00030207 _____ C:\Users\pc\Documents\05520410178-IRPF-2017-2016-retif-imagem-recibo.pdf
2017-03-25 14:44 - 2017-04-24 20:25 - 00000000 ____D C:\Users\pc\Documents\IR2017
2017-03-24 11:32 - 2017-04-24 20:25 - 00000000 ____D C:\Users\pc\.receitanet
2017-03-22 12:26 - 2017-03-31 23:49 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-03-22 12:08 - 2017-03-22 12:08 - 00000000 ____D C:\Users\Todos os Usuários\TrueKey
2017-03-22 12:08 - 2017-03-22 12:08 - 00000000 ____D C:\ProgramData\TrueKey
2017-03-22 12:08 - 2017-03-22 12:08 - 00000000 ____D C:\Program Files\Common Files\Intel
2017-03-22 11:59 - 2017-03-22 12:08 - 00043344 _____ C:\Users\pc\Downloads\ComprovanteRendimento2016(2).pdf
2017-03-22 11:57 - 2017-03-23 00:43 - 00000000 ____D C:\Program Files\TrueKey
2017-03-22 11:56 - 2017-03-22 11:56 - 00000000 ____D C:\Users\Todos os Usuários\McAfee Security Scan
2017-03-22 11:56 - 2017-03-22 11:56 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2017-03-21 13:41 - 2017-03-21 13:41 - 00137311 _____ C:\Users\pc\Downloads\2860271540(3).pdf
2017-03-21 13:41 - 2017-03-21 13:41 - 00136541 _____ C:\Users\pc\Downloads\2860271540(2).pdf
2017-03-21 13:41 - 2017-03-21 13:41 - 00135170 _____ C:\Users\pc\Downloads\2860271540(1).pdf
2017-03-21 13:40 - 2017-03-21 13:41 - 00135416 _____ C:\Users\pc\Downloads\2860271540.pdf
2017-03-17 16:56 - 2017-03-17 16:56 - 00001767 _____ C:\Users\Public\Desktop\IRPF2017 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk
2017-03-17 16:56 - 2017-03-17 16:56 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2017-03-17 16:56 - 2017-03-17 16:56 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2017
2017-03-17 16:56 - 2017-03-17 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB2017
2017-03-17 16:56 - 2017-03-17 16:56 - 00000000 ____D C:\Arquivos de Programas RFB
2017-03-17 16:49 - 2017-03-17 16:52 - 28191768 _____ (Receita Federal do Brasil) C:\Users\pc\Downloads\IRPF2017Win32v1.1.exe
2017-03-17 16:22 - 2017-03-17 16:23 - 00172634 _____ C:\Users\pc\Downloads\Placa_HIM4872(1).PDF
2017-03-17 16:01 - 2017-04-14 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\{BB8F2733-5275-44A6-A492-9417538B0E15}
2017-03-17 14:47 - 2017-03-17 14:47 - 00043344 _____ C:\Users\pc\Downloads\ComprovanteRendimento2016(1).pdf
2017-03-17 14:33 - 2017-04-02 12:44 - 00000000 ____D C:\Users\pc\AppData\Local\Adobe
2017-03-17 14:33 - 2017-03-17 14:52 - 00000000 ____D C:\Users\pc\AppData\Roaming\Adobe
2017-03-15 16:34 - 2017-03-15 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\{1ABBB4B3-1D8B-4A0F-A47D-F1BF8884CF95}
2017-03-15 16:12 - 2017-03-15 16:12 - 00000000 _____ C:\WINDOWS\SysWOW64\1
2017-03-15 13:52 - 2017-03-04 04:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-03-15 13:52 - 2017-03-04 03:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-15 13:52 - 2017-03-04 03:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-03-15 13:52 - 2017-03-04 03:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-03-15 13:52 - 2017-03-04 03:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-15 13:52 - 2017-03-04 03:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-15 13:52 - 2017-03-04 03:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-15 13:52 - 2017-03-04 03:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-03-15 13:52 - 2017-03-04 03:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-15 13:52 - 2017-03-04 03:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-15 13:52 - 2017-03-04 03:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-03-15 13:52 - 2017-03-04 03:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2017-03-15 13:52 - 2017-03-04 03:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-15 13:52 - 2017-03-04 03:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-15 13:52 - 2017-03-04 03:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-15 13:52 - 2017-03-04 03:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-15 13:52 - 2017-03-04 03:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-03-15 13:52 - 2017-03-04 03:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-15 13:52 - 2017-03-04 03:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-03-15 13:52 - 2017-03-04 03:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-15 13:52 - 2017-03-04 03:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-15 13:52 - 2017-03-04 03:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-15 13:51 - 2017-03-04 04:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-15 13:51 - 2017-03-04 04:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-15 13:51 - 2017-03-04 04:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-15 13:51 - 2017-03-04 04:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-15 13:51 - 2017-03-04 03:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-03-15 13:51 - 2017-03-04 03:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-03-15 13:51 - 2017-03-04 03:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-15 13:51 - 2017-03-04 03:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-15 13:51 - 2017-03-04 03:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-15 13:51 - 2017-03-04 03:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-03-15 13:51 - 2017-03-04 03:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-15 13:51 - 2017-03-04 03:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-03-15 13:51 - 2017-03-04 03:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-15 13:51 - 2017-03-04 03:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-03-15 13:51 - 2017-03-04 03:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-15 13:51 - 2017-03-04 03:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-15 13:51 - 2017-03-04 03:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-15 13:51 - 2017-03-04 03:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-15 13:51 - 2017-03-04 03:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-15 13:51 - 2017-03-04 03:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-15 13:51 - 2017-03-04 03:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-15 13:51 - 2017-03-04 03:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-15 13:51 - 2017-03-04 03:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-15 13:51 - 2017-03-04 03:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-15 13:51 - 2017-03-04 03:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-15 13:51 - 2017-03-04 03:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-15 13:51 - 2017-03-04 03:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-15 13:51 - 2017-03-04 03:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-15 13:51 - 2017-03-04 03:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-15 13:51 - 2017-03-04 03:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-15 13:51 - 2017-03-04 03:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-15 13:51 - 2017-03-04 03:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-15 13:51 - 2017-03-04 03:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-15 13:51 - 2017-03-04 03:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-15 13:51 - 2017-03-04 03:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-03-15 13:51 - 2017-03-04 03:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-15 13:51 - 2017-03-04 03:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-15 13:51 - 2017-03-04 03:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-15 13:51 - 2017-03-04 03:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2017-03-15 13:51 - 2017-03-04 03:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-15 13:51 - 2017-03-04 03:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-03-15 13:51 - 2017-03-04 03:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-15 13:51 - 2017-03-04 03:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-03-15 13:51 - 2017-03-04 03:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-15 13:51 - 2017-03-04 03:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-15 13:51 - 2017-03-04 03:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-03-15 13:51 - 2017-03-04 03:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-03-15 13:51 - 2017-03-04 03:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-15 13:51 - 2017-03-04 03:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-15 13:51 - 2017-03-04 03:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-15 13:51 - 2017-03-04 03:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-15 13:51 - 2017-03-04 03:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-03-15 13:51 - 2017-03-04 03:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-15 13:51 - 2017-03-04 03:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 13:51 - 2017-03-04 03:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-03-15 13:51 - 2017-03-04 03:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-15 13:51 - 2017-03-04 03:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-15 13:51 - 2017-03-04 03:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-03-15 13:51 - 2017-03-04 03:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-03-15 13:51 - 2017-03-04 03:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-15 13:51 - 2017-03-04 03:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-03-15 13:51 - 2017-03-04 03:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-03-15 13:51 - 2017-03-04 03:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-03-15 13:51 - 2017-03-04 03:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-15 13:51 - 2017-03-04 03:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-15 13:51 - 2017-03-04 03:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-03-15 13:51 - 2017-03-04 03:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-15 13:51 - 2017-03-04 03:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-03-15 13:51 - 2017-03-04 03:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-15 13:51 - 2017-03-04 03:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-15 13:51 - 2017-03-04 03:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-03-15 13:51 - 2017-03-04 03:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-15 13:51 - 2017-03-04 03:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-03-15 13:51 - 2017-03-04 03:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-15 13:51 - 2017-03-04 03:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2017-03-15 13:51 - 2017-03-04 03:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-15 13:51 - 2017-03-04 03:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-15 13:51 - 2017-03-04 03:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-15 13:51 - 2017-03-04 03:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-03-15 13:51 - 2017-03-04 03:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-03-15 13:51 - 2017-03-04 03:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-15 13:51 - 2017-03-04 03:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-03-15 13:51 - 2017-03-04 03:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-15 13:51 - 2017-03-04 03:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-15 13:51 - 2017-03-04 03:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-03-15 13:51 - 2017-03-04 03:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-03-15 13:51 - 2017-03-04 03:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-03-15 13:51 - 2017-03-04 03:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-15 13:51 - 2017-03-04 03:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-15 13:51 - 2017-03-04 03:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-15 13:51 - 2017-03-04 03:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-15 13:51 - 2017-03-04 03:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-15 13:51 - 2017-03-04 03:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-15 13:51 - 2017-03-04 03:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-03-15 13:51 - 2017-03-04 03:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-15 13:51 - 2017-03-04 03:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-15 13:51 - 2017-03-04 03:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-15 13:51 - 2017-03-04 03:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-15 13:51 - 2017-03-04 03:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-15 13:51 - 2017-03-04 03:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-15 13:51 - 2017-03-04 03:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-15 13:51 - 2017-03-04 03:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-15 13:51 - 2017-03-04 03:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-03-15 13:51 - 2017-03-04 03:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-15 13:51 - 2017-03-04 03:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-03-15 13:51 - 2017-03-04 03:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-15 13:51 - 2017-03-04 02:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-15 13:51 - 2016-05-29 15:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2017-03-15 13:50 - 2017-03-04 04:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-03-15 13:50 - 2017-03-04 04:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-15 13:50 - 2017-03-04 03:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-15 13:50 - 2017-03-04 03:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-15 13:50 - 2017-03-04 03:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-15 13:50 - 2017-03-04 03:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-15 13:50 - 2017-03-04 03:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-03-15 13:50 - 2017-03-04 03:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-03-15 13:50 - 2017-03-04 03:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-03-15 13:50 - 2017-03-04 03:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-15 13:50 - 2017-03-04 03:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-15 13:50 - 2017-03-04 03:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-15 13:50 - 2017-03-04 03:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-15 13:50 - 2017-03-04 03:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-15 13:50 - 2017-03-04 03:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-15 13:50 - 2017-03-04 03:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-03-15 13:50 - 2017-03-04 03:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-15 13:50 - 2017-03-04 03:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-15 13:50 - 2017-03-04 03:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-15 13:50 - 2017-03-04 03:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-03-15 13:50 - 2017-03-04 03:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-03-15 13:50 - 2017-03-04 03:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-15 13:50 - 2017-03-04 03:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-03-15 13:50 - 2017-03-04 03:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-15 13:50 - 2017-03-04 03:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-03-15 13:50 - 2017-03-04 03:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-15 13:50 - 2017-03-04 03:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-03-15 13:50 - 2017-03-04 03:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-15 13:50 - 2017-03-04 03:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-03-15 13:50 - 2017-03-04 03:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-15 13:50 - 2017-03-04 03:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-03-15 13:50 - 2017-03-04 03:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-03-15 13:50 - 2017-03-04 03:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-15 13:50 - 2017-03-04 03:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-15 13:50 - 2017-03-04 03:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-15 13:50 - 2017-03-04 03:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-15 13:50 - 2017-03-04 03:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-03-15 13:50 - 2017-03-04 03:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-15 13:50 - 2017-03-04 03:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-03-15 13:50 - 2017-03-04 03:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-03-15 13:50 - 2017-03-04 02:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-15 13:50 - 2017-03-04 02:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-15 13:44 - 2017-03-04 04:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-15 13:44 - 2017-03-04 04:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-15 13:44 - 2017-03-04 04:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-15 13:44 - 2017-03-04 03:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-15 13:44 - 2017-03-04 03:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-15 13:44 - 2017-03-04 03:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-15 13:44 - 2017-03-04 03:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-03-15 13:44 - 2017-03-04 03:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-15 13:44 - 2017-03-04 03:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-15 13:44 - 2017-03-04 03:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-15 13:44 - 2017-03-04 03:28 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-15 13:44 - 2017-03-04 03:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-15 13:44 - 2017-03-04 03:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-15 13:44 - 2017-03-04 03:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-15 13:44 - 2017-03-04 03:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-15 13:44 - 2017-03-04 03:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-15 13:44 - 2017-03-04 03:23 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-15 13:44 - 2017-03-04 03:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-15 13:44 - 2017-03-04 03:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-03-15 13:44 - 2017-03-04 03:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-03-15 13:44 - 2017-03-04 03:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-15 13:44 - 2017-03-04 03:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-15 13:44 - 2017-03-04 03:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-15 13:44 - 2017-03-04 03:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-15 13:44 - 2017-03-04 03:06 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-15 13:43 - 2017-03-04 04:25 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-15 13:43 - 2017-03-04 04:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-15 13:43 - 2017-03-04 04:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-15 13:43 - 2017-03-04 04:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-15 13:43 - 2017-03-04 04:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-15 13:43 - 2017-03-04 04:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-15 13:43 - 2017-03-04 04:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-03-15 13:43 - 2017-03-04 04:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-15 13:43 - 2017-03-04 04:15 - 00404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-15 13:43 - 2017-03-04 04:09 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-15 13:43 - 2017-03-04 04:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-03-15 13:43 - 2017-03-04 04:09 - 00578392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-15 13:43 - 2017-03-04 04:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-03-15 13:43 - 2017-03-04 04:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-15 13:43 - 2017-03-04 04:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-15 13:43 - 2017-03-04 04:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-15 13:43 - 2017-03-04 04:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-15 13:43 - 2017-03-04 04:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-15 13:43 - 2017-03-04 04:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-15 13:43 - 2017-03-04 04:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-15 13:43 - 2017-03-04 03:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-15 13:43 - 2017-03-04 03:58 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-15 13:43 - 2017-03-04 03:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-15 13:43 - 2017-03-04 03:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-15 13:43 - 2017-03-04 03:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-15 13:43 - 2017-03-04 03:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-15 13:43 - 2017-03-04 03:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-03-15 13:43 - 2017-03-04 03:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-15 13:43 - 2017-03-04 03:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-15 13:43 - 2017-03-04 03:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-15 13:43 - 2017-03-04 03:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-15 13:43 - 2017-03-04 03:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-15 13:43 - 2017-03-04 03:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-15 13:43 - 2017-03-04 03:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-15 13:43 - 2017-03-04 03:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-15 13:43 - 2017-03-04 03:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-15 13:43 - 2017-03-04 03:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-15 13:43 - 2017-03-04 03:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-15 13:43 - 2017-03-04 03:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-15 13:43 - 2017-03-04 03:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-15 13:43 - 2017-03-04 03:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-15 13:43 - 2017-03-04 03:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-15 13:43 - 2017-03-04 03:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-15 13:43 - 2017-03-04 03:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-15 13:43 - 2017-03-04 03:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-15 13:43 - 2017-03-04 03:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-15 13:43 - 2017-03-04 03:28 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-15 13:43 - 2017-03-04 03:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-15 13:43 - 2017-03-04 03:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-15 13:43 - 2017-03-04 03:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-15 13:43 - 2017-03-04 03:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-15 13:43 - 2017-03-04 03:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-15 13:43 - 2017-03-04 03:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-15 13:43 - 2017-03-04 03:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-15 13:43 - 2017-03-04 03:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-15 13:43 - 2017-03-04 03:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-15 13:43 - 2017-03-04 03:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-15 13:43 - 2017-03-04 03:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-15 13:43 - 2017-03-04 03:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-15 13:43 - 2017-03-04 03:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 13:43 - 2017-03-04 03:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-15 13:43 - 2017-03-04 03:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-15 13:43 - 2017-03-04 03:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-15 13:43 - 2017-03-04 03:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-15 13:43 - 2017-03-04 03:23 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-15 13:43 - 2017-03-04 03:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-15 13:43 - 2017-03-04 03:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-15 13:43 - 2017-03-04 03:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-15 13:43 - 2017-03-04 03:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-15 13:43 - 2017-03-04 03:23 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-15 13:43 - 2017-03-04 03:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-15 13:43 - 2017-03-04 03:21 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-15 13:43 - 2017-03-04 03:20 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-15 13:43 - 2017-03-04 03:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-15 13:43 - 2017-03-04 03:19 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-15 13:43 - 2017-03-04 03:19 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-15 13:43 - 2017-03-04 03:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-15 13:43 - 2017-03-04 03:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-15 13:43 - 2017-03-04 03:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-03-15 13:43 - 2017-03-04 03:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-15 13:43 - 2017-03-04 03:16 - 03289088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-15 13:43 - 2017-03-04 03:16 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-15 13:43 - 2017-03-04 03:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-15 13:43 - 2017-03-04 03:15 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-15 13:43 - 2017-03-04 03:15 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-15 13:43 - 2017-03-04 03:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-15 13:43 - 2017-03-04 03:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-15 13:43 - 2017-03-04 03:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-03-15 13:43 - 2017-03-04 03:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-15 13:43 - 2017-03-04 03:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-15 13:43 - 2017-03-04 03:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-15 13:43 - 2017-03-04 03:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-15 13:43 - 2017-03-04 03:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-15 13:43 - 2017-03-04 03:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-15 13:43 - 2017-03-04 03:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-15 13:43 - 2017-03-04 03:10 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-15 13:43 - 2017-03-04 03:09 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-15 13:43 - 2017-03-04 03:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-15 13:43 - 2017-03-04 03:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-15 13:43 - 2017-03-04 03:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-03-15 13:43 - 2017-03-04 03:07 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-15 13:43 - 2017-03-04 03:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-15 13:43 - 2017-03-04 03:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-15 13:43 - 2017-03-04 03:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-15 13:43 - 2017-03-04 03:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-03-15 13:43 - 2017-03-04 03:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-15 13:43 - 2017-03-04 03:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-15 13:43 - 2017-03-04 03:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-15 13:43 - 2017-03-04 03:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-15 13:43 - 2017-03-04 03:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-15 13:43 - 2017-03-04 03:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-15 13:43 - 2017-03-04 03:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-15 13:43 - 2017-03-04 03:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-15 13:43 - 2017-03-04 03:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-15 13:43 - 2017-03-04 03:03 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-15 13:43 - 2017-02-21 23:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-15 13:43 - 2016-07-15 23:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-15 13:43 - 2016-07-15 23:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-15 13:43 - 2016-07-15 23:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-15 13:42 - 2017-03-04 04:26 - 00794416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-15 13:42 - 2017-03-04 04:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-15 13:42 - 2017-03-04 04:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-15 13:42 - 2017-03-04 04:21 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-15 13:42 - 2017-03-04 04:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-15 13:42 - 2017-03-04 04:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-15 13:42 - 2017-03-04 04:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-15 13:42 - 2017-03-04 04:07 - 00432992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-15 13:42 - 2017-03-04 04:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-15 13:42 - 2017-03-04 04:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-15 13:42 - 2017-03-04 04:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-15 13:42 - 2017-03-04 04:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-15 13:42 - 2017-03-04 04:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-15 13:42 - 2017-03-04 04:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-15 13:42 - 2017-03-04 04:03 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-15 13:42 - 2017-03-04 04:03 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-15 13:42 - 2017-03-04 04:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-15 13:42 - 2017-03-04 04:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-15 13:42 - 2017-03-04 03:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-15 13:42 - 2017-03-04 03:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-15 13:42 - 2017-03-04 03:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-15 13:42 - 2017-03-04 03:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-15 13:42 - 2017-03-04 03:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-15 13:42 - 2017-03-04 03:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-15 13:42 - 2017-03-04 03:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-15 13:42 - 2017-03-04 03:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-15 13:42 - 2017-03-04 03:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-15 13:42 - 2017-03-04 03:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-15 13:42 - 2017-03-04 03:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-15 13:42 - 2017-03-04 03:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-15 13:42 - 2017-03-04 03:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-15 13:42 - 2017-03-04 03:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-15 13:42 - 2017-03-04 03:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-15 13:42 - 2017-03-04 03:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-15 13:42 - 2017-03-04 03:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-15 13:42 - 2017-03-04 03:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-15 13:42 - 2017-03-04 03:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-15 13:42 - 2017-03-04 03:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-15 13:42 - 2017-03-04 03:26 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-15 13:42 - 2017-03-04 03:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-15 13:42 - 2017-03-04 03:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-15 13:42 - 2017-03-04 03:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-15 13:42 - 2017-03-04 03:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-15 13:42 - 2017-03-04 03:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-15 13:42 - 2017-03-04 03:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-15 13:42 - 2017-03-04 03:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-15 13:42 - 2017-03-04 03:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-15 13:42 - 2017-03-04 03:23 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-15 13:42 - 2017-03-04 03:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-03-15 13:42 - 2017-03-04 03:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-15 13:42 - 2017-03-04 03:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-15 13:42 - 2017-03-04 03:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-15 13:42 - 2017-03-04 03:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-15 13:42 - 2017-03-04 03:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-15 13:42 - 2017-03-04 03:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-15 13:42 - 2017-03-04 03:16 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-15 13:42 - 2017-03-04 03:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-15 13:42 - 2017-03-04 03:14 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-15 13:42 - 2017-03-04 03:13 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-15 13:42 - 2017-03-04 03:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-15 13:42 - 2017-03-04 03:13 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-15 13:42 - 2017-03-04 03:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-03-15 13:42 - 2017-03-04 03:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-15 13:42 - 2017-03-04 03:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-15 13:42 - 2017-03-04 03:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-15 13:42 - 2017-03-04 03:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-15 13:42 - 2017-03-04 03:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-15 13:42 - 2017-03-04 03:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-15 13:42 - 2017-03-04 03:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-15 13:42 - 2017-03-04 03:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-15 13:42 - 2017-03-04 03:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-15 13:42 - 2017-03-04 03:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-15 13:42 - 2017-03-04 03:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-15 13:42 - 2017-03-04 03:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-15 13:42 - 2017-03-04 03:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-15 13:42 - 2017-03-04 03:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-15 13:42 - 2017-03-04 03:07 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-15 13:42 - 2017-03-04 03:07 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-15 13:42 - 2017-03-04 03:06 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-15 13:42 - 2017-03-04 03:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-15 13:42 - 2017-03-04 03:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-03-15 13:42 - 2017-03-04 03:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-15 13:42 - 2017-03-04 03:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-15 13:41 - 2017-03-04 04:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-15 13:41 - 2017-03-04 04:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-15 13:41 - 2017-03-04 04:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-15 13:41 - 2017-03-04 04:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-15 13:41 - 2017-03-04 04:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-15 13:41 - 2017-03-04 04:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-15 13:41 - 2017-03-04 04:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-15 13:41 - 2017-03-04 04:03 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-15 13:41 - 2017-03-04 04:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-03-15 13:41 - 2017-03-04 04:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-15 13:41 - 2017-03-04 04:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-15 13:41 - 2017-03-04 03:37 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-15 13:41 - 2017-03-04 03:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-15 13:41 - 2017-03-04 03:31 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-15 13:41 - 2017-03-04 03:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-15 13:41 - 2017-03-04 03:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-15 13:41 - 2017-03-04 03:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-15 13:41 - 2017-03-04 03:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-03-15 13:41 - 2017-03-04 03:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-15 13:41 - 2017-03-04 03:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-15 13:41 - 2017-03-04 03:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-15 13:41 - 2017-03-04 03:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-03-15 13:41 - 2017-03-04 03:18 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-15 13:41 - 2017-03-04 03:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-15 13:41 - 2017-03-04 03:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-15 13:41 - 2017-03-04 03:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-15 13:41 - 2017-03-04 03:16 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-03-15 13:41 - 2017-03-04 03:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-15 13:41 - 2017-03-04 03:14 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-15 13:41 - 2017-03-04 03:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-03-15 13:41 - 2017-03-04 03:13 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-03-15 13:41 - 2017-03-04 03:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-15 13:41 - 2017-03-04 03:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-15 13:41 - 2017-03-04 03:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-15 13:41 - 2017-03-04 03:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-15 13:41 - 2017-03-04 03:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-15 13:41 - 2017-03-04 03:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-15 13:41 - 2017-03-04 03:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-03-15 13:41 - 2017-03-04 03:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-15 13:41 - 2017-03-04 03:07 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-15 13:41 - 2017-03-04 03:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-15 13:41 - 2017-03-04 03:06 - 02475008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-15 13:41 - 2017-03-04 03:06 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-15 13:40 - 2017-03-04 04:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-15 13:40 - 2017-03-04 04:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-15 13:40 - 2017-03-04 04:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-15 13:40 - 2017-03-04 04:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-15 13:40 - 2017-03-04 04:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-15 13:40 - 2017-03-04 04:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-15 13:40 - 2017-03-04 04:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-15 13:40 - 2017-03-04 04:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-15 13:40 - 2017-03-04 04:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-15 13:40 - 2017-03-04 04:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-15 13:40 - 2017-03-04 04:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-15 13:40 - 2017-03-04 04:07 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-03-15 13:40 - 2017-03-04 04:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-03-15 13:40 - 2017-03-04 04:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-03-15 13:40 - 2017-03-04 04:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-15 13:40 - 2017-03-04 04:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-15 13:40 - 2017-03-04 03:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-03-15 13:40 - 2017-03-04 03:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-15 13:40 - 2017-03-04 03:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-15 13:40 - 2017-03-04 03:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-15 13:40 - 2017-03-04 03:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-15 13:40 - 2017-03-04 03:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-15 13:40 - 2017-03-04 03:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-15 13:40 - 2017-03-04 03:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-15 13:40 - 2017-03-04 03:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-15 13:40 - 2017-03-04 03:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-15 13:40 - 2017-03-04 03:24 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-03-15 13:40 - 2017-03-04 03:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-03-15 13:40 - 2017-03-04 03:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-15 13:40 - 2017-03-04 03:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-15 13:40 - 2017-03-04 03:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-15 13:40 - 2017-03-04 03:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-03-15 13:40 - 2017-03-04 03:13 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-15 13:40 - 2017-03-04 03:12 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-15 13:40 - 2017-03-04 03:10 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-15 13:40 - 2017-03-04 03:06 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-15 13:39 - 2017-03-04 04:07 - 00557400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-15 13:39 - 2017-03-04 03:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-15 12:34 - 2017-03-15 12:34 - 00000000 ____D C:\WINDOWS\SysWOW64\{039BF47E-F1E7-419B-8C9A-699327AF603D}
2017-03-12 22:53 - 2017-03-12 23:03 - 00000251 _____ C:\Users\pc\SciTE.session
2017-03-12 22:49 - 2017-03-12 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
2017-03-12 00:11 - 2017-03-12 00:12 - 16543699 _____ C:\Users\pc\Documents\Untitled.mp4
2017-03-12 00:09 - 2017-03-12 00:09 - 00000030 _____ C:\Users\pc\Documents\Lerre.avi.sfl
2017-03-11 22:33 - 2017-03-12 00:09 - 00000000 ____D C:\Users\pc\AppData\Roaming\VEGAS
2017-03-11 22:33 - 2017-03-11 22:33 - 00000000 ____D C:\Users\Todos os Usuários\VEGAS Pro
2017-03-11 22:33 - 2017-03-11 22:33 - 00000000 ____D C:\Users\pc\AppData\Roaming\Publish Providers
2017-03-11 22:33 - 2017-03-11 22:33 - 00000000 ____D C:\ProgramData\VEGAS Pro
2017-03-11 22:32 - 2017-03-11 22:33 - 00000000 ____D C:\Users\pc\AppData\Roaming\MAGIX
2017-03-11 22:32 - 2017-03-11 22:33 - 00000000 ____D C:\Users\pc\AppData\Local\Sony
2017-03-11 22:32 - 2017-03-11 22:32 - 00000000 ____D C:\Users\Todos os Usuários\MAGIX
2017-03-11 22:32 - 2017-03-11 22:32 - 00000000 ____D C:\Users\pc\AppData\Roaming\VEGAS Pro
2017-03-11 22:32 - 2017-03-11 22:32 - 00000000 ____D C:\Users\pc\AppData\Local\VEGAS Pro
2017-03-11 22:32 - 2017-03-11 22:32 - 00000000 ____D C:\ProgramData\MAGIX
2017-03-11 22:28 - 2017-03-11 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2017-03-11 22:27 - 2017-03-11 22:27 - 00000000 ____D C:\Users\Todos os Usuários\VEGAS
2017-03-11 22:27 - 2017-03-11 22:27 - 00000000 ____D C:\Users\pc\AppData\Local\VEGAS
2017-03-11 22:27 - 2017-03-11 22:27 - 00000000 ____D C:\ProgramData\VEGAS
2017-03-11 22:27 - 2017-03-11 22:27 - 00000000 ____D C:\Program Files\VEGAS
2017-03-11 22:27 - 2017-03-11 22:27 - 00000000 ____D C:\Program Files (x86)\VEGAS
2017-03-11 22:24 - 2017-03-11 22:32 - 00000000 ____D C:\Users\pc\AppData\Roaming\Sony
2017-03-09 22:29 - 2017-03-09 22:29 - 00000000 ____D C:\WINDOWS\SysWOW64\{E3A2FDA6-67C5-45B5-90B9-8FDE7A6048FF}
2017-03-09 18:30 - 2017-03-15 12:36 - 00000000 _____ C:\WINDOWS\SysWOW64\4
2017-03-09 18:30 - 2017-03-15 12:36 - 00000000 _____ C:\WINDOWS\SysWOW64\3
2017-03-09 18:29 - 2017-03-09 18:29 - 00000000 ____D C:\WINDOWS\SysWOW64\{729898CA-504F-4B73-B9F1-5A1110EFCC20}
2017-03-09 18:09 - 2017-03-09 18:09 - 00202226 _____ C:\Users\pc\Desktop\BOLETO-IADES-Instituto-Americano-de-Desenvolvimento.pdf
2017-03-06 17:09 - 2017-03-06 17:09 - 00013501 _____ C:\Users\pc\Desktop\imprimir.pdf
2017-03-06 17:01 - 2017-03-06 17:01 - 00059094 _____ C:\Users\pc\Desktop\dodf_036_20ddffdf.pdf
2017-03-06 11:14 - 2017-03-06 11:15 - 00043344 _____ C:\Users\pc\Downloads\ComprovanteRendimento2016.pdf
2017-02-28 19:43 - 2017-02-28 19:43 - 00000707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst.lnk
2017-02-25 04:02 - 2017-02-25 04:02 - 00000000 ____D C:\WINDOWS\SysWOW64\{65A484D7-CC13-4352-ACF2-B29ED6341317}
2017-02-25 00:02 - 2017-02-25 00:02 - 00000000 ____D C:\WINDOWS\SysWOW64\{95EDEAED-6E9B-4ACD-8F9B-0C652E01D5DB}
2017-02-24 20:02 - 2017-02-24 20:02 - 00000000 ____D C:\WINDOWS\SysWOW64\{1700FC09-8DA6-4725-ADA0-37277F0981F3}
2017-02-24 16:53 - 2017-02-24 16:53 - 00273905 _____ C:\Users\pc\Desktop\boleto-colombo.pdf
2017-02-24 16:01 - 2017-02-24 16:01 - 00000000 ____D C:\WINDOWS\SysWOW64\{62035163-A3CA-4E49-B7A3-BB8959FA1358}
2017-02-23 09:09 - 2017-02-23 09:09 - 00000000 ____D C:\WINDOWS\SysWOW64\{CCC6CE8C-582F-4206-9FB8-529530C9A842}
2017-02-21 21:53 - 2017-02-21 21:53 - 00000000 ____D C:\WINDOWS\SysWOW64\{B1F95F6D-8C18-419D-AE63-2BEC3228FD0C}
2017-02-21 21:08 - 2017-02-21 21:08 - 00000000 ____D C:\WINDOWS\SysWOW64\{59D9EAEF-E655-44B1-9539-A424AD8487CA}
2017-02-21 15:41 - 2017-02-21 15:42 - 00000000 ____D C:\WINDOWS\SysWOW64\{C236E6DA-7E4A-4576-B0F0-7F46EF3F9DFB}
2017-02-21 15:13 - 2017-02-21 15:13 - 00000000 ____D C:\WINDOWS\SysWOW64\{CF184EBF-4C18-46C7-89D1-566BC6CE0972}
2017-02-21 14:55 - 2017-02-21 14:55 - 00000000 ____D C:\WINDOWS\SysWOW64\{768FCF8D-30DF-4FA0-BB7B-7F1C58471F99}
2017-02-21 14:44 - 2017-02-21 14:44 - 00000000 ____D C:\WINDOWS\SysWOW64\{389CF2BE-F627-4D7E-BB23-2F3D8946A404}
2017-02-21 14:35 - 2017-02-21 14:35 - 00000000 ____D C:\WINDOWS\SysWOW64\{03556E0A-FFE1-49B9-AAC8-6CE789DD5C7C}
2017-02-21 14:06 - 2017-05-14 11:21 - 00004176 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{46636675-5187-481C-A0E2-087DB0B88972}
2017-02-21 14:05 - 2017-02-21 14:05 - 00000000 ____D C:\WINDOWS\SysWOW64\{5E3CC8F2-87AF-462C-B68F-983DC0B2C581}
2017-02-21 13:54 - 2017-02-21 13:54 - 04015056 _____ C:\Users\pc\Downloads\adwcleaner_6.043.exe
2017-02-21 13:50 - 2017-02-21 13:50 - 00000378 _____ C:\WINDOWS\SysWOW64\data.bin
2017-02-21 13:50 - 2017-02-21 13:50 - 00000000 ____D C:\WINDOWS\SysWOW64\{54A140A0-5143-48FA-A552-476875FB5BCC}
2017-02-20 09:07 - 2017-02-20 09:07 - 00172636 _____ C:\Users\pc\Downloads\Placa_HIM4872.PDF
2017-02-18 13:57 - 2017-02-18 13:57 - 00316477 _____ C:\Users\pc\Desktop\743-3205-1-PB.pdf
2017-02-17 13:02 - 2017-02-17 13:02 - 00329113 _____ C:\Users\pc\Downloads\Criando_Modelos_de_Roupas_com_Retalhos___Marlene_Mukai.pdf
2017-02-13 23:07 - 2017-02-13 23:10 - 00000000 ____D C:\Users\TEMP\AppData\Local\ConnectedDevicesPlatform
2017-02-13 23:07 - 2017-02-13 23:10 - 00000000 ____D C:\Users\TEMP
2017-02-13 14:39 - 2017-02-13 14:39 - 00000000 ____D C:\WINDOWS\pss

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-05-14 11:22 - 2016-07-31 13:39 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2017-05-14 11:18 - 2016-07-22 10:07 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2017-05-14 11:18 - 2016-07-22 10:07 - 00000000 ____D C:\ProgramData\GbPlugin
2017-05-14 11:18 - 2015-11-18 11:39 - 00000000 __SHD C:\Users\pc\IntelGraphicsProfiles
2017-05-14 02:42 - 2016-11-11 12:55 - 00000000 ____D C:\Users\pc
2017-05-14 02:28 - 2016-08-29 12:42 - 00000000 ____D C:\Users\pc\AppData\Roaming\Skype
2017-05-13 20:30 - 2016-12-02 13:02 - 00000000 ____D C:\Users\pc\AppData\Roaming\.minecraft
2017-05-13 20:08 - 2016-11-11 12:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-13 19:56 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-13 18:47 - 2016-12-02 12:58 - 00000000 ____D C:\Users\pc\Desktop\gg
2017-05-13 11:30 - 2016-06-30 13:07 - 00000000 ____D C:\Users\pc\AppData\Local\ElevatedDiagnostics
2017-05-12 20:24 - 2016-12-05 11:00 - 00028376 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2017-05-12 20:11 - 2017-01-25 13:35 - 00000000 ____D C:\AdwCleaner
2017-05-12 20:09 - 2016-07-16 08:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-12 20:04 - 2016-11-11 13:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-12 20:04 - 2016-07-22 10:07 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2017-05-12 20:03 - 2016-07-16 03:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-05-12 19:59 - 2017-01-26 21:01 - 00000008 __RSH C:\Users\pc\ntuser.pol
2017-05-12 19:59 - 2017-01-26 20:39 - 00000008 __RSH C:\Users\Todos os Usuários\ntuser.pol
2017-05-12 19:59 - 2017-01-26 20:39 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-05-11 19:33 - 2016-08-01 18:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-11 19:30 - 2016-08-01 18:53 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-06 21:42 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-05 13:15 - 2016-07-16 08:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-05 13:10 - 2015-11-18 11:39 - 00000000 ____D C:\Users\pc\AppData\Local\Packages
2017-05-05 13:07 - 2016-11-11 13:10 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-01 10:16 - 2016-07-16 08:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-01 10:02 - 2015-11-18 10:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-01 10:01 - 2015-08-15 05:51 - 00000000 ____D C:\Program Files (x86)\Evernote
2017-04-30 10:11 - 2016-11-18 18:43 - 00000000 ____D C:\Users\pc\AppData\LocalLow\Mozilla
2017-04-29 19:12 - 2017-01-11 01:36 - 00000000 ____D C:\Users\pc\AppData\Roaming\discord
2017-04-28 22:59 - 2016-12-01 11:43 - 00000000 ____D C:\Users\pc\AppData\Roaming\uTorrent
2017-04-28 21:59 - 2016-07-16 08:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-28 21:59 - 2016-07-16 08:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 19:52 - 2017-02-10 20:28 - 00558632 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-04-27 19:26 - 2015-11-18 11:49 - 00002297 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-21 22:12 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\rescache
2017-04-14 19:11 - 2016-07-16 20:04 - 00519892 _____ C:\WINDOWS\system32\prfh0416.dat
2017-04-14 19:11 - 2016-07-16 20:04 - 00163610 _____ C:\WINDOWS\system32\prfc0416.dat
2017-04-14 19:11 - 2015-08-15 05:39 - 01805632 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-14 19:10 - 2016-07-31 13:20 - 00002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-04-14 18:56 - 2016-10-23 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-14 18:56 - 2015-11-18 11:47 - 00000000 ____D C:\Program Files (x86)\Google
2017-04-14 11:27 - 2015-11-18 10:33 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-14 11:07 - 2016-11-06 18:04 - 00000000 ____D C:\Program Files\McAfee
2017-04-14 11:07 - 2016-11-06 18:01 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-04-14 11:07 - 2015-11-18 10:53 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2017-04-14 11:07 - 2015-11-18 10:53 - 00000000 ____D C:\ProgramData\McAfee
2017-04-14 11:06 - 2016-11-11 12:46 - 00350304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-14 00:08 - 2016-07-16 08:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-14 00:08 - 2016-07-16 08:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-14 00:08 - 2016-07-16 08:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-14 00:08 - 2016-07-16 08:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-14 00:08 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-04-14 00:08 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-14 00:08 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-14 00:08 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-14 00:08 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-14 00:08 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-14 00:08 - 2016-07-16 08:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-14 00:08 - 2016-07-16 03:04 - 00000000 ____D C:\WINDOWS\system32\Dism

==================== Arquivos na raiz de alguns diretórios =======

2017-01-17 18:34 - 2017-03-11 22:54 - 0000132 _____ () C:\Users\pc\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2015-11-18 11:41 - 2017-01-25 11:20 - 0000165 _____ () C:\Users\pc\AppData\Roaming\sp_data.sys
2017-01-18 04:23 - 2017-01-18 04:43 - 0001456 _____ () C:\Users\pc\AppData\Local\Adobe Salvar para Web 13.0 Prefs
2016-11-08 23:57 - 2016-11-08 23:57 - 0000003 _____ () C:\Users\pc\AppData\Local\updater.log
2016-11-08 23:57 - 2016-11-08 23:57 - 0000424 _____ () C:\Users\pc\AppData\Local\UserProducts.xml
2016-11-11 12:50 - 2016-11-11 12:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Alguns arquivos em TEMP:
====================
2017-04-28 14:08 - 2017-04-28 15:44 - 0388608 _____ (Trend Micro Inc.) C:\Users\pc\AppData\Local\Temp\hijackthis.exe
2017-04-28 14:08 - 2017-04-28 15:44 - 0030720 _____ (NirSoft) C:\Users\pc\AppData\Local\Temp\NirCmd.exe
2017-04-28 14:08 - 2017-04-28 15:44 - 0154232 _____ (Noël Danjou) C:\Users\pc\AppData\Local\Temp\wget.exe

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2017-05-05 13:30

==================== Fim de FRST.txt ============================

 

Addition.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @iZehel

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o arquivo (fixlist.txt) no anexo deste post e salve-o na Área de Trabalho (Desktop).

Execute o FRST.exe (ou FRST64.exe) e clique no botão Corrigir.

Aguarde... ao final será gerado o log Fixlog.txt  salvo em sua Área de Trabalho (Desktop).

Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

fixlist.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano  MEU DEUS, PIOROU TUDO DE UMA FORMA ABSURDA
Vamos começar: O frst terminou e pediu pra reiniciar, ok, reiniciei e ja era, instalou CASAS BAHIA aqui, o pc(notebook) ficou 500 vezes mais lerdo e instalou de novo outro chrome e firefox(detalhe, até agora isso nao havia ocorrido novamente), então o antivirus estava também desativado, e tinha muitos processos estranhos no gerenciador de tarefas, pelo menos uns 5 processos do cmd e conhost abrindo e fechando, mas como você disse pra eu n fazer nada, deixei la... Fechei apenas um que estava com o nome em japonês ou algo do tipo pois provavelmente era ele que tava instalando tudo, eu só sei que assim que entrei na conta estava casas bahia e americanas instalado, além de links falsos pro chrome e um outro chrome.
Prints: http://prntscr.com/f922dv
http://prntscr.com/f922qg
http://prntscr.com/f92316
http://prntscr.com/f923kh
Me ajuda, pelo amor de Deus, estou cansado desta porcaria atrapalhando tudo em meu notebook, deixou extremamente lento meu chrome
Segue o log:
 

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 14-05-2017
Executado por pc (17-05-2017 18:24:18) Run:11
Executando a partir de C:\Users\pc\Desktop
Perfis Carregados: pc (Perfis Disponíveis: pc)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-4159765478-414766487-3359474227-1001\...\MountPoints2: {3321861b-b90b-11e6-9be2-f832e48e987c} - "G:\setup.exe" 
ShellExecuteHooks: Sem Nome - {B6DE7B40-DE3F-11E6-BEE0-64006A5CFC23} -  -> Nenhum Arquivo
CHR DefaultProfile: Profile 2
CHR StartupUrls: Profile 2 -> "hxxp://www.google.com/","hxxp://www.youtube.com/","hxxp://animazone.com.br/animes-legendados/fairy-tail-episodios/","hxxps://www.facebook.com/","hxxp://www.lolcounter.com/champ/masteryi","hxxp://www.startpageing123.com/?type=hp&ts=1489094989&z=8c9735d559a6f9db7771e07gcz9bdt5eft3z1t5qbq&from=pr0302&uid=ST1000LM024XHN-M101MBB_S33AJ5AG804342"
HKU\.DEFAULT\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Cuptony\Application\chrome.exe <==== ATENÇÃO
HKU\S-1-5-18\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Cuptony\Application\chrome.exe <==== ATENÇÃO
S2 AlltieSU; "C:\Users\pc\AppData\Local\Temp\hp7BF.tmp\BaofengUpdate_U.exe" /i [X] <==== ATENÇÃO
S2 EvernessSU; "C:\Users\pc\AppData\Local\Temp\hp4D2E.tmp\zaichti.exe" -r [X] <==== ATENÇÃO
S2 Gherfwardervtain; C:\Program Files (x86)\Qobatheranogech\mpwhost.dll [X]
File: C:\Users\pc\AppData\Local\Temp\hp7BF.tmp\BaofengUpdate_U.exe
File: C:\Users\pc\AppData\Local\Temp\hp4D2E.tmp\zaichti.exe
File: C:\Program Files (x86)\Qobatheranogech\mpwhost.dll
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [X]
S2 TrueKey; "C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe" [X]
S2 TrueKeyScheduler; "C:\Program Files\TrueKey\McTkSchedulerService.exe" [X]
S2 TrueKeyServiceHelper; "C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe" [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
2016-11-11 12:50 - 2016-11-11 12:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-04-28 14:08 - 2017-04-28 15:44 - 0388608 _____ (Trend Micro Inc.) C:\Users\pc\AppData\Local\Temp\hijackthis.exe
2017-04-28 14:08 - 2017-04-28 15:44 - 0030720 _____ (NirSoft) C:\Users\pc\AppData\Local\Temp\NirCmd.exe
2017-04-28 14:08 - 2017-04-28 15:44 - 0154232 _____ (Noël Danjou) C:\Users\pc\AppData\Local\Temp\wget.exe
Task: {CDA378C4-AEE7-43A1-B47F-4D864D713AC2} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Nenhum Arquivo <==== ATENÇÃO
Task: {837C698C-ADD7-4B32-8615-18D9A2E023A3} - System32\Tasks\Shoterkeerck Reports => C:\Program Files (x86)\Qobatheranogech\prerwther.exe
File: C:\Program Files (x86)\Qobatheranogech\prerwther.exe
Folder: C:\Program Files (x86)\Qobatheranogech
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Geovane - Chrome.lnk -> C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e ()
Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\87a9223e6cccf5db\Geovane - Chrome.lnk -> C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\87a9223e6cccf5db ()
CMD: ipconfig /flushdns
EmptyTemp:

*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
HKU\S-1-5-21-4159765478-414766487-3359474227-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3321861b-b90b-11e6-9be2-f832e48e987c} => chave removido (a) com sucesso.
HKCR\CLSID\{3321861b-b90b-11e6-9be2-f832e48e987c} => chave não encontrado (a). 
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B6DE7B40-DE3F-11E6-BEE0-64006A5CFC23} => valor removido (a) com sucesso.
HKCR\CLSID\{B6DE7B40-DE3F-11E6-BEE0-64006A5CFC23} => chave não encontrado (a). 
CHR DefaultProfile: Profile 2 => Erro: Nenhuma correção automática foi encontrada para esta entrada.
Chrome StartupUrls => removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Clients\StartMenuInternet\ChromeHTML => chave removido (a) com sucesso.
HKU\S-1-5-18\SOFTWARE\Clients\StartMenuInternet\ChromeHTML => chave não encontrado (a). 
HKLM\System\CurrentControlSet\Services\AlltieSU => chave removido (a) com sucesso.
AlltieSU => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\EvernessSU => chave removido (a) com sucesso.
EvernessSU => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\Gherfwardervtain => chave removido (a) com sucesso.
Gherfwardervtain => serviço removido (a) com sucesso.

========================= File: C:\Users\pc\AppData\Local\Temp\hp7BF.tmp\BaofengUpdate_U.exe ========================

"C:\Users\pc\AppData\Local\Temp\hp7BF.tmp\BaofengUpdate_U.exe" => não encontrado (a).
====== Fim de File: ======


========================= File: C:\Users\pc\AppData\Local\Temp\hp4D2E.tmp\zaichti.exe ========================

"C:\Users\pc\AppData\Local\Temp\hp4D2E.tmp\zaichti.exe" => não encontrado (a).
====== Fim de File: ======


========================= File: C:\Program Files (x86)\Qobatheranogech\mpwhost.dll ========================

"C:\Program Files (x86)\Qobatheranogech\mpwhost.dll" => não encontrado (a).
====== Fim de File: ======

HKLM\System\CurrentControlSet\Services\InstallerService => chave removido (a) com sucesso.
InstallerService => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\Kingsoft_WPS_UpdateService => chave removido (a) com sucesso.
Kingsoft_WPS_UpdateService => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\TrueKey => chave removido (a) com sucesso.
TrueKey => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\TrueKeyScheduler => chave removido (a) com sucesso.
TrueKeyScheduler => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\TrueKeyServiceHelper => chave removido (a) com sucesso.
TrueKeyServiceHelper => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\gbpddreg => chave removido (a) com sucesso.
gbpddreg => serviço removido (a) com sucesso.
C:\ProgramData\DP45977C.lfl => movido com sucesso
C:\Users\pc\AppData\Local\Temp\hijackthis.exe => movido com sucesso
C:\Users\pc\AppData\Local\Temp\NirCmd.exe => movido com sucesso
C:\Users\pc\AppData\Local\Temp\wget.exe => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CDA378C4-AEE7-43A1-B47F-4D864D713AC2} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDA378C4-AEE7-43A1-B47F-4D864D713AC2} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{837C698C-ADD7-4B32-8615-18D9A2E023A3} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{837C698C-ADD7-4B32-8615-18D9A2E023A3} => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Shoterkeerck Reports => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Shoterkeerck Reports => chave removido (a) com sucesso.

========================= File: C:\Program Files (x86)\Qobatheranogech\prerwther.exe ========================

"C:\Program Files (x86)\Qobatheranogech\prerwther.exe" => não encontrado (a).
====== Fim de File: ======


========================= Folder: C:\Program Files (x86)\Qobatheranogech ========================

não encontrado (a).

====== Fim de Folder: ======

C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Geovane - Chrome.lnk => movido com sucesso
C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\87a9223e6cccf5db\Geovane - Chrome.lnk => movido com sucesso

========= ipconfig /flushdns =========


Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 185876811 B
Java, Flash, Steam htmlcache => 7649848 B
Windows/system/drivers => 111967581 B
Edge => 127637455 B
Chrome => 632874172 B
Firefox => 383611991 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 17502 B
LocalService => 0 B
NetworkService => 85910 B
pc => 148296921 B

RecycleBin => 66019564 B
EmptyTemp: => 1.5 GB de dados temporários Removidos.

================================


O sistema precisou ser reiniciado.

==== Fim de Fixlog 18:28:46 ====

 

Fixlog.txt
Edit: a internet ficou EXTREMAMENTE LENTA se comparada com anteriormente, além de travar o chrome por abrir UMA aba

Editado por iZehel

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @iZehel

 

Ok, mas te garanto que o fix do FRST, passado por mim, não te nada a ver. ;)

 

Baixe a Malwarebytes Anti-Malware (MBAM).
 
Clique duas vezes no mbam-setup.exe para instalar o programa.

  • Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO.
  • Se houver atualizações a serem feitas, serão baixadas e instaladas..
  • Clique em Configurações, clique em Detecção e proteção, marque Verificar por Rootkits.
  • Volte ao Painel e por fim clique em Verificar agora.
  • Começará então o exame. Aguarde, pois pode demorar.
  • Ao acabar o exame, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Histórico -> Registros do aplicativo na janela principal do programa.
  • Clique duas vezes no log (Registro de verificação). Utilize o formato .txt para exportar o log.
  • O log de Proteção é desnecessário para a análise, exporte sempre o log correto.
  • Selecione, copie e cole o conteúdo deste log em sua próxima resposta.

 

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano Tô quase desistindo já, parece que quanto mais tenta remover o vírus, pior fica, bom, o malwarebytes tinha encontrado cerca de 9700 ameaças, ficou excluindo por um bom tempo e depois reiniciei o computador, mas estava ainda mais lento, detalhe que agora o malwarebytes não abre:
http://prntscr.com/fa40ot
Não consegui achar o log procurando nas pastas, perdão

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @iZehel

 

Nossa, 9700! :o

 

Não é a nossa intenção aqui, mas estou achando que a formatação e a reinstalação do Windows talvez seja a melhor opção.

 

Porém faça um backup dos seus dados antes.

 

A não ser que queira continuar, por mim, você quem sabe. ;)

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Pretendo continuar, pois o windows é original, não sei se eu formatá-lo eu perco esse windows original, além de que tem uns arquivos importantes da minha vó/mãe aqui (zzz fica vendo site de costura da nisso ae), se tiver como resolver sem formatar, peço a ajuda ashuas, se não, fazer o que ne

Citação


 

Editado por iZehel

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @iZehel

 

Se você levar para algum técnico honesto ele irá formatar e reinstalar seu Windows com a chave original, ou seja, você não perde o sistema para um pirata.

 

De qualquer forma sempre mantenha um backup atualizado. ;)

 

Atualize o MalwareBytes, faça um novo scan e poste o log.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Dessa vez eu consegui, tive que desinstalar o malwarebytes e instalar de novo. Detectou apenas 10 ameaças, parece ter excluído aquelas 9700, mas ainda posso perceber que o notebook está um pouco mais lento.
 

relatorio.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @iZehel

 

Com tantos malwares assim, não é de se espantar que seu sistema fique lento, mesmo depois de removê-los.

 

Vamos continuar e tentar melhorar isso... ;)

 

Faça um novo log com o FRST, porém antes de clicar no botão Examinar, marque a opção Addition.

 

Anexe os logs, por favor.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @iZehel

 

Pela ordem...

 

Etapa 1

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o arquivo (fixlist.txt) no anexo deste post e salve-o na Área de Trabalho (Desktop).

Execute o FRST.exe (ou FRST64.exe) e clique no botão Corrigir.

Aguarde... ao final será gerado o log Fixlog.txt  salvo em sua Área de Trabalho (Desktop).

Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Etapa 2

 

Baixe e execute (como administrador) a ferramenta abaixo:

 

https://www.bleepingcomputer.com/download/chrome-cleanup-tool/

 

Etapa 3

 

Baixe e execute (como administrador) a ferramenta abaixo:

 

https://www.avast.com/pt-br/browser-cleanup

 

Abraços :D

fixlist.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano
Perdão pela demora para responder, mas fiz os processos. Há alguns dias o computador parece estar mais normalizado
Segue o log:

 

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 05-06-2017
Executado por pc (07-06-2017 06:16:54) Run:12
Executando a partir de C:\Users\pc\Desktop
Perfis Carregados: pc (Perfis Disponíveis: pc)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
CHR DefaultProfile: Profile 2
CHR StartupUrls: Profile 2 -> "hxxp://www.google.com/","hxxp://www.youtube.com/","hxxp://animazone.com.br/animes-legendados/fairy-tail-episodios/","hxxps://www.facebook.com/","hxxp://www.lolcounter.com/champ/masteryi","hxxp://www.startpageing123.com/?type=hp&ts=1489094989&z=8c9735d559a6f9db7771e07gcz9bdt5eft3z1t5qbq&from=pr0302&uid=ST1000LM024XHN-M101MBB_S33AJ5AG804342"
CHR Session Restore: Profile 2 -> está habilitado.
HKU\S-1-5-21-4159765478-414766487-3359474227-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Hotleaf\Application\chrome.exe <==== ATENÇÃO
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S3 MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [X]
Hosts:
Reboot:

*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
CHR DefaultProfile: Profile 2 => Erro: Nenhuma correção automática foi encontrada para esta entrada.
Chrome StartupUrls => removido (a) com sucesso.
Chrome Session Restore: => não encontrado (a).
HKU\S-1-5-21-4159765478-414766487-3359474227-1001\SOFTWARE\Clients\StartMenuInternet\ChromeHTML => chave removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\gbpddreg => chave removido (a) com sucesso.
gbpddreg => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\MBAMProtection => chave removido (a) com sucesso.
MBAMProtection => serviço removido (a) com sucesso.
C:\Windows\System32\Drivers\etc\hosts => movido com sucesso
Hosts restaurado com sucesso.


O sistema precisou ser reiniciado.

==== Fim de Fixlog 06:17:59 ====
 

Fixlog.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

@diego_moicano

Mais uma vez, me desculpe pela demora para responder.


Como anteriormente, o ZA-Scan continua sem funcionar, mesmo que eu tenha deixado ele aberto por toda a noite e madrugada. Porém, não tive mais problemas com relação ao chrome fechando do nada, então estou mais tranquilo.
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @iZehel

 

Ok amigo, que bom... vamos prosseguir para o fim! ;)

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Stinger e salve em sua Área de trabalho (Desktop).
32 bit (x86) ou 64 bit (x64)

  • Execute o arquivo Stinger.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Clique no botão “I Accept”


Stinger%20a.png

Na nova janela clique em “Advanced” e depois “Settings”

Stinger%20b.png

Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

9hnsyu.png

Clique em “Customize my Scan”

Stinger%20f.png

Selecione as unidades do sistema e em seguida clique no botão “Scan”

Stinger%20g.png

Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.
Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu ao tópico por mais de 10 dias, o mesmo foi arquivado. Caso você seja o autor do tópico e quer que o mesmo seja reaberto, entre em contato com um Analista de Segurança ou Coordenador solicitando o desbloqueio.

 

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×