Ir ao conteúdo
  • Cadastre-se
Rafael Kubaski

não consigo remover um trojan

Recommended Posts

@Rafael Kubaski

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito.
  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Ao invés de criar um novo tópico, peço que você continue com este e faça uma resposta anexando o log do ZA-Scan, de acordo com essas instruções:

http://forum.clubedohardware.com.br/topic/1105783-como-criar-seu-t%C3%B3pico/

 

 

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites
Em 2017-5-30 às 14:36, Rafael Kubaski disse:

Já tentei todos os programas possíveis, 

 

Quais?

 

Baixe o RogueKiller e salve em sua Área de Trabalho (Desktop).
http://www.adlice.com/download/roguekiller/#download

Execute o arquivo RogueKiller.exe.

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique na aba Scan, depois Start Scan. Aguarde o exame finalizar.
  • Clique no botão Open Report, e seguida em Open TXT
  • Abrirá um bloco de notas com informações.
  • Copie e cole o conteúdo desse arquivo em sua próxima resposta.

OBS: não use o botão Remove Selected pois precisamos primeiro avaliar os itens encontrados.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite, utilizei malwarebytes, adwcleaner, ccleaner, zoesk, entre outros..

 

segue o conteúdo do bloco de notas:

 

RogueKiller V12.11.1.0 (x64) [Jun  4 2017] (Free) por Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Site : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Sistema Operacional : Windows 10 (10.0.15063) 64 bits version
Iniciou : Modo normal
Usuário : ALK [Administrador]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Modo : Escanear -- Data : 06/05/2017 23:52:24 (Duration : 00:40:16)

¤¤¤ Processos : 0 ¤¤¤

¤¤¤ Registro : 2 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-906007581-1094903313-3760833696-1001\Software\Microsoft\Internet Explorer\Main | Start Page : about:Tabs  -> Encontrado
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-906007581-1094903313-3760833696-1001\Software\Microsoft\Internet Explorer\Main | Start Page : about:Tabs  -> Encontrado

¤¤¤ Tarefas : 0 ¤¤¤

¤¤¤ Arquivos : 3 ¤¤¤
[PUP.DownloadAssistant][Pasta] C:\Users\all_f\AppData\Roaming\DVDVideoSoft -> Encontrado
[Tr.Gen0][Arquivo] C:\Users\all_f\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe -> Encontrado
[Tr.Gen0][Arquivo] C:\Users\all_f\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe -> Encontrado

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Arquivos de hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤

¤¤¤ Navegadores : 0 ¤¤¤

¤¤¤ Verificação da MBR : ¤¤¤
+++++ PhysicalDrive0: ST500LT0 ST500LT012-9WS1 +++++
--- User ---
[MBR] 1f295dd4a39aeebd55442a9bce908635
[BSP] c7e1e984c1f70cfe7c63967f525f9a92 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 376441 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 770953216 | Size: 491 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 771960832 | Size: 100000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! NOT VALID!

+++++ PhysicalDrive1: MZMPC032 MZMPC032HBCD-00 +++++
--- User ---
[MBR] 41faece0d52db66ea5a113702e56dd21
[BSP] b09df01bd82db99f473fec953fa76eae : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2048 | Size: 32 MB
1 - Basic data partition | Offset (sectors): 67584 | Size: 8176 MB
User = LL1 ... OK
Error reading LL2 MBR! NOT VALID!

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Rafael Kubaski

 

Baixe o 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR)

Extraia o arquivos para sua área de trabalho

  • Acesse a pasta mbar e execute o arquivo mbar.exe
  • Clique no botão Next, depois em Update,
  • Clique novamente em Next, e em seguida em Scan.
  • Ao final, Não clique no Cleanup, basta apenas sair do programa.
  • Anexe os logs mbar-log.txt e system-log.txt , localizado na pasta mbar

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Rafael Kubaski

 

Faça o download Zemana AntiMalware do seguinte local e salve-o em sua área de trabalho:
https://www.bleepingcomputer.com/download/zemana-antimalware/
1
Uma vez baixado, feche todos os programas e janelas abertas no seu computador.

2
 

Agora clique duas vezes no ícone na área de trabalho Zemana.AntiMalware.Setup.exe
Isto irá iniciar a instalação do Zemana AntiMalware em seu computador.

3
 

Quando a instalação começar, continue seguindo as instruções, a fim de continuar com o processo de instalação. Não faça quaisquer alterações nas configurações padrão e quando o programa estiver instalado, Zemana irá iniciar e exibir a tela principal automaticamente.

4
 Clique no botão SCAN
5
 Zemana AntiMalware vai agora começar a varredura de malware no computador. Este processo pode demorar um pouco, por isso sugerimos que você fazer outra coisa e verificar periodicamente sobre o estado da verificação para ver quando ele for concluído.
6
 

Quando Zemana terminar o scan ele irá exibir uma tela com os malwareres que foram detectados. Por favor, note que as infecções encontradas pode ser diferente do que é mostrado na imagem abaixo.

Resultados da verificação Zemana Anti-Malware

Verifique os resultados da verificação e, quando estiver pronto para continuar com o processo de limpeza, clique no seguinte botão para eliminar ou reparar todos os resultados selecionados. Depois de clicar no botão Avançar, Zemana irá remover quaisquer arquivos indesejados e corrigir quaisquer arquivos legítimos modificados. Se você receber um aviso de que Zemana precisa fechar seus browsers abertos, por favor, feche todos os navegadores da web que podem ser abertos e, em seguida, clique no OK botão para continuar.

Zemana agora irá criar um ponto de restauração e remover os arquivos detectados e reparar quaisquer arquivos que foram modificados.

Poste o resultado no seu proximo post.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Turco Segue o resultado.

 

Zemana AntiMalware 2.72.179.388 (instalado)

-------------------------------------------------------
Scan Result            : Concluído
Scan Date              : 2017/6/8
Operating System       : Windows 10 64-bit
Processor              : 4X Intel(R) Core(TM) i7-3537U CPU @ 2.00GHz
BIOS Mode              : Legacy
CUID                   : 126D72D79CCFF7CF78903A
Scan Type              : Análise do Sistema
Duration               : 18m 29s
Scanned Objects        : 154084
Detected Objects       : 14
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Activado
Detect All Extensions  : Desactivado
Scan Documents         : Desactivado
Domain Info            : KUBANET,0,2

Detected Objects
-------------------------------------------------------

Chrome Shortcut
Status             : Analisados
Object             : --profile-directory="Profile 3"
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Configuração do navegador suspeito
Cleaning Action    : Reparar
Related Objects    :
                Configuração do navegador - Chrome Shortcut

svchost.exe
Status             : Analisados
Object             : %systemroot%\syswow64\svchost.exe
MD5                : 6BDB3091562E7DD2C877472286B6CC46
Publisher          : Microsoft Windows Publisher
Size               : 40904
Version            : 10.0.15063.0
Detection          : Processo modificado
Cleaning Action    : Reparar
Related Objects    :
                Processo - 7040 - C:\Windows\SysWOW64\svchost.exe
                Arquivo - %systemroot%\syswow64\svchost.exe

svchost.exe
Status             : Analisados
Object             : %systemroot%\syswow64\svchost.exe
MD5                : 6BDB3091562E7DD2C877472286B6CC46
Publisher          : Microsoft Windows Publisher
Size               : 40904
Version            : 10.0.15063.0
Detection          : Processo modificado
Cleaning Action    : Reparar
Related Objects    :
                Processo - 4476 - C:\Windows\SysWOW64\svchost.exe
                Arquivo - %systemroot%\syswow64\svchost.exe

svchost.exe
Status             : Analisados
Object             : %systemroot%\syswow64\svchost.exe
MD5                : 6BDB3091562E7DD2C877472286B6CC46
Publisher          : Microsoft Windows Publisher
Size               : 40904
Version            : 10.0.15063.0
Detection          : Processo modificado
Cleaning Action    : Reparar
Related Objects    :
                Processo - 5708 - C:\Windows\SysWOW64\svchost.exe
                Arquivo - %systemroot%\syswow64\svchost.exe

svchost.exe
Status             : Analisados
Object             : %systemroot%\syswow64\svchost.exe
MD5                : 6BDB3091562E7DD2C877472286B6CC46
Publisher          : Microsoft Windows Publisher
Size               : 40904
Version            : 10.0.15063.0
Detection          : Processo modificado
Cleaning Action    : Reparar
Related Objects    :
                Processo - 6024 - C:\Windows\SysWOW64\svchost.exe
                Arquivo - %systemroot%\syswow64\svchost.exe

svchost.exe
Status             : Analisados
Object             : %systemroot%\syswow64\svchost.exe
MD5                : 6BDB3091562E7DD2C877472286B6CC46
Publisher          : Microsoft Windows Publisher
Size               : 40904
Version            : 10.0.15063.0
Detection          : Processo modificado
Cleaning Action    : Reparar
Related Objects    :
                Processo - 7700 - C:\Windows\SysWOW64\svchost.exe
                Arquivo - %systemroot%\syswow64\svchost.exe

svchost.exe
Status             : Analisados
Object             : %systemroot%\syswow64\svchost.exe
MD5                : 6BDB3091562E7DD2C877472286B6CC46
Publisher          : Microsoft Windows Publisher
Size               : 40904
Version            : 10.0.15063.0
Detection          : Processo modificado
Cleaning Action    : Reparar
Related Objects    :
                Processo - 5984 - C:\Windows\SysWOW64\svchost.exe
                Arquivo - %systemroot%\syswow64\svchost.exe

svchost.exe
Status             : Analisados
Object             : %systemroot%\syswow64\svchost.exe
MD5                : 6BDB3091562E7DD2C877472286B6CC46
Publisher          : Microsoft Windows Publisher
Size               : 40904
Version            : 10.0.15063.0
Detection          : Processo modificado
Cleaning Action    : Reparar
Related Objects    :
                Processo - 8264 - C:\Windows\SysWOW64\svchost.exe
                Arquivo - %systemroot%\syswow64\svchost.exe

svchost.exe
Status             : Analisados
Object             : %systemroot%\syswow64\svchost.exe
MD5                : 6BDB3091562E7DD2C877472286B6CC46
Publisher          : Microsoft Windows Publisher
Size               : 40904
Version            : 10.0.15063.0
Detection          : Processo modificado
Cleaning Action    : Reparar
Related Objects    :
                Processo - 5428 - C:\Windows\SysWOW64\svchost.exe
                Arquivo - %systemroot%\syswow64\svchost.exe

svchost.exe
Status             : Analisados
Object             : %systemroot%\syswow64\svchost.exe
MD5                : 6BDB3091562E7DD2C877472286B6CC46
Publisher          : Microsoft Windows Publisher
Size               : 40904
Version            : 10.0.15063.0
Detection          : Processo modificado
Cleaning Action    : Reparar
Related Objects    :
                Processo - 7844 - C:\Windows\SysWOW64\svchost.exe
                Arquivo - %systemroot%\syswow64\svchost.exe

svchost.exe
Status             : Analisados
Object             : %systemroot%\syswow64\svchost.exe
MD5                : 6BDB3091562E7DD2C877472286B6CC46
Publisher          : Microsoft Windows Publisher
Size               : 40904
Version            : 10.0.15063.0
Detection          : Processo modificado
Cleaning Action    : Reparar
Related Objects    :
                Processo - 6632 - C:\Windows\SysWOW64\svchost.exe
                Arquivo - %systemroot%\syswow64\svchost.exe

userinit.exe
Status             : Analisados
Object             : %systemroot%\syswow64\userinit.exe
MD5                : 61E7F56A1C00894FCB212F25BB52EE68
Publisher          : Microsoft Windows
Size               : 27136
Version            : 10.0.15063.0
Detection          : Processo modificado
Cleaning Action    : Reparar
Related Objects    :
                Processo - 4724 - C:\Windows\SysWOW64\userinit.exe
                Arquivo - %systemroot%\syswow64\userinit.exe

Trojan:Win32/Poweliks
Status             : Analisados
Object             : %systemroot%\system32\tasks\script_de_segurançax|mshta.exe
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Fileless Malware
Cleaning Action    : Eliminar
Related Objects    :
                Tarefa agendada - C:\WINDOWS\System32\Tasks\Script_de_segurançaX

HPDESKJEThwwn.log
Status             : Analisados
Object             : %programdata%\frameworksx\hpdeskjethwwn.log
MD5                : 71CC68E695CD8E2B131417BFB5F95FFD
Publisher          : -
Size               : 351744
Version            : -
Detection          : BankerTrojan:Win32/Generic.MiTB
Cleaning Action    : Quarentena
Related Objects    :
                Arquivo - %programdata%\frameworksx\hpdeskjethwwn.log
                DLL - 6700 - C:\Windows\SysWOW64\regsvr32.exe
                DLL - 3780 - C:\Windows\SysWOW64\regsvr32.exe
                DLL - 6244 - C:\Windows\SysWOW64\regsvr32.exe
                DLL - 4508 - C:\Windows\SysWOW64\regsvr32.exe
                DLL - 5344 - C:\Windows\SysWOW64\regsvr32.exe
                Entrada do registro - HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Java_Plugin__HPDESKJETwwn.gif = regsvr32.exe /s "c:\ProgramData\FrameWorksx\HPDESKJEThwwn.log"


Cleaning Result
-------------------------------------------------------
Cleaned               : 14
Reported as safe      : 0
Failed                : 0

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Rafael Kubaski

 

Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


32 bit (x86) ou 64 bit (x64)


Clique duas vezes para executar a ferramenta.

  • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

Clique no botão Examinar.

Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop).

Selecione, copie e cole o conteúdo do log FRST.txt em sua próxima resposta.

Anexe o log Addition.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Turco  segue

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 12-06-2017
Executado por ALK (administrador) em KUBA-INSPIRON (12-06-2017 18:12:04)
Executando a partir de C:\Users\all_f\Desktop
Perfis Carregados: ALK (Perfis Disponíveis: ALK)
Platform: Windows 10 Home Single Language Versão 1703 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\userinit.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\userinit.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
() C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\userinit.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3952824 2016-07-15] (Synaptics Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [29246632 2017-05-30] (Dropbox, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-06-01] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
HKU\S-1-5-21-906007581-1094903313-3760833696-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-10] (Piriform Ltd)
HKU\S-1-5-21-906007581-1094903313-3760833696-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-906007581-1094903313-3760833696-1001\...\Run: [Java_Plugin__HPDESKJETwwn.gif] => regsvr32.exe /s "c:\ProgramData\FrameWorksx\HPDESKJEThwwn.log"
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
Startup: C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ini.google1.lnk [2017-06-08]
ShortcutTarget: ini.google1.lnk -> C:\Windows\System32\regsvr32.exe (Microsoft Corporation)
Startup: C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\inix.lnk [2017-06-08]
ShortcutTarget: inix.lnk -> C:\Windows\System32\regsvr32.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{4e4040d9-ce46-4595-bcf0-4f26bab32f95}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{6c500d2f-0e9c-4dc0-8de9-6b722a0c8d40}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{b8d470c7-24ca-407d-bc1d-95548e1861f5}: [DhcpNameServer] 192.168.15.1

Internet Explorer:
==================
HKU\S-1-5-21-906007581-1094903313-3760833696-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKU\S-1-5-21-906007581-1094903313-3760833696-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-20] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-20] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\all_f\AppData\Local\Google\Chrome\User Data\Profile 3 [2017-06-12]
CHR Extension: (Google Apresentações) - C:\Users\all_f\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-30]
CHR Extension: (Google Docs) - C:\Users\all_f\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-30]
CHR Extension: (Google Drive) - C:\Users\all_f\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-30]
CHR Extension: (YouTube) - C:\Users\all_f\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-30]
CHR Extension: (Planilhas do Google) - C:\Users\all_f\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-30]
CHR Extension: (Documentos Google off-line) - C:\Users\all_f\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-30]
CHR Extension: (AdBlock) - C:\Users\all_f\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-05-30]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\all_f\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-30]
CHR Extension: (Gmail) - C:\Users\all_f\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-30]
CHR Extension: (Chrome Media Router) - C:\Users\all_f\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-30]

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-30] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-05-30] (Dropbox, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2016-09-22] (Dell Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
S2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-02-24] (Foxit Software Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319096 2016-05-12] (Intel Corporation)
S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-06-01] (Copyright (c) 2017 Plays.tv, LLC)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [70368 2016-02-09] (Advanced Micro Devices, Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30352 2017-05-04] (Disc Soft Ltd)
R1 MpKsl4296a5e8; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F4C64F38-5E47-450D-8EC2-39DDF922242D}\MpKsl4296a5e8.sys [44928 2017-06-12] (Microsoft Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2016-07-15] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-06-08] (Zemana Ltd.)
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-06-12 18:12 - 2017-06-12 18:12 - 00020231 _____ C:\Users\all_f\Desktop\FRST.txt
2017-06-12 18:11 - 2017-06-12 18:12 - 00000000 ____D C:\FRST
2017-06-12 18:10 - 2017-06-12 18:10 - 02438656 _____ (Farbar) C:\Users\all_f\Desktop\FRST64.exe
2017-06-10 01:09 - 2017-06-10 01:10 - 00000000 ____D C:\Users\all_f\AppData\Roaming\Raptr
2017-06-09 12:39 - 2016-02-09 21:47 - 00070368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2017-06-09 12:33 - 2017-06-10 01:08 - 00000000 ____D C:\Users\all_f\AppData\Roaming\PlaysTV
2017-06-09 12:33 - 2017-06-09 12:33 - 00000000 ____D C:\Users\all_f\.Plays.tv
2017-06-09 12:33 - 2017-06-09 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2017-06-09 12:33 - 2017-06-09 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2017-06-09 12:31 - 2017-06-09 12:50 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2017-06-09 12:31 - 2017-06-09 12:31 - 00000000 ____D C:\Users\all_f\AppData\Roaming\library_dir
2017-06-09 12:30 - 2017-06-09 12:39 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-06-09 12:30 - 2017-06-09 12:31 - 00000000 ____D C:\Program Files (x86)\Raptr
2017-06-09 12:29 - 2017-06-09 12:29 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-06-09 12:29 - 2017-06-09 12:29 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-09 12:20 - 2017-06-09 12:26 - 328369528 _____ (AMD Inc.) C:\Users\all_f\Downloads\non-whql-64bit-nieg-radeon-crimson-16.2.1-win10-win8.1-win7-feb27 (1).exe
2017-06-09 12:20 - 2017-06-09 12:23 - 227981256 _____ (AMD Inc.) C:\Users\all_f\Downloads\amd-catalyst-15.7.1-win10-64bit.exe
2017-06-08 23:49 - 2017-06-08 23:49 - 01005568 _____ (Microsoft Corporation) C:\Users\all_f\Downloads\dotNetFx45_Full_setup.exe
2017-06-08 21:36 - 2017-06-12 18:02 - 00003976 _____ C:\WINDOWS\System32\Tasks\Script_de_segurançaX
2017-06-08 21:30 - 2017-06-08 21:30 - 00030032 _____ C:\Users\Todos os Usuários\agent.uninstall.1496968221.bdinstall.bin
2017-06-08 21:30 - 2017-06-08 21:30 - 00030032 _____ C:\ProgramData\agent.uninstall.1496968221.bdinstall.bin
2017-06-08 21:21 - 2017-06-08 21:21 - 00370136 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys
2017-06-08 21:05 - 2017-06-12 18:12 - 00033336 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-06-08 21:05 - 2017-06-09 12:52 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-06-08 21:05 - 2017-06-09 12:50 - 00058076 _____ C:\WINDOWS\ZAM.krnl.trace
2017-06-08 21:05 - 2017-06-08 21:05 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-06-08 21:04 - 2017-06-08 21:04 - 00000000 ____D C:\Users\all_f\AppData\Local\Zemana
2017-06-08 21:00 - 2017-06-08 21:00 - 05774688 _____ (Zemana Ltd. ) C:\Users\all_f\Desktop\Zemana.AntiMalware.Setup.exe
2017-06-08 20:51 - 2017-06-08 20:51 - 00029972 _____ C:\Users\Todos os Usuários\agent.update.1496965874.bdinstall.bin
2017-06-08 20:51 - 2017-06-08 20:51 - 00029972 _____ C:\ProgramData\agent.update.1496965874.bdinstall.bin
2017-06-08 20:49 - 2017-06-08 20:49 - 00001197 _____ C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2017-06-08 20:49 - 2017-06-08 20:49 - 00000000 ____D C:\Users\all_f\AppData\Local\Bitdefender Antivirus Free
2017-06-08 20:47 - 2017-06-08 21:20 - 01612648 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2017-06-08 20:47 - 2017-06-08 20:47 - 00000000 ____D C:\Users\Todos os Usuários\Bitdefender
2017-06-08 20:47 - 2017-06-08 20:47 - 00000000 ____D C:\ProgramData\Bitdefender
2017-06-08 20:45 - 2017-06-08 21:32 - 00000000 ____D C:\Program Files\Bitdefender Antivirus Free
2017-06-08 20:45 - 2017-06-08 20:45 - 00000000 ____D C:\Users\all_f\AppData\Roaming\QuickScan
2017-06-08 20:42 - 2017-06-08 20:42 - 00047445 _____ C:\Users\Todos os Usuários\agent.1496965321.bdinstall.bin
2017-06-08 20:42 - 2017-06-08 20:42 - 00047445 _____ C:\ProgramData\agent.1496965321.bdinstall.bin
2017-06-08 20:42 - 2017-06-08 20:42 - 00000000 ____D C:\Users\Todos os Usuários\Bitdefender Agent
2017-06-08 20:42 - 2017-06-08 20:42 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2017-06-07 23:51 - 2017-06-12 17:57 - 00000000 ____D C:\Users\all_f\AppData\Local\CrashDumps
2017-06-07 16:11 - 2017-06-07 16:11 - 00000639 _____ C:\Users\all_f\Desktop\energia.txt
2017-06-06 20:28 - 2017-06-06 20:53 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes' Anti-Malware (portable)
2017-06-06 20:28 - 2017-06-06 20:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-06-06 20:27 - 2017-06-06 20:53 - 00000000 ____D C:\Users\all_f\Desktop\mbar
2017-06-06 20:26 - 2017-06-06 20:27 - 16563352 _____ (Malwarebytes Corp.) C:\Users\all_f\Desktop\mbar-1.09.3.1001.exe
2017-06-06 19:47 - 2017-06-06 19:47 - 00013234 _____ C:\Users\all_f\Documents\cc_20170606_194745.reg
2017-06-06 01:13 - 2017-06-06 01:20 - 00000000 ____D C:\Users\all_f\Downloads\Gotham.S03E21E22.HDTV.x264-LOL[rarbg]
2017-06-06 01:11 - 2017-06-06 01:16 - 00000000 ____D C:\Users\all_f\Downloads\Gotham.S03E20.HDTV.x264-SVA[rarbg]
2017-06-05 23:52 - 2017-06-05 23:52 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-06-05 23:51 - 2017-06-06 00:37 - 00000000 ____D C:\Users\Todos os Usuários\RogueKiller
2017-06-05 23:51 - 2017-06-06 00:37 - 00000000 ____D C:\ProgramData\RogueKiller
2017-06-05 23:47 - 2017-06-05 23:47 - 35426672 _____ (Adlice Software ) C:\Users\all_f\Desktop\setup.exe
2017-06-05 21:05 - 2017-06-05 21:05 - 00012215 _____ C:\ZA-Scan.txt
2017-06-05 21:02 - 2017-06-05 21:02 - 01370112 _____ C:\Users\all_f\Desktop\ZA-Scan.exe
2017-06-05 16:33 - 2017-06-05 16:33 - 00000055 _____ C:\Users\all_f\Desktop\consulta psiquiatrica.txt
2017-06-04 02:35 - 2017-06-04 02:35 - 00055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xwjudjsu.sys
2017-06-03 04:45 - 2017-06-03 04:47 - 00000000 ____D C:\Users\all_f\Downloads\Kick-Ass 2 (2013)
2017-05-31 16:38 - 2017-05-31 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-31 15:55 - 2017-05-31 15:55 - 00104254 _____ C:\Users\all_f\Desktop\fatura.pdf
2017-05-30 15:31 - 2017-05-30 15:31 - 00055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\huhebonb.sys
2017-05-30 14:57 - 2017-05-30 14:57 - 00478392 ____N (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\E670F893.sys
2017-05-30 14:57 - 2017-05-30 14:57 - 00085600 ____N (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\34316808.sys
2017-05-30 14:39 - 2017-05-30 14:39 - 00055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\oppdfhih.sys
2017-05-30 13:47 - 2017-05-30 13:47 - 00000000 ____D C:\Users\all_f\AppData\Local\DBG
2017-05-30 13:17 - 2017-05-30 13:27 - 00000000 ____D C:\zoek_backup
2017-05-30 07:22 - 2017-05-30 07:22 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-05-30 00:18 - 2017-05-30 00:18 - 00000257 _____ C:\Users\all_f\Desktop\virus.txt
2017-05-29 19:58 - 2017-05-30 10:28 - 00000000 ____D C:\KVRT_Data
2017-05-29 19:43 - 2017-05-29 19:46 - 00139030 _____ C:\WINDOWS\ntbtlog.txt
2017-05-29 18:42 - 2017-06-09 12:51 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2017-05-29 18:42 - 2017-06-09 12:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-29 17:10 - 2017-05-29 17:10 - 00004346 _____ C:\Users\all_f\Documents\cc_20170529_171026.reg
2017-05-29 17:09 - 2017-05-29 17:10 - 00058368 _____ C:\Users\all_f\Documents\cc_20170529_170947.reg
2017-05-29 17:06 - 2017-05-29 17:06 - 43370704 _____ (Microsoft Corporation) C:\Users\all_f\Downloads\Windows-KB890830-x64-V5.48.exe
2017-05-28 01:10 - 2017-05-28 01:10 - 01048576 _____ C:\Users\all_f\Downloads\msert (1).exe
2017-05-27 02:37 - 2017-05-27 03:34 - 00000000 ____D C:\Users\all_f\Downloads\Gotham.S03E19.REPACK.HDTV.x264-KILLERS[rarbg]
2017-05-26 19:39 - 2017-05-26 19:39 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-05-26 00:11 - 2017-05-26 00:11 - 00001310 _____ C:\Users\all_f\Desktop\estágio.txt
2017-05-25 23:02 - 2017-05-25 23:02 - 00000000 ____D C:\Users\all_f\Documents\Commandos - Behind Enemy Lines
2017-05-25 17:42 - 2017-05-25 17:52 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-05-25 17:24 - 2017-05-25 17:24 - 00000529 _____ C:\Users\all_f\Downloads\Fatura20176195619.zip
2017-05-25 17:24 - 2017-05-25 17:24 - 00000120 _____ C:\Users\all_f\Downloads\Fatura20176195619.html
2017-05-25 16:15 - 2017-05-25 16:15 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-25 15:23 - 2017-06-08 21:36 - 00000000 ____D C:\Users\Todos os Usuários\FrameWorksx
2017-05-25 15:23 - 2017-06-08 21:36 - 00000000 ____D C:\ProgramData\FrameWorksx
2017-05-25 12:38 - 2017-05-25 20:29 - 00000000 ____D C:\Users\all_f\Downloads\Arrow.S05E23.HDTV.x264-SVA[ettv]
2017-05-25 11:54 - 2017-05-25 11:54 - 00000106 _____ C:\Users\all_f\Desktop\gdgdgdgd.txt
2017-05-24 23:54 - 2017-05-25 00:07 - 00000000 ____D C:\Users\all_f\Downloads\www.Torrenting.com - The.Flash.2014.S03E23.HDTV.x264-SVA
2017-05-24 23:52 - 2017-05-25 00:56 - 00000000 ____D C:\Users\all_f\Downloads\The.Flash.2014.S03E23.PROPER.HDTV.x264-KILLERS[ettv]
2017-05-24 20:52 - 2017-05-24 20:52 - 00119034 _____ C:\Users\all_f\Desktop\Diferenças-Conceituais.pdf
2017-05-22 02:11 - 2017-05-23 02:21 - 00000000 ____D C:\Users\all_f\Downloads\Arrow.S05E22.HDTV.x264-SVA[rarbg]
2017-05-21 15:51 - 2017-06-07 16:12 - 00000000 ____D C:\Users\all_f\Desktop\novoarea
2017-05-21 15:41 - 2017-05-21 15:41 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2017-05-21 15:41 - 2017-05-21 15:41 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-21 15:38 - 2017-05-21 15:38 - 00000020 ___SH C:\Users\all_f\ntuser.ini
2017-05-21 15:35 - 2017-05-21 15:36 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-05-21 15:35 - 2017-05-21 15:36 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-05-21 15:32 - 2017-05-29 22:15 - 01910752 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-21 15:30 - 2017-06-12 17:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-21 15:30 - 2017-06-09 12:42 - 00004296 _____ C:\WINDOWS\System32\Tasks\AMD Updater
2017-05-21 15:30 - 2017-05-25 17:35 - 00004720 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-05-21 15:30 - 2017-05-25 17:35 - 00004494 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-21 15:30 - 2017-05-21 15:44 - 00003282 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-21 15:30 - 2017-05-21 15:30 - 00022956 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-21 15:30 - 2017-05-21 15:30 - 00003560 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-05-21 15:30 - 2017-05-21 15:30 - 00003514 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-21 15:30 - 2017-05-21 15:30 - 00003336 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-05-21 15:30 - 2017-05-21 15:30 - 00003290 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-21 15:30 - 2017-05-21 15:30 - 00002996 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
2017-05-21 15:30 - 2017-05-21 15:30 - 00002340 _____ C:\WINDOWS\System32\Tasks\{2DBFE53D-EBBE-4E41-8155-2C028AA45AF5}
2017-05-21 15:30 - 2017-05-21 15:30 - 00002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-05-21 15:24 - 2017-05-21 15:24 - 00000000 ____D C:\Users\Todos os Usuários\USOShared
2017-05-21 15:24 - 2017-05-21 15:24 - 00000000 ____D C:\ProgramData\USOShared
2017-05-21 15:23 - 2017-05-21 15:23 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-21 15:19 - 2017-05-21 15:24 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-21 15:17 - 2017-06-10 01:04 - 00000000 ____D C:\Users\all_f
2017-05-21 15:17 - 2017-05-21 15:17 - 00000000 _SHDL C:\Users\all_f\Modelos
2017-05-21 15:17 - 2017-05-21 15:17 - 00000000 _SHDL C:\Users\all_f\Meus Documentos
2017-05-21 15:17 - 2017-05-21 15:17 - 00000000 _SHDL C:\Users\all_f\Menu Iniciar
2017-05-21 15:17 - 2017-05-21 15:17 - 00000000 _SHDL C:\Users\all_f\Documents\Minhas Músicas
2017-05-21 15:17 - 2017-05-21 15:17 - 00000000 _SHDL C:\Users\all_f\Documents\Minhas Imagens
2017-05-21 15:17 - 2017-05-21 15:17 - 00000000 _SHDL C:\Users\all_f\Documents\Meus Vídeos
2017-05-21 15:17 - 2017-05-21 15:17 - 00000000 _SHDL C:\Users\all_f\Dados de Aplicativos
2017-05-21 15:17 - 2017-05-21 15:17 - 00000000 _SHDL C:\Users\all_f\Configurações Locais
2017-05-21 15:17 - 2017-05-21 15:17 - 00000000 _SHDL C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-05-21 15:17 - 2017-05-21 15:17 - 00000000 _SHDL C:\Users\all_f\AppData\Local\Histórico
2017-05-21 15:17 - 2017-05-21 15:17 - 00000000 _SHDL C:\Users\all_f\AppData\Local\Dados de Aplicativos
2017-05-21 15:17 - 2017-05-21 15:17 - 00000000 _SHDL C:\Users\all_f\Ambiente de Rede
2017-05-21 15:17 - 2017-05-21 15:17 - 00000000 _SHDL C:\Users\all_f\Ambiente de Impressão
2017-05-21 15:16 - 2017-05-21 15:24 - 00000000 ____D C:\Program Files\AMD
2017-05-21 15:16 - 2017-05-21 15:16 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2017-05-21 15:16 - 2017-05-21 15:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-05-21 15:16 - 2017-05-21 15:16 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-05-21 15:16 - 2017-05-21 15:16 - 00000000 ____D C:\Program Files\Common Files\Atheros
2017-05-21 15:16 - 2017-05-21 15:16 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2017-05-21 15:16 - 2017-03-18 17:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-21 15:15 - 2017-05-21 15:20 - 00000000 ____D C:\Program Files\Intel
2017-05-21 15:15 - 2017-05-21 15:15 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-05-21 15:15 - 2017-05-21 15:15 - 00000000 ____D C:\Program Files\Synaptics
2017-05-21 15:13 - 2017-06-12 17:51 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-21 15:13 - 2017-05-29 17:19 - 00380208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-21 15:08 - 2017-05-21 15:08 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-21 15:08 - 2017-05-21 15:08 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-21 15:08 - 2017-05-21 15:08 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-21 15:08 - 2017-05-21 15:08 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-21 15:08 - 2017-05-21 15:08 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-21 15:08 - 2017-05-21 15:08 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-21 15:08 - 2017-05-21 15:08 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-21 15:08 - 2017-05-21 15:08 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-21 15:08 - 2017-05-21 15:08 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-21 15:08 - 2017-05-21 15:08 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-21 15:08 - 2017-05-21 15:08 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-21 15:08 - 2017-05-21 15:08 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-21 15:08 - 2017-05-21 15:08 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-21 15:08 - 2017-05-21 15:08 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-21 15:08 - 2017-05-21 15:08 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-21 15:08 - 2017-05-21 15:08 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-21 15:08 - 2017-05-21 15:08 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-21 15:08 - 2017-05-21 15:08 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-21 15:08 - 2017-05-21 15:08 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-21 15:08 - 2017-05-21 15:08 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-21 15:08 - 2017-05-21 15:08 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-21 15:08 - 2017-05-21 15:08 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-21 15:08 - 2017-05-21 15:08 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-21 15:04 - 2017-03-17 22:00 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-05-21 15:04 - 2017-03-17 21:59 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-05-21 15:04 - 2017-03-17 21:48 - 06348288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-05-21 15:04 - 2017-03-17 21:43 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2017-05-21 15:04 - 2017-03-17 21:35 - 05484544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2017-05-21 15:03 - 2017-05-21 15:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-21 15:03 - 2017-05-21 15:03 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-21 15:01 - 2017-05-21 15:01 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-21 15:01 - 2017-05-21 15:01 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-21 15:01 - 2017-05-21 15:01 - 00000000 ____D C:\Program Files\MSBuild
2017-05-21 15:01 - 2017-05-21 15:01 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-21 15:01 - 2017-05-21 15:01 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-21 15:01 - 2017-02-10 11:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-21 15:01 - 2017-02-10 11:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-21 15:01 - 2017-02-10 11:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-21 15:01 - 2017-02-10 11:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-21 15:01 - 2017-02-10 11:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-21 15:01 - 2017-02-10 11:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-21 14:51 - 2017-05-21 14:51 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2017-05-21 05:25 - 2017-05-29 17:13 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-18 02:33 - 2017-05-22 02:12 - 00000000 ____D C:\Users\all_f\Downloads\The.Flash.2014.S03E22.HDTV.x264-SVA[rarbg]
2017-05-18 02:31 - 2017-05-18 02:34 - 00000000 ____D C:\Users\all_f\Downloads\The.Big.Bang.Theory.S10E24.720p.HDTV.x264-AVS[rarbg]
2017-05-18 02:29 - 2017-05-18 02:34 - 00000000 ____D C:\Users\all_f\Downloads\Gotham.S03E18.HDTV.x264-KILLERS[rarbg]
2017-05-17 19:00 - 2017-05-17 19:20 - 00000000 ____D C:\Users\all_f\Desktop\nath
2017-05-13 01:10 - 2017-05-13 01:10 - 00001197 _____ C:\Users\all_f\Desktop\game.exe - Atalho.lnk
2017-05-13 00:28 - 2017-05-21 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAPCOM
2017-05-13 00:28 - 2017-05-13 00:28 - 00000000 ____D C:\Program Files (x86)\CAPCOM

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-06-12 17:58 - 2017-03-18 08:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-06-10 09:55 - 2017-03-18 18:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-10 09:55 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-09 12:39 - 2017-03-18 18:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-09 00:35 - 2016-11-30 12:19 - 00000000 ____D C:\Users\all_f\AppData\Roaming\Skype
2017-06-08 20:25 - 2016-11-30 14:46 - 00000000 ____D C:\AMD
2017-06-06 01:27 - 2017-03-31 02:03 - 00000000 ____D C:\Users\all_f\AppData\Roaming\uTorrent
2017-06-06 00:30 - 2016-07-16 08:47 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-06-04 01:49 - 2016-11-30 12:16 - 00000000 ____D C:\Users\all_f\AppData\Local\ConnectedDevicesPlatform
2017-06-03 04:50 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-31 16:39 - 2016-11-30 14:56 - 00000000 ____D C:\Users\all_f\AppData\Local\Dropbox
2017-05-31 16:38 - 2016-11-30 14:56 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-05-31 14:02 - 2016-11-30 15:07 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-30 13:09 - 2017-04-22 14:49 - 00000000 ____D C:\AdwCleaner
2017-05-29 22:15 - 2017-03-20 01:00 - 00810932 _____ C:\WINDOWS\system32\prfh0416.dat
2017-05-29 22:15 - 2017-03-20 01:00 - 00173214 _____ C:\WINDOWS\system32\prfc0416.dat
2017-05-29 19:44 - 2017-02-01 18:10 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-05-29 19:34 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-29 17:13 - 2017-05-04 17:46 - 00000000 ____D C:\Users\all_f\AppData\Roaming\DAEMON Tools Lite
2017-05-29 17:07 - 2016-12-01 21:01 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-29 13:50 - 2016-11-30 12:16 - 00000000 ____D C:\Users\all_f\AppData\Local\Packages
2017-05-28 17:03 - 2017-02-01 00:28 - 00000000 ____D C:\Users\all_f\AppData\Local\ElevatedDiagnostics
2017-05-26 19:39 - 2017-03-18 18:03 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2017-05-26 19:39 - 2017-03-18 18:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 19:39 - 2017-03-18 18:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-26 19:37 - 2016-12-02 10:52 - 00000000 ____D C:\Program Files\Microsoft Office
2017-05-26 18:42 - 2017-04-10 12:23 - 00000000 ____D C:\Users\all_f\AppData\Local\Adobe
2017-05-25 17:35 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-25 17:35 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-25 15:49 - 2016-11-30 14:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-05-25 15:47 - 2017-03-25 17:52 - 00000000 ____D C:\Users\all_f\AppData\Local\PokerStars
2017-05-22 22:24 - 2016-12-01 21:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-22 03:28 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-21 23:39 - 2017-05-05 14:38 - 00002487 _____ C:\Users\all_f\Desktop\nba2k12.exe - Atalho.lnk
2017-05-21 20:22 - 2017-03-18 17:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-21 15:50 - 2017-04-25 17:39 - 00000000 ____D C:\Users\all_f\Desktop\ppupppup
2017-05-21 15:44 - 2016-11-30 12:18 - 00002374 _____ C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-21 15:44 - 2016-11-30 12:18 - 00000000 ___RD C:\Users\all_f\OneDrive
2017-05-21 15:39 - 2017-03-18 18:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-21 15:39 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-21 15:39 - 2016-11-30 12:25 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-05-21 15:39 - 2016-11-30 12:16 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-21 15:37 - 2017-03-18 18:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-21 15:36 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-21 15:36 - 2017-03-18 08:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-21 15:35 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-21 15:35 - 2016-07-16 08:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-21 15:30 - 2017-03-20 01:03 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-21 15:29 - 2017-03-18 18:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-21 15:29 - 2016-11-30 13:15 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-21 15:24 - 2017-05-11 19:57 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-21 15:24 - 2017-05-10 22:29 - 00000000 ____D C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery Professional
2017-05-21 15:24 - 2017-05-10 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro
2017-05-21 15:24 - 2017-05-04 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2017-05-21 15:24 - 2017-04-22 04:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-05-21 15:24 - 2017-04-21 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need For Speed 7
2017-05-21 15:24 - 2017-04-20 23:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-05-21 15:24 - 2017-04-10 12:35 - 00000000 ____D C:\Users\Todos os Usuários\regid.1986-12.com.adobe
2017-05-21 15:24 - 2017-04-10 12:35 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-05-21 15:24 - 2017-03-28 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-21 15:24 - 2017-03-25 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars
2017-05-21 15:24 - 2017-03-18 18:03 - 00000000 ____D C:\Users\Todos os Usuários\USOPrivate
2017-05-21 15:24 - 2017-03-18 18:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-21 15:24 - 2017-03-07 16:20 - 00000000 ____D C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-21 15:24 - 2017-03-07 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-21 15:24 - 2017-03-06 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-05-21 15:24 - 2017-02-01 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2017-05-21 15:24 - 2017-02-01 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-05-21 15:24 - 2017-02-01 17:37 - 00000000 ____D C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2017-05-21 15:24 - 2016-12-02 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2017-05-21 15:24 - 2016-11-30 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-21 15:20 - 2017-05-04 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2017-05-21 15:20 - 2017-03-28 11:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB2017
2017-05-21 15:20 - 2017-03-25 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-21 15:20 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-21 15:18 - 2017-05-05 14:35 - 00000000 ____D C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2K Sports
2017-05-21 15:18 - 2017-05-04 16:31 - 00000000 ____D C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
2017-05-21 15:18 - 2017-03-28 11:02 - 00000000 ____D C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2017
2017-05-21 15:16 - 2017-03-18 08:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-21 15:12 - 2017-03-18 18:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-21 15:09 - 2017-03-18 18:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-21 15:09 - 2017-03-18 18:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-21 15:09 - 2017-03-18 18:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-21 15:09 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-21 15:09 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-21 15:09 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-21 15:09 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-21 15:09 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-21 15:09 - 2017-03-18 18:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-21 15:09 - 2017-03-18 18:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-21 15:09 - 2017-03-18 08:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-21 15:04 - 2017-03-20 01:02 - 00000000 ____D C:\WINDOWS\OCR
2017-05-21 15:01 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-21 15:01 - 2017-03-18 18:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-21 15:01 - 2017-03-18 17:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-21 15:01 - 2017-03-18 17:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-21 15:01 - 2017-03-18 17:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-21 15:01 - 2017-03-18 17:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-21 15:01 - 2017-03-18 17:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-21 15:01 - 2017-03-18 17:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-21 15:01 - 2017-03-18 17:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-21 15:01 - 2017-03-18 17:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-21 15:01 - 2017-03-18 17:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-21 15:01 - 2017-03-18 17:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-21 15:01 - 2017-03-18 17:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-21 15:01 - 2017-03-18 17:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-21 15:01 - 2017-03-18 17:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-21 15:01 - 2017-03-18 17:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-21 15:01 - 2017-03-18 17:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-21 15:01 - 2017-03-18 17:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-21 15:01 - 2017-03-18 17:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-21 15:01 - 2017-03-18 17:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-21 14:48 - 2016-11-30 13:04 - 00008192 __RSH C:\BOOTSECT.BAK
2017-05-20 03:19 - 2017-02-01 17:39 - 00000000 ____D C:\Program Files\Dell
2017-05-15 22:56 - 2016-11-30 13:15 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-15 15:27 - 2017-04-10 15:20 - 00000000 ____D C:\Users\all_f\Desktop\digitales
2017-05-13 00:28 - 2016-11-30 14:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-13 00:26 - 2017-05-10 23:11 - 3310321664 _____ C:\Users\all_f\Downloads\res.4-code.bh82220691119281.ISO

==================== Arquivos na raiz de alguns diretórios =======

2017-01-31 17:15 - 2017-01-31 17:15 - 0000017 _____ () C:\Users\all_f\AppData\Local\resmon.resmoncfg
2017-06-08 20:42 - 2017-06-08 20:42 - 0047445 _____ () C:\ProgramData\agent.1496965321.bdinstall.bin
2017-06-08 21:30 - 2017-06-08 21:30 - 0030032 _____ () C:\ProgramData\agent.uninstall.1496968221.bdinstall.bin
2017-06-08 20:51 - 2017-06-08 20:51 - 0029972 _____ () C:\ProgramData\agent.update.1496965874.bdinstall.bin

Alguns arquivos em TEMP:
====================
2017-06-05 23:51 - 2017-03-18 17:57 - 1930320 _____ (Microsoft Corporation) C:\Users\all_f\AppData\Local\Temp\dllnt_dump.dll
2017-06-09 12:31 - 2017-06-09 12:32 - 116507672 _____ () C:\Users\all_f\AppData\Local\Temp\playstv_patch.exe
2017-06-09 12:30 - 2017-06-09 12:39 - 0221632 _____ () C:\Users\all_f\AppData\Local\Temp\raptr_stub.exe

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2017-06-07 16:26

==================== Fim de FRST.txt ============================

Addition.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está abaixo:

 

CreateRestorePoint:
Startup: C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ini.google1.lnk [2017-06-08]
ShortcutTarget: ini.google1.lnk -> C:\Windows\System32\regsvr32.exe (Microsoft Corporation)
Startup: C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\inix.lnk [2017-06-08]
ShortcutTarget: inix.lnk -> C:\Windows\System32\regsvr32.exe (Microsoft Corporation)
CMD: ipconfig /flushdns
EmptyTemp:
  • Salve este arquivo na Área de Trabalho (Desktop) como fixlist.txt
  • Execute novamente o FRST e clique no botão Corrigir;
  • Aguarde... ao final será gerado o log Fixlog.txt em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Turco segue:

 

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 12-06-2017
Executado por ALK (12-06-2017 21:59:23) Run:1
Executando a partir de C:\Users\all_f\Desktop
Perfis Carregados: ALK (Perfis Disponíveis: ALK)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
Startup: C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ini.google1.lnk [2017-06-08]
ShortcutTarget: ini.google1.lnk -> C:\Windows\System32\regsvr32.exe (Microsoft Corporation)
Startup: C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\inix.lnk [2017-06-08]
ShortcutTarget: inix.lnk -> C:\Windows\System32\regsvr32.exe (Microsoft Corporation)
CMD: ipconfig /flushdns
EmptyTemp:
*****************

Ponto de Restauração criado com sucesso.
C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ini.google1.lnk => movido com sucesso
C:\Windows\System32\regsvr32.exe => movido com sucesso
C:\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\inix.lnk => movido com sucesso
C:\Windows\System32\regsvr32.exe => não encontrado (a).

========= ipconfig /flushdns =========


Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 306592742 B
Java, Flash, Steam htmlcache => 259978927 B
Windows/system/drivers => 13451203 B
Edge => 22933566 B
Chrome => 866130045 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 9102 B
NetworkService => 64090 B
all_f => 212834376 B

RecycleBin => 0 B
EmptyTemp: => 1.6 GB de dados temporários Removidos.

================================


O sistema precisou ser reiniciado.

==== Fim de Fixlog 22:00:49 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Rafael Kubaski

 

Desative temporariamente seu Antivírus

 

  • Segure o botão Ctrl e clique neste link para abrir o ESET Online Scanner em uma nova janela.
  • Clique neste botão SCAN NOW
  • Clique em Accept 
  • Clique em Start.
  • Marque: "Enable detection of potentially unwanted applications"
  • Clique em Hide Advanced settings e marque o seguinte:
    • Enable detection of potentially unsafe applications
    • Enable detection of suspicious applications
    • Scan archives
    • Enable Anti-Stealth technology
    • Clean threats automatically
  • Clique Change.. e marque também a caixa Computador.
  • Clique em Scan
  • Ele vai atualizar por conta própria, e escanear o computador. Tenha paciência, o processo pode demorar horas.
  • Quando o scan terminar, clique em List of found threats
  • Clique em Export to text file e salve o log na sua área de trabalho.
  • Clique em Back.
  • Clique em Finish.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Turco segue:

 

C:\FRST\Quarantine\C\Users\all_f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ini.google1.lnk.xBAD    LNK/TrojanDownloader.Agent.CK trojan    cleaned by deleting
C:\Kuba\fotos\formatura krups\xaine\celu\app24073.jar    J2ME/SMSReg.AY potentially unsafe application    cleaned by deleting
C:\Kuba\fotos\formatura krups\xaine\celu\app38306.jar    a variant of J2ME/SMSReg.AY potentially unsafe application    cleaned by deleting
C:\Kuba\fotos\formatura krups\xaine\celu\Bikini_Pool_Summer.jar    a variant of J2ME/SMSReg.AY potentially unsafe application    cleaned by deleting
C:\Kuba\fotos\formatura krups\xaine\celu\Street_Soccer_World_Tour.jar    a variant of J2ME/SMSReg.AY potentially unsafe application    cleaned by deleting
C:\Kuba\fotos\fotosttt\jogos cell\California Chainsaw Massacre (240x320)-68670.jar    a variant of J2ME/SMSReg.AY potentially unsafe application    cleaned by deleting
C:\ProgramData\FrameWorksx\FrameWorksxiwwn.log    a variant of Win32/Delf.TQW trojan    cleaned by deleting
C:\ProgramData\FrameWorksx\HPDESKJEThwwn.log    a variant of Win32/Spy.Banker.ADXG trojan    cleaned by deleting
C:\ProgramData\FrameWorksx\HPDESKJETiwwn.log    a variant of Win32/Delf.TQW trojan    cleaned by deleting
C:\ProgramData\FrameWorksx\ini.google.lnk    LNK/TrojanDownloader.Agent.CK trojan    cleaned by deleting
C:\ProgramData\FrameWorksx\ini.google1.lnk    LNK/TrojanDownloader.Agent.CK trojan    cleaned by deleting
C:\Users\all_f\AppData\Local\Google\Chrome\User Data\Profile 3\File System\014\t\00\00000001    a variant of Win32/HackTool.Patcher.A potentially unsafe application    deleted
C:\Users\all_f\Downloads\ccsetup529.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting
C:\Users\all_f\Downloads\Driverdoc_2017_Serial_Key_Generator_Crack_is_Here_-_Beta_Cracks.iso    a variant of Win32/Adware.YoBrowser.M application    deleted
C:\Users\all_f\Downloads\Fatura20176195619.zip    LNK/TrojanDownloader.Agent.CK trojan    deleted
C:\Users\all_f\Dropbox\SERVER\VarejoGratuito.16.8.1.0.exe    a variant of Win32/RemoteAdmin.AeroAdmin.A potentially unsafe application    cleaned by deleting
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Rafael Kubaski

 

# Etapa nº 1 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Clique duas vezes para executar o jrt.exe.
 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Turco segue:

 

etapa 1:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home Single Language x64 
Ran by ALK (Administrator) on 20/06/2017 at  6:35:42,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 1 

Successfully deleted: C:\WINDOWS\system32\Tasks\PCDEventLauncherTask (Task)

Registry: 0 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20/06/2017 at  6:38:03,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

etapa 2:

 

~ ZHPCleaner v2017.6.17.100 by Nicolas Coolman (2017/06/17)
~ Run by ALK (Administrator)  (20/06/2017 06:50:46)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparo
~ Report : C:\Users\all_f\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\all_f\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home Single Language, 64-bit  (Build 15063)


---\\  Serviços (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Navegadores de Internet (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Arquivo hosts (1)
~ O arquivo hosts é legítimo (19)


---\\  Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Explorer ( Arquivos, Pastas) (38)
MOVIDO pasta: C:\Windows\Installer\MSI8A6C.tmp    =>.Superfluous.MSIInstaller
MOVIDO pasta: C:\Windows\Installer\MSIC1A7.tmp    =>.Superfluous.MSIInstaller
MOVIDO pasta: C:\Users\all_f\AppData\Local\Temp\KUBA-INSPIRON-20170620-0633.log    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\all_f\AppData\Local\Temp\KUBA-INSPIRON-20170620-0638.log    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\all_f\AppData\Local\Temp\URL1D09.tmp    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\all_f\AppData\Local\Temp\URL41E1.tmp    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\all_f\AppData\Local\Temp\URLAF17.tmp    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\all_f\AppData\Local\Temp\URLDF53.tmp    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\all_f\AppData\Local\Temp\wct766E.tmp    =>.Superfluous.Temporary.Various
MOVIDO pasta: C:\Users\all_f\AppData\Local\Temp\wctCF0.tmp    =>.Superfluous.Temporary.Various
MOVIDO pasta: C:\Users\all_f\AppData\Local\Temp\wctD961.tmp    =>.Superfluous.Temporary.Various
MOVIDO pasta: C:\Users\all_f\AppData\Local\Temp\wctDEDF.tmp    =>.Superfluous.Temporary.Various
MOVIDO pasta: C:\Users\all_f\AppData\Local\Temp\{72B5D41B-B7CA-469A-83B8-53F5F2AB4FD2} - OProcSessId.dat    =>.Superfluous.Temporary.Empty
MOVIDO arquivo: C:\Program Files (x86)\Webteh  =>.Superfluous.ABTeam
MOVIDO arquivo: C:\Program Files (x86)\QuickTime  =>Riskware.QuickTime
MOVIDO arquivo: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime  =>Riskware.QuickTime
MOVIDO arquivo: C:\WINDOWS\Installer\MSI1D51.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI20FB.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI26F4.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI2B4E.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI2CFB.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI2F4F.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI4E38.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI4ED5.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI508E.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI5B4F.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI5CE8.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI5DD3.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI5EBE.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI5F6B.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI6A90.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI8154.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI8F14.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI9232.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIA86B.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIB1A4.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIB3E8.tmp-  =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSID1D6.tmp-  =>.Superfluous.Empty


---\\  Registro ( Chaves, Valores, Dados ) (7)
SUPRIMIDO chave*: HKEY_USERS\S-1-5-21-906007581-1094903313-3760833696-1001\SOFTWARE\Conduit []  =>.Superfluous.Conduit
SUPRIMIDO chave: HKCU\Software\Conduit []  =>.Superfluous.Conduit
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07B51C13962E8BF49BAFEA042FB2D4A6 [C:\?Program Files (x86)\Solvusoft\Tray\SuiteClient.dll (Not File)]  =>.Superfluous.Solvusoft
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\186D389D270858A4C8FADCDAC6035E94 [C:\?Program Files (x86)\Solvusoft\SuiteService.exe (Not File)]  =>.Superfluous.Solvusoft
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ED7E00B721712A4FA8BEAC0C097B2A6 [C:\ProgramData\Solvusoft\Programs Bar\ (Not File)]  =>.Superfluous.Solvusoft
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\31036AD7276C7154FB17E0492323197E [C:\?Program Files (x86)\Solvusoft\MachineId.exe (Not File)]  =>.Superfluous.Solvusoft
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Webteh []  =>.Superfluous.ABTeam


---\\  Resumo dos elementos encontrados na sua estação de trabalho (8)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.MSIInstaller
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Temporary.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Temporary.Various
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.ABTeam
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/  =>Riskware.QuickTime
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Empty
https://nicolascoolman.eu/2017/02/06/superfluous-conduit/  =>.Superfluous.Conduit
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Solvusoft


---\\  Dodatkowe oczyszczenie. (12)
~ Chave de registro Tracing Supprimido (12)
~ Remover os relatórios antigos ZHPCleaner. (0)


---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Mozilla Firefox)
~ Este navegador está faltando ! (Opera Software)


---\\ Estatísticas
~ Items scan : 450
~ Items encontrado : 0
~ items cancelados : 0
~ Items réparo : 45


~ End of clean in 00h00mn25s
~====================
ZHPCleaner-[R]-20062017-06_51_11.txt
ZHPCleaner--20062017-06_49_50.txt
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Rafael Kubaski

 

Baixe Security Check, by glax24 e salve em sua Área de trabalho (Desktop).

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Aguarde enquanto a ferramenta faz o exame.
  • Ao final abrirá um log: SecurityCheck.txt.
  • Este log é salvo em C: (Disco local) na pasta SecurityCheck que foi criada.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Turco segue:

 

SecurityCheck by glax24 & Severnyj v.1.4.0.51 [13.06.17]
WebSite: www.safezone.cc
DateLog: 20.06.2017 22:44:25
Path starting: C:\Users\all_f\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: ALK
VersionXML: 4.39is-20.06.2017
___________________________________________________________________________

Windows 10(6.3.15063) (x64) CoreSingleLanguage Release: 1703 Lang: Portuguese(0416)
Installation date OS: 21.05.2017 18:38:26
LicenseStatus: Windows(R), CoreSingleLanguage edition The machine is permanently activated.
LicenseStatus: Office 16, Office16ProPlusR_Retail edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: Microsoft Edge (C:\WINDOWS\system32\LaunchWinApp.exe)
SystemDrive: C: FS: [NTFS] Capacity: [367.6 Gb] Used: [209.6 Gb] Free: [158 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.296.15063.0 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Windows Update (wuauserv) - The service is running
Central de Segurança (wscsvc) - The service is running
Registro remoto (RemoteRegistry) - The service has stopped
Descoberta SSDP (SSDPSRV) - The service is running
Serviços de Área de Trabalho Remota (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------- [ HotFix ] --------------------------------
HotFix KB4022725 Warning! Download Update
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Firewall do Windows (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
--------------------------- [ OtherUtilities ] ----------------------------
WinRAR 5.40 (64-bit) v.5.40.0
Foxit Reader v.8.2.1.6871 Warning! Download Update
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.33 v.7.33.105 Warning! Download Update
^Optional update.^
--------------------------------- [ P2P ] ---------------------------------
µTorrent v.3.5.0.43804 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 131 v.8.0.1310.11
--------------------------- [ AppleProduction ] ---------------------------
QuickTime 7 v.7.79.80.95 Warning! This software is no longer supported. Please uninstall it and use another software.
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 26 PPAPI v.26.0.0.131
------------------------------- [ Browser ] -------------------------------
Google Chrome v.58.0.3029.110 Warning! Download Update
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.58.0.3029.110
------------------ [ AntivirusFirewallProcessServices ] -------------------
C:\Program Files\Windows Defender\MsMpEng.exe v.4.11.15063.0
C:\Program Files\Windows Defender\NisSrv.exe v.4.11.15063.0
C:\Program Files\Windows Defender\MSASCuiL.exe v.4.11.15063.0
Serviço Windows Defender Antivirus (WinDefend) - The service is running
Serviço de Inspeção de Rede do Windows Defender Antivirus (WdNisSvc) - The service is running
---------------------------- [ UnwantedApps ] -----------------------------
Serviço de Cache de Fontes do Windows (FontCache) - The service is running
----------------------------- [ End of Log ] ------------------------------
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Rafael Kubaski

 

Para finalizar:

 

# Etapa nº 1 #

 

Baixe o Delfix by Xplode e salve na sua área de trabalho.

 

Clique duas vezes no delfix.exe para executá-lo. Marque as caixas conforme imagem.

 

** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

 

2mez6ld.png

 

Clique no botão Executar.

 

Ao final será gerado um log, mas não é necessário postar.
 
# Etapa nº 2 #
 
imageproxy.php?img=http%3A%2F%2Fi65.tiny Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.
 
Por isso, é recomendável atualizar os programas que o Security Check apontou como desatualizados (os updates opcionais ficam ao seu critério).
 
Basta clicar no Download Update de cada aviso, que irá para o site do desenvolvedor.

<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×